![]() All of the network planes have the potential for security issues at the functional level (a function could be compromised), and to the extent that they interconnect elements or virtualize them, they also present security risks at the implementation level, meaning an attack on infrastructure or the orchestration and management interfaces. Not just with Open RAN (as I noted), though. Since we’re not dealing with the actual mechanisms of virtualization in an effective way, there are indeed potential security issues that emerge. You can see a bit of this, by inference, in my blog about Ericsson’s complaints about Open RAN security. The specs don’t define how we actually achieve virtualization, except through reference to NFV, which actually does a pretty poor job of defining the way we’d want to deploy and manage functional components in any of those planes. My experience plane is relevant to 5G only in the sense that the things in it are part of the public data network that 5G user plane activity is connecting with. When we talk about things like 5G, we’re dealing mostly with service functions, and so we’re dealing mostly with things that live in the three lower planes. That’s the virtualization plane, and it contains the signaling that manages whatever hosting and deployment processes are used to realize the functionality of the other planes on a cloud infrastructure. However, as soon as you start looking at that problem, you confront yet another “plane” that runs vertically along all these horizontal layers. We actually have examples of things in each of these four areas today, and the way the planes relate to each other and to the user is important in understanding the best approach to defining future network architectures and infrastructure. At the top of it all, I sat the experience plane, which provides the actual experiences that users of a network are seeking-video, websites, etc. I put the data plane at the bottom, the control plane next, and then the service plane, which I said was a better name for the layer of signaling that mediates IP data flows, the lower two layers. With the advent of more complex services, including 5G, the term “control plane” references the exchanges that manage the mobile network and infrastructure, riding above the “user plane”, which is now the IP network and thus includes the data plane and the old control plane!Ībout a year ago, I did a presentation to some operators that used a slide that defined four layers of a network. Originally, the “control plane” was the set of protocol messages used to control data exchanges, and so it was (as an example) a reference to the in-band exchanges that are used in IP networks for topology and status updates. The separation between control and data planes is a pretty-well-accepted concept, but one complicating factor in the picture is that the term “control plane” isn’t used consistently. Important Site Policies and a Note to Skeptics!.Hosted-Function and API Security for Service Providers: Not There Yet. ![]() Do We Need a New Generation of Abstractions for Virtualization?.E Pluribus: What Arista Could Do with its New Technology.Comments Invited on the Podcast Approach.What to Expect From the Operators’ Fall Planning Cycle.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |