White paper From dumb pipes to smart services

© 2014 Senza Fili Consulting • www.senzafiliconsulting.com |1|

From dumb pipes to smart services Adding intelligence to the core network

with L4–L7 networking devices By Monica Paolini, Senza Fili

Sponsored by

White paper From dumb pipes to smart services

© 2014 Senza Fili Consulting • www.senzafiliconsulting.com |2|

1. Introduction. A new, application-based approach to traffic management

Fixed and mobile networks today serve an ever-growing quantity of data traffic that passes through an increasing number of applications and services. To optimize

performance, keep costs under control and monetize the services, operators need a new approach to managing traffic. Traditionally, mobile operators handle growth

in traffic volume and complexity by increasing capacity – adding hardware to the core and radio access network – and by enhancing IP routing to direct traffic to the

required network elements more efficiently. However, scaling-out to support the expected growth in traffic volume and the expanding range of new services, while

maintaining high levels of QoE, is proving to be cost-prohibitive. In the core network, IP routing at the OSI layers 1 to 3 (L1–L3) guarantees fundamental traffic

management, but it is running up against its limits. With applications generating data flows with different sets of requirements, routing traffic complexity has

increased to a point at which, because it lacks understanding of the protocols and applications, basic IP routing is not sufficient.

By using L4–L7 intelligence to manage traffic, operators can move beyond these limitations of IP routing. While IP routers provide fast routing of packets, in a mobile

environment, they lack the intelligence needed to optimize the use of network resources, leading to network inefficiencies. An L4–L7 device in the data and signaling

plane understands the higher layers of the network stack, from the protocol to the application layers, and so it can leverage network intelligence for better routing

decisions. This new approach requires operators to shift the focus of traffic management from packets to traffic flows, from basic IP routers to high-layer proxies, and

from carrying data to support of services and applications. This change in focus enables them to closely monitor and improve the performance target that matters the

most: the QoE, which captures the end-to-end network performance from the subscriber viewpoint. Providing higher QoE and end-to-end user experience is crucial

for operators to move from the financial constraints of a dumb-pipe strategy, to offering smart and innovative revenue-generating services.

This paper examines the drivers behind the shift toward traffic management at L4–L7, and how this evolution benefits operators and their subscribers. First, we

discuss the implications of moving up in the OSI stack and of using an application-aware approach. We then explore the impact of L4–L7 networking devices, both in

the data plane and in the control plane, across five domains: dynamic traffic management, TCP optimization, context-based use of network resources, Diameter

signaling traffic optimization, and network/DNS protection.

White paper From dumb pipes to smart services

© 2014 Senza Fili Consulting • www.senzafiliconsulting.com |3|

2. Moving beyond packets to application-aware routing. From L1–L3 IP routers to L4–L7 networking devices

Basic IP routing is highly efficient because it is stateless and extremely simple.

Incoming packets are inspected by a basic implementation of IP, the addresses are

examined (and perhaps modified), and the packets are passed back out. More

advanced routers and L3 proxies have a limited ability to understand some of the

higher-level protocols – for example, to manipulate TCP headers or even to examine

HTTP headers. However, support for these protocols adds significant complexity to

routers, because they have to use incomplete lower-layer implementations of

higher-level protocols.

While it is possible to perform routing at L3 that is more intelligent than pure address

lookup, it is difficult for operators to define flexible and dynamic policies, or to make

changes to adapt to new services. In addition, because of the simplicity of the routing

model, decisions are not always optimal. For instance, a router may send data traffic

that contains no video content to the video compression server because the router

lacks the ability to identify the type of traffic correctly, or, in the control plane, it may

send OCS charging records to network elements not involved in charging.

In the data plane, an L4–L7 networking device acts as a proxy to give operators

visibility into the traffic flow. With that context information, they can optimize

switching/routing (see table, right) by examining the IP layer and higher layers, such

as TCP and HTTP. This allows the device to direct traffic only to the network elements

that are required. An L4–L7 proxy can, for example, detect video content in the HTTP

protocol and dynamically steer the traffic first to a URL filter to apply user- and

application-specific policy, and only then to a video compression server.

