Virtual CPE, the first step in service providers’ NFV promise – vendor agnostic networks

One major starting point for CSPs and ISP’s NFV solutions is the deployment of virtual CPE (consumer premise equipment), specifically the business oriented variation vE-CPE – Virtual enterprise CPE. The immediate benefits in reduced CapEx and flexibility make growing enterprise networks one of the first to receive NFV solutions in the form of vCPE from service providers.

But there are still hurdles to overcome, and 3 different Virtual CPE implementations have been developed as a solution to some of these problems. In this article I will detail the 3 different kinds of implementations as well as existing problems that prevent service providers from implementing “full” vCPE, cloud hosted solutions.

 

Not all vCPE’s are created equal

Though recent surveys show that most if not all major service providers are planning on migrating their network infrastructure and services towards SDN/NFV, not all of them have the capability to deploy a working Virtual CPE solution yet. Given the wide range in levels of progress and development, no two CPE deployments are exactly the same and since not all network functions can be implemented in a usable manner for performance-critical applications, many have rolled out hybrid or almost completely on-premise CPE solutions in response to these shortcomings.

One can divide the different vCPE solutions into to 3 main categories: Centralized traditional vCPE, Hybrid vCPE and uCPE. Each of these have their own benefits and uses in emerging networks. Below is a detailed explanation of each:

Centralized vCPE

versa centralized virtual CPE
Versa Centralized Virtual CPE. (Retrieved from Versa Networks website)
NCA-1010 IoT gateway Virtual CPE
Lanner’s NCA-1010 compact fanless x86 desktop network appliance

“True” Centralized vCPE – All VNFs (Virtualized network functions) are implemented on the service provider’s side, with the physical CPE acting as little more than a level 2 forwarder into its network and services. Currently the purest and rarest implementation of CPE, only the most advanced vendors in the market (i.e. Versas, shown above) have offerings in this category. Since all of the network functions are offloaded onto the service providers network, all that’s required is a low-power device(like the one above) to act as a gateway into the cloud network where all the Network functions are hosted.

 

Hybrid vCPE

hybrid vcpe Virtual CPE
Hybrid Virtual CPE illustration
FW-7525 network computing appliance Virtual CPE
Lanner’s FW-7525 – fanless x86 desktop network appliance for SD-WAN, VPN..

Hybrid CPE – some performance-critical VNFs are run on local hardware appliances and the rest are accessed through the service providers cloud. This is currently the most popular method, as it allows companies to leverage resources on both sides to sidestep performance issues and provide a complete, cost-effective solution. Since the ISP’s network is used to offload a lot of the network functions, one can use small form-factor network appliances like the one above.

 

uCPE or Physical vCPE

physical Virtual CPE
uCPE – Universal CPE illustration
NCA-4010-high performance x86 rackmount network appliance
NCA-4010-high performance x86 rackmount network appliance for enterprise firewall, UTM, WAN

uCPE or localized vCPE – All the NFVs are deployed in on-premise network appliances. Universal CPE, a term recently coined by AT&T, is an NFV platform where all network functions are integrated onto standard x86 hardware, not unlike current CPE implementations with the major difference being that the proprietary hardware is now virtualized and deployed onto vendor-agnostic white box appliances. Since this solution requires capable infrastructure and powerful hardware, it’s usually in the form of high-performance Intel x86 network rack mount appliances (like the one pictured above).

 

Use cases and limitations for these different implementations

These three different approaches arose out of a need to overcome limitations in current VNF’s and service provider’s networks.

 

True vCPE as it originally stands is currently only feasible for small to medium business, due in part to issues like double encryption and tromboning. Because of the the obvious security implications in sending unencrypted plaintext data to a cloud network, we must first must first encrypt any data sent out from the vCPE to the cloud provider’s networks. Then the data must be decrypted, processed, encrypted once more and finally sent back to the vCPE. This creates significant overhead and latency that makes this solution impractical when applied to performance critical application on a larger scale. Also, on a more fundamental level, network tromboning happens when data is sent to a remote location, processed and returned. Although this may be done in small quantities with DHCP, DNS etc…  The congestion can still become a problem as it builds up.

On-premise vCPE implementations, or more appropriately named “private clouds” are reserved for large companies that require or prefer to implement their own Infrastructure (due to performance reasons, security concerns or other factors). While a powerful solution, it is also appropriately expensive and counter-productive to the NFV’s promise of reduced Capital expenditure.

That’s why hybrid solutions now make up the bulk of virtual CPEs in the market. The ability to implement critical functions onto local hardware as well as service provider’s networks gives businesses the flexibility they need to deploy demanding applications in the search for new revenue streams. With flexible CPE platforms on the rise, businesses can decide what VNFS’s to run on-premise and which to offload onto the cloud.

Below is an example of a flexible VNF that can be deployed as centralized CPE, Hybrid CPE, or fully on-premise with only the orchestrator running on the service provider’s network:

Illustration 5 Versa range of Branch architectures. (Retrieved from Versa’s website)

In this illustration we can see how the size of a branch dictates the optimal architecture to implement, with small businesses able to fully rely on service provider’s networks, medium business running performance-critical functions on-premise in a more hybrid environment, and finally massive company branches requiring dedicated on-premise hardware to meet demands. This flexible architecture allows service providers to deploy NFV solutions in places that would otherwise be impractical.

 

In Summary:

The best solution is the one that fits your needs. It’s actually one of the widely touted advantages in the move towards SDN, NFV and Virtual CPE.  So it comes as no surprise that vendors are gravitating towards a functional hybrid architecture that encompasses all the different needs of the valuable enterprise consumer premise equipment industry.

Virtual CPE, the first step in service providers’ NFV promise – vendor agnostic networks was last modified: October 7th, 2020 by James Piedra

Lanner, Enea Build High Performance NFV uCPE for Small Offices

Please complete this form to proceed

Hand-picked posts from our blog, delivered to your email.

SUBSCRIBE