policy as a platform: delivering agility & simplicity

White Paper

Policy as a Platform: Delivering Agility & Simplicity

Prepared by Graham Finnie Chief Analyst, Heavy Reading www.heavyreading.com on behalf of

www.cisco.com

November 2014

http://www.heavyreading.com/

http://www.cisco.com/

HEAVY READING | NOVEMBER 2014 | WHITE PAPER | POLICY AS A PLATFORM: DELIVERING AGILITY & SIMPLICITY 2

Executive Summary The search for more flexible network and service platforms is becoming ever more urgent for telcos, many of which are faced with a triple whammy of stagnant or falling revenues, rising costs and increasing competition. If they are to survive and prosper, telcos must find new ways both to plan and manage their network re-sources, and to create, deliver and manage new services. In investigating these issues, this paper focuses in particular on policy management as a function that can pull together a wide range of valuable assets and ideas, but the paper also shows that many existing policy deployments do not meet key stra-tegic telco requirements. A more modular, platform-based approach that allows easier integration of policy with related functions is more likely to meet these goals, we suggest, enabling policy management to realize its full potential. To illustrate some of its key points, this paper draws on a new global survey of net-work operators. Most of the data from this survey is presented here for the first time. Part One of the paper looks briefly at the evolution of policy over the past decade from a static standalone function supporting only a few use cases, to a role that links policy to an increasingly wide range of IT and network functions and handles scores of policies. However, operators are often frustrated by the scale and persis-tence of the challenges that face them when trying to turn policy management into a strategic service platform of this kind. We note that the level of satisfaction with legacy policy management deployments is low, and barriers to achieving telco objectives in this area are often still high. A new kind of policy platform is now required, which we call third-generation policy control. Part Two looks in more detail at the factors driving this need, principally a host of new service-oriented policy use cases. These use cases are driving the capabilities that will be required in a next-generation policy platform, and as we show, most operators are planning to move to a much more sophisticated policy architecture that links policy to a widening range of other functions, from product catalogs to RAN congestion control systems. This section also considers the impact of sophisti-cated new use cases, such as VoLTE. Part Three scopes out the core features of a third-generation policy platform as they arise out of the requirements identified in Part Two. This section focuses in particular on emerging technology enablers such as virtualization and service chaining. With the aid of these and other new capabilities, we suggest, it should be easier to con-struct a modular platform-based approach that is more flexible and adaptable, and better suited to support the dynamic services environment that telcos are now beginning to roll out. Policy as a platform and virtualization will ultimately help operators to move to an agile, service-oriented model, while simultaneously lowering capex and opex.


1. Policy as a Platform: The Challenges Ahead Over the past five years, almost every telco has made the creation of more flexible and adaptable network and service platforms a top strategic priority – and every year, as the competitive environment becomes ever more challenging, the need to deploy and extend those platforms becomes ever more urgent. In the area of policy management, this has driven several major changes of direction over the decade or so since policy was first deployed. Most first-generation products (see Figure 1) were effectively standalone, with the policy server (usually in association with DPI detection software) handling basic traffic management (e.g., identifying and blocking P2P traffic, or throttling users who had exceeded fair usage rules).

In the second generation of policy, which ran from about 2010 to the present, other capabilities were gradually added by vendors (some more rapidly than others). These included simpler policy creation environments; integration with IT elements such as charging; integration with other network elements to link policies to RAN congestion data; and better scaling and availability features. While these improve-ments have resulted in more complex deployments handling more use cases (many more, in a few deployments), many are still often quite simple in practice, with just a few extra use cases being added, such as user quota management, application-based service packages and roaming alerts. Over the past one to two years, however, there has been a sea change in attitudes toward, and plans for, policy, putting much more pressure on suppliers to deliver more flexible platforms. Most operators are looking to add a whole range of new use cases to policy deployments – use cases that are largely focused on service