In the control plane, the same approach provides the application-layer and

transport-layer context-based information that is needed to direct signaling traffic to

the relevant resources (e.g., to the appropriate OCS server for charging decisions),

thus limiting traffic and the resources needed to process control-plane signaling.

L1–L3 basic IP routing

Low latency (closer to a raw pass-through)

Simple approach to routing, based generally on IP address

L3 (and possibly L2) optimization

Very limited understanding of the protocols and visibility into the

applications driving traffic flows

Fixed traffic and mobile traffic treated in the same way

Requests treated independently, with limited ability to reuse

connections to optimize traffic to remote servers

L4–L7 networking devices

Visibility into data type, transmission requirements, and context,

allowing for rich routing rules

Increase in raw latency in L7

Optimization at all layers, including application, to tune traffic flows in

a very granular and dynamic fashion

Higher complexity, because L4–L7 networking devices must fully

implement all protocols rather than passing data through unchanged

Ability to terminate and originate connections or sessions, allowing

tuning to meet the network-specific (and different) requirements of

mobile and fixed networks

Leveraging context to understand the relationship among requests,

by integrating information from the data and control planes

White paper From dumb pipes to smart services

© 2014 Senza Fili Consulting • www.senzafiliconsulting.com |4|

The addition of L4–L7 networking devices adds intelligence to traffic management,

but also complexity that may result in higher raw latency within the core network.

However, application-aware traffic management can make better routing decisions

that reduce the overall end-to-end latency and improve QoE, bringing a net benefit

to operators in terms of costs and performance. L4–L7 proxies can improve QoE and

efficiency in the use of network resources, and enable robust, cost-effective support

for advanced services.

By adding L4–L7 awareness to various elements in the data and control planes,

operators can shift their focus from increasing throughput (the raw count of bits per

second) to increasing “goodput” (the useful bits per second), which is more directly

correlated to improvements in QoE. To do so, they have to move beyond tracking

only simple metrics like raw latency, and work to manage traffic from the transport

layer to the application layers. While established metrics remain useful, measuring

quality purely at the lower network levels is no longer sufficient. What matters to

subscribers is their experience: i.e., how quickly web pages load or whether video

content plays without stuttering. The latency of any given packet does not matter to

them, nor does it adequately quantify how good the experience was. By trying to

maximize goodput rather than throughput, operators can access the benefits of

adopting L4–L7 devices that may increase core-network raw latency, but that can

improve traffic management and QoE because they have visibility into the conditions

and traffic from both the mobile and the internet sides.

To extract information from the transport and application layers with proxies,

operators have to move beyond managing traffic at the packet level. The reward is

better alignment with their goal of improving QoE by maximizing goodput so they

can support rich services that require advanced access to context and policy

implementation. The rest of the paper discusses examples of how traffic

management that uses L4–L7 intelligence can change the way operators treat data

and signaling traffic and the benefits operators may gain.

White paper From dumb pipes to smart services

© 2014 Senza Fili Consulting • www.senzafiliconsulting.com |5|

3. Adapting to increased traffic complexity. A dynamic approach to policy and context

Operators have to manage increasing volumes of data and signaling traffic in a

challenging environment, where network resources are limited, demand from

subscribers and the need to monetize new services are growing quickly – and

traffic characteristics and network utilization vary continuously across the

network and time. The basic IP approach that treats all packets in the same way,

regardless of application, content type, network load, subscriber, device, and

location is no longer sustainable; it leads to inefficient use of network resources

and hampers the ability of operators to offer and monetize compelling new

services.

L4–L7 processing facilitates a move to a dynamic traffic management approach.

It enables operators to continuously adapt traffic routing choices to enforce

advanced policy based on real-time context. Four mechanisms illustrate the new

functionality that this approach introduces:

Dynamic bandwidth controls, combining policy and application-layer

information to control the quality or amount of data allowed for different

services, content types or applications, tier or plan features, or devices.

For dynamic services, for which subscribers pay on an occasional basis,

the operator has to be able to change the level of service in real time (e.g.,

support a video call during peak time, by prioritizing video traffic to a

specific user).

