Total Telecom Plus
Ian Watt, principal consultant, Ovum (moderator)
Andrew Partridge, senior carrier account manager, TalkTalk Business
Debbie Robinson, director, industry market development and alliance partners, T-Systems
Mike Sapien, principal analyst, enterprise services, Ovum
Peter Tomlinson, sales, marketing and product director, KCom
James Walker, VP, managed network services, Tata Communications
Ian Watt
There are three basic approaches to creating IP-based VPNs: network-based, with the functionality in the provider’s network; equipment-based; and application-based with the functionality provided through applications-specific software tunnels. Developments in technology infrastructure and customer demand raise the issue of the extent to which hybrid solutions, involving a combination of all of those three approaches, are likely to become the new norm as opposed to something that is the domain of bigger companies.
There are a couple of ways to look at that: one is thinking about customer needs and one is thinking about trends in technology. What are your views on any of those?
James Walker
We try to start off with the customer need. Rather than saying the customer’s requirement is a hybrid WAN or an SD-WAN, it’s more interesting to look at the problem that the customer is actually trying to solve. Every customer is unique – they are all snowflakes – and they all need different levels of emphasis on different areas. Certain ones have a range of applications that are incredibly sensitive to underlying network performance, but the amount and quantity of traffic that that drives has a significant effect on the decision that is made in terms of the network.
As a carrier, as soon as a customer makes a decision to buy something that runs entirely over the top of my network and potentially that of others – let’s say an SD-WAN solution or even IPsec – my ability to add value is diminished because the customer’s desire with an SD-WAN solution is to have less to do with the underlying carrier and to be able to manage their lives more efficiently without phoning me up. It doesn’t make sense for me to grab that service again and provide it back to them as a managed service.
So if I accept a world of overlay tunnels and that kind of environment then I accept a world where I am secondary or I am a component of many parts that go to make up the solution. My differentiation from a purely overlay service is that I’m providing infrastructure and I can relate the application behaviour to the infrastructure, whereas if you’re an overlay you’re an overlay.
It’s quite a difficult balance for telcos. We need to think about whether a customer tries to cut us out of the equation and we just become a dumb pipe or if we are actually providing a managed service and providing benefit to the customer in some way.
Watt:
One of the definitions of hybrid VPN is that they’re provided by more than one provider; there’s a sort of multi sourcing going on.
Walker:
It’s something that BT, Tata, T-Systems have been doing for a long time. The customer says ‘I don’t want to have 200 telephone contracts, I just want to have one’ and even though we then have to go out and buy stuff, we wrap all of it together and we take SLA risk, we aggregate it all and we take away the currency uncertainty. There is a valid use case for people who have very disparate networks and a relatively simple application set that it needs to run over them. In retail, for example, they might be using broadband, MPLS, 4G, Uncle Sam’s corner Internet shop, and then they need something that looks standardised over the top of that. That’s a very valid case for SD-WAN. If it’s primarily provided over a carrier or a series of carrier partners, then I find that more difficult as a use case.
Debbie Robinson:
My job is to go and meet the customers, to establish what that customer issue is, as opposed to ‘do you want to buy a network?’, and then look at how you join the dots together around the services that an organisation, like a T-Systems, Deutsche Telekom might have to offer. A lot of the time some of those services or some of those capabilities have actually come from partners. A lot of partnering needs to go on.
In a recent example, the customer was trying – through connectivity – to get closer to their customer and provide a common look and feel and proposition, and also to take the information through that network in order that they could then use some clever analytics to determine what propositions they needed to create in order to support that customer. Connectivity gets a little bit devalued; without it they can’t do anything. At the end of the day without the highway there’s no running.
Andrew Partridge:
It’s the sort of thing that an end user takes for granted until something goes wrong and then you realise the value of it.
Robinson:
Absolutely. It’s about what the customer is trying to achieve from a proposition perspective to their end consumer and the network is a critical component as opposed to just a cheap part of the solution.
Walker:
Internet is an interesting component of hybrid networks as well. TalkTalk and Tata have worked on providing class of service-enabled Internet as a third option between best-effort and corporate-grade private IP networks. That’s another way to look at some of these challenges.
