Home | Reports | Technical Documents | Tech-Blog | One-Shot Gallery | Korea ICT News | Korea Communication Market Data | List of Contributors | Become a Contributor |    
 
 
Section 5G 4G LTE C-RAN/Fronthaul Gigabit Internet IPTV/Video Streaming IoT SDN/NFV Wi-Fi KT SK Telecom LG U+ Network Protocol Samsung   Korean Vendors
 
CHANNELS     HFR    |  Mobile Fronthaul Solution  |  Carrier Ethernet Solution  | Resources        
CHANNELS     ZARAM    |  TWDM-PON SFP+ ONU  |  XGSPON 10G SFP+ ONT  |  Use cases  | Evolution of FTTH Access Network    

 

7 Deployment Scenarios of Private 5G Networks
October 21, 2019 | By Harrison J. Son (son@netmanias.com)
Online viewer:
Comments (3)
2

In this blog, we will analyze how to build a Private 5G network.

 

Private 5G network can be implemented in two ways.

  • The first is to deploy physically-isolated private 5G network (5G island) that is independent of the mobile operator's public 5G network (as if building a wired LAN or a Wi-Fi WLAN in the enterprise). In this case, the private 5G network can be built by enterprises or mobile operators. 
  • The second is to build private 5G networks by sharing the mobile operator's public 5G network resources. In this case, the carrier will build private 5G networks for the enterprises.

 

 

1) Isolated 5G LAN built by enterprise (Local 5G Frequency, Full Private, No-Sharing)
2) Isolated 5G LAN built by mobile operator (Licensed Frequency, Full Private, No-Sharing)
3) RAN sharing between private network and public network
4) RAN and Control Plane Sharing between private and public network
5) RAN and Core Sharing (End-to-End Network Slicing) between private and public network
6) N3 LBO (Local Breakout)
7) F1 LBO (Local Breakout)

 

1) Isolated 5G LAN built by the enterprises (Local 5G Frequency, Full Private, No-Sharing)

 

 

 

Enterprise deploys 5G Network Full Set (gNB, UPF, 5GC CP, UDM, MEC) within its premise(site/building). The 5G frequency in the enterprise is Local 5G frequency, not mobile operators' Licensed frequency. This is a constructable architecture in the case of countries where this private frequency is allocated by government(At present, advanced countries such as Japan, Germany and the United States are possible).

 

Who builds: In this case, usually enterprises build their own private 5G networks, but depending on the government policy of each country, third parties, including mobile network operators, may build private 5G networks for enterprises.

 

Enterprises can build their own 5G LAN using local 5G frequency, freeing them from the traditional wired LAN and the wireless LAN's annoyance (LAN cable wiring work of wired LAN, short distance, security concern and network stability of wireless LAN). In addition, the ultra-low latency and ultra-connectivity capabilities of 5G technology enable the creation of new enterprise applications or optimization of existing applications.

 

Pros: As there are independent 5G network full sets in the enterprise on premise,

  • Privacy and Security: The private network is physically separated from the public network, provides complete data security (data traffic generated from private network devices, subscription information and operation information of private network devices, all are stored  and managed only within the enterprise.  Internal data inside the enterprise is not leaked outside)
  • Ultra-Low-Latency: Since the network delay between the device and the application server is within several ms, URLLC application services can be implemented.
  • No optical fiber to the building: There is no need for a working backhaul to keep the local service running. 5G service can be immediately provided to the enterprises that do not have optical backhaul links, for example factories in rural area.
  • Even if a mobile operators' 5G network failure occurs: Even if the mobile operator's facilities burn down, the company's 5G private network works well.

 

Cons:

  • Deployment cost: It is not easy for an ordinary enterprise to buy and deploy a 5G network full set at its own expense. Especially for smaller enterprises.
  • Operational personnel: There is no know-how for existing private LAN (wired Ethernet LAN, wireless Wi-Fi LAN) operation team to build and operate 5G network. Enterprises need to have the right engineers.

 

2) Isolated 5G LAN built by Mobile Operators (Licensed 5G Frequency, Full Private, No-Sharing)

 

 

The private 5G network architecture is the same as 1). The only difference with 1) is that Mobile operators build and operate 5G LAN in the enterprise with their own licensed 5G Frequency.

 

 

3) RAN sharing between private network and public network

 

 

UPF, 5GC CP, UDM, and MEC are deployed in the enterprise and physically separated from the public network.
Only 5G base stations (gNBs) located within the enterprise are shared between private and public network (RAN Sharing).

 

Data traffic (■) of the devices belonging to the private slice (private network) is delivered to the private UPF in the enterprise, data traffic () of the devices belonging to the public slice (public network) is delivered to the UPF in the mobile operator's edge cloud. In other words, private network traffic such as in-house device control data, in-house video data, etc. stays in the enterprise only, and public network service traffic such as voice and Internet are transferred to the mobile operator's network. Although the base stations are not physically but logically separated, it is almost difficult to collect the data information in the private network at the RAN level, so the security of private network data traffic in the enterprise is also confirmed.

