White Paper

The New DPI: Challenges &

Opportunities In The LTE Era
Prepared by

Graham Finnie
Chief Analyst, Heavy Reading

www.heavyreading.com

On behalf of

January 2011
Executive Summary

Deep Packet Inspection (DPI) has seen rapid growth since its initial appearance in tele-
communications about a decade ago, and in no sector more so in the last two years than
the mobile sector.

Initially, DPI was used primarily in wireline networks, especially cable MSO networks, to
help tackle harmful traffic and security threats, and to throttle or block applications seen
as “bandwidth hogs”. These use cases are still at the heart of what DPI does, but its role
is evolving rapidly in the mobile sector, to such a degree that the term “deep packet in-
spection” looks increasingly outdated. Technical advances along with new applications
and key developments in the standards arena all mean that the broad set of technical
capabilities centered on DPI are certain to play a central role in mobile networks for
many years to come.

Questions remain about exactly how it will be used, and what the right evolution path is
for service providers as they set their strategies. But it is clear that, as mobile broadband
accelerates, and network operators prepare to make the transition to LTE, conventional
DPI is entering a new era-- one which will create opportunities and challenges for net-
work operators and equipment vendors alike.

In this White Paper, we consider some key aspects of this transition, looking at how and
where DPI will be used in LTE networks, how DPI use cases are evolving, and what this
means for some of the stakeholders in the DPI value chain.

In Section One of this paper, we look at the impact of LTE on the use of DPI and related
tedchnologies. Mobile broadband is already transforming the mobile business, but LTE
will complete the transformation, and it will change the way QoS, traffic management,
customer experience and product development are handled. In LTE, policy control is in
effect mandatory, meaning that policy enforcement is an essential requirement—and
that requirement will be met to a large degree by DPI.

In Section Two, we consider the ways in which DPI can be used in this environment to
build up network intelligence. Already, many operators are moving well beyond early use
cases focused on threat and applications management, and we are on the threshold of a
new era in which simple Deep Packet Inspection will broaden into something that might
better be called “Deeper Product Intelligence”. DPI will be deployed for a wider range of
use cases aimed at assuring and improving the performance of individual customer ser-
vices and service packages, and improving customer quality of experience—trends
which undoubtedly will accelerate as LTE is deployed. Section Two examines some of
these emerging use cases in more detail.

In Section Three, we consider the challenges and opportunities when building and dep-
loying DPI. As traffic loads, subscribers and use cases multiply in the broadband and
LTE era, immense strain will be put on DPI, requiring a DPI infrastructure that is more
pervasive, powerful, scalable, and adaptable. This section considers these issues and
their implications, and looks in particular at the “make vs buy” DPI case for different
kinds of stakeholders.

© HEAVY READING | JANUARY 2011 | WHITE PAPER |THE NEW DPI 2

I. LTE And Its Impact
Long Term Evolution (LTE) is one of the biggest changes in the technology environment that
the mobile sector has ever seen.

At the heart of these changes is the Evolved Packet Core (EPC), described in 3GPP’s TS 23.401
and TS 23.402 specifications. Although these describe EPC functions as “enhancements”, in real-
ity EPC completely overhauls the classic GPRS architecture, replacing it with a much flatter all-IP
network that will eventually become a single converged core handling all applications-- including,
importantly, existing telephony services.

From the point of view of this paper, there are three core elements to consider here:

• The Policy & Charging Rules Function (PCRF) is a control-plane element that is used to
provide dynamic control over bandwidth, charging, and network usage.

• The Serving Gateway (S-GW), which terminates the interface from the LTE radio access
and is the local mobility anchor point for inter-eNodeB handovers and inter-3GPP mobili-
ty. Other functions include lawful intercept, and some charging and policy enforcement
functions.

• The Packet Data Network Gateway (PDN-GW or P-GW) terminates the interface from the
S-GW and connects to external packet networks. The P-GW provides the mobility anchor
across non-3GPP access, interacts with the IMS service layer, and is a key node for poli-
cy enforcement.