Figure 1: The Evolution of Policy

1ST GENERATION 2005-2010

2ND GENERATION 2010-2014

3RD GENERATION 2014-

Policy creation Largely handled by vendor

Largely handled by vendor and telco technical staff

Largely handled by marketing, and available to external third parties; GUI-based policy creation

Connection of policy servers to other network and IT functions

Limited to one or two functions; usually based on proprietary systems integration

Limited to a few func-tions; based on propri-etary SI and formal standards (e.g., 3GPP)

Extensive; based on formal stand-ards and open platforms; moving up the stack to Web/app layer

Use cases 1-5 5-20 20+

Transactions per second Up to 10,000 Up to 100,000 Indefinitely extensible

Virtualization No Yes, limited Yes, orchestrated and elastic in the cloud

Third-party engagement None Very limited Widespread

Policy "slicing" No No Yes

Policy-driven service chaining No No Yes

Source: Heavy Reading


innovation rather than traffic management. As a result, they are likely to change frequently, and require hardware and software that is much more extensible, flexi-ble and open than hitherto. Service innovation implies that policies are based on a

wider range of inputs, both in the network domain (e.g., congestion information) and the IT domain (e.g., subscriber charging information). These new requirements translate into a new kind of policy product, now becoming available, that situates policy as an element in a wider platform or architecture, including elements such as ANDSF servers and Gi-LAN controllers. At least in principle, this architecture should be bet-ter able to fully deliver on the enormous theoretical potential of policy

management to meet strategic telco goals. In other words, a third generation of policy products that embed policy in a broader offering has arrived.

Theory & Reality In order to understand what this new kind of policy platform needs to deliver, we need to analyze why operators have in general failed to exploit the capabilities available even in second-generation policy products, and have still deployed only a few use cases. This section considers that question in more detail, focusing espe-cially on data from our 2014 survey of network operators on policy management. The first point to make is that policy is now widely deployed. In our survey, we found that nine out of ten respondents had deployed a policy server (or 100%, in the case of those working for a mobile operator), with the average deployment now about two years old. As Figure 2 shows, however, it's clear that many legacy deployments have failed to live up to expectations. On a four-point scale, more than half of the sample rated performance "fair" or "poor" on half of the criteria we suggested.

Figure 2: Could Do Better? Level of Satisfaction With Policy Deployments

Question: Please rate the performance to date of your policy deployment in the following areas.

Source: Heavy Reading survey of 71 network operator executives, August 2014

A third generation of policy products that embed policy in a broader, more strategic solution has arrived


Answers to a different question, specifically on the barriers to achieving policy ob-jectives, tell a similar story (see Figure 3). Almost half the sample rated many barriers as "critical" or "fairly major" (4 or 5 on a 1-5 scale).

It's important to note here that some barriers have persisted year after year – not least, difficulties integrating policy and charging. Although the absolute score on this barrier declined slightly this year, this has been the number one barrier in every survey since 2010. So despite the fact that policy and charging integration is essen-tial to building new data monetization and service options for users, it is seemingly very hard to achieve in practice. Taken together, these two charts deliver the clear message that many operators need a new approach to policy and a new kind of platform to break the logjam that is preventing them from turning theoretical aspiration into practical achieve-ment – and indeed, in answer to a subsequent question on future buying intentions, 73% of respondents said that they would either replace their existing vendor or add new vendors to the policy mix in the future. It's perhaps worth noting here that our survey suggested that more than 40% of policy deployments are more than three years old. Many of those deployments are stuck in the first-generation policy era, and are ripe for augmentation or replacement. So what are telcos looking for in future deployments of policy? We consider that question further in Sections 2 and 3.

Figure 3: Barriers to Policy Management

Question: On a 1-5 scale, please rate the following barriers to achieving your company's objectives in the area of policy control & management.

Source: Heavy Reading survey of 71 network operator executives, August 2014. Note: Only barriers scoring greater than 3.25 are included in this graphic; six other barriers were included in the question.