Dynamic traffic steering, intelligently routing responses through a

particular path in the core network, to avoid wasting resources or adding

latency. For instance, knowing the application associated with traffic

enables the operator to decide which traffic should be directed to the

video or HTTP compressing servers, and under which network conditions

traffic should be compressed (e.g., the operator might want to compress

traffic only when and where the network is congested).

Dynamic service chaining, allowing operators to combine multiple

context and policy contributions. For instance, for a subscriber with

parental control activated, video content from a blocked URL does not

need to be sent to the video compression server; video compression can

be chained to a URL filter.

Dynamic header insertion, adding additional user- or context-specific

information in the packet header to pass on to OTTs and content

providers, or to use in their own applications. For example, an L4–L7

networking device can add user location as a header, thus allowing OTTs

to include targeted, location-based ads or coupons in the response.

Similarly, operators can dynamically inject ads into the application-layer

traffic to gain additional revenues.

Examples of dynamic traffic control for video content

Give premium subscribers prioritized access over other subscribers for video, and allow them to choose whether they want video to be compressed. Lower-tier subscribers may have no access to video content during peak hours, or when the RAN is congested

Charge prepaid subscribers differently to access the same video content based on network load

Offer discounts or free access to specific subscribers or at specific times to encourage service adoption

Compress, optimize or block video traffic depending on subscriber preferences or subscription plan, network load (e.g., compress only when/where network is at capacity), or roaming status (e.g., disable HD video or all video when roaming)

Decide whether and when to inject advertisements into responses, depending on subscriber preferences, plans, location, etc.

© 2014 Senza Fili Consulting • www.senzafiliconsulting.com |6|

4. TCP optimization for mobile and fixed environments. A better QoE from sitting in the middle

The internet was largely built on the success of IP, which was designed to allow

for continual innovation in scenarios and features. However, IP was not explicitly

designed for mobile scenarios. The traditional metrics used to assess the quality

of an IP connection are aimed at fixed scenarios, and most of the work to date

that has gone into finding ways to improve IP performance have thus also

targeted fixed scenarios.

Mobile operators deal with two distinct networks, however – the internet side

and the mobile side – and must manage any disparity between the two. TCP,

which is the most common protocol layered on top of IP, is successful because it

ensures robust, reliable delivery of messages. If operators cannot separately

manage the TCP traffic on the mobile and internet sides, the very robustness

that is an advantage in fixed networks can sometimes degrade overall

performance. Operators must be able to adjust window sizes and buffers

independently on the distinct connections if they wish to optimize overall traffic

flow. L4 networking devices, unlike routers, terminate and originate paired

connections, which means they are able to separately manage all aspects of the

connections used on each side.

Latency and the degree of packet loss are two of the primary measures of a TCP

connection. Because mobile data flows across both a mobile and a fixed network

each with different characteristics, it is not always appropriate to treat the two

connections identically. For example, traditionally in TCP networks, packet loss

indicates network congestion, and servers instruct clients to reduce data

bandwidth, often by temporarily decreasing the TCP window size. Packet loss on

a wireless network, however, is more often due to RAN interference, and

reducing the window size simply bloats the amount of header information sent

without decreasing packet loss.

An intelligent layer 4 networking device in the core that can see both the

internet and mobile sides of the connection is well located to decide when

congestion or interference causes packet loss. In this case, instead of decreasing

the window size, the device can ignore the missed packets, allowing the

application that requested the data to re-request the lost packets. Re-requests

that go back to the internet are exposed to the latency of the full path across the

mobile and internet networks. But when due to packet loss within the mobile

network, re-requests can be satisfied without taking the hop back to the

internet, generating much less of a latency penalty than re-requests on a typical

wired connection.

TCP optimization plays a central role in improving QoE where it is most needed:

in congested networks where traffic overload frequently reduces the efficient

use of limited RAN resources, and where the high number of active subscribers

makes high QoE and RAN efficiency a top priority for operators. By keeping

latency down, for instance, operators not only give their subscribers a better

user experience for real-time applications with video or voice, they also reduce

the content that subscribers download but never access when they give up

waiting, and the number of content re-requests.

