5G for Enterprise Networking

Enterprise networking refers to the set of physical and virtual equipment, resources, and services that are used to provide required connectivity services among users, information systems, applications, cloud, and the internet in a specific business or mission-oriented environment. Enterprise networks are used across various environments, including corporate offices, utilities, manufacturing, healthcare, retail, and public safety.

A typical example of enterprise networking in the context of a corporate environment is shown in Figure 1. The enterprise Local Area Network (LAN) segment provides connectivity within corporate locations, and the Wide Area Network (WAN) segment interconnects various corporate locations, data centers, Internet, remote workers, applications, and services together.

Enterprise networking is continuously reshaped through technological evolution and new demands. Efficient networking and security technologies like Secure Access Service Edge (SASE)¹ drive technological evolution. SASE combines networking and security functions so that users, devices, and applications can securely connect to remote services relying on the integrated security functions. The demands come primarily from digital transformation, decentralized applications, mobile enterprise devices, working remotely, and advanced security threats/measures. In general, the digital transformation of enterprises is changing the overall enterprise networking landscape in several ways. For example:

• blurring the border between enterprise LAN and WAN, turning the LAN into a dynamic network topology with mobile endpoints over the internet,
• convergence of connectivity, cloud, and security,
• public internet becoming the main technology for interconnecting enterprise endpoints,
• wireless technologies becoming the main mode of connectivity in the enterprise domain,
• 3GPP cellular network technologies gaining more relevance in the enterprise domain,
• traditional enterprise security frameworks based on network perimeter losing their relevance

These developments have resulted in a new set of requirements, which are not precisely addressed by traditional enterprise networking solutions. With the introduction of 5G, mobile networking technology can effectively cater to the needs of enterprises. This includes both enterprise connectivity via services provided by Communications Service Provider(CSP) networks, and private cellular networks, also known as non-public networks (NPNs²), for the WAN and LAN components, respectively.

In this paper, we provide an overview of how 5G technology can be used to provide end-to- end connectivity solutions to enterprises, and we specifically investigate WAN enterprise networking. Our paper also sheds light on how CSPs can utilize their cellular network infrastructure to offer enterprise networking services fulfilling the evolving requirements of enterprises. In doing so, we elaborate on challenges related to integrating advanced enterprise networking solutions into the CSP networks and discuss viable solutions to those challenges.

Before we get into the role of 5G in enterprise networking, let us look at the enterprise networking requirements. The enterprise networking domains include corporate offices, utilities, manufacturing, healthcare, retail, public safety, etc., where many generic as well as domain-specific applications are used. This results in a multi-dimensional set of networking requirements. Enterprise networking requirements can be broadly divided into two groups based on the corresponding applications in various enterprise domains.

Generic requirements

These requirements are common across all or a large group of enterprise domains. Examples of such needs include:

• Advanced connectivity services fulfilling certain quality of service (QoS) and quality of experience (QoE),
• Application and network security and privacy,
• Need for private connectivity among geographically distributed locations of a given enterprise,
• Advanced traffic routing functions,
• End-points mobility

Depending on specific usage scenarios, an enterprise network should be able to efficiently support various combinations of these needs, where each of which could have a different quantity or intensity. To understand the importance and complexity of this group of requirements, it is worth highlighting that even deploying the same application within two different enterprise domains could result in two different sets of networking requirements. For instance, consider extensively used enterprise communication and collaboration tools. These tools are typically based on multi-session and multi-connection applications. Deploying these applications in fixed wireless access points in branch offices, hospitals, and retail locations results in a different set of requirements, in terms of connectivity pattern, QoS, security and privacy, and mobility supports compared to deploying the same application on a mobile gateway, for instance., on connected ambulances or police cars. The same holds for eXtended Reality (XR) applications deployed in enterprise scenarios³.

When it comes to the QoE of various enterprise applications, the requirement for enterprise networking goes beyond just supporting the application’s needs. QoE describes the perceived service quality by the consumer of a service, which in the context of this paper is an enterprise. Examples of QoE metrics include video resolution and frames per second for video applications. On the other hand, the QoE that an enterprise user perceives when running an application depends on the quality of the device connection’s service in the CSP network, which is a vital component of QoS. Therefore, an enterprise network provider (that is a CSP) should expose different connectivity services and their characteristics to the enterprise with the correct set of details. Additionally, a mechanism should exist to create a link between QoE at the enterprise edge and the QoS as provided by the network.