2. What's Driving Next-Gen Policy Platforms? In order to define the features that a next-generation policy platform should sup-port, we need first to ask what it is that operators are trying to achieve. Over the past few years, there has been a major change in this respect. As revenues come under increasing pressure from third-party suppliers, mobile operators in particular have defined service innovation as a core objective, at least as important as tradi-tional cost reduction goals. Telcos need to better monetize data services and ex-tend the range of options available to customers. In the last section we noted that, as a result, the investment case for policy deploy-ment has changed radically since it was first deployed a decade ago – especially over the past few years. As Figure 4 shows, this means that the anticipated number of policy use cases is rising very fast, with an implied median of about 18 policy use cases per company expected by 2017, compared to about five today.

What kind of use cases do operators have in mind? Figure 5 provides a strong clue, showing that more than 50% of the sample intended to deploy almost all of the use cases we suggested in the question. And it's in the nature of policy management that many other use cases could be deployed, since policies can be based on any piece of information that can be captured in network and IT systems, and then made available to create a new policy.

Figure 4: Policy Use Cases on the Rise

Question: How many different policy use cases will your company have in place on its policy management systems by 2017?



How do these findings impact next-generation policy product design or purchase? The answers to another question give us a good idea. Many initial policy deploy-ments have included little more than a policy server, policy enforcement software (typically in GGSN DPI, or in a DPI appliance), and a subscriber profile repository (SPR) to enable subscriber-oriented policies to be implemented. However, as Figure 6 shows, many operators have begun to connect a wide range of other elements, including not only charging systems (now being widely con-nected), but also such elements as RAN congestion control (e.g., network probes), product catalogs and analytics software.

Figure 5: Planned Policy Use Cases



In other words, policy is becoming part of a broader platform architecture, and this gives us a good idea of the kind of product that might work best in future. Note

especially the high intent to connect functions that are not generally part of the architecture today, such as RAN con-gestion control and video optimization software. Further clues are provided by looking at some of the emerg-ing use cases in more detail. For example, the survey asked respondents about the impact of VoLTE on policy deploy-ments, and as Figure 7 shows, two thirds of the sample

thought that VoLTE would require an upgrade to or replacement of their policy plat-form. Handling VoLTE not only means scaling up to handle many more sessions and transactions, but also having the capability to handle specific requirements such as support of emergency services, voice-specific charging, or QoS guarantees. The need to support VoLTE is just one example of the new requirements that are straining the capabilities of orthodox policy platforms. Other examples include:

x Deploying policies seamlessly across different networks such as 3G, 4G, WiFi, etc. (perhaps using an ANDSF add-on module);

x Supporting policy on the device, or basing policies on information from de-vices or RAN base stations;

x Analytics-driven policy development, linking policy to real-time trend infor-mation from both IT and network sources;

x Network "slicing," e.g., to apply different rules to emerging user segments, such as M2M verticals.

Figure 6: The New Policy Architecture

Question: How do the following elements fit into your company's policy architecture?

Source: Heavy Reading survey of network operator executives, August 2014

Policy is becoming part of a broader platform architecture, giving us a good idea of the kind of product that might be required in future


In the final analysis, the aim of any deployment is to make the technology invisible to those who ultimately benefit from it – which, as our policy use case analysis showed, increasingly means making the technicalities invisible to the non-technical product marketing or development teams that are ultimately responsible for creat-ing the new services for customers. But as our final survey data point in this section implies (see Figure 8), we are some way from that point in deployments today. It shows that policies are still largely created by internal technical staff working with their vendors and systems integrators, with fewer than one in ten saying that mar-keting or product development staff were primarily responsible for creating policies.

In the end, the litmus test for a third-generation policy deployment is the speed and ease with which new policies can be identified, created and deployed. In the next section, we consider the key mechanisms to achieve this goal.

