Published on August 3rd, 2022 | by Syed Hussain
This is an era of unprecedented evolution for communication service providers’ (CSPs) network environments. While expensive, inflexible, single-purpose equipment—with its monolithic hardware and software footprint—continues to be taken out of service, new cloud-native topologies have emerged. The shift to cloud computing promises CSPs the operational and budgetary advantages that enterprises have enjoyed for years.
Cloud applications are expressed as reusable microservices that can be dynamically assembled into service chains that fulfill their defined purpose and then dissolve. Each individual microservice is deployed in its own container that includes all its system dependencies, so the portable bundle can execute on any machine across the cloud infrastructure. Moreover, processing data at the network edge, close to where it is generated, reduces latency and avoids the bandwidth cost of backhauling data to the network core. This architectural change is well suited to the needs of 5G networking, which deconstructs the network into many virtualized network functions (VNFs).
Containerizing VNFs creates cloud-native network functions (CNFs) that operate smoothly across private data center clouds, public cloud infrastructures, edge computing devices, and – most importantly – combined hybrid environments. Decoupling workloads from specific hardware or locations creates significant agility and cost benefits for CSPs accelerating cloud adoption to keep up with the 5G build-out. Many CSPs have begun migrating back-office applications such as operational and business support systems to the cloud, and a growing number are deploying cloud-native 5G network services such as virtual radio access network (vRAN) and virtual cable modem termination system (vCMTS).
Kubernetes for Cloud-Native Lawful Interception
As CSPs deploy network services in the cloud, they must develop an effective, efficient lawful interception cloud strategy. Requirements to support 3G and 4G persist and greenfield deployments are rare, with most CSPs operating hybrid combinations of on-premises and cloud infrastructure. In such mixed environments, cloud-based lawful interception is far simpler to deploy than on-premises versions. In cloud-native environments, it is mandatory to support cloud-native lawful interception, both technology wise as well as per 3GPP standards.
Lawful interception services for the cloud are deployed in containers, with Docker containers orchestrated by Kubernetes the most common platform. Centrally orchestrating the containers enables them to be created and decommissioned whenever and wherever they are needed in a software-defined environment that optimizes efficiency, infrastructure requirements, and operating costs.
SS8 is pioneering the development of lawful intelligence platforms using Docker containers and Kubernetes orchestration. Our cloud-native capabilities are proven in real-world deployments across public cloud infrastructures such as the Amazon Elastic Kubernetes Service (EKS) as well as complex private clouds such as the Verizon Cloud Platform (VCP). Drawing on this research and development, CSPs can deploy lawful intelligence capabilities that keep pace with their other cloud initiatives.
Kubernetes enables SS8’s Xcipio lawful interception solution to transparently scale as needed, reducing risk and costs. SS8-provided Helm Charts automate how Kubernetes installs, deploys, and controls these services, streamlining implementation by CSPs. This includes instructing the Kubernetes controller how to orchestrate the SS8 workload, dictating which services are allowed to communicate with each other, and more. The Helm Charts also set thresholds at which the system generates new Xcipio instances to handle mediation requirements across the network.
Long-Term Business Advantage for CSPs
Transitioning services, including lawful interception, to the cloud enables immediate and ongoing savings for CSPs. The shared nature of cloud infrastructures inherently drives up the efficiency of resource utilization, with elastic capacity on demand that eliminates the need for unused headroom to accommodate usage peaks and redundancy. Scalability is seamless. Instead of constantly refreshing racks of servers and trying to increase data center density to avoid the need for additional facilities, teams can focus on innovation that drives core value for the business as a whole.
Kubernetes also provides a standardization layer that helps VNFs from different vendors interoperate. This empowers CSPs to choose best-of-breed solution elements from a variety of vendors without having to perform integration work. In addition, Helm Charts can specify the use of carrier-supplied services such as network load balancers (NLBs), further reducing complexity and effort. Ultimately, CSPs can achieve greater agility and lower operating and capital expenses, including optimizing their investments in 5G. In addition, they avoid the speculative infrastructure investments that try to predict network capacity requirements.
CSP decision makers planning their infrastructure trajectories necessarily have cloud-based container environments on their radars. SS8 participates in this ecosystem with Xcipio’s Kubernetes-native DNA, delivering unmatched performance and versatility. It can also be deployed using dedicated compute instances on Amazon Web Services (AWS). Xcipio itself draws on SS8’s more than two decades of experience in lawful intelligence platforms. Paired with Kubernetes, the SS8 platform combines well-proven technology with a forward-looking deployment model.
About Mr. Syed Hussain
Mr. Hussain has spent 20 years working in the telecommunication industry and brings significant technical expertise to his role as Head of Product Management for Lawful Interception products for SS8. Mr. Hussain represents SS8 in both ETSI and 3GPP standards bodies and at technology summits. You can learn more about Syed on his LinkedIn profile here.
About SS8 Networks
SS8, a network intelligence company, provides solutions to help customers quickly identify, track, and investigate devices and subjects of interest. SS8 is trusted by six of the largest intelligence agencies, eight of the fourteen largest communications providers and five of the largest systems integrators. For more information, visit www.SS8.com or follow us on Twitter @SS8 or LinkedIn.