A key feature of EPC is that it allows bearers to be set up with one of nine standardized quality of
services classes, handling a variety of requirements for packet delay and latency (e.g. for gaming,
conversational voice etc), though individual operators can customize these classes further. The
effect of this model is that the service, charging and biling environment is likely to be more com-
plex than it is in existing 3GPP mobile data networks. Moreover, the policy architecture in LTE is
effectively mandatory as soon as the main voice service is part of the service mix, which means
that for the first time the policy elements in 3GPP will be used by all operators as they move to
the next-generation mobile network architecture.

The policy function is not, however, new. Policy first appeared as a concept in 3GPP Release 5,
around 2004-2005, but only became a core concept in Release 7, completed in 2007. With the
initial LTE specification, contained in Release 8, policy control became in effect mandatory. Fur-
ther enhancements and changes were added in Release 9, finalized in 2010 (though these did
not make any fundamental changes to the policy architecture), and ongoing work in Release 10
(sometimes called LTE-Advanced) and Release 11 will result in further changes. These may have
some policy implications, but are not considered here since Release 10-11 features will likely not
be deployed in networks before 2012.

The overall 3GPP Policy Control & Charging (PCC) logical architecture is shown in simplified
form in Figure 1. This makes clear that the core policy relationship is between the PCRF and the
Policy Charging Enforcement Function (PCEF), accomplished across the Gx interface.

© HEAVY READING | JANUARY 2011 | WHITE PAPER |THE NEW DPI 3

Figure 1: A Simplified View Of The 3GPP PCC Architecture

Source: Heavy Reading

The PCEF is responsible for enforcing policy decisions

decisions passed on to it by the PCRF, and also
passes user and access information to the PCRF to help it make policy decisions. PCC rules for a
particular
ticular service session include packet filters, contained in a so-called
called “Service Data Flow”
(SDF) template, which help the PCEF to identify which packets are part of that session,
session and the
effect of this is that it must examine packets through Layers 4-7—aka aka “DPI”.
“DPI” This is achieved
(again in principle) using both the so-called “5-tuple”
tuple” IP parameters of source and destination IP
addresses, source ce and destination port numbers,
numbers and protocol, as well as other IP header para-
par
meters. This is where DPI begins to play its key role in EPC. Note that so o long as PCC rules have
been pre-defined
defined in the PCEF, the standards allow use of parameters that go beyond the 5-tuple
5
parameters. This may be a requirement
requirement, for example, for applications that originate on the Inter-
net, since the 5-tuple formula
mula will not always be adequate for accurate identification.

Because the EPC specification is designed to allow policy to be deployed across network boun-bou
daries, policy enforcement may also take place in another network, and nd this is handled in the
Bearer Binding
ing and Event Reporting Function ((BBERF), located in a visited network (not shown in
Figure 1).

Policy decisions may also be initiated by the Application Function, which could include (or be
linked to) a DPI detection. For example, the AF might detect that a particular application is being
initiated
itiated (e.g.a video call) and notify the PCRF in order to get a decision on what to do with it. If
the PCRF authorized the call, it would then tell the PCEF what to do when it detects the flow as-
sociated
ciated with this application (e.g. to apply a particular QoS class to it).

The standard does not specify in every respect how and where the policy entities are to be dep-
loyed. The PCRF is usually conceived of as a distinct entity, e.g. a policy server which may be
centralized or distributed
tributed but is currently separate from other LTE functions,
functions though some sys-
tems vendors are now said to be considering integrating it into o other entities,
entiti for example the
Packet Gateway.

However, the PCEF is clearlyarly conceived of in the standard as a part of the P-GW, and this is
where basic filtering to provide different
diff QoS to different services (charging
charging appropriately
a where
necessary via the Gyy or Gz to the Online
nline Charging System (OCS) or Offline Charging System

© HEAVY READING | JANUARY 2011 | WHITE PAPER |THE NEW DPI 4

(OFCS)) will take place. This means that from the point of view of the standard, DPI will primarily
be located in the P-GW, perhaps in the form of a blade, or directly integrated into the equipment,
or co-located with the P-GW but in a separate appliance. It’s important to note that the P-GW is a
gateway to any type of access network, not just 3GPP mobile networks; this is a key feature of
the LTE specification.

