Transcription
SUBSCRIBERAWARENESSR&S GSRM FOR ENHANCEDFILTERING AND FORWARDING INTHE MOBILE COREDELIVERING SUBSCRIBER AWARENESS FOR TRAFFIC MANAGEMENT,POLICY CONTROL AND NETWORK SECURITY VIA GTP CORRELATION ANALYSIS
INTRODUCTIONThe mobile core network, namely the evolved packet core(EPC), hosts a number of key traffic processing functionalities. They ensure that packets are processed and deliveredin a timely and secure manner. These functionalities areprogrammed based on a wide range of network and trafficattributes.With the growth in operator service and plan types, attributes relating to subscribers — at the individual and aggregate level — have become increasingly important in meting out the appropriate traffic management, policy controland security responses. Key attributes include subcriberIDs such as international mobile subscriber identity (IMSI),mobile station international subscriber directory number(MSISDN) and international mobile equipment identity(IMEI). This information, along with bearer and locationdata, enables devices such as routers, firewalls, networkaddress translation, charging and content compression engines to make real-time decisions for any traffic flow andthe corresponding subscriber or network endpoint.At the same time, load balancing was implemented tosatisfy the rapid rise in traffic volumes in the core network.Load balancing supports network subsystems which deploy more than a single device per functionality. It involvesthe use of intermediaries such as network packet brokers(NPB) which identify, filter and distribute packets to multiple devices in a subsystem to ensure equal allocation ofthe processing load.Routing and forwardingVideo traffic optimizationContent compressionDNSContent cachingCDNChargingMediationAAAIntrusion preventionWeb filteringDDoS preventionContent filteringFirewallsSSL inspectionTraffic management, policy control and security functions/subsystems in mobile core networks2IP traffic managementPolicy controlSecurity
ROHDE & SCHWARZ GTP CORRELATION FOR INTELLIGENT LOAD BALANCINGThe use of load balancing introduces a new challenge forsubscriber-based traffic processing due to the use of traditional methods for distribution that do not take into account subscriber session information. These include rulessuch as packet rate, total traffic and bandwidth, logicalsequences such as round robin or complex distributionssuch as stateless hashing.Consequently, packets from a single session are split andforwarded to different devices in a subsystem, resultingin partial visibility across any onward processing function.This leads to inconsistent analysis of traffic, eventuatingin processing disparities between devices of a subsystemand inconsistencies in network responses across varioussubsystems.Network packet brokerNetworksubsystem 1Networksubsystem 2Device 1Device 1Device 2Device 2Device 3Device 3Control traffic(GTP-C)User traffic(GTP-U)Aggregationand filteringusing traditionalforwarding rulesForwardingService chainingTraditional load balancingR&S GSRMThe GTP subscriber resolving module by Rohde & Schwarz(R&S GSRM) provides subscriber and session awarenessfor mobile core networks, namely LTE and 5G NSA. Itanalyzes GTP user and control traffic by correlating GTP-Cattributes such as IMSI, MSISDN and IMEI with GTP-U’stunnel endpoint identifiers (TEID). It also correlates userplane traffic by type of interfaces such as Gn, S1-U, S11and S5 across both GTPv1-C and GTPv2-C. Correlationanalysis by R&S GSRM delivers accurate and reliable real- time identification of subscribers and sessions for GTPtraffic in the mobile core network. It supports a wide rangeof functionalities that require subscriber awareness.3
Access networkTransport networkR&S GSRMControl traffic(GTP-C)User traffic(GTP-U)GTP correlationGTP correlation by R&S GSRMReal-time identification of subscribers and sessions byR&S GSRM enables intelligent load balancing. It allowstools such as NPBs to identify, aggregate, filter and forwardtraffic by subscribers to the respective devices in a mobilecore subsystem. This results in packets from a single session being directed to the same processing device throughservice-chained subsystems, delivering complete visibilityinto each session.Intelligent load balancing powered by R&S GSRM alsoallows session-specific manipulation of traffic includingreplication, deduplication and additional tagging. It alsoaddresses the visibility gaps inherent in traditional trafficdistribution while replacing bandwidth-intensive methodsfor subscriber identification. Additionally, it removes conflicting analysis and redundant communications on anysession in the core network, reducing traffic processingcycles and improving network efficiencies.Network packet brokerControl traffic(GTP-C)Aggregationand filteringusing subscriberawareness4Networksubsystem 2Device 1Device 1Device 2Device 2Device 3Device 3R&S GSRMUser traffic(GTP-U)Intelligent load balancingNetworksubsystem 1ForwardingService chaining
ROHDE & SCHWARZ SUBSCRIBER AWARENESS FOR TRAFFIC MANAGEMENT, POLICY CONTROLAND NETWORK SECURITYIntelligent load balancing via R&S GSRM introduces twocapabilities. Firstly, it provides real-time identification ofthe subscriber, allowing network functions to undertakesubscriber-aware traffic processing based on a host ofsession parameters.These include parameters such as service types, totalflows, session time, destination IP address, source IPaddress, session tenure, subscriber identity (IMSI, ISDN),number of sessions, device mobility (all locations), sessionerrors and device information.Incoming trafficIntelligent load balancingR&S GSRMIdentification of subscribersSubscriber-awareaggregation, filteringand forwardingThe use of subscriber identificationto aggregate and filter traffic.Forwarding of packets from a singlesubscriber/session to the sameserver/virtual machine.Network functionsAll service types usedSource IP addressSubscriber identity (IMSI,ISDN)Total flowsSubscriber-awaretraffic processingFull session timeFull list ofdestination IPaddressesFull session tenureAll sessionerrorsDeviceinformationTotal number of sessionsDevice mobility (alllocations)Subscriber-aware traffic processing based on session parameters5
Secondly, it enables aggregation and forwarding of anentire session to a single device, enabling full visibility intoa subscriber session. Mobile operators and vendors oftraffic management, policy control and network securitysolutions can leverage these capabilities to deliver a widerange of use cases covering the following areas:address and location), reducing the use of the device’smain memory cache. R&S GSRM’s session aggregationtherefore greatly benefits batch processing of packets.Routers, for example, can leverage R&S GSRM-based session tagging to implement session-based compression forhigher compression rates and increased throughput.Traffic managementPolicy controlTraffic management includes trafficprocessing functionalities such asrouting, network address translation,content caching and content optimization. Session-aware traffic management enables thesefunctions to be granularized based on subscriber-specificattributes such as plan types and location. Examples forthese include the provisioning of premium routes forsubscribers generating a high average revenue per user(ARPU) and the compression of content on 'all you caneat' plans.Traffic management with intelligent load balancingR&S GSRM supports subscriber authentication and usage controls acrossLTE and 5G NSA networks. Whereauthentication and usage policies aredrawn based on a subscriber’s identity,R&S GSRM readily identifies each packetand provides this information to devices such as policycontrol, charging and mediation engines. This fuels arange of use cases, from basic authentication for 4G or 5Gservices to approvals fo
SUBSCRIBER AWARENESS FOR TRAFFIC MANAGEMENT, POLICY CONTROL AND NETWORK SECURITY Subscriber-aware traffic processing based on session parameters R&S GSRM Incoming traffic The use of subscriber identification to aggregate and filter traffic. Forwarding of packets from a single subscriber/session to the same server/virtual machine.
