By Sigit Priyanggoro, Sr. Product Manager – AWS
By Awaiz Ahmad Khan, Principal Solutions Architect – AWS
By Rahul Bajpai, Consulting Managing Director – Deloitte
By Arpan Tiwari, Consulting Managing Director – Deloitte
Enterprises demand secure wireless networks that can be trusted with mission-critical tasks. As digital transformation and the Internet of Things (IoT) become business imperatives, private 4G and private 5G networks must connect everything from robots, cameras, signage, and machinery to virtual reality applications.
At the same time, the demand for real-time stream processing is increasing rapidly with the explosion of streaming data from IoT sensors, the web, and other sources.
Enterprises want to extract business value by processing this data while in motion using real-time analytics at the edge. Different AWS Snow Family edge compute choices facilitate the deployment of private networks with varying latency requirements.
In this post, we present network architecture to deploy private 4G or private 5G network solutions for different use cases. The enterprises can choose to start small and scale the network as demand and utilization increase with minimal or no re-architecting effort.
Deloitte has extensive experience in designing and operationalizing wireless communication networks globally. Through a network of professionals, industry specialists, and an ecosystem of alliances, Deloitte assists clients in deploying 5G and edge solutions to enable digital transformation at the heart of the business.
Private Networks: What and Why
Enterprises envision a future enabled by automation-led operational efficiency, enhanced collaboration and productivity, higher safety and compliance levels, and transformed product experiences. These concepts, which underpin the “Industry 4.0” revolution, are expected to be enabled by advances in IoT, artificial intelligence (AI), and machine learning (ML), as well as cloud and edge computing.
The standard fabric connecting applications, devices, and customers powered by these technologies is the underlying communications network. Advanced connectivity technologies such as 5G have the potential to be a force multiplier for game-changing technologies and applications.
Traditionally, connectivity on cellular technologies such as 4G and 5G relied heavily on Communications Service Providers (CSPs) to offer these services. Indoor coverage was either based on Wi-Fi or Distributed Antenna Systems (DAS), which extended the CSP’s coverage indoors. These public networks, while addressing broad network requirements, do not adequately meet unique latency, data rate, and reliability expectations of Industry 4.0 use cases.
Private networks are designed to address these limitations of previous-generation wireless technologies. Enterprises can now deploy their wireless network based on advanced communication technologies such as 4G and 5G at their premises, providing seamless connectivity into their local IT and cloud infrastructure. Private 4G and 5G network deployments using this architecture can meet all of the performance expectations for next-generation use cases.
A key enabler for private networks has been the availability of spectrum such as Citizens Band Radio Services (CBRS) in the United States, which can be leveraged by enterprises to deploy and operate private 4G and private 5G cellular networks.
Other nations similarly have earmarked spectrum for private network deployments. In addition, CSPs can play an essential role in private network deployments as they, too, can deploy private networks utilizing their licensed or unlicensed spectrum. This is creating new enterprise opportunities which were previously not available to CSPs.
Use Cases for Private Networks
Private networks can be leveraged to address a wide range of use cases across industries, enabling product innovations, operational efficiencies, and enhanced user experiences. These networks are well suited for use cases that require reliable, high-bandwidth, low-latency, secure communications with local data processing capabilities. Independence from public networks ensures more control, predictable performance, and security.
In manufacturing, for example, private networks enable shop-floor factory automation to check product quality in real time by leveraging camera analytics, AI/ML, and automations. Similarly, in retail, private networks enable retailers to deploy virtual mirrors for in-store customers to provide interactive augmented reality (AR) experiences by leveraging high-bandwidth connections and low latency.
Although the underlying building blocks of the private network remain the same, different components of the network can be dimensioned accordingly based on use cases and industry requirements.
Deloitte and AWS Solution Overview
Deloitte and AWS have jointly developed a private network solution to support next-generation connectivity needs across multiple industries. Our private network is designed as a cloud-native, modular solution based on components from various leading network solutions providers deployed on the AWS Cloud infrastructure.
The solution is built on AWS to host virtual network functions (VNFs) that allow high availability, redundancy, and robust security. The architecture leverages AWS Outposts as the edge solution that can connect with the AWS Region over a high-bandwidth AWS Direct Connect link using public virtual interface (VIF) or by utilizing AWS VPN connection.
Network functions that are more prone to latency can be hosted on the edge, while management functions and other less latency-sensitive VNFs can reside in the Region. This extends a virtual private cloud (VPC) from the AWS Region to a customer’s edge location, thus allowing VNFs to communicate over private links.
Deloitte offers acceleration tools to design and dimension infrastructure for the access network, edge zone and cloud region. It enables designed infrastructure to be deployed using an infrastructure as code (IaC) plugin. Other AWS services, including but not limited to AWS CloudFormation, AWS CodePipeline, and AWS CodeDeploy can be used to enable critical features such as continuous integration/continuous delivery (CI/CD) automation.