One other reason operators tend to prefer DPI integrated with the S/P-GW node (where the
PCEF is expected to reside) is to reduce the risk of complexity that could arise from conflict be-
tween PCRF/PCEF-defined policy and DPI traffic management. This is already the case in 3G
where progressive operators are making RAN scheduling and congestion a part of their policy
decision process, and it will be more so in LTE, since it is an all IP network that must manage
features such as voice call admission control over the radio interface.

As already noted, policy enforcement may also take place in the BBERF, which is typically part of
a Serving Gateway. The Serving Gateway may also, incidentally, be using DPI or something sim-
ilar for lawful enforcement.

It should be noted that some vendors may integrate several of these entities into one unit (e.g S-
GW and P-GW).

DPI may also be associated with or invoked by the Application Function, housed for instance in
an Application Server. In a 3GPP IMS network, this AF would be the Proxy Call Session Control
Function (P-CSCF), which controls voice and related sessions.

Finally, although it is not specifically discussed in the standards, DPI could be deployed in the
RAN as well, specifically in the eNodeB, and there are reference designs and silicon under de-
velopment that enable this. DPI in the base station would allow enforcement close to the custom-
ers where this is needed, improving backhaul efficiency and reducing the load on the EPC.

These various relationships are shown in Figure 2.

DPI may of course be used in an LTE network for purposes that extend well beyond the core
standardized role of policy enforcement. For instance, LTE operators are in our view likely to
make extensive use of DPI for data mining, profiling and analytics, since in the much more com-
plex service environment of an all-IP mobile broadband network, it will be vital to understand and
act on rapidly-changing information about subscriber, application and network behavior, and to
improve “network intelligence”. This is discussed in more detail in Section 2. But from a pure
standards point of view, DPI is foreseen primarily as a means for policy enforcement.

Even though 3GPP standards specify a sophisticated QoS and bearer management model for
LTE, this is complex to fully implement and most networks, at least initially, will use only two
bearer classes: a default bearer for data and a dedicated bearer for voice. Different services,
such as premium video, may be allocated to specific bearer classes later, but it is nevertheless
expected that Internet traffic (i.e. most applications and traffic as we understand them today) will
be assigned to the default bearer. In this case DPI technology will likely be needed to differentiate
and manage Internet traffic within the default bearer, as is the case today. With the higher per-
formance of LTE, so-called “over-the-top” applications will also become more sophisticated,
which in turn may increase the demands on DPI capabilities.

© HEAVY READING | JANUARY 2011 | WHITE PAPER |THE NEW DPI 5

Figure 2: Locating DPI in an LTE Network

Source: Heavy Reading

The bottom line here is that there is a widespread expectation—not

expectation leastt among the operators
themselves—that
that successful transi
transition to LTE will require more control in the network and more
customized
mized service packages and options, something we discuss further in section 2. In order to
do this, they will need to be able to accurately
accurately identify what applications subscribers are running,
on what devices and networks, and then apply appropriate rules to them. And that will require use
of DPI, which, although it is not mentioned by name in the current Release 9 architecture, is the
key dee facto means to enforce policies.

As a result of this, Heavy Reading’s

Reading forecast for DPI (contained in its DPI Tracker Service) envi-
sages a gradual shift away from situating DPI in stand
stand-alone
alone appliances towards DPI integrated
into the P-GW (something allal vendors of P-GWs are now doing) and perhaps other LTE entities.
entities
In the process, DPI will become
come more ubiquitous.

An important conclusion to draw from this brief outline is that the pressure on the DPI engines
and processors will increase massively as LTE
LTE is deployed. Policy enforcement based on DPI will
be applied to more subscribers (ultimately, all subscribers) using more sophisticated devices; to
more sessions per subscriber; to more applications; and in a network environment that is han-
dling far more traffic than it does today.

As a result, the capabilities of any DPI elements used will need to be massively scaled up. This
is likely to strain the capabilities of the technology, arguably more so in integrated P-GW
P imple-
mentations than in dedicated implementations,
implementations, though this is a controversial topic.
topic This is dis-
cussed further in Section 3 of this report.

