Telco Cloud | 5G Magazine Sep 2022 Edition

What is a telco cloud? How is the difference between telco and IT cloud? What are the industry solutions to migrate to telco cloud? Who are the leading telco and IT cloud vendors? What are their solution offerings and strategies? How can telcos successfully migrate to telco cloud?

Featured articles in this edition

Spotlight Your Innovation in 5G Magazine

The Private Network Revolution

Network Complexity

Networks are becoming increasingly more sophisticated and complex. On the one hand, operators need to manage their existing networks; on the other, the sprint towards 5G adds to the complexity that operators need to manage, while also bringing many advantages. For example, V2V and V2X technology, AR/VR, smart cities, ultra-HD video services, smart industry 4.0, and a continuously and more densely connected world are some of the realities of 5G.

Delivering exciting new services to consumers and enterprises, while also opening up new revenue streams to operators, are made possible due to ultra-reliable low latency communication (URLLC), enhanced mobile broadband (eMBB), and massive machine type communication (mMTC) that are attainable with 5G connectivity.

Other complexities that come along with 5G are RAN virtualization, Core virtualization (which is the move to 5G SA), and hybrid cloud computing (managing the 5G SA Core, as well as managing legacy networks). The new technologies and network architecture will increase efficiency, reduce costs, and provide the end-user with a great customer experience.

Challenges for Operators

When upgrading their network architecture to embrace the 5G environment, operators need to be aware of numerous challenges. Previous generations of mobile technology are mature and understood, whereas the 5G architecture (RAN and Core) is new, so some elements must be ironed out.

It is important to note that in a physical network, things are less complicated than in a virtualized network. Adding to this complexity is that virtual networks are much more dynamic, and things can change on the fly. A network function could be X, then switched to Y instantly. This is not something physical hardware based 4G network would be able to do.

In a world where operator budgets are squeezed and the personnel required to keep up with the demand for services, operators are streamlining their network operations to manage OPEX and CAPEX. Therefore, finding a way to keep pace with customer expectations and monitor the network efficiently is becoming more and more imperative.

Given the complexity of 5G networks, operators are harnessing the power of technology and turning to an increased usage of AI/ML to cover various job functions. Network operators essentially need an automated approach to managing their 5G networks. Why? Simply put, it is becoming impossible to keep assuring such systems on a purely manual basis.

Another facet to consider when implementing 5G is customer experience. Despite all the challenges and complexities, at the end of the day, the 5G network transformation needs to be transparent to customers, and operators need to deliver a great customer experience.

However, with new technologies being implemented and merging with older systems, there is the danger of things falling through the cracks. How would an operator know if customers are experiencing crashes or other disruptions in their service/connectivity? Why risk a high customer churn rate?

Benefits of Automation

Having a system in place that allows you to handle a massive amount of data at a breakneck pace provides some distinct benefits, such as:

Lower Operating Expenditure – Automation increases efficiency, which in turn will allow for a lowering of expenses. Operators will be able to maintain a critical skilled workforce and let artificial intelligence/machine learning handle tasks that are more easily done by machines.

Customer Centricity – Automation allows you to focus on the customer experience proactively. Not waiting for issues to occur but detecting and rectifying service degradations before they affect customers.

Consistency – Human error can creep into any task or manually led system. Removing monotonous tasks such as data entry and using artificial intelligence (AI) to teach people higher-order operations enables a consistent and more accurate output.

Improved QoE – Consistent monitoring allows for a smoother QoE, noticing problems even before they may become issues for customers.

Increase Revenue – By providing a superior quality of service, such as the points mentioned above, operators can increase their revenue by offering premium services to customers.

At its core, automation is nothing without the correct data that facilitates data-driven decisions and activates closed-loop operations.


Operators need an automated assurance solution that gives them real-time insights (using AI/ML) into what is happening inside their networks, which essentially enables them to have high-level automation. This will also allow for the standards of Quality of Experience (QoE) to remain high.

The RADCOM ACE portfolio, including RADCOM AIM, provides this. Using our innovative technology, we enable operators to gain the right data to enable closed-loop network operations.

Automated Assurance – Automates solution deployment for on-demand instantiation, scaling, healing, and updating for a closed-loop approach to assurance with Kubernetes controlling the containerized components’ lifecycle, ensuring the operator always has complete network visibility.

Fully Cloud-Native – RADCOM ACE is developed from the ground up with a cloud-native design, allowing rapid deployment as containers in multiple cloud environments to provide insights across multiple clouds (public, private and hybrid) all in a single solution.

Advanced built-in AI and ML – Our AI and ML capabilities are built into the solution from inception, allowing for a variety of AI-based use cases, such as Anomaly detection, Predictive and Prescriptive Customer Experience analytics in real-time. This enables the operator to trigger closed-loop actions to deliver great customer experiences proactively.

Supports 5G SA Advanced Use Cases – Smartly monitors end-to-end network slicing, edge computing and private networks to offer operators a future-proof solution for dynamic monitoring of critical revenue-generating services

RAN to Core Analysis – Gain a service-level understanding of the real E2E customer experience by providing the operators with data from across all their services and networks for complete network visibility to enable automated network operations.

Data Monetization – Once automation is in place, operators can gather a vast amount of data from various sources. Using this data to target their users and catering specific services to their needs by monetizing it can provide another revenue source for the operator and a superior customer experience.

So Why Automated Assurance?

To ensure 5G network quality, operators must deploy cloud-native assurance solutions with built-in AI/ML. This will provide the most efficient way to embed artificial intelligence into the network that will help engineers manage their networks. As crucial as assurance is, it cannot be done in today’s complex environment without an automated approach. Our solution enables operators to stay ahead of the curve and implement closed-loops operations.

In short, RADCOM ACE provides complete visibility and rich data insights that trigger closed-loop actions to ensure service quality and proactively prevent network degradation, ensuring a superior customer experience and operational excellence in 5G, enabling operators to move to closed-loop automation.


Edge Computing and 5G for Enterprise

Digital transformation requires edge computing. Various edge computing applications such as augmented reality, IoT, machine learning, drone control, and robotics are already revolutionizing industries ranging from manufacturing to warehouses to agriculture and additional verticals. An added enhancement to edge computing is the use of private 5G networks

A private 5G network is a captive network that can be used only by the enterprise. It is an efficient network to connect end devices to edge computing applications that provide high reliability, low latency, security, and energy efficiency.

Aarna Networks - figure 1

Nokia Bell Labs estimates that the 5G and Edge Computing space will be 800 billion in 2030

Aarna Networks estimates that the Management piece of the 5G and Edge Computing space will be 64 billion in 2030

Problem Statement

Management Complexity

With 5G and Edge computing, there is an explosion of management complexity because there are hundreds of software instances (that include edge applications and private 5G applications), tens of thousands of edge locations, and tens of infrastructure providers. Existing approaches and solutions are not able to adequately scale to address this complexity.

Aarna Networks Problem statement - figure 2

Aarna Networks Solution

Edge Computing and Private 5G

Aarna Networks approaches edge computing and 5G from a management plane point of view. Specifically, Aarna Networks solves enterprise edge and private 5G complexity through zero-touch infrastructure network services and edge application orchestration and management.

Aarna Networks Multi-Cluster Orchestration Platform (AMCOP) takes thousands of applications and orchestrates them across tens of thousands of K8s clusters based on business intent. AMCOP leverages templating, machine learning, and big data to solve management complexity.


Case Study | Aarna & Keysight

Aarna and Keysight Build CI/CD Test Automation

AMCOP and LoadCore™ integration automates workflows, create efficiencies, and enables CI/CD

Summary – Keysight Technologies’ LoadCore solution simulates mobile subscribers and generates traffic under real network conditions for systems testing and analysis. Formerly a manual process, Keysight integrated Aarna Networks’ AMCOP solution with LoadCore to automate workflows, create efficiencies, and enable Continuous Integration / Continuous Delivery (CI/CD).

Benefits – Test cases that fail are now automatically decommissioned which simplifies test analysis, avoids manual configuration steps, and reduces OPEX by conserving server resources and staff time. What once took hours and days has now been automated to run continuously as a seamless component of the CI/CD workflow. For example, for a 100,000 UE Simulation with 100 Tests, the amount of manual effort can be cut from from 1 week to just 2 minutes. 

“Leveraging AMCOP into the LoadCore offering certainly reduces test time and costs – but even more importantly – it reduces human intervention and creates a truly dynamic CI/CD environment for today’s elastic scaling environments.” – Daniel Musat, Keysight Technologies

Read more about Aarna Networks and Keysight Case Study


Case Study | Aarna and Tigo

E2E Network Services Automation

Tigo Guatemala and Aarna Networks leverage an open source cloud-based solution to automate E2E services discovery and testing

Summary – TIGO Guatemala with the help of Aarna Networks automated the discovery and testing of end-to-end services and devices for customers using their MPLS network through a cloud-based solution utilizing key ONAP components deployed onto Kubernetes clusters. This automation improved efficiency and reduced their Mean Time to Response (MTTR) to incidents – a key performance metric.

Benefits – Using ONAP, Tigo can now configure and communicate with 10-12 different models of devices on their MPLS network, avoiding the need for manual configuration templates. The automation is helping Tigo to detect, diagnose, and start remediating incidents, oftentimes before the customer can detect and report it. 