White paper From dumb pipes to smart services

© 2014 Senza Fili Consulting • www.senzafiliconsulting.com |7|

5. Keeping ahead of changes in traffic type. Let real-time context determine network use

Mobile subscribers do not use the same services consistently across time. This

leads to periods that require more or fewer servers of a particular type; for

example, live-streaming video of a major sporting event can greatly increase the

need for video compression servers. More gradual changes in how subscribers

use their mobile devices can shift use patterns across longer periods.

Short-term spikes threaten to disrupt subscribers’ experiences and lower their

satisfaction. Long-term changes require operators to continually reevaluate the

number and ratio of servers dedicated to each service, adding an ongoing

burden for operations. Intelligently coping with both these short- and long-term

trends, while protecting both QoE and revenue, is critical but difficult.

NFV is a cost-effective way to scale services in the core because the marginal

cost to deploy and maintain a given virtual service is minimal. But operators still

need to determine how many virtual servers to deploy. An integrated NFV

solution with L4–L7 networking devices enhances operators’ ability to

dynamically and intelligently spin-up and spin-down additional instances of

different services as needed. When operators wish to add new features or

services, they can do so more effectively, because these devices in an NFV

environment ensure that the available hardware provides capacity just to those

services that are required. Operators need to have sufficient virtual capacity

available, but do not need to actively manage the virtual topology.

By examining the traffic at various layers, an L4–L7 proxy can detect, for

example, an increase in video traffic, and it can allocate new virtual video

compression servers to support this change in traffic pattern. This dynamic

strategy can lead to better QoE, giving users the best experience at all times

while also protecting revenue, and reducing capex and opex. Subscribers enjoy

rich experiences and operators build out only the scale truly required.

White paper From dumb pipes to smart services

© 2014 Senza Fili Consulting • www.senzafiliconsulting.com |8|

6. Manage applications, not packets. Leveraging the control plane with Diameter to improve QoE and drive revenue

As operators seek to avoid competing merely on the price of providing dumb

pipes, they need to be able to apply policy consistently and flexibly across their

network, tying policy enforcement to real-time context. As long as policy is

largely limited to basic rules, for instance to enforce traffic caps and bandwidth

throttling, information about traffic type or application used is of limited

relevance. In this case, the operator serves a request from a mobile device in the

same way, regardless of whether it is video or web browsing or whether the

network is at capacity or not, as long as the request falls within the subscriber

allowances.

Advanced policy and context are fundamentally dependent on services and

applications. Operators may decide to treat video and browsing data flows

differently across the network, or at different times and locations, or for

different subscribers. They may decide to add advertisements to video content,

but not during voice calls. They may charge more for on-demand services during

peak time, or allow some free data access during off-peak time. They may

provide free data access to some applications (e.g., Spotify to users who pay a

premium for the application) or in exchange for advertisement insertions. OTTs

may decide to cover some or all of the access charges that a subscriber incurs

while using their services.

These are just a few examples of a new generation of services that operators

have started to roll out as policy control and enforcement have become more

powerful and more widely embraced by mobile operators. One common feature

of these new services is that their definition is intrinsically tied to applications,

services and traffic types. To support these services, operators have to treat

mobile data traffic differently depending on the associated application. If they

continue to manage traffic at the packet level, they risk weakening their ability

to provide a consistent service or introducing unintended inefficiencies in their

networks.

Managing signaling traffic on the basis of its association to an application allows

operators to leverage advanced policy and context, and it is an approach that is

specifically advantageous in a mobile environment. Basic routing of control

plane traffic lowers the complexity and keeps the latency low, but also increases

the volume of signaling. In turn, this can lead to signaling floods that can cause

end-to-end network disruption, or to a wasteful use of network resources when

messages are forwarded unnecessarily.

Adding L4–L7 intelligence to the processing of signaling traffic enables operators

to steer signaling traffic as required, improving both the QoE and the utilization

of network resources. In addition, operators can recognize unusual traffic

patterns and use this information to prevent signaling floods, and keep

unnecessary signaling at a minimum.