© HEAVY READING | JANUARY 2011 | WHITE PAPER |THE NEW DPI 6

II. Redefining DPI: From Inspection To Intelligence

In Section One of this paper, we established that DPI will most likely play a much more central
role in LTE networks than in previous generations of mobile networks, primarily because policy
architectures, in which DPI is usually seen as a key underpinning technology, are themselves
central to LTE, but also because LTE will accelerate telco efforts to create personalized service
packages based on a deeper understanding of customer needs. The first generation of DPI was
often deployed to handle a relatively narrow range of tasks focused on identifying applications,
analyzing trends in applications usage, and throttling or blocking traffic from applications that
posed security threats or were deemed to be “bandwidth hogs.” All of these use cases will contin-
ue to be valid in the LTE era: a flat all-IP network requires a control layer that can accurately iden-
tify applications in the network, and DPI will continue to play the primary role here. But as the
transition to mobile broadband moves forward, operators are starting to recognize the much
broader strategic possibilities offered by advanced DPI technologies.

We are, we believe, on the threshold of a new era in which the acronym “DPI” might come to
mean Deeper Product Intelligence, or Deeper Personal Intelligence rather than simple Deep
Packet Inspection. As a result, DPI will be deployed for a wider range of use cases aimed at help-
ing to assure and improve the performance of individual customer services and service packages
and to improve customer quality of experience—a trend which undoubtedly will accelerate as LTE
is deployed. LTE is the first true all-IP mobile broadband environment, with all that this entails for
the potential range of services that are offered. And it is the first in which, at least from a techni-
cal perspective, existing high-value applications like telephony and SMS become simply two ap-
plications among an indefinitely wide range of services that might exist.

This perception is widely shared by network operators, as we have found in recent survey work.
For instance, in a survey looking at operator attitudes to policy management, we found that
whereas previously the focus had all been on traffic congestion and applications management,
the new focus is on understanding individual customer behavior and refining controls to meet
their needs better, as Figure 3 shows.

Figure 3: Subscriber Intelligence and Analytics Is Now Central To Telco Thinking

On a scale of 1 to 5, with 5 being "critically important" and 1 being "not
important at all," please rate the following catalysts in your company's decision
to deploy its policy management infrastructure.

Enable us to apply “fair use” management

techniques

Enable us to offer tiered or customized services

Improve quality and depth of network traffic

and applications reportings

Improve our ability to meter and charge

customers for service features

Enable us to understand subscriber behavior

and create profiles

0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%

Percentage of Respondents

5 (Critical) 4(Important) 3 2 1

Source: Heavy Reading survey of 71 network operators attitudes to and plans for policy management, June
2010. Note: Graphic shows only the 5 highest-scoring catalysts from a list of 17 catalysts that were offered.

© HEAVY READING | JANUARY 2011 | WHITE PAPER |THE NEW DPI 7

In short, the aim of network operators is to create smarter networks that have more network
intelligence and give them a wider range of options to meet customer needs—whether those
customers are consumers, enterprises, media companies or applications developers.

So what does a smart network operator need to do? Among other things:

• Apply yield management techniques to maximize efficient use of resources

• Gain an ever-deeper understanding of what customers are doing, in real time where nec-
essary

• Allow customers to apply their own filters to their broadband services (“charge me only
for this”; “prevent my children doing this,” etc)

• Warn customers about threats/problems, and offer solutions

• Enable users (consumers) to control non-flat-rate expenditure in real time (inform/warn;

deploy real-time device meters; offer alternatives)

• Anticipate customer needs and offer services related to patterns of use (analogous to
targeted Web destination advertising and e-commerce recommendation engines)

• Enable enterprises to direct services and applications at relevant customers (those who
are in a specific location, using a specific device, on a network with these characteristics
etc)

• Enable developers to refine and target services more effectively, based on detailed (ano-
nymized) subscriber behaviour and usage profiling.

In the remainder of this section we look at three use cases which illustrate these principles in
more detail.

Use Case 1: Pro-active Service Optimization Based on Customer Value and Usage
Patterns

Refining service offers in the LTE era means understanding who the most valuable customers
are, understanding what they value, and having the means to improve their experience.