Partridge:
Especially internationally-based, where you might want to access countries where it’s more difficult to get private connectivity.
Peter Tomlinson:
I cringed when I read the topic of today’s conversation because putting "VPN" on the title made me think so 1990s carrier mentality. It suggests a very technology-centric conversation when the truth is, whether it’s at work or my personal life, I consume data. I relate to the job I’m trying to do, I might relate to the application or the device I’m using it on. I don’t give a damn whether I’m on my home WiFi, at the office, on a hybrid VPN or whatever. Abstracting the application from the infrastructure is the direction of travel in terms of how people are thinking about what they’re doing.
Robinson:
The connectivity is absolutely important, [but] in a conversation with a customer it’s about how quick, how ‘on’ I can be in order that I can do the job I want to do or provide the services that I need to provide. It’s about how you paint the vision of what their end customer can do once they’ve got that level of connectivity or that ability to bring information together to create services.
Partridge:
Loyalty now is more to the application and the device, rather than what is underlying it. But the reason that this application or device works in the way that it does is because of the underlying infrastructure.
Tomlinson:
Being ubiquitously connected is now an expectation. That means using every kind of access technology, from mobile, to broadband, to fibre broadband, FTTC, leased lines, whatever. You’re always constrained by picking the right access technology for that user persona at that point in what they’re doing. The majority of data is IP-routed. You use it from a device wherever you are. We can’t put aside Azure, AWS, public cloud hosting; the growth in public crowd hosting and how that ubiquitously makes applications of data available in a way that’s far more agnostic to the network will also drive how customers access that and a move away from a VPN being actually important at all.
Ubiquitous high quality secure fast access is important. The VPN is just a way of securely joining up the bits. But as security becomes more and more embedded within the application and within the IT infrastructure of the organisation, that actually becomes a function of the network to a certain extent.
Walker:
Those that provide the applications are becoming much more concerned about the network actually, so it’s not that you abstract the whole problem away and the application floats over this thing like oil on water.
Take connected cars. If you’re driving a car around and it doesn’t collect whatever data might need to be collected and then you have a blow out on your wheel, you’re not going to phone up Vodafone, you’re going to phone the brand of the vehicle that you purchased. The problem for the brand becomes extending the experience across potentially hundreds of mobile providers. And what if someone drives across a border? How do I maintain the level of security policy, the reliability that I had, particularly when it comes down to life safety?
From the cloud side, Microsoft was very concerned about launching Skype for Business because they were worried that companies’ experience would be moderated by the quality of the Internet connectivity. So they accelerated the introduction of ExpressRoute and now the recommendation for enterprises is to connect privately. This ownership of the experience of the end user even over multiple intervening networks becomes a very complicated issue. Certain customers were gung ho about it, taking an application over the top of the network with lots of different connectivity types, but for whatever reason had issues with that approach and need more control. But then it’s ‘I also have cost constraints so how do I manage all of this and how do I know what the best network to maintain my application quality is?’
For us the entire networking decision becomes an application-driven decision; you have a series of parameters about what you have to achieve with your application. Some are very loose; you can do all kinds of crazy stuff on the network and still the application is fine. Others are much less tolerant to what happens on the network and so there is a much greater degree of control that the application provider wants to exert.
Tomlinson:
Asset ownership is a fundamentally different business model than application development or business solutions. The telco historically embedded the application voice into that access. We’re seeing the disaggregation of asset ownership from the solution or the service delivery or the application. As you see those two things split off, in some ways you get this convergence of software and communications, Skype for Business being the classic example of the stalwart business productivity, Microsoft Office Suite, now becoming a de facto communication tool. That’s a poster boy for convergence of software and communications. But it underlines that convergence is a different business model from asset ownership. It’s attractive to a different class of shareholders, it requires a different mentality and product innovation cycle; building assets takes years, building your applications takes months with quarterly release cycles. It’s a business structure debate: can you be in your DNA an asset owner and a developer of customer experiences?
