The Role of Network Observability in Telco’s Cloud Transformation Journey

Good morning. I'm Dan Muse editor in chief at SDxCentral. And we're joined today by Justin Ryburn, who's field CTO at Kentik. We're gonna talk a little bit about the cloud and telcos, and how telcos are making successful transformations to the cloud. Justin, can you, just take a few minutes and talk about your role? And, and how you see the market overall, and then we can jump into the questions. Sure. Thanks, Dan. Happy to be here today. As you mentioned, my name is Justin Ryburn. I'm Field CTO at Kentik, we're a network observability company, in the role of field CTO where a few hats but, probably the the most relevant to today's conversation. I spent a lot of time out in the field meeting with some of our larger customers, especially our telco customers and, understanding what their what their unique business challenges are and trying to to help kinda shape the the strategy and the vision of where Kentik's product's going to try and, address those needs in the market as much as I possibly can. Well, the cloud in its, you know, many durations over the years has become pretty much a mainstay with enterprises, of course, the telco and service by divided market is much different and the adoption rate has been different and where we are in time is different. Can you just set the stage a bit and kind of tell our audience where the cloud is in terms of, telcos and service providers. Yeah. I mean, I think that, the the adoption rate of cloud is probably maybe been a little bit slower in the, in the telco space, and there's probably a number of reasons for those. One of the one that I hear quite frequently is that a lot of the telco providers had their own data centers that they operated a lot of you know, historically, a lot of the large telco operators had acquired a data center operator, and so they sold that a service, so being able to host their own services in a data center that they owned was more cost effective than migrating them into the public cloud. You know, some of that has changed. Some of the large telco operators have sold off their data center, BUs and and subsidiaries as well as some of the cloud services that they've the cloud service providers are now offering, provide some value that that may not be easy in a in a physical on prem data center to to be able to leverage. And we'll I think we'll talk a little bit more about that today as we go. But I think you know, that's one of the reasons that I think it might have been a little slower to to adopt for telcos, but we're definitely seeing some some interesting use cases and some some changes in the way that the telcos are operating when it comes to how they're adopting cloud native architectures. Then, you know, of course, the cloud is no longer really just the cloud. It's multi cloud. And hybrid clouds, containers, varying various data architectures. So how can telcos or enterprises that matter, but telcos specifically, how could they gain better visibility into this, sort of why why they disperse cloud environments. Yeah. I think that's one of the key challenges that we hear from customers. Right? When they had all of their applications running in their on prem data center. They had pretty good, you know, network. They had pretty good visibility into traffic into what was going on with those applications. Those type of architectures have been around so long. There are a number of vendors that provide commercial products that can help with that as well as a lot of, you know, open source and homegrown tools that companies have built and and adopted over the years, that all changes when you migrate those applications into the cloud. Right? The cloud providers have a very different set of, data sources that they provide, a very different set of of pooling that exist. There are now some So newer vendors and some newer open source projects that exist for looking at cloud architectures and and microservices applications that are running in cloud but then you wind up with two different solutions that you gotta go to. So if you're operating in a in a multi cloud or hybrid cloud environment where you're across multiple clouds or you have part of your workload running in your data center and part of it running in cloud, you have to pivot between, you know, your old product that you might your legacy product, maybe we say that you had running in your data center that looked after those applications and then log in to the cloud providers. Tool that gives them gives you visibility into how your containers or your your microservices in the public cloud are operating. And so what we find a lot of the companies, whether telcos or enterprises that are that are migrating applications to the cloud, they really need this, single pane of glass, if you will, one platform that can give them visibility into the the the application traffic no matter where it lives. And, you know, that's I think the the biggest challenge that we see from a lot of our customers. And of course, with with any, you know, technology ROI and efficiency is is is key. And on the enterprise side, particular, We're seeing, actually, some companies pulling back and, repatriating some of their applications and data due to both rising cloud costs and and lower lower hardware costs these days. How can telcos, you know, sort of ensure their the ROI and cost efficiency when it comes to moving to the cloud. Yeah. That's an interesting trend. And, you know, a lot of companies that I talk to. There's various reasons for that, but I would