Take, for instance, a platinum tier customer that is also regularly opting in and paying for addi-
tional services. By analyzing information from the DPI engine, the operator knows which services
the customer values—for instance, gaming applications. The operator is alerted when key pa-
rameters—Web page loading and jitter, for instance—fall below a pre-defined threshold due to
congestion, either in real time or historically. When this happens, the customer can be given prior-
ity access to network resources to restore gaming service parameters to acceptable levels.

This is a service idea that is attracting more attention and has been implemented by several op-
erators, although initially the idea usually deployed today is simply to prioritize premium tier cus-
tomers when there is congestion. The use case above takes this one stage further by analyzing
the premium customer’s specific patterns of use and ensuring that valued services meet certain
minimal standards (in particular for packet loss, delay, and jitter).

Other actions that might be taken based on the patterns of use of the premium or valued cus-
tomer:

© HEAVY READING | JANUARY 2011 | WHITE PAPER |THE NEW DPI 8

 • Shift the customer onto an alternative network infrastructure (e.g. to a WiFi network)
when available, in order to improve gaming service performance

• Alert operator when the customer stops using applications of known value, and take ap-
propriate action

• Alert operator to significant changes in the customer’s application use patterns that might
be a trigger for an upgrade offer

• Alert operator when an unknown/new device is utilized by the customer

• Allow the service provider to offer related services from third party partners, based on
patterns of use among similar customers

With suitable adjustments, network operators can apply these principles to a wide range of other
customers. For example, they could identify highly cost-conscious customers with limited service
needs and offer them appropriate service packages that induce loyalty and prevent churn. A
good current example is the 0.facebook.com service that has been deployed by a fair number of
operators in developing countries, offering unlimited access to Facebook within services that oth-
erwise have low data volume limits.

Again, this use case could be more sophisticated than it currently is. Rather than the operator
offering access to a service (Facebook) subjectively identified as valuable to the majority of cus-
tomers, the operator could identify valued services on a subscriber by subscriber basis and (if
cost-justified) offer one of those services on an unlimited (or discounted basis).

Use Case 2: Parental Control & Filtering Dashboard

Parents face an ever-increasing dilemma as they try to control what their children can do while
connected to broadband service networks. As mobile broadband and smartphones spread to
new and younger demographic categories, and more and more smartphone applications emerge,
children are spending more and more of their lives attached to and using the Internet, often while
physically separate from their parents. As a result, parents’ ability to monitor their children’s activi-
ties is becoming increasingly problematic.

This provides a clear opportunity for operators to extend and enhance parental controls (often
associated today with fixed network terminals in the home), using the increasingly granular infor-
mation provided by advanced DPI engines.

Via a simple set of dashboard controls, telcos can:

• Enable parents to customize the filtering out or blocking of undesirable applications and
sites

• Enable parents to limit use of certain services while children are in specific locations (e.g.
school), or at specific times

• Alert parents when a new security threat is detected

• Alert parents to a significant change in usage patterns (analogous to credit card use
checks)

• Alert parents to charging events of any kind

• Alert parents to undesirable content in e.g. emails, IM chat sessions, etc

© HEAVY READING | JANUARY 2011 | WHITE PAPER |THE NEW DPI 9

 • Provide parents with detailed analysis of their children’s Internet usage behavior

Parental control is highly likely to grow as an application, and using DPI to build more sophsti-
cated controls is a clear opportunity for network operators that no other entity in the broadband
value chain is in a position to offer.

Again, this is a use case that could be extended to other areas. For example, one idea that has
attracted attention is to monitor the activities of vulnerable elderly people in order to reduce Inter-
net-borne threats, or specifically to monitor health.

Use Case 3: Analytical Toolset/ Service Refinement for Applications Developers

Nearly all mobile network operators want to create stronger relationships with third party content
owners, application developers and Web site portals. As the “app store” model has prospered,
the operators are trying to revive efforts to build, identify and offer valuable resources and infor-
mation to these potential partners.

The question is, what resources do network operators have that these developers and portals
might value? One source of obvious value is the immense amount of information that operators
collect on the patterns of broadband use of individual customers or aggregated customer groups.
Only network operators have a holistic view of the customer, and by collecting this data they are
in a position to offer a range of analytical tools, both historic and real-time, that help developers
and content owners refine the way services are offered.

