In part one of this blog series, we explored the reasons behind “why” messages may be a better path forward for 5G visibility strategies than simply relying on a traditional approach of “grabbing more packets”. The main motivator for overhauling visibility/observability strategies for stand alone (SA) 5G networks is that these networks are fundamentally different from previous generations’ telecommunications networks. These differences were broken down into the following challenges that the engineering team at MantisNet set out to address:


  • Messages are the backbone of distributed computing- how can this be leveraged?
  • Size and scale bring valid concerns of replicating the network- what is the alternative?
  • All visibility solutions are now deployed on production resources- how can we keep our resource tax as low as possible?
  • No standardized/central location to grab packets, physical access is limited- how can we best rethink our data capture strategy?
  • Distributed computing and industry standards breed multi-vendor environments- how can we provide a common view across all vendors?

 

As described in the last post, MantisNet met these challenges head-on by bringing Tawon CVF (Containerized Visibility Fabric) to market. Tawon CVF is a cloud-native, microservices based visibility solution for gaining insight into containerized environments. It leverages eBPF (Enhanced Berkeley Packet Filter) technology to deliver an extremely performant solution with a very light footprint. Low resource utilization, distributed data access, and flexible deployment models are all key benefits of Tawon CVF, however, in this post we are going to focus on the main driver that makes Tawon CVF different than packet-based solutions- it focuses on providing visibility through inspecting messaging, not packets.

 

So what really is the difference between packet-based solutions and messaged-based?

 

When considering the difference between these two approaches, it is important to note that packet-based systems come with a very high “resource tax” when deployed in containerized environments. It has been proven time and time again that capturing packets in cloud-native environments takes a lot of processing power, as well as bandwidth, to generate and maintain a replicated production network for monitoring purposes. Alternatively, solutions designed to inspect messages within a cloud-native framework introduce much less stress on production resources. Solutions such as Tawon CVF are able to leverage eBPF to set very specific hooks for the data it is looking to extract- resulting in a solution where resource utilization is drastically lower, overall footprint (think “access points”) is greatly reduced, and the overall maintainability of the system is far less complex than a packet-based visibility tool.

The following chart describes some of the key differences between Tawon CVF (message based) and vendor provided vTAP solutions (packet based):

 

vtapvsmessage

 

Taking a look at this chart, you will notice that the benefits of a message-based system extend beyond simply providing a reduction in resource utilization and reducing the overall footprint of the solution. With message-based systems, operators now have the benefit of more granular filtering, deeper visibility into the underlying infrastructure of 5G systems, and the ability to address the ever-present challenge of encryption being used (as a standard) within 5G SA environments. This chart is not comprehensive, however, it provides a good look into the differences between the two different types of solutions that network operators are considering for visibility strategies. It is also important to note that this chart was not developed in a silo here at MantisNet- this chart represents feedback that we have received from numerous systems integration partners that are often tasked with establishing visibility solutions for telcos. Essentially, these are the real world observations from the individuals tasked with setting up visibility solutions for 5G SA networks.

 

Final note to mention…

 

As always, we encourage anyone that would like to explore this conversation further to contact us directly. The differences between message-based and packet-based systems are many, but can also get into the technical weeds fairly quickly. The main take away is that message-based systems allow for a more dynamic and performant visibility strategy that can serve as a single pain of glass across multiple vendors. The technical advantages of message-based systems are clear, as well as the more economic related impacts as well (reducing amount of money spent on multiple vTAPs, costs associated with factoring compute resources for visibility, feature requests from multiple vendors, etc.).

5G production networks are leveraging containerization to help standardize deployments, reduce overall costs, and improve end user experience- it is about time visibility solutions followed suit. 
Mike Fecher

Written by Mike Fecher

Mike's a leader in developing client solutions for data center infrastructure, cybersecurity, and network visibility. He has worked with commercial telecom providers, the US Intelligence Community, and various other government agencies to help implement data-centric solutions.

 
 
 
 
 
 
 
 
 
 
 
 
11160 C1 South Lakes Drive, Suite 190 Reston, VA 20191 (571)306-1234 info@mantisnet.com
© MantisNet 2024