Robinson:
Ultimately it comes down to what experience and capability you need to provide at the point of an individual consuming that service. An example might be Daisy the cow, where there is some machine-to-machine capability that informs the farmer that Daisy is going to give birth or similar. It is all about the business model, it’s all about becoming efficient, effective, and profitable. Deutsche Telekom is not a mega applications developer; it’s looking at how you use technology and engage with partners to decide if are you building something or buying something. It’s about how a business or individual consumes the service. I don’t know how you break those things apart, but that’s what drives people wanting to do business with you.
Watt:
I’m thinking SDN/NFV. We’re not going to have a technology discussion today but maybe it speaks to that.
Tomlinson:
It does. The abstraction of stuff which used to be moulded into the hardware is really important. There is a whole bunch of network assets that you don’t need to own to be able to control the customer experience and NFV/SDN is exactly that trajectory. You used to have to buy a box and plug it into your network, from firewalls through to B-RASes. That will be abstracted from the infrastructure which will drive an even bigger gulf between infrastructure and asset ownership and customer experience.
Partridge:
The future for network providers is going to be giving control of those assets – that they’ve invested in and they’ve deployed – to customers. Then you don’t need to own the asset yourself because you’ve almost outsourced that to someone else but you can control it. Your interaction with your provider will be completely automated and you’ll have the control over it. And it means that people who previously thought they needed to own those network assets actually don’t need to.
Tomlinson:
And it also allows you to augment what you guys do with what we do, so providing that high-quality, ubiquitous connectivity and letting partners do the customer experience and the application around it.
Being able to take the API stack out of a provider’s network – so for example, you take the API stack out of Microsoft say for Skype for Business, take the API stack out of your network provider and then suddenly you can provide a single view of the performance of the application to your customer – is a great place to be. But it needs to be in that customer’s home environment, it needs to be over their mobile connection, so we need to be able to give that view of how the application is performing in a relatively network-agnostic way.
If that functionality exists in the network it needs to be surfaced up via an API stack that lets you create a uniform customer experience. No provider owns network everywhere it needs to go. Every network is a hybrid, even if it’s a hybrid of a bit of Openreach and a bit of core network, every network is in some way two people’s assets bolted together and aggregated somehow.
Walker:
We’ve been working on a standardisation body to standardise the interface definitions for carrier and cloud APIs. It started with the idea that an enterprise has potentially one or more network service providers and probably 15 cloud service providers providing various services. We ourselves use 13 of them. And then what if they’ve got more than one carrier? So, at the moment it’s me and whatever our developers think is a good API stack, it’s KCom and whatever KCom things is a good stack, and so on. But it doesn’t create competitive differentiation, it actually creates a barrier to us enabling revenue and helping the customer. I don’t want to compete with you guys based on the fact that I’ve locked my customer into a walled garden and they can’t get out of it.
If we can get some of this interoperability issue out of the way so that the way that I report on my network or the way I provision my network is the same as you do, then from an enterprise customer’s point of view it becomes a lot easier. It’s a Utopian aim but we’ve got to start somewhere.
Without it, the integration burden on the enterprise means that you and I don’t get the revenues we wanted and the customer abandons projects because of the size of the integration cost. They don’t end up with ubiquitous services or with anything that can then be properly integrated. And if we fast forward to NFV and say we’re going to take networking functions and put them into clouds, then how does that NFV function signal the network to say ‘I need more capacity or less capacity, or I need a different route, or I need it to be constrained by latency’ or whatever? That interactivity between different domains is a long way away and I worry about it.
Partridge:
It is. And we’re finding more and more API requirements from customers who are looking to do more things automatically. And whilst portals are great, people want to consume the API that sits behind it and they want to be able to do more with it. Making those APIs simple to consume so that they can be brought up quickly is so important.
Mike Sapien:
It’s now getting to the stage where it’s a little more mature and the telcos are looking to the customer to say what exactly they want to do and how to get a better and more developed, flexible, automated approach to APIs. They were fooling themselves five years ago because they just threw out a few APIs without checking with the customers what they wanted to do. Now it’s a lot more mature, and they’re responding to what customers want to do, and going more towards the API and developers versus a fixed portal.
