The Changing World of Service Provider CPE
Recently I spoke on security in Austin at the Big Communications Event, where Verizon announced their uCPE (Universal Customer Premise Equipment) platform. Notably, they are choosing a white box platform from Adva running Openstack on a generic Linux server with a KVM hypervisor. Verizon’s new platform will enable them to deploy the device as a generic piece of NVFi to host any VNF in this generic Linux/KVM/Openstack environment. If successful, this gives Verizon huge flexibility to configure and deploy new services completely remotely via SW and remove one of the major cost drivers of Carriers: deployment and maintenance of CPE.
Many industry analysts, including Michael Howard at IHS (graphic below), are citing virtual CPE as the number one application for NFV, given the large savings using open standard SW to deploy CPE configurations remotely and prevent truck rolls to enterprises to manually configure CPE services.
Many analysts are defining VPN connectivity (SD-WAN or MPLS) and security (firewall, DDoS, anti-malware) as the two most basic VNFs to be deployed in these new uCPE devices. Interestingly, this now combines the two most popular NFV use cases, virtual CPE and service chaining, whereby a Service Provider can deploy a generic Linux server (perhaps even ship directly to a customer) and have the customer power up and connect to the network. Then, the uCPE automatically connects to the orchestration and provisioning systems, auto-downloads the basic configuration SW and downloads the VNFs (let’s say SD-WAN, Firewall and DDoS) automatically based on the service package purchased by the enterprise. The CPE sets up the service chain for the purchased services and then begins to operate. All of this is completed without a truck roll or operations personnel working on site. The future of CPE isn’t here yet, but it’s getting much closer.