Among the questions that the operators can answer:

• How long are customers spending on the partner’s site or app versus comparable sites or
applications?

• What is the overall quality of experience of the partner’s customers (and if poor, how
might it be improved)?

• Where are they using the service or content? On what devices? At what time of day?

• What else do customers do? What do they buy?

• Are there related services and content the partner should be offering?

• Are there related customers or customer groups at whom this service might be targeted?

This information is the starting point for actions of various kinds. These might include prioritized
QoS (especially under congestion conditions) for the partner application; unlimited or uncharged
data usage models, on a shared revenue basis; targeted advertising; automated adaptation to
device or location; and so on.

These use cases show that smarter network operators are in a position to build refined
controls for the broadband network environment that can be used not just by their own
internal product groups, but also by end users, content owners and developers.

© HEAVY READING | JANUARY 2011 | WHITE PAPER |THE NEW DPI 10

III. DPI In The LTE Era: Meeting The Technology Challenge

In this section we will consider the challenges and opportunities when building and deploying ad-
vanced DPI in the mobile broadband network. As traffic loads, applications, subscribers and use
cases all multiply in the broadband and LTE era, it will put immense strain on DPI, requiring a
platform that is more pervasive, powerful, scalable, and adaptable. This section will consider
these issues and their implications, and look in particular at the “make vs buy” DPI case for differ-
ent kinds of stakeholders.

It is clear from Section 1 that there will be a step-change increase in the use of technologies such
as DPI that improve the ability of network operators to analyze the behavior of customers, appli-
cations and networks and offer more refined contols to all actors.

In this emerging environment, a sophisticated ability to examine traffic and content will take tech-
nology far beyond simple DPI. Capabilities here will include

• An up to date view of Internet applications protocol signatures—an area of continual and

accelerating change

• The latest heuristic and behavioral tools for packet flow analysis to identify disguised or
encrypted traffic

• Detailed insight into content (e.g. not just “identify P2P”, but identify specific types of P2P
content in order to filter “good” from “bad” content)

• User/service behavioral analysis to refine the performance of services and service offers

• Ability to extract more information from Web sessions (set-up time, duration, device etc),
sometimes called “metadata”, to improve customer experience, meet legal data retention
requirements, and so on

The DPI engine must also cope with accelerating trends in the broadband networks which re-
inforce each other, creating a powerful multiplier effect:

• More broadband service customers, with ultimately all mobile customers becoming
“broadband” customers

• Greater proportion of customers to whom DPI decisions must be applied—in the LTE era,
in fact, this is likely to mean all customers

• More customers accessing Internet services, generating a need for more intelligent han-
dling of traffic

• More traffic per customer as a result of the transition to LTE

• More applications and services per customer

• More powerful devices with new capabilities such as multi-tasking, HD video handling,
etc

• More policy & DPI decisions/transactions per customer

© HEAVY READING | JANUARY 2011 | WHITE PAPER |THE NEW DPI 11

For all the stakeholders in the market, this will put great pressure on the performance of core
technologies used, and will re-ignite the question of what to outsource and what to keep in-house.

For operators, we believe, this means understanding the whole value chain in DPI and related
technologies, and ensuring that purchasing decisions do not bind the operator to proprietary sys-
tem solutions which close off or limit access to state of the art improvements. Although simple
DPI capabilities will increasingly be built into general purpose network equipment such as gate-
ways, as discussed in Section 1, there are questions to be asked about whether capabilities de-
veloped directly by the major telecommunications equipment manufacturers (TEMs) are fully
adequate to the range of tasks set out in Section 2.

The core business of most TEMs remains the supply of network equipment such as switches,
routers, gateways, RAN gear (e.g. base stations) and so on. TEMs do also usually have capabili-
ties in the control layer, and in general TEMs are putting emphasis on higher layer functionality, in
areas such as billing, subscriber data management, policy management and service delivery.
Many have reasoned that for strategic reasons they need to have in-house development exper-
tise in areas such as policy management (policy servers), and they have built teams or acquired
companies to do this. This includes not just policy servers, but also policy enforcement, including
both integrated and stand-alone DPI.