Now let us look at the advanced traffic routing requirement, which among other things relates to the operation models of enterprise applications. There are primarily two operation models for enterprise applications: Software as a Service (SaaS) model and conventional non-SaaS. These two models have different requirements for the network. In the non-SaaS model, where applications are typically deployed in enterprise on-premises data centers, it is critical to route or break out the traffic near the location of the application server. This helps in reducing application latency, especially for time-sensitive applications in manufacturing or critical emergency services. On the other hand, in a SaaS environment, where the cloud point of presence (PoP) location for the corresponding SaaS application directly influences the latency of the application, the breakout can be configured in collaboration with the application service provider (ASP). This could significantly impact cloud-based applications such as productivity SaaS, security SaaS, and communication SaaS. Therefore, the enterprise network should provide a mechanism to route traffic based on the location of the device in the network.

Domain-specific requirements

In many enterprise domains such as industrial environments or healthcare, domain-specific applications are used for enterprise networks. For instance, in some IoT scenarios, end devices have low power and complexity, and therefore there is a need for the enterprise network to support these features adequately⁴.

Other examples of domain-specific requirements are application and network security and privacy in specific scenarios. For instance, hospitals are required to handle patients’ data as privacy-sensitive data and manufacturing companies handle their operational data with varying confidentiality levels. To fulfill these needs, the ability to transmit the data outside of the network by enterprise network users should be limited - so as not to expose the networks to external attacks or disclose sensitive data to leak outside of the enterprise. The network should also be protected from the ability to download malware that can overwhelm the network.

Now let us look at what 5G-centric enterprise networking looks like. Figure 3 depicts the end-to-end enterprise connectivity system architecture, which leverages the features and capabilities of the 5G network to address the enterprise requirements. There are multiple stakeholders involved here namely CSP, enterprise customers, application developers, ASPs, and aggregators.

In the application developer ecosystem, developers create applications for different enterprise domains, where the applications have well-defined characteristics that lead to specific QoS requirements on the connectivity service. These applications are then offered to enterprises through ASPs. The application policies are also communicated by ASPs to the network. Since ASPs forge relationships with multiple CSPs, aggregators often facilitate those relationships and scenarios that span across multiple CSPs.

Now let us zoom into the system architecture of Figure 3. A key aspect of the architecture is the integration between the enterprise network and the enterprise connectivity services of the CSP. The integration should enable the enterprise to efficiently use the connectivity services provided by the CSP in line with the enterprise requirements and policy, while also allowing the CSP to maintain control over their networking resources and continuously optimize the offered connectivity services. This requires an orchestration functionality to create a convergence between enterprise connectivity policies and the network policies of the cellular network service provider. The realization of this orchestration function, which we term enterprise connectivity controller (ECC), is a crucial building block of the 5G-centric enterprise networks.

The ECC is a centralized management-plane function that takes two major sets of inputs. The first set is provided by the enterprise IT admin and includes enterprise connectivity requirements and policies. The second input set comes from the 5G network and includes information about the wireless WAN connectivity services and their characteristics such as network slices and supported QoS levels, which are available to the enterprise user. To get the latter, the ECC uses a loose integration with the 5G network and relies on 5G network service exposure APIs. Another alternative would involve using UE Route Selection Policy (URSP)⁸ to control the setup of the Packet Data Unit (PDU) sessions. However, this approach would be limited to a 5G standalone solution only and would create a stronger dependency between the device vendor and the CSP, since it requires a specific ruleset to control the PDU sessions.

The ECC then uses the received information sets to manage the functionality of enterprise edge routers also known as customer premises equipment (CPE). This specifies how traffic flows from various applications are mapped to the available network resources/slices, and how to continuously optimize this mapping across various applications and CPEs while considering the actual network performance characteristics.

Having extensive information of the enterprise CPEs and their actual received WAN connectivity service levels, the ECC might combine this data and then provide the aggregated information to the CSP, who can use this information to continuously optimize the offered enterprise connectivity services in a data-driven manner.

We have recently shown a proof-of-concept of the 5G-centric enterprise networking, demonstrating application-based traffic steering into two carrier-defined network slices on its fixed wireless and in-vehicle 5G enterprise networking solutions⁹. The demonstration showed how carriers can create different network slices, each with its own performance characteristics and security rules, to uniquely support the different types of applications businesses rely on.