With L4–L7 control data management – or dynamic routing of Diameter traffic –

the network can collate multiple sources of information (DNS, MSISDN, QoS,

location, rating, policy). This allows context-driven handling of signaling

messages, selectively directing them to the required resources, using load-

balancing session binding within Diameter and across protocols (e.g., Diameter,

and HTTP or SIP). As a result, dynamic routing paves the way to the optimization

of network resource use, topology hiding, and network overload protection. For

example, traffic routing at L4–L7 directs traffic to the relevant OCS server and

does so consistently through a voice or data session, as dictated by policy or

context, to enable consistent real-time charging that is required for add-on,

occasional or prepaid services.

White paper From dumb pipes to smart services

© 2014 Senza Fili Consulting • www.senzafiliconsulting.com |9|

With VoLTE, context-awareness becomes even more important. With the

introduction of VoLTE, voice becomes a data application managed within the

same IP-based framework as all other data applications. Yet voice has to be

treated differently – i.e., it has to receive priority over other traffic – for

operators to maintain the level of performance that subscribers expect and are

accustomed to. To ensure that calls can be initiated and received at all times,

and that sufficient network resources are allocated as needed, VoLTE services

generate levels of signaling activity that are substantially higher than other data

applications, especially because of the need to integrate VoLTE-related signaling

with the IMS within LTE networks.

A context-aware, intelligent signaling management element can control and

interface the IMS network for voice, video calls and other services. This is

required to ensure that all traffic related to the session is routed to the same

PCRF and OCS element for resource optimization, service consistency and

charging accuracy. Using network-wide session binding capabilities, the element

can match IMSI subscriber identity to framed-IP addresses over the Gx, Rx and

Gy interfaces, and keep and share state to achieve a highly scalable and

distributed deployment to cope with VoLTE’s complex signaling requirements.

A context-aware approach is a key enabler for voice services, because it provides

richer voice services and consistency across voice and data services, but it is

more complex to implement for voice than for data traffic because of the

specific requirements of voice services. In addition to the simple management of

voice calls, managing VoLTE traffic entails the ability to support session

management, binding and control across protocols, to enable voice services

across multiple network interfaces, and during roaming and mobility scenarios.

The adoption of context-aware, application-based signaling strengthens mobile

operators’ ability to support more complex service offerings – especially as they

combine multiple policy instantiations that may require sessions to be bound

together, or not, depending on contextual information.

For instance, an operator may offer a family plan with combined or separate

application-based services. This might be a plan in which only some of the

participants have parental control enabled, or only some have specific services

(e.g., unlimited voice, unlimited Facebook access, or roaming enabled), but the

overall traffic allowance is shared among participants (i.e., 10 GB/month for the

family plan, without individual allocations). Or a subscriber may decide to have

video compressed when using the smartphone but not when using a tablet or a

laptop, or not during off-peak hours if traffic at that time is charged at a lower

rate.

© 2014 Senza Fili Consulting • www.senzafiliconsulting.com |10|

7. Protecting the user, the network, and the applications. Establishing a multilayer defense

The network infrastructure owned by operators is their most important asset.

Subscriber retention and satisfaction crucially depends on network reliability and

availability. Network security is more vulnerable in LTE than in legacy networks, and

mobile networks offer an attractive and obvious target. Even a partly successful

attack on their infrastructure (or even nonmalicious, unintentional network

disruption that may be caused by a faulty application update or software upgrade)

can affect trust and reputation.

Mobile clients are a dangerous vector of attack, due to the sheer number of devices,

device types and protocols. An L4–L7 networking device in the mobile core can

detect anomalies in data traffic that may indicate malicious or disruptive activity at

all layers (network, session and application), and ensure that attacks are detected

and isolated as early as possible (see table on the right).

What happens during a SYN flood, a common type of attack against mobile

networks, illustrates the relevance of the L4–L7 intelligence. TCP connections from a

client to a server begin with the client sending a particular message (SYN), which the

server acknowledges via a SYN ACK response, which the client then completes with

its own ACK. Until the final ACK is received, the server waits (for a particular period),

holding the connection open. In a SYN flood, a malicious client issues multiple SYN

requests but ignores the SYN ACK sent by the server, never responding with its own

ACK. This causes the server to keep multiple connections open indefinitely, as the

server waits for the ACKs. This will eventually cause the server to run out of

connections to use for valid requests. Because an L4–L7 proxy in the core has

independent TCP connections to the UE and to the internet, it can detect and then

block rogue requests from reaching upstream servers.