“We were surprised by all the things that are possible with ONAP! Aarna Networks helped us take advantage of using open source projects and achieve tangible improvements in our key performance metrics like MTTR. We expect to leverage more platform capabilities in the future and use ONAP to help us migrate towards a virtual network.” – Michel Rmairez, Tigo Guatemala (Millicom)

Read more about Aarna Networks and Tigo case study


Case Study | Aarna Networks and Equinix

EMCO: Infrastructure as Code

Equinix taps infrastructure as code from EMCO to simplify orchestration for customers

Summary – Equinix saw growing customer demand for hybrid MEC with edge applications requiring services in one or more domains. Leveraging the EMCO project and working with Aarna Networks, Equinix allowed customers to see and enable infrastructure uniformly across domains, then deploy applications on top of it in just a few clicks. 

Benefits – With EMCO, because it’s multi-domain, Equinix can expand their capabilities to reach past the front door into the cloud for configuration and application. They can reduce complexity by using EMCO to make orchestration easier for their customers, thereby increasing consumption.

“The big lesson for me is that we can now think of composing and orchestrating physical infrastructure as if it were software. Infrastructure-as-code is becoming the most popular way of configuring resources. EMCO helps us make it look as though it’s driven by intelligent workflow, all the way up to intent-based infrastructure enablement.” – Oleg Berzin, Equinix

Read more about Aarna Networks and Equinix case study


5G is not just an incremental improvement on previous mobile network generations — it is a true revolution in how we communicate, work, and play. Ubiquitous super-fast, low-latency bandwidth is transforming all industries and sectors, bringing new use cases and innovation potential.

Telecom operators globally are gearing up to get their networks ready for 5G deployment to stay ahead of the competition. The 5G infrastructure market is growing exponentially with a CAGR of 60% and is estimated to reach a total market size of about $50 billion by 2027.

5G networks are set to handle new mission-critical data-heavy applications, including telemedicine, self-driving cars, and real-time industrial applications. These and many more use cases rely on fast, accurate, and reliable 5G connectivity. Time synchronization is critical for 5G to function. Without precise and accurate time synchronization, the 5G services stop operating.

An incorrectly synchronized base station will interfere with the 5G operations of other operators, creating wider network and security problems. Telecoms operators are at crossroads. They need to deliver accurate and secure 5G synchronization across their networks. However, this means increasing CAPEX to ensure their networks are set for 5G rollout.

According to a report by Kearney (April 2020), the synchronization cost is estimated between 3-5% of the total 5G network rollout cost, i.e., $1.5-2.5 billion in 2027 and can in many cases require a large forklift upgrade of old infrastructure to enable PTP network synchronization. These rising costs are prohibitive for several operators around the world.

As the 5G rollout is well underway, operators need to leverage technology solutions that can help them achieve network synchronization quickly, securely, and cost-effectively.

The 5G infrastructure market is growing exponentially with a CAGR of 60% and is estimated to reach a total market size of about $50 billion by 2027.

The 5G synchronization requirements

Network synchronization is a critical function for mobile networks that ensures new applications and services work efficiently. Although 4G/LTE networks already posed significant synchronization requirements, 5G means new and more stringent synchronization expectations for mobile networks. 5G brings an increased focus on TDD (Time Division Duplex) technology, which requires a much tighter synchronization compared to technologies like FDD (Frequency Division Duplex) as in most 4G/LTE networks.

New features and advanced network techniques such Massive MIMO, Carrier Aggregation (CA), License Assisted Access (LAA), and Coordinated Multi-Point (CoMP) transmission both in terms of neighboring base stations and devices across the network.

The challenges of GPS-based synchronization solutions

The two most common methods to deliver synchronization to base stations and small cells in mobile networks are Global Navigation Satellite System (GNSS) such as the Global Positioning System (GPS) and Precision Time Protocol (PTP). GNSS solutions deploy GPS receivers together with the base station antennas. They provide highly accurate network synchronization but suffer from limitations. The densification of mobile networks with many small cells increases the costs of GNSS-based solutions.

These solutions are also vulnerable as they are susceptible to security vulnerabilities, either by blocking them out completely (“jamming”) or by replacing the GNSS signal with a similar but incorrect signal (“spoofing”). 

National authorities in countries like Sweden are explicit that a GNSS-independent solution to transport synchronization is a mandatory requirement for operating a 5G network as 5G is considered mission-critical infrastructure. The efficiency of GNSS-dependent solutions is also compromised by geography and landscape.

As 5G mobile networks bring increased demands on cell density, indoor cell coverage, and deployment in challenging geographical areas, such as tunnels, buildings, and factories where satellite visibility is compromised pose significant problems. Similarly, deployment in areas with limited satellite visibility, including urban areas where buildings obstruct the view and rural areas with deep forests and canyons, demonstrates the limitations of GPS-dependent solutions.

PTP solutions are too costly

Precision Time Protocol (PTP)

An alternative 5G synchronization method is network-based timing based on packet switching technology, mainly Precision Time Protocol (PTPor IEEE1588v2), supported by Synchronous Ethernet (SyncE). While PTP solutions do not suffer the same weaknesses as GNSS-based timing in terms of safety, robustness, and ease of deployments, there are still considerable challenges when introducing support for PTP and/or SyncE in mobile networks.

PTP requires new investments in new or upgraded hardware

In particular, the transition to network-based timing requires considerable investments in new or upgraded hardware equipment and software since PTP require every node to provide on-path PTP support (in HW) to ensure accuracy. High-precision synchronization may require existing networks to be reorganized to provide proper conditions for the communication of timing information.

Alternatively, new, parallel infrastructures may need to be established exclusively to carry this information. These investments require operators to do the heavy lifting to transition their full networks to network-based timing.

White Rabbit with PTP & SyncE

Further synchronization technologies that could be considered for 5G mobile networks include White Rabbit, which combines PTP and SyncE and introduces additional mechanisms to improve synchronization accuracy. White Rabbit is designed to meet the stringent requirements for particle accelerators and is typically used in dedicated fiber or LAN environments.

Over-the-Air Time synchronization

Another approach is Over-the-Air Time synchronization (OTA), which is designed for ultra-reliable and low-latency communications (URLLC). OTA is a radio interface-based synchronization solution that has been used for synchronizing base stations in 4G/LTE and is an alternative that is put forward for 5G mobile networks in the RAN (Radio access Network).

Powering innovation in 5G Synchronization

While time synchronization is a mission-critical capability for 5G, it is also increasingly important for other market segments, including power networks, synchronization of distributed databases, stock exchange trading, distributed video production, and defense networks. This means that other real-time critical network installations, such as digital terrestrial television (DTT) networks face similar synchronization challenges with stringent frequency, phase synchronization, and accuracy of ~1 µs requirements.

Reduced CAPEX and OPEX

Net Insight’s Precision TimeNet (PTN) solution has been developed and deployed to address these challenges in DTT networks in 15 countries and was recently chosen by Turk Telekom for its 5G rollout. Precision TimeNet provides the distribution of absolute time with very high accuracy over the existing IP network. PTN does not require all nodes to be upgraded for on-path PTP support, which means operators benefits from significantly reduced CAPEX and OPEX, and rollout times.

PTN delivers the cost, deployment, and performance efficiencies by creating a virtual synchronization network. This network runs over the existing IP network that distributes time from clock sources such as atomic clocks out to base stations or the radio access network while managing all redundancy, security, and asymmetries in the IP network.

Over-the-Air Time synchronization

The Precision TimeNet solution has been augmented with software for running over public managed IP networks with possible delay asymmetries. It is open and interoperable, enabling operators to integrate it within their existing network infrastructure without any interoperability problems.

PTN complements GPS-based solutions, addressing their security challenges cost-efficiently. The solution enables geographically disadvantaged regions such as rural areas to access good bandwidth. This is crucial as part of national and global strategies to overcome digital divides and level the playing field for all markets.

This result becomes possible by removing the cost of replacing the entire underlying network infrastructure to enable 5G deployment. PTN is also an environmentally sustainable solution as it reuses existing communication equipment, minimizing the telecom network footprint.

5G: From vision to reality

5G delivers unparalleled connectivity that is shaking up the future of telecom and mobile communications, powering new use cases and business models across industries. So far, the speed of the 5G rollout has been compromised by the costs and complexity associated with network synchronization, deepening digital divides across markets and geographies.

Precision TimeNet is an innovative solution that leverages existing telecom networks without requiring further CAPEX. In doing so, it delivers the accuracy, security, and low latency operators need to accelerate 5G deployment. Precision TimeNet is a fully open, standards-based solution that enhances interoperability, enabling telecoms organizations to integrate it within their current infrastructure and reap its benefits. Precision TimeNet paves the way for the future of mobile and telecommunications, enabling operators across the world to turn their 5G vision into a reality for everyone.

Telco Automation Requirements and Challenges

Telco requirements for successful 5G journey – Telcos need to implement 5G while simultaneously lowering operating costs and improving agility. Zero-touch provisioning of the network and automated ongoing maintenance of that network are necessary to achieve these goals.

Telco challenges – The transition from VNF to CNF and the transition to the public cloud provide opportunities for cost savings and increased agility. To take advantage of this, telcos must meet the challenges of managing large numbers of sites, zero-touch automation with a human-free control loop, optimization of scarce edge resources, and addressing the limitations of legacy out-of-band network automation.

Automation industry gap – Having multiple automation control planes for different types of infrastructure and different types of network functions makes it impossible to provide interconnected automations that maintain consistency across layers. It also makes it impossible to automatically adapt interrelated layers when one of them changes. There is need to consolidate automation control planes and bring all the declarative, active reconciliation benefits to the entire stack.

Issue with existing Infrastructure-as-Code automation

Complex templates that intermingle code and data are exceptionally difficult to test and maintain. Also, because templates generate manifests as output, you can’t edit those manifests afterward (they’ll be overwritten next time you run the template). This means every single field in every resource ends up as an input to the templates. The results are massive lists of parameters that are not easily understood.

Conditionally generated config based on those inputs makes intent-based continuous reconciliation difficult or impossible. It also results in debugging issues – you have to backtrack from what is in your cluster through all the conditionals to figure out how to fix a problem. 

Key solution requirements

Below are the three key solution requirements to be considered:

  • A cloud native solution, beyond just containerizing to get the cost, scalability, and efficiency benefits of the cloud.
  • Separate requirements for workload infrastructure and its implementation to increase the portability of the workloads across platforms.
  • Cloud-native network functions should use declarative configuration with active reconciliation.

Nephio: Solution Overview

Nephio is Kubernetes-based intent-driven automation of network functions and the underlying infrastructure that supports those functions. It allows users to express high-level intent, and provides intelligent, declarative automation that can set up the cloud and edge infrastructure, render initial configurations for the network functions, and then deliver those configurations to the right clusters to get the network up and running.

Nephio breaks down the larger problem into two primary areas:

  • Kubernetes as a uniform automation control plane in each site to configure all aspects of the distributed cloud and network functions
  • An automation framework that leverages Kubernetes declarative, actively-reconciled methodology along with machine-manipulable configuration to tame the complexity of these configurations i.e. extends intent-based automation up the stack through the Kubernetes based automation framework.

Benefits of Nephio Kubernetes Based Cloud Native Automation


An open, simple, widely adopted Kubernetes-based cloud-native automation that enables multi-vendor support, faster onboarding, easier lifecycle management, embedded control-loop, active reconciliation, and service assurance — reducing cost by efficiency and agility.

Cloud Providers

A common cloud-based automation framework based on well-proven Kubernetes technology minimizes the levels of custom automation solutions needed for each application. Kubernetes-based automation enables faster development with known technology and assures network functions will deploy and run reliably on top of the Cloud.

Network Function Vendors

A Kubernetes based cloud native automation enables easier multi-vendor integration with cloud providers, makes Network Function onboarding to cloud easier and improves the overall customer experience with simple and reliably integrated cloud native automation.

Nephio Kubernetes as a Uniform Automation Control Plane

Utilizing Kubernetes as the automation control plane at each layer of the stack simplifies the overall automation, and enables declarative management with active reconciliation for the entire stack. 

We can broadly think of three layers in the stack, as shown in below figure 1. 

  • Cloud infrastructure
  • Workload (network function) resources
  • Workload (network function) configuration

Nephio is establishing open, extensible Kubernetes Custom Resource Definition (CRD) models for each layer of the stack, in conformance to the 3GPP & O-RAN standards.

Nephio | Figure 1: Configuration Layers
Source: Nephio | Figure 1: Configuration Layers

Cloud automation layer

For the cloud automation layer (1), Nephio publishes Kubernetes-based CRDs and operators for each public and private cloud infrastructure automation that is in conformance to industry standards (e.g., O-RAN O2 interface).

These CRDs and operators can make use of existing Kubernetes-based ecosystem projects as pluggable southbound interfaces (e.g., Google Config Connector, AWS Controllers for Kubernetes, and Azure Service Operator), providing an open integration point and more uniform automation across those providers.

Workload resource automation

The workload resource automation area (2) covers the configuration for provisioning network function containers and the requirements those functions have for the node and network fabric. This includes the native Kubernetes primitives and industry extensions such as multi-network Pods, SR-IOV, and similar technologies.

Today, using these effectively requires complex Infrastructure-as-Code templates that are purpose built for specific network functions. Taking a Configuration-as-Data, Kubernetes CRD approach, capturing configuration with well structured schemas, allows development of robust standards-based automation. Nephio’s goal is to achieve this open, simple, and declarative configuration for network function automation.

Workload configuration

For workload configuration (3), Nephio initially provides tooling and libraries to assist vendors with integrating existing Yang and other industry models with Nephio, in conformance to the standards (e.g., 01, 3gpp interfaces specs). 

To fully realize the benefits of cloud native automation, these models will need to migrate to Kubernetes CRDs, as these configurations are intimately tied to those described in workload resource automation (2). Nephio provides the same tooling at every layer, enabling the automation of interrelated configuration between those layers.

Nephio Declarative Automation Framework

The below figure provides an overview of Nephio’s functional components. The previously discussed uniform automation control plane is represented at the bottom of the diagram, shown running on individual site clusters as the “Intent Actuation” layer.

The second part of the solution, the Kubernetes-based automation framework, is the top part of the diagram. These components are shown as running in an “Orchestration Cluster” – a separate Kubernetes cluster for housing the automation framework.

The Nephio automation framework is built on the Google Open Source projects kpt and ConfigSync and implements the Configuration-as-Data approach to configuration management. This enables users to author, review and publish configuration packages which may then be cloned and customized to deploy network functions. This customization can be fully automated, or mix-and-match automated and human-initiated changes without conflicts and without losing the ability to easily upgrade to new versions of the packages.

Figure 2: Nephio Functional Building Blocks
Source: Nephio | Figure 2: Nephio Functional Building Blocks

Nephio Reference Architecture

Nephio produces a reference implementation (as shown in the below Figure) demonstrating Nephio’s mission to “materially simplify the deployment and management of multi-vendor cloud infrastructure and network functions across large scale edge deployments.” This reference implementation leverages existing Kubernetes open source and ecosystem projects, including the Google open source projects kpt and ConfigSync (kpt is already open source; ConfigSync will be open sourced 2H 2022 or earlier).

Nephio | Figure 3: Reference Implementation and Google Open Source
Source: Nephio | Figure 3: Reference Implementation and Google Open Source

Nephio Quotes

“The Linux Foundation is pleased to host the Nephio project and we’ve been inspired by the enthusiasm, energy, and participation of the founding members. We see momentum building around open, end-to-end solutions, with Nephio playing a key role helping to overcome industry pain points for cloud infrastructure and network functions alongside the LF Networking, CNCF, and LF Edge project communities,” said Rainy Haiby, CTO Networking, Edge/IoT and Access at Linux Foundation.



“Nephio presents a unique opportunity for CSPs to create a new revenue stream through an edge broker business. Nephio simplifies orchestration and management of both network functions and the underlying infrastructure, along with leveraging Kubernetes automation which is a big plus for the 5G + MEC (multi-access edge computing) era,” said Amar Kapadia, Co-Founder & CEO at Aarna Networks.


Digital Transformation – For several years, digital transformation of enterprise operations, aided by industrial IoT, big data analytics, AI/ML, and resulting automation and closed-loop control, has been on the top of the priority-list for most enterprise CIOs.

Need to get Real-Time Visibility and Control – CEOs and CIOs wish to drive favorable business outcomes by getting real-time visibility and control of their physical facilities, raw goods and infrastructure, work-in-progress and operational processes, with an eye to increase competitiveness, productivity and return on investment.

Business Goals & Challenges – Some hard problems need to be solved to achieve these business goals

  • Secure, high throughput and reliable connectivity is needed between machines/sensors/things
  • Ability to implement near real-time low-latency control loops
  • Balancing enterprise data sovereignty and compliance while leveraging the public cloud

Existing Solutions are Inadequate

Today’s readily available solutions – enterprise WiFi or MNO-provided cellular connectivity, and public/private cloud-based compute are unable to adequately solve these issues. Thus, until now, the desired transformation has been illusive to most. Only the largest and well-heeled enterprises could overcome the technical and business challenges to undertake and benefit from this deep transformation.

Solution: ONF’s Aether Platform

Aether™ is ONF’s “Open Source” Enterprise-5G/LTE-Edge-Cloud-as-a-Service system

Aether provides mobile connectivity and edge cloud services for distributed enterprise networks, all provisioned and managed from a centralized cloud. Based on open source components and optimized for cloud deployments, it is easy to deploy, highly scalable, and designed for rapid new service onboarding in a multi-cloud environment.

Aether is a highly flexible system that empowers various business models around private 5G/LTE enterprise networks that may involve, in addition to enterprises, one or more of the following: network operators, public cloud operators, vendors, system integrators, and new market entrants. 

Aether uses and builds upon production-tested open source components from ONF like ONOS®, Trellis™ and CORD®, and other general purpose mainstream projects (e.g. Kubernetes, Rancher, etc.)

ONF Aether Managed Services
Source: ONF Aether Platform | Figure 1: Aether Managed Services

Aether leverages state-of-the-art cloud, software-defined, and micro-services principles. Aether integrates with and offers onboarding and lifecycle management of commercial and operational platforms for video stream analytics, IoT, and AI/ML, as well as custom enterprise edge applications. 