 

Private and dedicated 5GC CP and UDM are built in the enterprise, so subscription information and operation information of private network devices in the enterprise are stored and managed in-house so that they do not leak outside the enterprise.

 

UPF and MEC are located in the enterprise, providing ultra low delay communication between device-gNB-UPF-MEC, making it suitable for companies using URLLC applications such as autonomous driving and real-time robot / drone control.

 

4) RAN and Control Plane Sharing between private and public network

 

 

Private and dedicated UPF, MEC are built in enterprise. 5G base stations (gNBs) in enterprise and 5GC CPs, UDMs in mobile operator's edge cloud are shared between private and public networks (RAN and Control Plane Sharing). The gNB, 5GC CP, and UDM are logically separated between the private network and the public network, and the UPF and MEC are physically separated.

 

Data traffic (■) of the devices belonging to the private slice (private network) is delivered to the private UPF in the enterprise, data traffic () of the devices belonging to the public slice (public network) is delivered to the UPF on the edge of the mobile operator. In other words, private network traffic such as in-house device control data, in-house video data, etc. stays in the enterprise only, and public network service traffic such as voice and Internet are transferred to the mobile operator's network. Like 3) RAN Sharing, the security of data traffic within the enterprise is also clear.

 

Control plane functions (authentication, mobility, etc.) for private network devices and public network devices are performed by 5GC CP and UDM in mobile operator's networks.

That is, the private network devices, gNB and UPF in the enterprise are interworked with and managed by the mobile operator's network (via N2, N4 interface). It may be a concern for  that the operation information and subscription information of the private network devices are stored in the mobile operator's server rather than in-house.

 

Since UPF and MEC are located in the enterprise, it provides ultra low delay communication between device-gNB-UPF-MEC and is suitable for companies using URLLC applications such as autonomous driving and real-time robot / drone control.

 

 

5) RAN and Core Sharing (End-to-End Network Slicing) between private and public network

 

 

This is the case when only gNB is deployed inside the enterprise and UPF and MEC exist only in the mobile operator's edge cloud. Private network and public network share "logically separated 5G RAN and Core" (gNB, UPF, 5GC, MEC, UDM) (End-to-End Network Slicing).

 

Unlike 3, 4 where UPF and MEC are located in the enterprise, in this case there is only gNB in ​​the enterprise. Therefore, there is no local traffic path between the private 5G devices and the intranet (LAN) devices such as PCs or local intranet servers, so the traffic must go up to the UPF in the edge cloud of the operator and then come back inside the enterprise through a leased line to communicate with the LAN devices.

 

In addition, MEC, which provides 5G application services to 5G devices in the enterprise, is located in the edge cloud of the mobile operator far from the devices.

 

In this architecture, network latency (RTT) can be a major problem, depending on the distance between the enterprise (5G devices) and the operator's edge cloud (UPF, MEC).

 

Since the traffic of private network devices is transferred from the enterprise to the mobile operator's network, there is a concern about data traffic security. While mobile operator will slice UPF and MEC on its edge cloud to keep our private network traffic separate from public and other private network traffic, timid CEOs are concerned about the fact that e.g., their internal CCTV video traffics are leaking outside their enterprise. 

 

As with case 4, it is disturbing for an enterprise to have operational and subscription information stored on a mobile operator's network rather than on the company's private network.

 

This architecture costs the least to build a private 5G network for mobile operators compared to case 2, 3 and 4 that require the deployment of UPF and/or 5GC CP inside the enterprise.

However, the enterprise has concerns in aspect of security (data traffic generated from private network terminals, subscription information and operational information of private network devices) and network delay (between private 5G devices and MEC application servers, and between private 5G devices and intranet/LAN devices).

 

6) N3 LBO (Local Breakout): Case of SK Telecom in Korea

 

 

As shown in above (a), gNB is deployed in the enterprise as in case 5. N3 GTP Tunnel is created between gNB and UPF when a device is connected, whether CCTV camera or smartphone. These devices are all public network devices.

 

As shown in above (b), the enterprise introduces MEC Data Plane (non-3GPP equipment, ETSI MEC) and MEC Applications (MEC Applications). The Mobile Edge Platform (MEP) in the mobile operator's Orchestrator sends a traffic rule to the MEC DP via the Mp2 interface (If Destination IP address is a Local Network - private 5G devices, local wired LAN devices, local MEC application servers - then Local Breakout!).

 

The MEC DP looks at the destination IP addresses of the packets belonging to all GTP Tunnels coming up from the gNB (GTP Decap) and routes the User IP packet to the internal private network if it is local traffic.