say that the the trend that I see in those conversations is that a lot of the enterprises, moved out of their on prem data center, moved everything to the cloud because operation of that data center was very expensive. Right? That wasn't the core part of their business model. They had a data center because they, you know, historically had needed some place to host that computer. There were no other options before the cloud became a trend before, you know, public cloud providers, came to be. And so they didn't save money on on some level by shutting down the data center not having to operate that not having to continue to maintain it to to grow it and build it as the applications, you know, sprawl, became reality. But now they're realizing if they did lift and shift a lot of those legacy applications and didn't refactor that code to make it cloud native to be able to leverage those cloud services, that it's very expensive. To run an application that's always on and as, you know, as as a virtual machine in the public cloud and processing large volumes of data, that's really expensive. And so we're seeing a lot of enterprises that are, you know, a lot of buying, like, data center space from a data center provider. So they're getting a cage and they're putting in their own equipment, or they're getting a bare metal offering from data center operator because they have these always on, virtual machines that don't lend themselves very well to being microservices based without a lot of r and d investment, that's where I think you're seeing a lot of your repatriation. And I don't know, you know, whether telcos are gonna find that they have those type of applications in their stack, but I think that's the type of investigation that would need to be done, as they develop a a strategy you know, maybe, applications that lend themselves well to more of a microservices, approach and can be easily refactored to to leverage the cloud native architectures and and migrate those into into the cloud. Those are, you know, good candidates for moving to the cloud and others that might be, you know, older monolithic applications that would take a lot of work to rewrite and to make them cloud native. Maybe those are good, candidates for either staying in a data center, if they're gonna continue to operate a data center, or getting some bare metal or or leasing a cage somewhere and getting their own compute and migrating those to, you know, so they may wanna have a dual strategy, I guess, is maybe the summary of what I'm saying here. And I guess as a quick follow-up. So I imagine it's more expensive if you move to the cloud and then try to bullet back versus due to egress fees and things like that versus having a strategy out of the gate to to decide where you could've what would go in the cloud before you actually make the move? Oh, yeah, for sure. That's, one of the number one use case that we see a lot of our customers coming to to us for and what what they wind up finding is, you know, the, obviously, migrations to the cloud take time. You're not gonna migrate everything overnight. So you wind up migrating some applications in each change window to the cloud, and the the the team will go to the the application team that wrote that application, then they'll ask them question. Okay. We're about to migrate this application. What all does that application talk to? Right. What database is it pulling from? What other app applications, does it make an, you know, an API call to? Most of the time, the application teams don't know the answer to that question because they never really needed to know answer that question. When they wrote that application, everything was in the data center. And as long as they could get, you know, IP connectivity to it, they didn't need to to know the answer to that question. So they didn't really map that out. They didn't document it. And so if they if that's not thought out and that's not planned out. If you move that application and then you find out later, oh, by the way, it's making large volumes of you know, data transfers to a database that we didn't migrate. Now we have this huge egress cost because the application that migrated to the public cloud is sending data outbound out of the public cloud back into our on prem data center. And again, you know, having a a platform, a solution that can show you what your on prem applications are talking to, what those flows look like, will help with planning what gets migrated when and moving those stacks together that they're operating in the same clouds. You can keep that traffic in the same cloud environment and reduce your cost when it comes to that. So another thing that I'm sure you're seeing and because we're seeing is that more telcos and enterprises are building open, interoperable, vendor agnostic systems layering and contain a technology like Kubernetes, especially, involving five g and Openman. Because it's, I imagine I've never done it, but I imagine it's a complex operation. What advice do you have for telcos that are, that are making that move? Yeah. I mean, like you said, Dan, this is definitely a very, complicated area, and it's interesting because, you know, we've been working with enterprises for quite a while that have been leveraging, Kubernetes and, I sort of expected this to be, again, similar to cloud, something that this the the telcos would be a little slower to adopt that maybe they're not might not be, a big need driving adoption for this among telco and and service providers. And I was actually interested the last couple of years attending