The Aether platform is typically deployed at the enterprise site(s), with control and management performed from a central cloud. The enterprise-deployed Aether software stack – called “Aether Connected Edge” (ACE), hosts the commercial third party or in-house edge apps requiring lowlatency and highly available connectivity to devices and enterprise systems.

Additionally, it hosts the disaggregated O-RAN compliant cellular connectivity software stack and terminates the mobile user plane for enabling local breakout leveraging an SDN-managed switching fabric.

Designed to be delivered as a cloud managed service, Aether offers a harmonious substrate consisting of three enterprise services, enabling

a) private cellular connectivity

b) connected edge cloud

c) fine-grained traffic visibility and control service.

Rich northbound and southbound APIs allow the platform to host the enterprise operational platforms and applications, connect them to data sources and collect rich telemetry from the connected endpoints along with the data they exchange.

Physical deployment of the distributed Aether platform | ONF Aether Platform
Source: ONF Aether Platform | Figure 2 – Physical deployment of the distributed Aether platform

Private 4G/5G Connectivity Service

  • Best of the both worlds – WiFi’s simplicity and economics, and O-RAN/CBRS-based 5G wireless network’s performance and security;
  • Predictive end-to-end performance between device, radio access network and enterprise application, with configurable quality of service (throughput, delay and jitter) per use case;
  • Wire-speed local breakout implemented by intelligent switching hardware; and
  • Higher reliability and higher wireless coverage than WiFi.

Connected Edge Cloud Service

  • Leverages Aether’s cellular connectivity service to enable seamless integration to cloudnative edge compute; • Scalable infrastructure from small to very large enterprises;
  • Supports low latency connectivity for mission critical use cases;
  • Compute clusters interconnected with an intelligent (SDN) switching fabric capable of up to 100 Gbps port-to-port throughput;
  • Runs on well-qualified COTS hardware with support for x86, GPUs and smart-NICs; and
  • Easy onboarding and life-cycle management of edge workloads by user/ISV.

End-to-End Slicing and Fine-grained Traffic Visibility Service

  • Partitions the enterprise cellular network into multiple slices, each with a specific quality of service profile;
  • Provides for the enterprise dev-ops to assign applications and devices to assure the required QoS – a combination of throughput, latency and jitter;
  • Hardware assisted data traffic and resource utilization telemetry; and
  • Programmable micro-collection for troubleshooting or security audit.

Target Use Cases & Deployment Scenario

Aether is an essential connected edge cloud platform for all mission critical enterprise applications that require low-latency connectivity to infrastructure, with much higher reliability, privacy and security than offered by either WiFi or national mobile operators. Primary target use cases where Aether is expected to shine are shown below.

A popular way to reason about industrial digital transformation is the Automation Pyramid show in the figure below. The communication and compute required for levels 1, 2 and 3 have much stricter latency constraints (sub-second). These mission critical technology components are generally termed as operational technology (OT), as opposed to the IT components like manufacturing execution system (MES) and enterprise resource planning (ERP) systems. 

ONF’s Aether hosts and connects next-gen OT components of Industry 4.0 Automation Pyramid
Source: ONF Aether Platform | Figure 3: ONF’s Aether hosts and connects next-gen OT components of Industry 4.0 Automation Pyramid

Aether’s Key Benefits to Smart Enterprise

ONF’s “Open Source” Aether solution’s key benefits to Smart Enterprises

Aether’s many technical innovations and managed service delivery model offer several unique benefits to the enterprise that adopts this platform. These include:

Assured Connectivity for Mission Critical workloads – Aether offers predictable and high bandwidth low latency connectivity with quality of service guarantees for OT applications, enabled by network slicing. The edge compute workloads are highly available as a result of the self-healing orchestration of micro-services via Kubernetes. 

Data Sovereignty & Control – Aether enables local breakout of mission critical data traffic. This allows enterprises to retain top-down programmable control of their systems and data, in turn, allowing enterprises to control their own destiny and avoid becoming locked into any single hyper-scaler’s ecosystem. 

Security – Aether complies with 5G/3GPP security standards, and hence offers end device security equivalent to a national mobile network provider. The deep traffic visibility and programmable access control offers extra layers of protection.

Compelling Economics – ONF’s Aether is available as open source software, and it runs on COTS hardware and small cells from from a selection of certified ODM vendors. Aether leverages free to use cellular spectrum such as the CBRS band in the US.This makes Aether less expensive than managed WiFi per sq. ft of coverage, but just as easily consumable.

Ease of WiFi – Aether tames the complexity of the LTE/5G standards to enable an easy-toconsume connectivity service that is as adaptable as WiFi, but with all the architectural benefits and predictable performance of a 3GPP-compliant solution.

Scalable Hybrid Cloud Support – The cloud native Aether edges are designed to work with enterprise apps running on private or public central clouds. The Aether edge compute infrastructure can be elastically scaled from very small to very large connected by a spine-leaf SDN fabric.


The rapid global adoption of 5G in standalone (5G SA) and non-standalone (5G NSA) deployments and the hailing of the potential of 5G in public and private settings speak to the great expectations we have for the technology. 

The industry is collectively writing the bildungsroman for 5G — a technology looking for its place in the world, a child with huge potential evolving as 3GPP puts together specifications (release 16, 17, 18, and beyond), shaping its abilities even as we learn from early deployments.

As the saying goes, “it takes a village”, and 3GPP is assisted in its mission by standards development organizations (SDO), industry consortiums, and open-source organizations, including NGMN, O-RAN Alliance, 5GAA, TIP, OCP, IETF, SCF, IEEE, ITU, LF, ONF, and numerous other entities.

United, we hope that 5G will help close the digital divide, connect the unconnected, reduce connectivity costs for the poor, and bring new capabilities and innovation to all industries. Yet, like other maturing technologies and ecosystems, we face headaches as we overcome early and ongoing challenges while simultaneously marveling at 5G’s capabilities and dreaming of monetization opportunities.

The Duality of 5G

“It was the best of times, it was the worst of times, it was the age of wisdom, it was the age of foolishness, it was the epoch of belief, it was the epoch of incredulity, it was the season of light, it was the season of darkness, it was the spring of hope, it was the winter of despair.” – (Dickens, A Tale of Two Cities)

This Dickensian duality succinctly characterizes where we are with 5G — pushing towards monetization is challenging, commercially-available network slicing is fledgling at best, but 5G promises rewards for those enterprising and persistent.

To achieve profitable 5G deployment (post-tens of billions of investment dollars in capital equipment and spectrum), Communication Service Providers (CSPs) face hard times ahead. CSPs need to increase scalability, improve manageability, and maintain reliability and quality-of-service (QoS) while exerting Scrooge-like controls over CapEx and OpEx.

With the expected multiple orders of magnitude increase in users, devices, and growth in complexity, CSPs must transform today’s siloed, legacy networks into modern, autonomous systems covering the access, transport, core, and data center domains.

Management Lessons from Leading CSPs

In our research with tier-1 CSPs, global system integrators (GSIs), network equipment providers (NEPs), and independent software vendors (ISVs), we see three management practices that are key to unlocking 5G’s promises:

  • Adopting comprehensive AI-assisted automation and cloud-native practices,
  • Leveraging new sources of telemetry and analytics for assurance and closed-loop management
  • Embracing end-to-end orchestration while moving towards intent-based frameworks

Automation and Going Cloud-Native 

CSPs understand the importance of automation and are pushing automation across every network domain and at each layer of the infrastructure. Further, with the adoption of service-based architecture (SBA) in the 5G core and ongoing virtualization, disaggregation, and cloudification of the 5G RAN, much of the automation will mirror the continuous integration and deployment (CI/CD) pipelines of cloud-native application frameworks.

The world’s first greenfield cloud-native 5G deployments at Rakuten Mobile in Japan and DISH Wireless in the US both leverage extreme automation and use of cloud-native CI/CD pipelines to enable rapid software updates. Both achieved scale-out deployments with a fraction of the operational headcount typical of legacy CSPs.

Assurance and Closed-Loop Management

Pre-5G networks were powered by vendor-proprietary analytics, but 5G working groups are pushing standard approaches. The 5G core includes the network data analytics function (NWDAF) and the management data analytics functions (MDAF). For CSPs deploying O-RAN, the service management and orchestration (SMO) platform includes a RAN intelligent controller (RIC) — a software-defined element that controls and optimizes RAN functions.

There are two components to the RIC: the near-real-time radio intelligent controller (near-RT RIC) and non-real-time RIC (non-RT RIC). These interfaces can provide visibility into radio network telemetry while allowing for programmatic control of radio parameters and configuration.

Meanwhile, the NWDAF has been touted by many networking vendors as the new aggregation point for standardizing key metrics across 5G components. Analytics from the RICs can also be consumed by NWDAF and incorporated into higher-order analytics.

These new sources of analytics are critical as part of any 5G management strategy. Along with other existing sources of telemetry, the MDAF, NWDAF, and RIC can collectively provide vendor-agnostic standards-based telemetry feeding big data analytics or AI/ML systems that enable closed-loop automation. Such systems can take remediation actions to provide automated assurance, uphold service level objectives (SLOs), and achieve service level agreements (SLAs).