Defending against network attacks by leveraging L4–L7 intelligence

SYN attacks. L4–L7 proxies can detect malicious clients that leave half-open connections unacknowledged, and it can prevent those clients from targeting servers upstream

IP port scan attacks. L4–L7 proxies can guard against clients that probe large ranges of addresses and ports, hoping to find unpatched or otherwise vulnerable servers. This makes it more difficult for attackers to find and exploit vulnerabilities of servers within the operator’s network

DNS floods. L4–L7 networking devices can inspect traffic and – because they can understand the full protocols, such as UDP – detect that clients are issuing large numbers of queries that overwhelm DNS servers or attempt other well-known attacks on the DNS system. By isolating the clients from a direct connection to the DNS servers, they can stop the attacks early

SQL injection. Because L4–L7 networking devices can process application-level messages, they can look for HTTP-based attacks, such as those in which crafted SQL statements are submitted to a web server by a malicious client to take advantage of a vulnerability in the web application running on a server

URL filtering. Preventing access to unsafe internet sites protects subscriber devices from becoming attack targets and launch platforms for further attacks

© 2014 Senza Fili Consulting • www.senzafiliconsulting.com |11|

8. Conclusions. Manage applications, not packets, to improve subscriber experience

Network infrastructure continues to expand in complexity and in the scale of traffic handled on both the user and control planes. The evolution in hardware solutions

has yielded large improvements by optimizing the lower, media layers of the stack – e.g., by moving to hardware routers that minimize latency and other simple

metrics that measure the raw ability of the UE to reach the internet.

However, the growing volume and complexity of data and signaling traffic have started to limit the benefits of optimizing basic IP routing at L1 and L2, and to add

inefficiencies in the use of network resources. As a result, mobile operators can no longer keep up with capacity and QoE requirements without significant increases in

capex and opex.

Managing data and signaling traffic with L1–L3 IP routing devices is turning mobile networks into commodities. Once the media layers are fully optimized, networks

will behave similarly, given a similar investment in infrastructure. To make further improvements – both in terms of QoE and revenue generation – operators need to

look farther up the stack, and seek optimization at the higher layers. With access to granular context-based information from the transport layer to the application

layer, L4–L7 networking devices enable operators to take advantage of much richer and more relevant information. As a result, operators can make dynamic policy

decisions, route sessions intelligently, allocate additional capacity for various services as needed, and maximize the utilization of their networks. They can direct their

efforts to launching and supporting innovative services on their networks, rather than on simply competing to provide the fastest processing of data packets, which

does not necessarily provide the best user experience. An L4–L7 networking device unavoidably adds another hop, but intelligent, dynamic and context-driven routing

decisions deliver QoE and efficiency improvements that greatly outweigh the cost of the extra processing step.

By dynamically adjusting to the user, conditions and content, L4–L7 networking devices may reduce end-to-end latency – the type of latency that subscribers

experience. By preventing unnecessary steps (e.g., by sending traffic to the video optimizer only when it makes sense for both the user and the operator to compress

video) and by optimizing the TCP connections separately on the mobile and internet sides, L4–L7 networking devices may improve QoE. A better subscriber

experience – an end-to-end experience that is faster and more reliable, whether for viewing web pages, streaming video, or playing games – and the ability to support

efficient use of network resources are the foundation needed for operators to successfully launch, support and monetize a new generation of services.

© 2014 Senza Fili Consulting • www.senzafiliconsulting.com |12|

Glossary

ACK Acknowledgement

DNS Domain name system

HTTP Hypertext transfer protocol

IMSI International mobile subscriber identity

ISDN Integrated services digital network

IP Internet protocol

L1 [OSI] layer 1

L2 [OSI] layer 2

L3 [OSI] layer 3

L4 [OSI] layer 4

L7 [OSI] layer 7

LLC Logical link control

LTE Long term evolution

MAC Media access control

MSISDN Mobile subscriber ISDN number

NFV Network functions virtualization

OCS Online charging system

OSI Open Systems Interconnection

OTT Over the top

PCRF Policy and charging rules function

QoE Quality of experience

QoS Quality of service

RAN Radio access network

SIP Session initiation protocol

SQL Structured query language

TCP Transmission Control Protocol

UDP User Datagram Protocol

UE User equipment

VoLTE Voice over LTE

|13|

About Senza Fili Senza Fili provides advisory support on wireless data technologies and services. At Senza Fili we have in-depth expertise in financial