With the onset of SDN/NFV most of the providers today will have to become network system integrators and there are many dimensions of that. James has mentioned interconnecting clouds, others talk about managing other providers, but at a high level the traditional telcos have to become network SIs and figure out what role they want to play to either connect their own network, connect other networks, connect other services or work with other providers to become the value-added network SI. And I think most providers are on some path, at different speeds and at different levels. What type of network SI do you want to be? And what are you integrating and converging.
Partridge:
The danger is to try and do everything, especially for bigger telcos, when actually it’s more important to specialise in what you’re good at, and partner and bring together other experts to come up with the proposition for the end customer. Try to do everything and you’re likely to fail in some really important aspects. We all have to work out where our strengths are. For us it’s the infrastructure we have in the U.K. and the network that we’ve built out, and it isn’t about trying to build our own cloud infrastructure, but we will partner and pull in other people who can provide this type of service to customers.
Robinson:
T-Systems is very focused on the layer that sits on top of the network around cloud, whether it’s private with the German padlock and with safe harbour, or whether it’s in the new Open Cloud that Deutsche Telekom recently announced. It’s focused on ensuring that it can provide a network that supports that multi-cloud capability, but from a network integrator perspective, it’s now how you become the integrator of the services, whether it’s padlocked in Germany or whether it’s a public cloud service, or whether it’s a Microsoft or a Salesforce or an SAP, it’s looking at how you do that orchestration.
Walker:
In the hybrid cloud context we’re starting to get into some interesting discussions about how you manage the paths of data within the network. In Canada, for example, you can’t take personal data of Canadian citizens outside of the Canadian border. That means I’ve got lots of customers that cannot buy an MPLS service in Canada anymore, because every MPLS service provider in Canada has nodes that are south of the border. So, if I’m carrying data that contains private information on Canadian citizens from Montreal to Toronto and something goes wrong in the network, it’s going to route down through New York, across through Chicago and back up. As far as the application is concerned everything is green, but you broke the law.
In dealing with a Swiss bank, for example, they have the next degree of complication. For the last two years what data you can see on Swiss citizens varies on whether it’s being seen within Switzerland or outside Switzerland. If any of us had a Swiss bank account, we could go to Switzerland, we could sit down with our account manager and we could go through a range of details on our account. Then, we fly to New York, and I’m still with the same account manager, but we are only allowed to see a subset of the data even though it’s my data and it’s the same login of the account managers looking after it.
I challenge you to find a single enterprise that can geolocalise its endpoints of people logging in to that degree of accuracy and then filter the data that they are actually able to see. From an application perspective it’s really simple: you log in, you can see X, you can see Y. But you’re talking about where the data is actually going to move when it’s in flight, what path it can take. You’d better have a ton of intelligence that sits in the network, in fact so much intelligence that at the moment we don’t know how to do it with SDN. It’s too much work from a computational perspective to have that level of control over where a bit and a byte go within the network because of the volumes that we carry. These are legislation problems we do not know how to solve. At the moment the solution only seems to exist in the network.
So hybrid networks, to bring us back to where we actually started this point, bring on a lot more complication because it’s no longer a private network; there are other components, there are components that are under the control of third parties, it does run across the Internet, it may or may not be encrypted, and you have to have a whole raft of different rules around how different types of data are prioritised, secured, managed, routed, pathed. It’s complicated and I don’t know whether as telcos we’ve got solutions for that.
Watt:
In future, many different variations of network solutions could be required. One of the big things is wireless. Arguably, the most important devices for your end users are BYOD smartphones, so wireless will be an incredibly important part of the mix. Value-added services on demand will become common, and we’ve touched on SDN/NFV – security is obviously part of that – load balancing, different levels of quality of service.
We haven’t touched much on self-service and user-friendly portals. Application-aware network services are becoming much more common. And then guarantees increasingly based on application performance, which we’ve touched on. And again integrated bundles of workplace productivity services with many providers providing services on an as-a-service basis, and with hybrid services providing business-class performance and load balancing across different network service types. Those are the sorts of things that we at Ovum are looking to in the future. Are there are others that are perhaps not on that list, but spring to mind?