End-to-end Orchestration and Intent

It’s increasingly clear that new services built on 5G will be end-to-end (E2E) and cross-domain. Businesses are trained to demand outcome-based results and will seek complete solutions. An E2E orchestration system that facilitates per-domain control while providing cross-domain orchestration that meets SLOs and SLAs will be necessary to achieve monetization success.

Meanwhile, we’re seeing that the 4G to 5G transition drives network element count from thousands to hundreds of thousands, and eventually millions of disaggregated components at the hardware, virtualization, and network function layers. The simultaneous move to a software-defined framework, while allowing for increased agility and innovation, multiplies the number of configurable parameters for these networks.

A human-driven approach to network management cannot scale. Even humans augmented with network automation cannot react in time. An intent-driven system is better at managing, optimizing, and maintaining large-scale and complex networks. By laying a foundation of automation, leveraging analytics, and using a software-defined and programmable platform, CSPs can implement intent-based systems that power autonomous networks. But there’s no normalized, standardized intent framework across vendors or networking domains today.

The Happily Ever After

There’s no mystery here to achieving a happy outcome. If CSPs want 5G to represent the best of times, the age of wisdom, the reason of light, the spring of hope, and usher in the epoch of belief, then CSPs will have to make the investments into cloud-native automation, comprehensive assurance, and end-to-end orchestration while adopting an intent-based approach.

Market Dynamics, Estimates, and Drivers

Number of 5G subscribers will be upto ~1 billion by end of FY2022 -23 | 5G subscription uptake is faster than 4G. By 2027, 5G subscriptions are expected to reach 4.4 billion. | Source: Ericsson Mobility Report

5G economic value will range between $5-7 trillion by 20305G set to generate upto $5-7tn worth of economic value in 2030. To get the maximum cut of this pie telcos need to move beyond connectivity to managed solutions. | Source: InterDigital & ABI Research Report

Workloads on cloud enviornment will increase to 580 million by 2024 | VMware estimates 580 million modern workloads by 2024 are expected to run on diverse, distributed environments spanning public cloud, on-premises, edge, telco clouds and hosted clouds. | Source: VMware

Workloads on cloud-native platforms will increase upto 95% by 2025 | Gartner estimates that by 2025, over 95% of new digital workloads will be deployed on cloud-native platforms. As more organizations move their critical workloads into the cloud, it introduces new risks.Source: Gartner

5G Ecosystem & Business Model – 5G is creating a burgeoning ecosystem of app makers, service integrators, platform developers and others who are rushing to fill the voids they recognize. 5G’s potential has no limit and the telecom industry must seize this opportunity to redefine its business model to monetize 5G. 

Connectivity to Managed Solutions – Telcos need to emerge from basic connectivity service provider to differentiated dervice provider & evolve toward ‘Managed Solutions’ provider to tap the horizontal industry 4.0 market segments.


Migration path from Telco’s to Techco’s through Cloud & Edge Computing by over-coming the inertia

Telco 5G network & IT teams are under pressure to deliver applications and services faster, out-maneuver competitors, and provide exceptional user experiences while facing tighter budgets and a severe lack of cloud specialist skills. While the move to cloud-native network operations is relatively new for operators, it’s old hat for enterprises and web/hyper-scalers. The technology works so optimally that leveraging cloud investments for efficiency and revenue generation is much more about strategic organizational changes.

As we moved into the cloud and embraced this transition to the cloud, one of the biggest changes we dealt with was a change in how teams were structured and the team’s skillset. Telcos are in a transition stage they need the expertise of the SMEs who are coming from a typical telecom domain but also need to understand cloud technology, and how to run the IT workloads, rather than the bare-metal or the legacy applications.

In terms of private or public cloud, it is best for the telcos to build, optimize and leverage their own telco-grade private/hybrid cloud for both core and RAN workloads. Telcos have arrangements with the big three — AWS, Azure, and Google Cloud on various mobile edge computing-related initiatives on public, private, and open-hybrid cloud. The move to cloud-native and container-based virtualized architecture has led to more flexibility, faster delivery of services, greater scalability, and significant cost efficiency.

Introduction to cloudification

It’s about culture, i.e., managing containerized livestock to graze across the pathway, not cuddling proprietary pets.

A Telco Cloud is not an enterprise cloud nor a Software-Defined Data Center (SDDC). It needs a real-time environment to support mission-critical low latency workloads/business applications for agile response to meet dynamic customer demands with predictive analytical insights of the network to reduce time to market solutions & services with High Availability (HA) and Disaster Recovery (DR) resiliency attributes.

Telco cloud network means that workloads are now moved away from proprietary implementation to complete network function software components. These software components run with the beauty of what is called microservices for software and run with the elegance of things that the cloud inherently supports, like capacity management, auto-elasticity, scale in, and scale out.

Cloud computing frees you from the expense and overhead of managing your own hardware, making it possible for you to build resilient, flexible, scalable distributed systems.

DevOps (CI/CD) Continuous Integration/ Continuous deployment is about closing the feedback loop between those who write the code and those who use it.

Containers deploy and run software in small, standardized, self-contained units, making it easier to build large, diverse, and distributed systems.

Kubernetes (K8s) is an open-source distributed operating system for container orchestration, i.e., for automating deployment, scaling, and management of containerized applications.

Cloud-Native is about cloud-based, containerized, distributed systems made up of cooperating microservices, dynamically managed by automated infrastructure as code.

Cloud-Native Architecture: an approach to build and run scalable applications in modern, agile environments on public, private, and hybrid clouds. Containers, service meshes, Microservices (MSA), immutable infrastructure, and declarative APIs substantiate this architectural framework.

Cloud Native Function (CNF) is a network function deployed to run on containers, inheriting cloud-native principles, including K8s lifecycle management, observability & agility.

Adoption of cloud-native networks

Accelerate adoption of autonomous and insight-driven Cloud Native 5G networks

Telco’s need to make an operational shift from vertical silos to horizontal layers. The price of not migrating goes beyond the cost of continued system maintenance and hardware replacement. Scaling is the power.

The first revolution is the cloudification, the second is the dawn of DevOps/DevSecOps (CI/D), that involves and how it’s changing operations. The third revolution is containerization. Together, these three waves of change are creating a new software world: the cloud-native world. The operating system/engine for this world is called Kubernetes.

The entire 5G core network plus the control plane, subscriber management, automation, orchestration, and OSS/BSS network functions are well suited for virtualization, and even cloud-native (CN) virtualization. The CU can be partial cloud-native or VNF and & DU can be deployed as a VNF/CNF but with the notable exception the Radio Unit (RU) functions of 5G RAN.

The 5G core’s service-based architecture provides a cloud-native foundation for operators to deploy new services and scale them as needed. It’s the same functional design that’s enabled hyper-scalers to build public clouds to serve the globe.

Key strategies for cloudification / telco application workload cloud migration

Adapted from 6 Application Migration Strategies: “The 6 R’s” by Stephen Orban

Refactor/re-Architect with cloud-native features – Key metrics include – costly, long-run time & effort, fully cloud native, e.g AWS ECS / S3ObjectStore / DynamodB / S3 Glacier) 

Re-platform: Just containerize the application – Key metrics include – cost effective, partial cloud native e.g AWS EKS

Re-host: Lift & Shift – Key metrics include – cost effective, less scalability, e.g AWS EC2 instances

Re-purchase – Key metrics include – low investment, pay as use, SaaS product like BI tools, reporting tools, e.g. AWS Connect / Simple Email Service

Retain – Key metrics include – no migration, no additional cost impact, maintain the status quo

Retire – Key metrics include – De-commission, remove application

Service assurance

Cloud economy and architecture generates new opportunities by delivering the next generation applications & services with economies of scale. Telcos are on a journey to a new operational paradigm, one that focuses on business intent and demands continuous assurance across multiple domains and vendors. They need to find the right balance by creating environments that allow VNFs and CNFs to be aligned and operate, even while functioning on an increasingly distributed hybrid cloud network.

Guiding principles for Telco – Six principles that should guide telcos as they journey towards cloud-native service assurance operations:

  • Choices – Cloud-native apps should be infrastructure-independent, to align with new cloud technologies as necessary
  • Decomposition – Comprising modular and reusable software components
  • Resiliency – Responding to problems without service interruption
  • State optimization – Separation of application logic and data
  • Orchestration and automation – Emphasizing zero-touch networking principles
  • Openness, or the ability for software apps and components to be modular and easily replaceable as necessary

Service Assurance Metrics

  • Holistically monitor & manage
  • Automate root cause analysis (RCA)
  • Trigger closed loop actions
  • Prioritize issues
  • Manage multiple tenants
  • Drive SLA management

Secured Service Assurance

Security and compliance are considered shared responsibilities when using a managed service like AKS/EKS/GKE for K8s service management. E2E Assurance should include the following:

  • Assurance aspects: Device, customer, services, and network
  • Assurance domains: Automation (CI/CD, DevSecOps) & Intelligence (AIOps)
  • Assurance layer: above the physical network function, virtual network function or IoT infrastructure


Transition from on-premises proprietary cuddled deployment to bespoke harmonized containerized workloads grazing on the pathway, thereby orchestrate network and business processes with an eye toward agility, innovation and transformation.