modelling, market forecasts and research, white paper preparation, business plan support, RFP preparation and management, due

diligence, and training. Our client base is international and spans the entire value chain: clients include wireline, fixed wireless, and

mobile operators, enterprises and other vertical players, vendors, system integrators, investors, regulators, and industry associations. We

provide a bridge between technologies and services, helping our clients assess established and emerging technologies, leverage these

technologies to support new or existing services, and build solid, profitable business models. Independent advice, a strong quantitative

orientation, and an international perspective are the hallmarks of our work. For additional information, visit www.senzafiliconsulting.com

or contact us at info@senzafiliconsulting.com or +1 425 657 4991.

About the author Monica Paolini, PhD, is the founder and president of Senza Fili. She is an expert in wireless technologies and has helped clients worldwide

to understand technology and customer requirements, evaluate business plan opportunities, market their services and products, and

estimate the market size and revenue opportunity of new and established wireless technologies. She has frequently been invited to give

presentations at conferences and has written several reports and articles on wireless broadband technologies. She has a PhD in cognitive

science from the University of California, San Diego (US), an MBA from the University of Oxford (UK), and a BA/MA in philosophy from

the University of Bologna (Italy). She can be contacted at monica.paolini@senzafiliconsulting.com.

© 2014 Senza Fili Consulting, LLC. All rights reserved. This white paper was prepared on behalf of F5 Networks Inc. The views and statements expressed in this document are those of Senza Fili Consulting LLC, and they should not be inferred to reflect the position of F5 Networks. The document can be distributed only in its integral form and acknowledging the source. No selection of this material may be copied, photocopied, or duplicated in any form or by any means, or redistributed without express written permission from Senza Fili Consulting. While the document is based upon information that we consider accurate and reliable, Senza Fili Consulting makes no warranty, express or implied, as to the accuracy of the information in this document. Senza Fili Consulting assumes no liability for any damage or loss arising from reliance on this information. Trademarks mentioned in this document are property of their respective owners. Cover page photo by Chones/Shutterstock.

|14|

F5 Service Provider Portfolio: Intelligent Layer 4-7 Network Solutions Delivering Smart Services

F5 is dedicated to enabling fixed and mobile service providers to leverage next

generation networks to provide a superior customer experience. Intelligent L4-

L7 network devices play a primary role in our approach in solution design for

service providers to stay on top of the telecom value chain for subscribers. These

technologies allows service providers to maintain high quality of experience,

network performance, while expanding their service and product offerings in a

customized fashion to specific audiences.

Here are some examples of F5 solutions:

Diameter Signaling Management Solutions

Diameter signaling messages serve as an excellent source of information on

network operations and subscribers, which when extrapolated, may be used to

differentiate service offerings and improve the customer experience. F5’s

industry-leading Diameter Traffix Signaling Delivery Controller™ (SDC™) solution

gives operators the required network visibility into the control plane. It routes

Diameter messages according to an unlimited combination of AVP values for

optimal routing flexibility. It uses the granular information found in Diameter

messages for network management, scale, and optimization. As the market’s

most mature Diameter solution, the SDC consolidates a Diameter Routing Agent

(DRA), a Diameter Edge Agent (DEA), a Diameter load balancer, and a Diameter

gateway and translation (including interworking function (IWF)) on a single

platform. Operators benefit from context-aware intelligent routing, reliable load

balancing, and flexible, seamless connectivity for fast to market roaming

solutions and many other use cases such as OCS optimization.