The architecture below shows AWS Outposts as the edge solution, while AWS products such as AWS Wavelength and AWS Snow Family devices can be leveraged to support different configurations and use cases.
Figure 1 – Private 4G/5G on AWS, Deloitte Private Networks Lab Houston.
This solution supports key benefits such as enhanced mobile broadband (eMBB), ultra-reliable low latency communications (URLLC), and massive machine type communications (mMTC) that underpin most of the use cases.
Here are some of the salient features of the solution:
For stand-alone private network deployments, our solution is currently designed to leverage the CBRS spectrum on both Priority Access License (PAL) and General Authorized Access (GAA) tiers.
Although support for private 4G in this spectrum is available today, private 5G network support is expected to become available in the next few quarters. Given the inherent flexibility of the architecture, the solution also supports configurations which can leverage licensed spectrum to deliver 4G and 5G connectivity for private networks in low, mid, and high-band deployments.
Radio Access Network (RAN)
We offer options from multiple RAN vendors as part of our solution. These include open and virtualized solutions based on specifications such as O-RAN.
The radio access network supports different “splits” as defined by the O-RAN alliance, which either co-locates or distributes the Radio Unit (RU), Distribution Unit (DU), and the Centralized Unit (CU) and connects them through standardized interfaces.
The DU and CU may be deployed on AWS edge hardware such as Outposts or Snow Family devices. These components could also be deployed on Commercial Off-the-Shelf (COTS) hardware based on deployment needs in specific scenarios.
The private network solution supports core network functions from multiple vendors. These core network components are deployed as virtual machines or container images on AWS infrastructure. Both Non-Stand Alone (NSA) and Stand Alone (SA) core options are supported in our solution.
Depending on the network architecture, these core network components can be deployed either in AWS Regions, in public edge locations such as Wavelength zones, or on premises via AWS Outposts or Snow Family devices.
A salient feature of the architecture on AWS infrastructure is its ability to support multiple edge options. The architecture supports both on-premises edge options with AWS Outposts and Snow Family appliances, as well as public edge options such as AWS Wavelength.
Network and User Management
Ease of operations is a critical feature for enterprise customers. While enterprises are familiar with managing Wi-Fi-based wireless networks, most organizations have typically never deployed or operated a cellular network.
Our private network’s operations and management components simplify the task of managing a 4G and 5G network and support integration with standard tooling platforms for operational and business-side support.
The solution allows enterprises to deploy a standalone private network that leverages shared spectrum such as CBRS with no participation from a commercial Mobile Network Operator (MNO).
The architecture allows for optional connectivity to MNO networks by using the private network in a “neutral-host” model. This architecture supports network sharing with Multi-Operator Core Network (MOCN), allowing the private network to use either a licensed spectrum that belongs to the MNO or a shared spectrum such as CBRS.
Connectivity to the MNO core network is provided through Internet Protocol Packet Exchange (IpX) according to agreed interoperable service definitions and commercial agreements, as shown in Figure 1 above.
Both Deloitte and AWS have a rich set of ecosystem partners which provide state-of-the-art solutions for different parts of the private network solution. These partners bring extensive experience and innovations across RAN and Core networks.
The solution adheres to Zero Trust security principles to limit communications across components and services unless explicitly permitted. The Zero Trust tenets of NIST 800-207 publication are followed and compliance is ensured.
AI/ML is used for anomaly detection and threat prevention. In addition, the RAN supports all security enhancements enabled by 3GPP, which include masking of user identifiers, encryption of control and user plane data, and integrity protection over the air interface.
Similarly, the Core Network and edge components are protected using industry-leading practices for securing API-enabled platforms.
Private 4G and 5G mobile networks enable businesses to utilize next-generation mobile network technologies for a range of customer use cases.
Mobile private networks deliver wireless network services across enterprise campuses and remote sites with high throughput and low latency connectivity, while allowing businesses to deploy and manage their own wireless networks autonomously.
Deloitte and the AWS Partner Network (APN) community provide key components required to build private mobile networks.
AWS Regions and edge services, such as AWS Outposts and the AWS Snow Family, support carrier-grade core virtual network functions, cloud-native network functions, operations support systems/business support systems, and business applications for carrier-grade enterprise mobile private network deployment.
Deloitte – AWS Partner Spotlight
Deloitte is an AWS Premier Consulting Partner and MSP. Through a network of professionals, industry specialists, and an ecosystem of alliances, they assist clients in turning complex business issues into opportunities for growth, helping organizations transform in the digital era.
*Already worked with Deloitte? Rate the Partner
*To review an AWS Partner, you must be a customer that has worked with them directly on a project.