The evolution toward cloud-based, virtualized, disaggregated, and open networks introduce exponential complexity to operations. At the same time, the monetization from next-generation networks such as 5G requires delivering services with unprecedented performance and reliability.

Orchestration is a foundational concept in the telco cloud, starting with Kubernetes. Network and automation, zero-touch plug & play networking, and orchestration are essential to getting cloud services to work at scale. Telco cloud needs to align with IT operations and the same core technology also needs to work in private 5G enterprise deployments, MEC & other customer- specific services.

Instead of having to maintain a sprawling estate of machines of various kinds, architectures, and operating systems, all the telco need to do is run a container orchestrator – Kubernetes. The term Container Orchestrator refers to single service that takes care of ‘Scheduling, Orchestration & Cluster Management’.

  • Kubernetes does the things that the very best system administrator would do: automation, failover, centralized logging, monitoring. With DevOps approach and makes it the default, out of the box & is ‘Cloud Provider Agnostic’ thereby making deployment easy.
  • Kubernetes as an orchestration engine, has built-in capabilities to ensure that the cluster operates as per the set specifications by monitoring various attributes & taking actions (e.g. POD restart) if deviated from specified period or a value.
  • Kubernetes continuously monitors the status of the deployment and takes corrective action to ensure the deployment is operating as specified.
  • Kubernetes services concepts like direct pod connections, advertising service IPs, and node ports are techniques you can leverage to expose Kubernetes services outside the cluster.

Cloud Orchestration Services

Cloud Orchestration manages cloud services including software deployment and upgrades, system setup, system administration, monitoring, incident resolution, problem management, configuration and change management, service desk, security management and monitoring, capacity planning, availability management, disaster recovery and routine update of services.

Kubernetes Cluster Management

Customer/Operator managed K8s platform may use the open-source K8s project as a starter or take a 3rd party K8s distribution like Red Hat’s OpenShift or VMWare’s Tanzu and deploy to the public cloud or may make use of a public cloud service provider managed native Kubernetes services were in cloud providers will manage and run the Kubernetes infrastructure and & telcos only need to take care of using Kubernetes to deploy and run your container workloads.

K8s cluster consists of ‘Master Node’ (on the control plane to coordinate the cluster) & ‘Worker Node’ (to run the application or network microservices).

POD: is the smallest deployable object in Kubernetes, which represents a single instance of a running process in a cluster. PODs may contain one or more containers, such as Docker containers. When a Pod runs multiple containers, the containers share the Pod’s resources and are managed as a single entity.

K8s API Server: handles all internal and external calls (traffic), accepts, and controls all the actions, including access to the etcd database. It authenticates and configures data for API objects and services REST operations.

K8s Scheduler: determines which node will host a Pod of containers based on the available resources (such as volumes) to bind, and then tries and retries to deploy the Pod based on availability and success.

ETCD Database: contains the state of the cluster, networking, and other persistent information, such as dynamic encryption keys and secrets, as discussed later in the article.

Master Node: Also known as the control plane, responsible for scaling worker nodes and provisioning new containers.

Worker Node: Includes sub-components like Kubelet, Kube-proxy, container run time

Kubelet: A communication agent that manages all containers in the POD, maintaining worker node health & setting up POD requirements & reporting POD status

Kube-proxy: A networking agent, handles network communication inside & outside the POD to expose set of applications running on POD


The goal is to deploy and operate zero-touch services from automation to autonomy with agility, scale & cost efficiencies.

Telco cloud automation will manage service lifecycles throughout the network cloud, the hybrid cloud, the edge cloud, and the IT cloud to improve customer experience.

Automation of cloudification CNF infrastructure applies three fundamental principles:

Continuous Integration/Continuous Delivery (CI/CD) – embracing DevOps culture within the orchestration of telco workloads on cloud infrastructure, processes, and network testing. The six steps in DevOps culture include: planning, development, integration, monitoring, feedback, operations for automated workloads/processes.

Artificial Intelligence/Machine Learning (AI-ML/AI Ops) on real-time operations & optimization to derive actionable insights. The key application is SON (Self Organizing Networks) for network optimization to identify the network anomalies & take predictive action based on the insights derived from the telco data lakes being processed.

Zero Touch Provisioning (ZTP): Telco network configuration, provisioning & commissioning of network elements and workload, eliminating the manual intervention.

Cloud-native automations means the design & development of software applications that leverage cloud principles to bring agility, scale & cost efficiencies using containerized infrastructure, micro-service architecture with CI/CD development framework, for launching new services faster i.e. reduced time to market (TTM) with minimum marketable features (MMF) to strategize go-to-market (GTM).


Implementing Security & Observability for Kubernetes – with enforced Governance and Encryption.

Cloud security is a combination of people, procedure & technology designed to address external and internal threats to the network & business. A holistic approach to secure telco cloud – containers and cloud-native applications of Kubernetes clusters & workloads is through Security & Observability strategy.

Security and Observability for cloud-native platforms for open virtual RAN and beyond consists of three parts – Cloudify, Containerize, and Orchestrate. The 5G telco cloud, the near and far edge, and RAN disaggregation efforts such as Open RAN all present new risks for network operators to mitigate. 5G core requires telcos to adopt the cybersecurity disciplines and best practices intrinsic to industrial and enterprise cloud IT management. inating the manual intervention.

Key cloud security strategic mindset:

  • Adopt cloud security platform: Employ data security principles and operationalize EKM (Encryption Key Management), called crypto-operations.
  • Ensure the platform supports cloud-native integration across multi-clouds with data security governance compliance.
  • Ensure the cloud-native platform provides actionable, prioritized insights for simplified cloud security operations

Food For Thought and Key Take-Aways

Container in Virtual machine (VM) – Container in VM approach is recommended for telcos currently in the ‘evaluation to planning to implementation’ phase of migrating their workloads to cloud.

Automation – Embrace DevSecOps culture (CD/CD), ZTP (Zero Touch Provisioning), AI-Ops (AI based O&M) to eliminate human-made errors and derive actionable insights.

To-Do’s for business continuity, disaster recovery, and compliance 

  • Avoid cloud lock-in (cloud provider agnostic) by distributing applications and services across multi-cloud, dynamically shifting workloads.
  • Avoid cloud bursting use public clouds to extend capacity for peak demands.
  • Avoid non-compliance – Segregate regulatory compliance sensitive workloads & critical applications either on-premises or private cloud.

Quantum computing – Telcos should have a future visionary agenda in their 2030 roadmap to evolve from cloud computing to quantum computing where in through connected Satellites to the cloud of hyperscalers (AWS, Google Cloud, Microsoft Azure …) they develop the computing capabilities of next generation cutting-edge technology services in Metaverse, Web3.0, 6G arena.

Telco Cloud

The global telecom cloud market is poised for exponential growth, and if market forecasts are to be believed, then its from USD 19.8 billion in 2021 to USD 52.3 billion by 2026 (Source:

The covid-19 pandemic made the industry transition to remote working, paving the way for a transformation of the telecom cloud solution. Cloud solutions come with value propositions of reduced CAPEX and OPEX, powered by virtualization and automation. Under the shackles of the cash crunch, the telcos leaped into the transformation journey.

This journey wouldn’t have been possible without the telco cloud companies, which powered the telcos with their industry-leading solutions and products. In this article, we explore the leading telco cloud vendors.

IT Cloud

Cloud Computing brought a paradigm shift from the traditional way businesses think about IT resources. Cloud computing is about delivering computing services (servers, storage, database, software, analytics) over the internet.

Cloud computing brings cost, productivity, performance, and reliability benefits. The Cloud computing vendors provide different services like IaaS, PaaS, SaaS, and serverless. In this article, we also explore the leading cloud computing vendors.



1. Ericsson

Telco Cloud Vendor

Ericsson’s cloud strategy enables telcos to build telco cloud infrastructure for 5G services quickly and with low risk. Their strategies also help telcos to evolve from existing cloud infrastructure to cloud-native applications for catering to new business needs and revenue streams.

Sample telco cloud solutions include:

Ericsson Cloud RAN: Ericsson cloud RAN is a cloud-native software solution handling compute functionality in the RAN. It is fully compatible with the Ericsson radio system portfolio and supports both 5G in standalone and non-standalone modes.

Cloud Native Infrastructure: Ericsson cloud-native Infrastructure has the capability to deploy CaaS over bare metal servers.

Ericsson Orchestrator: The Ericsson orchestrator product enables automation of telco’s hybrid infrastructure, including PNFs and VNFs. It supports resource orchestration, VNF life cycle management, and end-to-end service orchestration.

Cloud SDN: Ericsson cloud SDN provides intra-data center connectivity fabric for workloads in a telecom cloud.


2. Nokia

Telco Cloud Vendor

Nokia builds scalable and distributed data centers for Telcos to embrace cloud-native era.

Sample solutions and products for data center networking include:

Adaptive Cloud Networking provides advanced tools and capabilities to transform the cloud network infrastructure to respond to unpredictable demands.

Cloud Data Center Interconnect enables telcos to connect distributed data centers in private, public, and hybrid clouds. Nokia employs data center gateways which help to extend customer data centers over IP/MPLS infrastructure.