the big Kubernetes conference, what's called Kubernetes conference, what's called Kubernetes telcos I actually ran into and talked to that are actually adopting, Kubernetes architectures. A lot of those are for OSF and and BSS kinda back end systems that their, you know, their IT department has historically hosted in a data center and their rewriting and modernizing those anyway to be containerized. And if they're gonna be containerized, they might as well, you know, make them or orchestrated with Kubernetes, whether that's an on prem private Kubernetes cluster that they're building or that's, you know, leveraging a cloud providers, Kubernetes offering and and doing it that way. So, you know, that was an interesting, trend. And then, the other trend that I that I uncovered was, you know, a lot of the newer five g architecture specifically Open Ren are designed for all of the network functions that are part of that architecture to be containerized and to be orchestrated, you know, using Kubernetes or something along something similar to Kubernetes. So, you know, as we start to see more five g adoption as an industry, I think start to see, you know, a lot more adoption of Kubernetes among telcos. As you said, a lot of the what's driving that is the, desire to be inter enrollable and vendor agnostic to try and bring some of the cost to deploy, wireless architectures down, historically it's been a pretty closed ecosystem when it came to, you know, LTE and four g and some of the previous architectures of wireless. A lot of the service riders would turn to one vendor. And, of course, then the vendor gets to set their price on what they're gonna charge you to to do your rollout for you. So I think there's a lot of appetite among, especially the wireless telcos to be able to to be a little more agnostic and not have vendor locking in a lot of these As far as advice, I think just, you know, one of the challenges that I hear from a lot of telecoms is understanding the network traffic. So Kubernetes does a pretty good job of giving you metrics around CPU and memory utilization of each what they call pods that are running in your in your cluster. But one thing that, it's lacking a little bit is understanding how much network you have coming in and out of each one of your pods. And then when you hit a bottleneck on that amount of traffic, you need to spin up another pod. So, you know, the Kubernetes is designed around this concept of elastic, infrastructure. So if you run out of, compute resources, CPU, and memory, it'll automatically scale up your environment and launch more pods. There's not really a good way to do that based on network utilization and hitting a a limit on the amount of network bandwidth that a thorough put that a given pod has. And so that's a thing that, challenge that I think a lot of the telecommunications companies are gonna need to think about as they adopt Kubernetes is how do we come up with a strategy on how we make our our, pods scale up when we are running into network bandwidth and network constraints. And we kinda touched on Openman a little bit, but any conversation around, you know, interoperability and vendor agnostic environments certainly involves OpenRAND. Can you, for our audience, talk a little bit about OpenRAN and why it's so important to, telco's, probably maybe more in the future than currently, but but certainly why it's so important. Yeah. I mean, I think, you know, from what I hear when I when I talk to customers, the probably the number one reason that Open Rand is so interesting to them. Have the new the new providers that are greenfield, you know, that have bought spectrum, and are building a brand new five g network. That obviously Open Rand is obviously really interesting to them because they, you know, they're they're taking a more modern approach. They get to start from, you know, from a green field and and start from scratch. And so having, you know, an architecture that's already ready to go that they can roll out is obviously interesting to them. I think for the providers who are migrating from a previous generation from a four g or an LTE type of architecture to a five g, Really, the reason that they're excited behind Open Rand, and we're seeing start starting to see a lot more traction there, it goes back to our our conversation earlier about interoperability in vendor agnostic allowing, you know, it makes the vendors compete on price. So it makes it a little more flexible for them. It also allows you to to scale up and scale down. Right? So again, like I mentioned, Kubernetes is designed around this concept of elastic, infrastructure you know, one of the things that wireless has always, struggled with, I think, or one of the challenges that wireless has always had What do you do when you have all of a sudden a huge spike in the number of devices registering to a given cell tower? Right? So, for example, if there's a a concert going on or there's a parade going on in an additional five thousand, ten thousand, you know, hundred thousand scribers, are on a given tower. How do you scale up to that? And, you know, being able to take a you know, a Kubernetes approach to that type of thing makes a lot of sense. Right? Because you don't wanna build out your wireless infrastructure to be able to handle that type of event, twenty four hours a day, seven days a week, you know, three hundred fifty five days a year when that you know, that concert, that parade, whatever that event is that's driving that traffic is probably gonna be a short lived, you know, multi hour type of