 

Although this method is not standard method of 3GPP, it will be possible to separate private network traffic from public traffic.
(This is the ETSI MEC's Bump in the Wire method).

 

Compared to case 5, private network traffic is not transferred to the mobile operator's network, so the security of private network data traffic is also as clear as case 3 and 4.

 

Unlike case 3 and 4, the cost of building a private 5G network is greatly reduced (UPF is the most expensive equipment among the 5G standard equipments) by adding low-cost MEC DP (actually, SDN/P4 switch) without having to bring expensive UPFs into the enterprise.

 

In addition, because the MEC also exists in the enterprise and handles the traffic that MEC DP breakouts, it will be able to provide ultra-low delay application services.

 

However, since MEC DP is not 3GPP UPF, MEC DP cannot perform mobility management and charging function for private network devices.

(Of course, MEC DP can implement some of these functions since the operator can make a proprietary specification that implements these capabilities)

 

As with case 4 and 5, it is disturbing for an enterprise to have operational and subscription information stored on a mobile operator's network rather than on the company's private network.

 

7) F1 LBO (Local Breakout): Case of KT in Korea

 

 

The same as in case 6, but the difference is that only the RU/DU in the enterprise is deployed and the CU is placed in the mobile network's edge cloud, and that private network traffic is locally-breakouted from the F1 interface, not from the N3 interface.

 

Concluding,

 

There is always a plurality of ideas in every choice situation in any field. We want to have the prettiest and most coveted option first.

But which option to choose at the final stage of selection is "What do I need?" and "How much money do I have?"

 

Similarly, the architectures of the Private 5G network described above have their respective advantages and disadvantages, and one architecture is not optimal for all situations. Each enterprise can choose an architecture that is optimized for them based on their requirements and implementation/operating budget they have.

 

 

Rajarshi Pathak 2019-10-22 15:17:43

Thanks a lot Harrison for sharing this very useful article. It's always a pleasure to learn from your write-ups. From Enterprise's control and security perspectives, Option 3 looks good but it's expensive. 
For cost savings perspective, Option 5 is reasonable but it's the least secured wrt traffic routing as well as subscription info storage. 
In Option 6 though enterprise traffic doesn't leave the private network but subscription information gets stored in the public network and also we need to maintain MEC DP equipment & Orchestrator.
As you mentioned, there is no "one size, fits all" approach. Private network deployments will be based on mutual trust and partnerships between Enterprises and Operators along with the targeted service offerings. Together they can also become niche Service Providers for offering URLLC & mMTC services for public and private networks in the dynamic 5G world.

jensenzhu 2019-11-06 09:23:10

SKT case seems good with well balance between Security and Cost

Billie Chan 2019-11-18 18:39:44

Thanks a lot. Great document. Any idea which vendor MEC DP deployed mention in option 7?

Thank you for visiting Netmanias! Please leave your comment if you have a question or suggestion.
View All (823)
4.5G (1) 5G (89) AI (6) AR (1) ARP (3) AT&T (1) Akamai (1) Authentication (5) Big Data (2) Blockchain (3) C-RAN/Fronthaul (17) CDN (4) CPRI (4) Carrier Ethernet (3) China (1) China Mobile (2) Cisco (1) Cloud (5) CoMP (6) Connected Car (4) DHCP (5) EDGE (1) Edge Computing (1) Ericsson (2) FTTH (6) GSLB (1) GiGAtopia (2) Gigabit Internet (19) Google (7) Google Global Cache (3) HLS (5) HSDPA (2) HTTP Adaptive Streaming (5) Handover (1) Huawei (1) IEEE 802.1 (1) IP Routing (7) IPTV (21) IoST (3) IoT (55) KT (43) Korea (19) Korea ICT Market (1) Korea ICT Service (13) Korea ICT Vendor (1) LG U+ (18) LSC (1) LTE (78) LTE-A (16) LTE-B (1) LTE-H (2) LTE-M (3) LTE-U (4) LoRa (7) MEC (3) MPLS (2) MPTCP (3) MWC 2015 (8) NB-IoT (6) Netflix (2) Network Protocol (21) Network Slicing (4) New Radio (9) Nokia (1) OSPF (2) OTT (3) PCRF (1) Platform (2) QoS (3) RCS (4) Roaming (1) SD-WAN (17) SDN/NFV (71) SIM (1) SK Broadband (2) SK Telecom (35) Samsung (5) Security (16) Self-Driving (1) Small Cell (2) Spectrum Sharing (2) Switching (6) TAU (2) UHD (5) VR (2) Video Streaming (12) VoLTE (8) VoWiFi (2) Wi-Fi (31) YouTube (6) blockchain (1) eICIC (1) eMBMS (1) iBeacon (1) security (1) telecoin (1) uCPE (2)
Password confirmation
Please enter your registered comment password.
Password