Nokia Data Center Fabric: This solution enables the telco operations team to scale the data center networks quickly and efficiently to meet changing business needs.

Edge Network Controller: A lightweight application, the edge network controller, provides a cloud-native network automation function. This is ideally suited to environments with a small footprint.


3. Cisco

Telco Cloud Vendor

Cisco is one of the major players in the telco cloud ecosystem. Sample offerings from Cisco for telco cloud includes:

Integrated Solutions: Cisco helps to simplify how telcos can connect, protect and consume cloud in a multi-cloud environment. It provides

  • Cisco hybrid solution for Kubernetes on AWS: This hybrid solution for Kubernetes combines Cisco, AWS, and open-source technologies to simplify the management of the application lifecycle.
  • Cisco hybrid cloud platform for Google Cloud and integrated system for Microsoft Azure Stack.

Networking: Cisco networking products securely extend the telcos private networks into the public cloud and ensure security and application experience.

Security: Cisco protects multi-cloud entities, direct-to-cloud connectivity and data and applications including SaaS. To do this Cisco has different products Cisco Cloudlock which is a cloud-native cloud access security broker (CASB) and help to protect cloud users, data and applications.

Management: Cisco helps to securely deploy and manage applications in multi-cloud and container environments. It has two different management suites

  • Cisco CloudCenter Suite
  • Cisco Container Platform



Telco Cloud Vendor

VMware is a strategic and trusted partner for telcos and provides software-driven telco cloud infrastructure. To help telcos keep up with the pace of network transformation, VMware supports them to realize their goal by delivering some market-leading products and solutions.

VMware Cross-Cloud services enable organizations to unlock the potential of multi-cloud with enterprise security and resiliency. It helps to build and operate a cloud-native platform and accelerate cloud transformation.

Application Platform: For a successful cloud transformation, telcos will need innovative products which can be delivered rapidly and provide the value customers expect. VMware’s Tanzu is a platform that helps with Kubernetes operation and helps in Telco cloud automation.

Cloud and Edge Infrastructure: VMware cloud helps to run enterprise applications at scale with a consistent cloud infrastructure across public clouds, data centers and edge environments.


5. Red Hat

Telco Cloud Vendor

For 25 years, Red Hat has played a leadership role in the transformation story of numerous telcos. It is one of the leading companies in open source. Red Hat enables telco transformation via:

Developing NFV Solutions that are open source and standards based, and can be leveraged for delivering stable and interoperable solution.

Ansible Automation Platform is a foundation for automation and is deployed by multiple telcos and enterprises.

Red Hat’s Extensive Ecosystem: Red Hat maintains a large ecosystem of certified solutions with software vendors, system integrators and network equipment vendors. This makes it an enviable proposition for any telco looking forward to a cloud transformation journey.



Telco Cloud Vendor, now part of Rakuten Symphony is a leading provider of cloud-native platform. Robin solution is based on three pillars:

Robin CNP (Cloud Native platform): It is an open-source Kubernetes platform which is optimized for running storage and network-intensive applications. This is ideal for edge applications and helps in the automation of day 2 operations.

Robin CNS (Cloud Native Storage): CNS is an application-aware container storage that offers advanced data management capabilities.

Robin MDCAP (Multi Data Center Automation Platform): Helps in automation of bare metal management with zero-touch automation.


7. Mavenir

Telco Cloud Vendor

Mavenir builds future networks with cloud native software. With a wide portfolio of RAN solutions, core solutions it looks to provide E2E solution for a telco cloud transformation.

MAVcore: Mavenir has a cloud-native, fully virtualized and fully containerized mobile core to provide voice, data, and video services. This has set the stage for telcos who are looking for introducing 5G into their network.

MAVair: MAVair’s OpenRAN solutions allow for one architecture that addresses legacy networks as well as densifies the coverage for 5G with aggregation of processing in the CU and DU which simplify the cell site and transform the total cost of ownership.

MAVedge: MAVedge’s suite of solutions powers a digital marketplace of applications and devices to offer a true “app store experience” for enterprise and industry.


8. Huawei

Telco Cloud Vendor

Huawei’s cloud strategy is based on the belief that telco networks combined with the cloud will allow telcos to introduce new services and monetize new revenue streams. Sample products and solutions from Huawei include:

Elastic Cloud Server (ECS) provides secure, scalable and on-demand compute resources enabling telco to flexibly deploy applications and workload. These servers are built with the latest generation Intel Xeon processors and have Huawei 25GE high-speed intelligent NIC to provide ultra-high network bandwidth.

Cloud Container Engine (CCE) is a fully hosted Kubernetes service to build run and scale containerized applications. It helps speed up cloud clusters and ensures high availability and security.

Object Storage Service (OBS): It provides stable, secure, efficient and easy-to-use cloud storage, which allows Telco to store unstructured data in any format and access it from anywhere using REST APIs.


9. AWS

Cloud Computing Vendors

AWS is one of the leading cloud computing companies and they are innovating and accelerating both their products and solutions with amazing agility. AWS has dedicated offerings for telcos and enterprises, enabling them to migrate from the traditional data center to the cloud. AWS has partnerships with leading telcos including AT&T, Verizon, Telstra, Vodafone, Dish, SK Telecom, KDDI, Telenor and more. Sample products and solutions from AWS include:

Amazon EC2: Amazon Elastic Compute Cloud (EC2) offers the best-in-class compute platform, which has compute capacity for virtually any workload. It can be used to run cloud-native and enterprise applications and provides a secure, reliable, and high-performance infrastructure to meet demanding customer needs.

AWS Wavelength – combines the high bandwidth and ultra-low latency of 5G networks with AWS compute and storage services enabling developers to build high-performance mobile edge computing applications. Sample 5G applications that can leverage AWS wavelength include game streaming, interactive live video and event streaming, AR/VR applications, in-car telematics, and industrial automation.

AWS Wavelength Zones are AWS infrastructure deployments that embed AWS compute and storage services within an operator’s data centers at the edge of the 5G network. So application traffic from the 5G device can reach servers in the wavelength zone without leaving the operator’s network. AWS wavelength zones are available in 10 cities within the US with Verizon, Tokyo, Japan with KDDI, and Daejeon, South Korea with SKT.

AWS Local Zones – places AWS compute, storage, database, and other services close to the end-users in a specific geography, enabling them to run applications that need single-digit millisecond latency.

AWS Outposts – allows customers to compute and storage on-premises for meeting the latency requirements.

AWS Snow Family comprises of AWS snowcone, AWS Snowball, and AWS snowmobile. It offers several physical devices, capacity points, and built-in computing capabilities to support applications that require increased capabilities and performance at the edge. Sample use cases that can leverage snow family include IoT for manufacturing and healthcare and private LTE/5G network deployments.


10. Microsoft Azure

Cloud Computing Vendor

Microsoft Azure is also one of the leading cloud computing technology vendor. It has mature products in hybrid and multi-cloud solutions. Sample cloud computing products and solutions include:

Azure Edge Zones – connects the Azure services directly to the 5G networks in the operator’s data center. It enables developers to build applications requiring ultra-low latency, such as online gaming, remote meetings, and events. Sample operators expanding their collaboration with Microsoft Azure include AT&T, Etisalat, NTT Communications, Lumen, Proximus, Singtel, Rogers, SK Telecom, Telefonica, Telstra, and Vodafone Business.

Azure Private Edge Zones – is a private 5G/LTE network combined with Azure Stack Edge on-premise to deliver ultra-low latency, high-bandwidth, and secure solutions. Sample scenarios that can leverage Azure private edge zones include smart factory/IoT use cases, logistics and operations for retail customers, and smart grids at hospitals for remote diagnostics.

vEPC (Virtual Evolved Packet Core via Affirmed Networks acquisition), which supports 5G NSA (Non-Stand Alone), CUPS (Control and User Plane Separation), network slicing integrated virtual probe, virtualized DPI, GiLAN, analytics and security services, virtualized Wi-Fi, automation and orchestration capabilities.

Fusion Core via Metaswitch acquisition – solution for enterprise 5G/4G networks using CBRS, LTE-U, and NR-U comprising 5G user plane function, control plane functions, network orchestration, and automation capabilities.


11. Google Cloud

Cloud Computing Vendor

Google Cloud Platform or GCP as commonly called is the third largest cloud service provider across the globe. The major offerings of GCP include:

Google Distributed Cloud (based on Anthos): It extends Google Cloud’s infrastructure and services to the edge and data centers. It is a fully managed product that brings the cloud infrastructure and services closer to where the data is generated. It empowers telcos to run 5G core and RAN functions at the edge.

Google Anthos: Google Anthos for Telecom is a platform for delivering workloads to the network edge on Google cloud. Google partnered with 30+ application providers to deliver 200+ partner applications at the edge with 5G.

Google also has a partnership with AT&T, Orange Business, Telecom Italia and Telefonica to deliver a portfolio of 5G and mobile edge computing solutions.

Compute Engine: Secure and customizable compute service that lets telcos and enterprises create and run virtual machines on Google’s infrastructure.


12. Oracle Cloud

Cloud Computing Vendor

Oracle although a new entrant in the cloud computing arena but it is slowly picking up space. Its primary offering is OCI (Oracle Cloud Infrastructure).

OCI: OCI is a complete cloud infrastructure platform for every workload. Oracle cloud infrastructure has all the services needed to migrate, build, and run workloads from existing enterprises to new cloud native applications and data platforms.

High Performance Computing: High performance computing (HPC) on Oracle Cloud Infrastructure (OCI) brings powerful, cost-effective computing capabilities to cater to different use cases.

Telcos can migrate their IT workloads, efficiently operate their networks, and develop new applications for enterprise customers — all on a performant and cost-effective cloud platform. Telcos like Vodafone has modernized and migrated many OSS/BSS databases to OCI for some regions.

What is Telco Cloud?

Before we go in and understand what a Telco Cloud is, let’s spend a couple of minutes understanding what made Telco Cloud come into existence in the telecommunications world. Cloud architecture made its foray into the IT world a bit early than it made its authority in telco.

Earlier telecommunication systems were proprietary and purpose-built systems developed on a monolithic architecture. These systems ensured that telcos or enterprise entities were struck in a vendor lock-in model, scaling up on different telco-grade applications was time-sensitive, and innovation and automation depended on strategies adopted by OEMs. But time has shown us how telecommunication systems have fundamentally changed and evolved for good.

According to VMWare: “A telco cloud represents the data center resources that are required to deploy and manage a mobile phone network with data transfer capabilities by carrier companies in production operations at scale.”

Now, we have core networks running on cloud-native virtualized or containerized systems on COTS-based hardware, which is vendor agnostic, RAN systems have now made open and mostly software-driven, automation and innovation are ensuring scaling up of systems effortlessly.

We are also witnessing a steady change in the cloud architecture also. The earlier cloud revolution in telco started with virtualization concepts like virtual machines and is now evolving to more mature and robust systems like containers and microservices.

The advent of these changes is mostly triggered by the introduction of 5G systems which are more latency-sensitive and cater to more use-cases. For the time being, it is expected that both the VM and containers will tend to coexist, with containers coming up to the center stage in the future.

Ok, now that we have got a brief idea of what Telco cloud is doing to the industry, let’s try to seek a quick answer to this very imperative question.

What is the difference between IT cloud and Telco Cloud?

Definition Telco cloud is mostly private cloud deployments in an operator environment. The telco applications are hosted either on VNF or CNF using virtualization systems. IT cloud can be deployed on private or public cloud environments and primarily cater to enterprise applications.
Use Cases To host telco applications like 5G, Core and edge deployments Enterprise IT applications like web applications.
Latency Requirements Telco clouds cater to delay-sensitive use cases, so they must have a very low latency environment Depends on the applications, but the latency requirement is not as stringent as telco applications.
Throughput Very high throughput is required to cater to 5G /4G use cases High throughput required for enterprise applications
Availability Telco cloud infrastructures should have high availability and reliability Generally, high availability is required
Deployment Strategy Telco cloud deployments can be distributed like national data centers, local data centers or even data centers at the site High throughput required for enterprise applications

Essentially both IT cloud and Telco cloud are built on the same framework of having a software-defined network (SDN) and abstraction of hardware by using NFV and cloud-native technology. To enable scale of applications with business needs, both the clouds need a pedigree of automation and orchestration.

Why is Telco Cloud Important?

Telco cloud emerged as it solved some of the fundamental problems being faced by operators, as highlighted below. The introduction of telco clouds helped to resolve most of these challenges. The challenge of scalability and network flexibility was resolved by introducing virtualization, resolving the challenge faced by purpose-built hardware.

  • Scalability and Network Flexibility – Existing telecom network didn’t scale with traffic explosion.
  • Adoption of new technologies – Network architecture was not built to be future ready to adapt to new technologies.
  • Vendor Lock-In – Operators in monolithic architecture were dependent on only specific vendors, and they didn’t have the leverage to pick and choose from different vendors.
  • Speed of Adoption and Automation – CSPs due to lack of automation and orchestration were plagued in their Go to market commitments.

This means the same hardware can be used for different telecom applications. This is playing and will play a crucial role in deploying new edge technologies and 5G. The focus of telco cloud on creating a common virtualized infrastructure paves the way for automation and artificial intelligence opportunities as well.

Key Technical Touchpoints in Telco Cloud

Network Function Virtualization (NFV) – Network function virtualization is the process to virtualize different network functions like routers, MME, SGSN and AMF into functions or SW modules running as Virtual Machines (VM). Earlier there was a need for separate HW for all these components to run in silos on purpose-built Hardware. One of the important aspects of NFV is that the operators can leverage it to scale up a new type of services and applications on demand without the need for additional hardware.

Containers – While NFV helped to virtualize with help of VMs, with the advancement of technology containers also came into the picture. This helped in a transition from NFV to a more lightweight kubernetes based platform. Containers are lightweight software packages that have all the dependencies required to run an application.

Container Architecture
Image Source: Microsoft | Container Architecture

Virtual Machines
Image Source: Microsoft | Virtual Machines

Definition VM is a SW that allows virtualizing different network functions on a common hardware IT cloud can be deployed on private or public cloud environments and primarily cater to enterprise applications
Virtualization process VM virtualizes the underlying physical COTS hardware Containers virtualized the operating system
Size VMs are generally large Containers are lightweight
System Memory Uses substantial memory Containers require less memory
Security VM is more secure Containers are less secure

Phases of Telco Cloud Native Journey

Before we go into the different phases and strategies a CSP needs to take to revamp its network towards a Cloud Native Systems, it’s imperative to understand what “Cloud Native “means. Cloud-native is a concept that refers to the process of building and running applications to leverage the advantages of cloud infrastructure.

The cloud-native applications are built to scale, be elastic, resilient, and flexible, allowing organizations to run these applications on private, public, or hybrid clouds. The cloud-native developments are complemented by features like containers, Kubernetes, microservices, and Application Programming Interfaces (APIs).

For a Telco to be successful in its Cloud-native journey, it should understand new Cloud-oriented business models and new opportunities coming from the B2B and B2C segments. For a Telco to be successful in this journey, it needs to be surrounded by the right mix of partners and vendors who share the same vision and drive to execute the transformation.

Each Telco’s journey will be unique and will be based on business motivation and, therefore will have a different starting point to becoming a full Cloud-Native Telco.

See the cloud-native journey tables,  figures and time-tested path to cloud-native solution in the 5G Magazine.

Telco challenges to cloud-native journey

A Telco needs to meander across multiple challenges during its migration to a Cloud-native architecture. The cloud journey usually starts with replacing large network elements with VNFs. 

But there are additional challenges too:

  • Migration of Applications: Many Telco applications might not be custom built to run on a cloud platform, so those needs to be redesigned or recreated before cloud migration.
  • Security of Data: The Telco database carries huge customer data, and when migrating to the cloud, it should ensure there is no security breach.
  • Latency: Most Telco applications are latency sensitive, so there is a challenge for the Cloud infra to provide telecommunications-grade latency, which can ensure maintaining of Quality of Service.
  • Vendor Lock-In: Once the Telco puts its network on the cloud, be it private or public cloud, it is the Telco cloud vendor which, in most cases, will own the infrastructure. So, there can be changes when the Telco can be at the mercy of one Telco Cloud vendor. The best way is to have an open ecosystem based on open standards.

Recommendations to mitigate the challenges

  • Collaboration with integration vendors: In a multi-vendor environment the best possible way for integration and implementation of new technology is to be surrounded by vendors who share the same vision and strategy for implementation. This helps in making the process much smooth and time efficient.
  • Choose a Multi-Vendor Cloud vendor: To have flexibility and freedom in customizing the network, the best possible strategy for a Telco is to opt for multi-vendor Cloud infrastructure.
  • Container as a Service (CaaS): To support new use cases coming from 5G, the Telco should implement Cloud-native solutions like containers and microservices based architecture. This will give the Telcos a two-edged advantage in form of scalability and automation.

What should be the Telco strategy for successful Telco Cloud deployments?

Transformation of the network towards the cloud is a journey, and the most intricate part of it is taking the first step. The whole journey transformation journey will depend on how the strategies were framed. Analyzing the transformation of several CSPs, we have managed to formulate a strategy that can be adopted by Telcos while formulating their migration path. It starts with:

Cloud Virtualization

Virtualization is essentially the first step towards cloudification. Generally, it starts with VNFs, and it facilitates hardware consolidation by making applications run on generic hardware. But still, we can’t call it as a pure cloud as the VNFs are siloed. The most generic pathway from this will be migration to containers-based architecture and finally to a cloud-native goal.

Deploying Telco Cloud Automation

After a strategy is formulated for the cloudification of the network, the next approach is to choose a proper tool for automation. Cloud deployment will mean complex network architecture and the need for a skilled workforce to maintain and run the network. So a strategy to choose a proper tool for automation is a defining factor.


A telco cloud is built on collaboration from multiple hardware and software vendors. The CSPs should strategies the choice and working of these vendors as the success of this evolution will depend on how well partners collaborate to reach a common objective.

Introduction of Services – 

The CSPs should be very clear about the different services they want to deploy on the cloud architecture. ROI will depend on how well these services will be channelized to generate new revenue streams.

Read the complete article in the 5G Magazine

Content, Design, And Lead Generation Services to Elevate your Marketing Efforts

Sorry, we couldn't find any posts. Please try a different search.

Scroll to Top