thing. So Kubernetes makes a lot of sense in that particular, and and Open Rand makes a lot of sense in that environment because it makes it easier to scale up, deal with the traffic while it's high, and then scale it back down and save the money once that it once that event concludes. And so I think those are some of the things that I hear that, that the the telco companies are really excited about what open potentially bring for them. And I, like you said, I think we're still pretty early days. I think it'll be interesting to see some of it may be hype that doesn't become reality. I think some of it will definitely drive some changes in how, how the telecommunication companies roll out their their wireless infrastructure. Next question, there may be more than one question here. So I apologize. I seem like I'd have left a couple in, but, So in terms of, security, which, of course, everyone's concerned about, open environments do bring, inherent risk with them. So how can, service providers, Intelco's, manage that risk and and help mitigate it? And then also the trend of, I think this is for the second part of the question, is network teams and security teams, come together what challenges is that providing for telcos? And certainly on the enterprise side, SaaS is the the acronym of the day is Sassy relevant to the telco industry as well. Yeah. So like you said, Dan, there's a lot to unpack there. So let's start with the, the open ecosystem and, this inherent security risk that that that brings. You know, I think there's this is a a double edged sword kinda thing wherein, Yes. Having open ecosystems could potentially bring more security risks. But having, a little more transparency and being able to see what's actually, you know, being able to see the code, being able to see what's going on, be able to run security scans against the code, you know, additionally actually brings more security. You got more people that are able to run security scans against it, uncover problems with it, submit issues back to the, you know, upstream to the to the maintainers of that code. So, you know, I actually think you know, open run and some of these, more open interoperable, vendor agnostic type of architectures may actually over time, be more secure than turning to a to a single vendor or a small handful of vendors that may or may not have good security practices in the way that they develop that code, So it time will tell, but I think, you know, if we go and look at other, you know, areas of IT where, you know, large adoptions of open source type of software has been adopted. There are some inherent benefits to being, you know, to adopting open source and and having more people checking that code and running security scans against that code and so forth. But for sure, it's something that, best practices are gonna need to be developed in how you deploy this, how you secure these containers that you're deploying in Kubernetes as part of the Open Rand architecture, you know, I think we're still a a little early as we start to see more adoption. We start to see as few few security answers, we're gonna learn some lessons as an industry about what best practices look like and best practice frameworks. I think we'll get more mature and how we wanna handle those, how we wanna secure those workloads to make sure we're not exposing our our customers to to security incidences. On the topic of network and security teams converging. You know, that's an interesting one. We're starting to see more and more of that, for sure on the enterprise side where, the the the tooling that each team uses, there's becoming more sharing of of that of that of that tooling and that data and that information, a lot historically, a lot of the network teams, you know, looked at SNMP data, they looked at Netflow data. They were using, you know, tools that kinda helped them build and operate the network, and then the security teams had security incidents, products, and sims, and all these things that looked at logs and other types of data, and there was not a lot of convergence between the two datas. We're seeing it can take for sure when we talk to a lot of our customers that the teams are starting to share a lot of their data and and work a lot more closely. And I think you know, back to the conversation we're just having about the inherent security, potential security risk with Open Rand. We'll see more of that as lot of the wireless providers start to roll out open, Open Rand and five g architectures, there's gonna need to be more tight collaboration between the network and security teams. As far as, Sassy and the impact that's gonna have, I think that's still a little bit TBD for sure. You know, we're seeing a lot of the enterprises adopting those technologies and wanting to see more flexibility in how they buy and provision and operate, their their WAN environments. With security baked right in, as opposed to having to to buy an appliance and and secure it. They want sort of a zero trust if you wanna use that term or you know, sort of a security first, approach to how they build and and operate their their enterprise wands. And I think that'll be, another interesting trying to kinda keep an eye on? Well, of course, no conversation about technology would be complete without a question about AI. And it it seems, you know, we can look at it always, and I'd love to get your your take on how you see it. But it seems like with AI, there's the automation, machine learning, sort of efficiency side of things, which may be a little more, contemporary. And then there's