However, the more distant these developing capabilities are from core telecommunications engi-
neering expertise, and the more challenging the development cycle, the bigger the question as to
whether it makes sense to insource all of this development.

The key questions for TEMs are:

• Is the value of this capability rising for our customers?

• Do we need these capabilities for strategic reasons?
• Is this adjacent to our existing skill-sets?
• Do we have the core skills in-house to add this?
• Is this domain evolving rapidly?
• Will the cost of insourcing exceed the cost of outsourcing?
• Can we easily acquire and retain these capabilities from reliable suppliers?
• Can we easily integrate a third party product into our solution?
• Can we still differentiate ourselves if we buy this capability in from a third party?

As this list suggests, the issues here are somewhat complex. The skill sets of most TEMs clearly
tend to lie in the lower layers of the network, and not in advanced computer processing and soft-
ware. Most TEMs, however, do not want to be confined to these lower layers, and have been
busy increasing their capabilities in some upper layer areas as well for strategic reasons.

However, the increasing tendency in equipment manufacturing to use standardized, modular

hardware platforms such as ATCA with standardized interfaces between modules is a clear indi-
cation of a continuing trend away from proprietary, vertically integrated solutions that include
every capability. ATCA does not mandate the use of third-party software and application-ready
systems, but equipment providers can we believe further reduce time to market and limit devel-
opment costs by taking advantage of these solutions.

This does not mean that TEMs must give up on the idea of creating end to end offers, and on
being the prime contractor in any overall solution; rather it means there has been an increasing
tendency to use best of breed solutions to fill in areas which are not optimal for internal develop-
ment programs.

Another issue here is that network operators tend to be skeptical about TEM claims of expertise
in mainstream IT and software applications areas. For example, in a survey of network operator

© HEAVY READING | JANUARY 2011 | WHITE PAPER |THE NEW DPI 12

purchasing plans in the policy management area, we found that while a majority of respondents
expected to use TEMs as the main suppliers of bandwidth management products, a majority ex-
pected to use specialists for DPI, and only a small proportion expected to use TEMs as suppliers
of “applications & content management” products.

Our sense currently is that there is a trend to make greater use of niche specialists in the DPI and
applications management areas, and we expect this trend to strengthen as the pressure on DPI
engines increases inexorably over the next few years. This does not mean that TEMs will not do
any internal DPI development, but it does mean that they will likely seek partners to fulfill more
advanced capabilities (and in some cases, all capabilities in this area). Outsourcing highly spe-
cialized technical capabilities allows TEMs to focus on overall solutions development and profes-
sional services, areas where they have been very active recently.

In sum TEMs will likely outsource more capabilities to third party niche specialists, for four main
reasons:

• Market and technology development cycles are both speeding up requiring continual up-
grades and shorter release cycles in this area

• There is a requirement for a wider set of capabilities than hitherto to meet overall cus-
tomer goals, demanding more specialized IT skills and straining internal capabilities

• Internal cost and resource constraints are increasing for TEMs as competition intensifies

• The existence of a flourishing supplier ecosystem and standardized approaches to hard-

ware design allow easier integration of third party technologies

© HEAVY READING | JANUARY 2011 | WHITE PAPER |THE NEW DPI 13

 Appendix A: About the Author
GRAHAM FINNIE
CHIEF ANALYST, HEAVY READING

Graham has 20 years experience in the telecommunications sector as an analyst and consultant. He joined
Heavy Reading in September 2004 following a ten-year tenure at the Yankee Group, where he had directed
a European broadband & media research program. He was appointed Chief Analyst at Heavy Reading in
February 2007. As well as setting the overall direction of Heavy Reading’s content, Graham has been re-
sponsible for a wide range of research, focusing primarily on next-generation broadband service and
application architectures. His recent publications include “Re-Inventing the Telco: A Heavy Reading
Progress Report” and “Policy Control & DPI: The New Broadband Imperative.”

© HEAVY READING | JANUARY 2011 | WHITE PAPER |THE NEW DPI 14