Walker:
The question of where the carrier plays in this is interesting. I can name every carrier that’s been successful with cloud services <silence> I’m done! There may be exceptions within specific country markets, but generally we can say that no telco has developed a WhatsApp or a Skype for Business and achieved the kind of scale that other application developers have. We have to decide where we’re going to invest. How much are we going to invest in the network in order to deliver an application experience, and how much of that are we going to expose to third parties, customers and partners? If that customer or partner wants to extend their capability across multiple carriers how do I make sure that that actually happens? All of those sorts of questions are pretty live at the moment.
Partridge:
The idea that you can invest in an application and try and compete with the over-the-top providers is a mistake and a lot of money has been wasted, especially by big players thinking they can do that. Providing that underlying infrastructure, having the correct interconnection between those networks so that you can provide services and not just in one geography and not just fixed or wireless, is really important.
Walker:
They are just more focused; that is what they do. They’re built up of people who think that way. Telefonica’s put some effort into in and they’ve had some successes with apps and that kind of thing, but it’s really hard for us as telcos.
Watt:
It’s really about the nature of product development. People see a Skype, a Google or a Salesforce but underneath those huge mega global successes there were thousands and thousands of other developers, some of whom were at one point ahead of the ones that won out and they’ve been incinerated.
Tomlinson:
It’s also a mindset as well. A Salesforce has that ecosystem around it which augments what it does. Microsoft has an ecosystem around it. Carriers don’t have – and historically haven’t been very good at partnering and creating – ecosystems around them. And if they’re going to not play in anything other than the asset owner role that’s another thing which they all have to get their heads around.
Microsoft have had two big shifts in the past 18 months, one of which is a mindset one; Satya Nadella came from their partner business so he understands partnering, which previously Microsoft didn’t at the top. Secondly, their stated intent that by this time next year they are going to have 50% of their revenues from annuity-based business rather than perpetual licence or one-off business. Those two fundamental things move you to a more relationship, more ecosystem, more partnering, SaaS-led mindset than Microsoft ever had in the past.
Walker:
There is also a third, which was to say that they are going to look at other platforms, which is part of the open mindset that you talked about. Suddenly you’ve got apps appearing on your iPad with Office.
The openness and cloud-based business becomes really integral, but I still think they end up wanting to control aspects of the customer experience, and they are still trying to get to grips with how that’s going to happen and if it is adversarial with telcos.
Tomlinson:
There has for a long time been an economic disconnect between those that drive demand on the networks and those that foot the capex bills for meeting that demand. An industry levelling has to happen because at the moment there aren’t sufficient incentives in place. The risk of net neutrality is it gives no incentive for content providers to distribute their content on efficient platforms and there is therefore an inherent tension between the means of distribution and the content production. There are some risks inherent in that and that model needs to normalise over time because what you’ve got is disaggregation between the cost of delivery and the cost of supply. It’s not going to be sustainable.
Tomlinson:
Take, for example, what T-Mobile in the US have done in terms of free music. That is in essence a manifestation of the model in which partnerships create a better user experience and better value price point. But that has an inherent tension with net neutrality. I’m not a huge fan of net neutrality. It’s great in principal but it doesn’t actually necessarily drive innovation or drive a better customer experience.
Watt:
It’s a good example of one camp, the applications, not actually understanding how networks work or must work.
We’re talking way beyond hybrid VPN for business! What I’m hearing from this discussion is that the future is hybrid VPN for a variety of reasons, but also it’s to do with the bringing together of two worlds: the applications-oriented industry or the higher levels of the stack, and networks. It’s got to become more hybrid because there is this tension between the two worlds and they both need each other. Although telcos have been often criticised for not understanding applications, in many ways the Tatas the Deutsche Telekoms, the KComs, the TalkTalks understand the Googles of this world better than the Googles understand the network operators. And maybe that’s the next big leap forward.