Intelligent Traffic Management and Policy Enforcement Solutions

F5 offers intelligent traffic management solutions on a unified platform that

simplifies delivery of network services such as dynamic service chaining. Using

context and subscriber aware technology, BIG-IP® Policy Enforcement

Manager™ (PEM) offers a full proxy architecture and rich IP capabilities for

critical traffic visibility and analytics and sophisticated traffic steering capabilities,

including the ability to inspect and route traffic based on data type and

subscribers’ profiles. By leveraging this intelligent information, PEM enables

|15|

operators to implement bandwidth controls per subscriber or application, along

with dynamic traffic steering that simplifies delivery of network services.

DNS Services to Manage Network Growth

F5 offers comprehensive control and data plane solutions that optimize,

intelligently scale, and securely manage messaging interfaces such as RADIUS,

DNS, and SIP. F5 BIG-IP® Global Traffic Manager™ (GTM) is our DNS solution for

service providers to optimize their LDNS, Auth. DNS, and Infrastructure DNS and

deliver a higher subscriber quality of experience, resulting in increased revenues

and reduced churn. BIG-IP delivers a high performance DNS authoritative

solution scaling to surpass demand and securing your DNS infrastructure from

distributed denial-of-service (DDoS) attacks. With destination geolocation,

operators route traffic differently depending on where subscribers are in

relationship with core network resources, or use locally cached content. GTM

delivers faster DNS responses, provides optimized access to mobile services, and

enables an enhanced subscriber experience.

Application Delivery Firewall Security Solutions

F5 offers integrated, high-performance ICSA certified security solutions, such as

the F5 Advanced Firewall Manager that protects the entire network

infrastructure, and scales to perform under the most demanding conditions.

Operators benefit from the solution’s intelligence and flexibility for

enhancement and simplification of network security in the increasingly

threatening landscape, with a common platform to deliver applications and

improve responsiveness. F5 security solutions offer a stateful, full-proxy network

firewall with unparalleled session scale, throughput, and connections per

second, and defend against DDoS attacks across all layers including network,

session, and application, including SYN floods and IP sweep attacks, and DNS

floods. The F5 Application Security Manager enhances security for applications

by providing comprehensive web security and L7 DDoS protection.

In a roaming scenario, the SDC’s Diameter edge agent (DEA) provides secure

connectivity, protecting the network from connectivity with roaming partners.

SDN and NFV Solutions

F5 solutions provide service providers with the ability to move to software-

defined networking (SDN) and Network Function Virtualization (NFV)

architectures. F5 products are available across a variety of platforms, from highly

scalable physical devices with virtualization options to virtual editions, ready-to-

run F5 solutions on all major hypervisors. The flexible and programmatic F5 APIs

give service providers the tools to tie F5 solutions into virtualization

management and orchestration systems for an agile and dynamic network. This

includes the ability to monitor service utilization, proactively add resources as

demand increases, and de-provision resources when demand decreases.

|16|

About F5

F5 (NASDAQ: FFIV) provides solutions for an application world. F5 helps organizations seamlessly scale cloud, data center, and software defined networking (SDN)

deployments to successfully deliver applications to anyone, anywhere, at any time. F5 solutions broaden the reach of IT through an open, extensible framework and a rich

partner ecosystem of leading technology and data center orchestration vendors. This approach lets customers pursue the infrastructure model that best fits their needs

over time. The world’s largest businesses, service providers, government entities, and consumer brands rely on F5 to stay ahead of cloud, security, and mobility trends.

For more information, go to f5.com.

For more information on F5 solutions for communications service providers, visit the Service Provider section of f5.com or contact: info@f5.com

F5 Networks, Inc.

Corporate Headquarters

info@f5.com

F5 Networks, Inc.

401 Elliott Avenue West,

Seattle, WA 98119

888-882-4447

www.f5.com

F5 Networks

Asia-Pacific

apacinfo@f5.com

F5 Networks Ltd.

Europe/Middle-East/Africa

emeainfo@f5.com

F5 Networks

Japan K.K.

f5j-info@f5.c

©2014 F5 Networks, Inc. All rights reserved. F5, F5 Networks, and the F5 logo are trademarks of F5 Networks, Inc. in the U.S. and in certain other countries. Other F5 trademarks are identified at f5.com. Any

other products, services, or company names referenced herein may be trademarks of their respective owners with no endorsement or affiliation, express or implied, claimed by F5.