Today’s breakout solutions don’t offer granular control over how and where remote IoT application traffic routes. Sending this valuable data to the home network causes delays, exposes traffic to security threats, and lies beyond the direct control of IoT service providers. How can a software-defined distributed edge network help? One method is enabling new levels of control and optimization for distributed edge IoT traffic routing in network.
For all the chat we hear about the importance of IoT applications, it can come as a surprise to discover that data from mobile devices (such as IoT sensors and enterprise assets) typically takes a surprisingly long and convoluted path to get to its destination.
Internet Breakout
If there’s too much latency in that journey, you’re going to see potential effects on your IoT application or service’s overall speed, reliability, and security. The market is also seeing the rise of regulatory challenges in terms of data sovereignty and local regulations that add even more complexity to the mix. Additional problems may also impact efficiency.
Potential speed bumps often arise at what’s referred to as the point of “Internet breakout”. This is defined as the juncture where data traffic transitions from a public mobile network to the public Internet. Many existing Internet breakout solutions lack deep, granular control over how and where remote IoT application traffic is routed.
That’s a serious vulnerability in the overall robustness of your IoT stack. Routing the data — without which an IoT application doesn’t add value — to the home network via the public Internet introduces delays, exposes traffic to security threats, and can’t be directly controlled by IoT service providers.
Without real visibility and the ability to quickly react and optimize your IoT data flow, you’re very much on the back foot. Thus, a way to control traffic at a granular level before it reaches the public Internet is advantageous.
To achieve that, you need to work at the edge. Achieving this allows for the application of control (policies) at the network edge, offering considerable benefits. These include protecting the traffic, optimizing routing, and delivering better performance to the customers you diligently onboarded for your exceptional IoT service.
You’ll also be safer. It’s simply a fact that when it comes to cybersecurity, the weakest link is almost always the public Internet. That statement is somewhat unfair, considering that the Internet was designed to facilitate communication between entities. While this design is ideal for applications like the web, it proves far from optimal and overly cumbersome for most IoT-style devices and applications.
Using the Right Network for the Right Use Cases
Indeed, our aim is to minimize reliance on IoT as much as possible. The highly secure IoT communication we seek is necessary solely between the device and a limited number of systems. The good news is that the basics are there to achieve this. Very handily, the world’s mobile operators connect to a vast global network called the Internetwork Packet Exchange, or IPX.
Essentially, IPX is a “private Internet” separate from the everyday Internet. When mobile devices are in different regions — and especially when they are roaming — calls and messages utilize IPX to transport the data back to the home network, which then forwards it to its destination. What we can do, then, is piggyback off IPX to get what we want here. That’s to say, we can use IPX to avoid the Internet entirely and use this cleaner pathway instead. Doing so will allow a service provider to control the path that this data takes and in one move improve performance, reliability, and security.
Improving Distributed Edge Network Usage for IoT
For some IoT applications, this is even more compelling:
- Where performance is important for example, streaming applications such as security cameras benefit from low and predictable latency
- Where regulatory requirements dictate that the data must remain with a particular region or country. This may include payment terminals or connected health.
- Where secure, controlled connectivity is required into a small number of central systems either hosted or in the public cloud.
- Where devices do not have sophisticated security capabilities of their own or are difficult to configure or control due to their location.
Distributed Edge Networks
However, IPX on its own isn’t the whole solution — we need to add another ingredient. The home network can be geographically distant from the device itself and the data’s destination. This distance may introduce unnecessary “data miles” and make the entire end-to-end process complex and inefficient.
One approach is to use the features of edge to our benefit and create edge “hubs” at strategic points on the global IPX structure. That immediately removes the need to bring the data back to a single, central point. This brings significantly improved performance, including making it easy to bring new connectivity tools like SD-WAN to the mobile edge.
That’s the basis behind the Distributed Edge Network. This new concept employs this kind of edge ideas. These include extensive use of PGWs (Packet Gateways) and Smart Packet Steering platforms worldwide to optimize IoT data application routing.
Utilizing a Distributed Edge Network for IoT in this manner enables routing data from the device directly to the nearest hub on the IPX network and onward to the cloud application without traversing the public Internet at any point. This approach also means your IoT devices will only access the services intended. The devices are out of reach of malicious actors on the Internet.
This hugely improves security, performance, and operational resilience from within the network itself. This is particularly important when the devices themselves might be reasonably unsophisticated, inaccessible, and difficult to manage. One example includes sensors in a big industrial context or a smart city utility scenario.