Telco network analytics inadequate to support Open RAN’s intelligence and automation requirements, finds Rohde & Schwarz latest research

Disaggregated, cloud-based architectures push the need for real-time traffic analytics in supporting AI-driven, autonomous Open RAN networks

• Almost three quarters of Open RAN vendors agree that existing analytics tools fall short in supporting RAN intelligence needs
• More than half of any deployed RAN solution relies substantially on real-time traffic analytics
• Close to 80% of vendors believe MNOs lack sufficient traffic visibility for implementing zero-trust controls
• New architecture will exacerbate security risks, according to 76.3% of Open RAN vendors

Leipzig, Germany, March 4, 2025 — ipoque, a Rohde & Schwarz company and a leading provider of next-gen deep packet inspection (DPI) software, today released the findings of its ‘Analytics and AI in Open RAN: The role of deep packet inspection’ report. According to the report, 73.8% of Open RAN vendors agree that analytics tools used for capturing and analyzing traffic in conventional RAN are not sufficient to support Open RAN. The report, which is based on a survey of 60 leading RAN vendors, also found more than half of Open RAN solutions to be significantly or quite dependent on real-time traffic analytics.

Role of real-time traffic analytics in intelligent, autonomous networks

The shift from proprietary, monolithic structures to a modularized, cloud-based architecture in Open RAN has resulted in new complexities in network management. The introduction of the service and management orchestration (SMO) platform addresses these complexities, leveraging enhanced network intelligence and AI-based automation. The platform utilizes real-time traffic analytics and extensive data repositories to manage multi-vendor workloads and to train and test its AI models. This enhances its predictive analytics and contextual recommendations, paving the way for an intelligent, autonomous RAN.

Traffic analytics are critical at every phase of Open RAN deployments. In the design stage, performance parameters such as computing capacity and fronthaul latency determine the optimal RAN split. In the operational phase, analytics drive network flexibility and responsiveness. “Traffic-aware policies based on fine-grained application and protocol-layer metrics ensure that the abstraction of RAN resources is aligned to various performance, efficiency and SLA requirements,” said Ariana Lynn, Principal Analyst at The Fast Mode. Granular traffic metrics including rich metadata information power use cases such as private 5G, network slicing and URLLC, and allow MNOs to make the best use of their edge processing, cloud computing and advanced RAN capabilities.

Findings uncover major gaps in current analytics capabilities

The survey highlighted, among others, some of the major gaps in RAN analytics. “With O-RUs, O-CUs and O-DUs distributed across cell sites, edge nodes and data centers, and with the introduction of the RAN Intelligent Controller and a plethora of rApps and xApps, traffic analysis can become very challenging and resource-intensive,” said Ariana. “We need analytics tools that can filter, classify and transmit information in real-time. This is especially important for near real-time radio and baseband processes with execution timelines below 1 second.”

The survey also revealed how challenges such as traffic encryption, obfuscation and anonymization are exacerbating these gaps. “Securing RAN resources with zero-trust controls that are based on continuous adaptive trust is impossible without sufficient visibility,” added Ariana.

Tackling security vulnerabilities in Open RAN

A disaggregated, multi-vendor architecture also expands the network’s attack surface, due to the lateral movement of threats across shared platforms and the domino effect from any single compromised component. Based on the survey, 76.3% of vendors believe that Open RAN increases network security risks, driving a greater need for threat and anomaly monitoring, especially across rApps / xApps and cloud workloads.

Deep packet inspection for Open RAN

The survey also explored the growing use of next-gen deep packet inspection (DPI) in Open RAN, for real-time application and threat awareness. DPI is a traffic detection technique that is widely used to monitor and secure IP networks. “Our cutting-edge DPI engines, R&S®PACE 2 and R&S®vPACE are enhanced with machine learning (ML) and deep learning (DL) features and advanced statistical, behavioral and heuristic analyses to meet the needs of intricate, highly-modularized RAN architectures.” said Dr. Martin Mieth, VP Engineering at ipoque. “Leveraging encrypted traffic intelligence (ETI), our highly accurate traffic classification capabilities power intelligent responses in RAN, while supporting the latest security frameworks such as ZTNA.”

“Our VPP-native DPI engine R&S®vPACE is built specifically for cloud computing environments and provides high-performant, scalable filtering that equips MNOs with comprehensive insights into their CNFs / VNFs and 5G UPFs,” added Dr. Martin Mieth. With weekly updated signature libraries and the Mobile Automation Framework that delivers continuous testing of high-priority applications, ipoque helps mobile networks stay ahead of emerging traffic trends and evolving threats in RAN.

Assessing the interoperability aspect of DPI tools, vendors surveyed outlined a number of key attributes, including being hardware- and platform-agnostic, compatibility with reporting frameworks such as IPFIX and having comprehensive APIs.

The report, which was conducted jointly with The Fast Mode, a leading telecoms/IT publication, also analyzes critical scenarios in Open RAN scenarios, including specific classes of xApps and rApps, which demand greater traffic awareness. It discusses DPI’s adoption in Open RAN and preferred deployment models. The report is available for download at:
www.ipoque.com/Open RAN-report.

Press contact:

Heike Masurek, phone: +49 341 59403 061, email: heike.masurek@rohde-schwarz.com

Rohde & Schwarz

Rohde & Schwarz is striving for a safer and connected world with its Test & Measurement, Technology Systems and Networks & Cybersecurity Divisions. For over 90 years, the global technology group has pushed technical boundaries with developments in cutting-edge technologies. The company's leading-edge products and solutions empower industrial, regulatory and government customers to attain technological and digital sovereignty. The privately owned, Munich based company can act independently, long-term and sustainably. Rohde & Schwarz generated a net revenue of EUR 2.93 billion in the 2023/2024 fiscal year (July to June). On June 30, 2024, Rohde & Schwarz had more than 14,400 employees worldwide.

R&S® is a registered trademark of Rohde & Schwarz GmbH & Co. KG.
All press releases, including photos for downloading, are available on the internet at www.press.rohde-schwarz.com.

ipoque GmbH

ipoque, a Rohde & Schwarz company, is a global leader in network analytics and deep packet inspection software for the communications industry. We leverage our deep domain expertise to create software solutions that empower customers to transform network data into intelligence. Find out more at www.ipoque.com.