Figure 7: The Impact of VoLTE

Question: How will VoLTE (voice over LTE) affect your company's PCRF deployment?

Source: Heavy Reading survey of 71 network operator executives, August 2014; excludes "don't knows"

Figure 8: Who Creates Policies?

Question: Who is mainly responsible for creating the policies now running on your company's policy system?



3. The Third-Generation Policy Platform We saw in the last section that telcos have high ambitions for policy management, but low levels of satisfaction with many legacy deployments. So what does a third-generation policy platform need in order to assuage these concerns and meet telcos' needs? As previewed in Figure 1, and discussed in Part 2, third-generation policy ought at minimum to deliver a higher level of modularity, flexibility and extensibility. And of all the technologies available to help meet these aims, few have attracted as much attention as virtualization. Virtualization is not new in the IT sector, but it is relatively new in the network industry (though in policy and related areas, a few vendors have had some virtualization capabilities for several years). Much of the interest in virtualization has been driven by the ETSI Network Functions Virtualization (NFV) initiative, which has the backing of most of the biggest Tier 1 telcos. And as Figure 9 shows, this has certainly had an impact on operators, with about half in our survey saying they have active virtual-ization initiatives in the policy area, and only 24% saying they have no current plans.

In answer to a separate question, we found that network operator respondents cited or anticipated a wide range of potential benefits from virtualization, going far beyond the potential economies to be gained by efficiently utilizing generic COTS hardware. For example:

x 85% of respondents cited lower OSS costs as a critical or useful benefit of virtualization;

x 84% said it would make it easier to scale up their policy solution;

x 70% cited easier interoperation with other network or IT functions; and

x 70% said it would simplify traffic steering or service chaining.

Figure 9: Virtualization of Policy

Question: What stage has your company reached in virtualizing policy control?



Although early deployments of virtualized policy and other functions usually do little more than add a hypervisor to functions mounted on COTS or commercial blade servers, most respondents in our survey already recognize the importance of having some kind of orchestration scheme in place to facilitate the wider OSS and service

flexibility gains they are looking for. In fact, in a question on the main barriers to virtualization, we found that the highest-scoring barrier was "no clear orchestration scheme to manage this in the cloud," suggesting that the advantages of advanced cloud features, such as full automation, dynamic elasticity and capacity management, are already understood, if not necessarily widely available. Telcos, it appears, are thinking ahead to what virtualization might ulti-mately enable them to do.

In a specific question on policy orchestration (Figure 10), we found that more than a third of those with an opinion saw a dedicated orchestrator platform as "essential," with half hedging their opinion by rating it "fairly important."

One of the potential use cases of virtualization that is attracting current attention is virtualized service chaining (sometimes known as "traffic steering"). As operators seek to broaden their policy architectures, there is a desire to steer flows intelligently (i.e., by using policy decisions) through a range of functions that sit in the so-called "Gi-LAN" such as video optimization, parental control, security, ad insertion and so on. By virtualizing these functions, it should be possible to create a much more flex-ible and extensible set of options in the Gi-LAN that can be added, dropped and sized to meet ever-changing demand. In our policy management study, we found that operators are still at a relatively early stage in their plans for virtualized service chaining. We found that about two thirds

claimed familiarity with the basic concept, with about one third saying they were either planning to deploy it or investigating its potential. In a separate study Heavy Reading conducted specifically on the vir-tual EPC and Gi-LAN, 66% of respondents thought that the concept of virtualized Gi-LAN functions was attractive and had commercial poten-tial. As network operators become more familiar with the concept, and

Figure 10: Orchestrating Policy

Question: How important is it to have a dedicated orchestrator platform that takes care of managing virtualized policy control in a virtualized infrastructure?