GenAI and what could be done with that. Can you talk a little bit about sort of, I guess, where you see AI sort of in practice today and where you see it going in in the in the near future? Yeah. I mean, Dan, I think as you're you're eluding there, there's definitely a lot of hype around AI. And I think for good reason, though, I mean, and, you know, we're still very early days. I kinda liken this to a little bit of SDN maybe ten years ago where everybody was talking about it, and I don't think hardly anybody knew what it meant. But, you know, fast forwarding to today, there are, you know, SD WAN, architectures that exist that are very tangible or very real. They're definitely, you know, some other applications of software defined networking that exists. I think AI is the same way. Where, you know, there's a lot of hype, there's a lot of talk. It shows a lot of promise. The actual tangible use cases are maybe minimal compared to where it will be, you know, maybe ten years from now, maybe less but as far as the tangible use cases today, we've seen a lot of customers that are now applying AI to separating the signal from the noise. So, you know, one of the challenges that that I always had as a network operator was for our teams was how do we figure out of all these alarms and alerts that we have coming into our operation center, whether that's a knock or a sock which ones are actually actionable versus which ones could be easily ignored because they have little to no impact to our to our users. It's not actually a security incident. It's not actually an outage or a degradation of service. And I think, you know, there's been a lot of approaches to that over the years. Some have worked better than others, but I think this is an area where machine learning and some of the technologies behind a, I could really help us separate the signal from the noise and try and reduce a lot of that alert fatigue. So I think that'll be a really interesting area to keep an eye on is how, you know, how more how much more efficient can we get by you know, running a lot of these alerts through through a learning algorithm that can separate. Yes. This one is actually I actually need to do something about it. And, well, this one's actually correlated to something I already know about and have already taken, taken a look at. I think, you know, a lot of the large language models will make being able to to do queries against network data, really interesting. That's an area that, that our company is investing heavily and is trying to figure out how to make it easier to approach querying data by using natural language. You know, being able to use ask a digital assistant, you know, hey, how's my network performing today? Which you know, we're still a little early, but, you know, there is some technology that that makes that that future real, to be able to get an answer to that type of a question. Get get the data back behind it. So I think that'll be an interesting area. And I think the other one, you know, I've been spending a lot of time researching and and and talking to folks about closed loop network automation. And this is another area where I think AI will will really benefit us as being able to get network observability data fed back in automation platforms in a closed loop and and apply some intelligence in the way of AI and generative AI to doing a a better job of being able to figure out, hey, I had this, spike in traffic. That's a security incident. Let's shut that down. Then let's check to make sure that the traffic actually dropped off and doing a whole closed loop there. You know, I think there's there's a lot of lot of development that's gonna take place in that area. So, Justin, one one last question, before we wrap up wrap up today. Course, the hyperscalers are are are huge and and dominant with, you know, Microsoft AWS and and Google, taking the lead. Can you talk a little bit about, telcos and and what that, architecture means to them? There's an interesting trend where, especially like the, the hyperscalers that are, you know, also operate a cloud, right, are building, Kubernetes, I'll call microclusters that they could push closer to the edge. Right? So as we start see more five g adoption, we start to see more and more of the the internet traffic being originated over a mobile device and more of the open run and five g architectures being containerized workloads, being able to migrate those workloads closer to the handset closer to those mobile devices, I think, is gonna be a a really interesting trend. And so, you know, a lot of the cloud service providers are building Kubernetes containerized, our infrastructure that can be pushed out closer to the cell phone tower. I don't know if it will quite get out to the tower in the field, but definitely getting closer out into that mobile backhaul and being able to place, those those workloads closer to where the the tower is closer to where the devices is is definitely something that the cloud service riders are investing heavily. And I think that'll definitely, be a trend we'll see if five g gets more an option. Well, thanks for joining us, Justin. I know I learned a lot, and I'm sure our audience learned a lot as well. Any any parting thoughts for the SDX readers? No. I don't think so. Dan appreciate you having me if, any He has questions, comments, anything that they'd, like to continue this conversation. They can find me on social media. I'm on both LinkedIn and Twitter. Justin Ryburn. Last name is spelled r y b u r n. Again, thanks for having me today, Dan. K. Thanks, Justin.