Source: Heavy Reading survey of 71 network operators, August 2014; excludes "don't knows"

The advantages of advanced cloud features such as full automation, dynamic elasticity and capacity management are already understood

About two thirds of telcos are familiar with service chaining, and one third are investigating its potential


as standards such as ETSI's Forwarding Graph and the IETF's Service Function Chain-ing are firmed up and deployed, we expect that virtual service chaining will be an important means for improving the modularity of policy-driven service and network management platforms. One final capability that could help operators achieve their objectives is to enable policy and related functions to be exposed via standardized APIs to third parties. This is an area where operators have struggled to create a business case, overcome internal resistance and specify technically how this is to be implemented in a con-trolled fashion. However, there has been an upsurge in interest in the idea recently, as telcos start to conclude relationships with content and app providers, and this interest is reflected in our survey. Almost 70% of the survey respondents said they would "definitely" or "possibly" expose network or IT capabilities via APIs to third par-ties; only 15% said they would not. These percentages are considerably higher than those in similar questions we have asked in the past. None of this is to suggest that deploying virtualized and cloudified policy-driven plat-forms will be easy. It requires q wide-ranging transformation of operator organiza-tions. Among other things, operators must fill internal skills gaps in areas such as vir-tualization, find new ways to buy and measure return on investment from vendor solutions, resolve new operational issues raised by virtualizing functions (e.g., fault management) and address a range of other challenges. Indeed, in our survey 43% of respondents reported that they lacked appropriate skill sets to deploy virtualized policy solutions. The vendors that best resolve these issues for their customers will be in a strong position to dominate the coming changes.

Conclusion It's clear from our survey and from vendor activity and announcements that a new kind of policy platform has been emerging that is better positioned to meet telcos' new strategic imperatives and break the logjam that has prevented telcos from seamlessly linking network and service platforms. No longer is policy a standalone capability with few links to external functions and entities; instead, the policy server sits at the heart of a flexible and extensible set of virtualized functions, making in-creasingly sophisticated, contextual decisions on behalf of end users. If well-chosen, third-generation policy solutions can sit at the heart of a wide range of network and IT functionality and create increasingly sophisticated and personal-ized policies for end users. In this way, policy can fulfil its undoubted promise as the brains of the new service- and customer-oriented telco network.


Background to This Paper

About the Author Graham Finnie Chief Analyst, Heavy Reading Graham has been working as an analyst and consultant in the telecommunications sector for more than 20 years. He joined Heavy Reading in 2004, following a 10-year tenure at the Yankee Group, and has been responsible for a wide range of re-search, focusing primarily on next-generation broadband networks, services and applications. He became Chief Analyst at Heavy Reading in 2007. Graham's most recent report for Heavy Reading is RAN Congestion Control & the Road to QoE, pub-lished in September 2012. Graham is also responsible for Heavy Reading's Policy Control & DPI Market Tracker. Graham has also hosted numerous Webinars and Live events for Light Reading, and is a regular speaker at other major industry events. Before becoming an analyst, he was editor-in-chief of the award-winning industry paper Communications Week In-ternational. Graham is based in the U.K. and can be reached at [email protected].

About Heavy Reading Heavy Reading (www.heavyreading.com), the research division of Light Reading, offers deep analysis of emerging telecom trends to network operators, technology suppliers and investors. Its product portfolio includes in-depth reports that address critical next-generation technology and service issues, market trackers that focus on the telecom industry's most critical technology sectors, exclusive worldwide surveys of network operator decision-makers that identify future purchasing and deploy-ment plans, and a rich array of custom and consulting services that give clients the market intelligence needed to compete successfully in the global telecom industry. Heavy Reading P.O. Box 1953 New York, NY 10156 Phone: +1 212-600-3000 www.heavyreading.com

http://www.heavyreading.com/details.asp?sku_id=2904&skuitem_itemid=1445

mailto:[email protected]



policy as a platform: delivering agility & simplicity

Technology

links policy

generation policy platform

evolution of policy

new kind of policy platform

white paper policy

generation policy control

existing policy deployments

easier integration of