Cyber security: What will consumers pay for?

More connected lives, more cyber risks

The extent to which people live their lives online today can be summed up in LocaliQ’s internet minute statistics. Nine million searches happen on Google every minute. Facebook is the world’s third most visited website with three billion monthly active users spending 38 minutes per day on the site and clicking on an average of 12 ads per month. 251 million apps are downloaded per day and more than six million people are shopping online every minute with $4,722 spent every second on Amazon.

STL Partners highlighted the growing dominance of Wi-Fi in the home in Consumer Wi-Fi: Faster, smarter and near-impossible to replace, and the operator strategies to improve Wi-Fi experience with smart Wi-Fi apps and partnerships with value add players such as Plume. Connectivity in the home has become even more important since the COVID-19 pandemic as customers took on entertainment subscriptions (TV and gaming) and added smart TVs, cameras, doorbells, lights, and speakers (with voice assistants) to their home. According to Plume, smartphones (including “guest” phones) are the most prevalent devices in the home with an average of six per household. This is followed by computers (2.6 per household), tablets (1.3), smart TVs (1.1) and set-top boxes (1).

The graphic below highlights the growth in smart home IoT devices between the first half of 2021 and 2022 with 55% more cameras, 43% more doorbells, and 25% more smart bulbs as customers invest in making their homes more comfortable and secure. The average number of connected devices across Plume’s customer base of 41 million homes has grown to 17.1 in the first half of 2022 up from 15.5 in the first half of 2021. This figure is likely higher than the average household, as those with more devices are more likely to want a premium smart home Wi-Fi management set-up but is still indicative of growth trends.

Growth in devices between H1 2021 and H1 2022

plume-smart-home-device-in-home

Source: Plume smarthome market report – August 2022

With 40% of EU workers switching to working from home during COVID-19, the take up of digital technology has had a permanent effect on every-day life. IoT devices and digital technologies are projected to increasingly embed themselves in various aspects of our daily lives in coming years. Estimates on the number of connected devices by 2025 have ranged from 25 billion (GSMA) to 42 billion (IDC). The increasing volume and wide range of connected devices of varying hardware and software standards increases the attack surface for malicious actors who can inflict significant emotional and financial damage on consumers, their families and their employers.complex cybersecurity threat landscape

Enter your details below to download an extract of the report

A complex cybersecurity threat landscape

Cybersecurity Ventures – a leading researcher on the global cyber economy and publisher of Cybercrime Magazine – estimates that organisations suffered a ransomware attack every 11 seconds in 2021. It has also forecast that attacks on a consumer or business will happen every two seconds by 2031. It is believed the majority of cybercrimes go underreported by victims due to embarrassment, potential reputational harm and a perception that legal authorities cannot help. Even in a gaming community, a micro payment of less than $1 for a prize or item that doesn’t appear could go unreported due to the low cost of the transaction, but can be very lucrative for cybercriminals should enough games fall victim to the trick.

Cybersecurity Ventures forecasts this rise global cybercrime to inflict damages of $10.5 trillion annually by 2025. The cybersecurity specialists highlight that, if measured as a country, cybercrime would have the third largest GDP after USA and China.

The European Union Agency for Cybersecurity, ENISA, reports on the current cyber threats facing European consumers and businesses. In its latest 2022 threat landscape report (covering July 2021 to June 2022) it identified eight prime threats shown in the graphic below. These include:

  • Ransomware where bad actors take control of an organisation’s or individual’s assets and demand ransom in exchange for return of the assets and confidentiality of the information. The attack could involve locking out the user, encrypting, deleting or stealing the data. The most common attack vectors are phishingemails and brute-forcing on Remote Desktop Protocol (RDP). Cybersecurity Ventures estimates ransomware will cost victims $265bn annually by 2031.
  • Malware is commonly defined as “software, firmware or code intended to perform a malicious unauthorised process that will have an adverse impact on the confidentiality, integrity, or availability of a system”. Malware comes in the form of virus, worm, trojan, or software code that can negatively impact a host computer or mobile device. Spyware and adwareare considered subsets in this category. This malware could allow actors to take remote control of a system, denial skimmers, or steal information or enable botnets to carry out nefarious attacks such as distributed denial of service (DDoS). According to ENISA, malware attacks are on the rise in 2022 after a decline in the previous reporting period (2020 and 2021). The decline had been linked to increased working from home during the pandemic. While the rise could be attributed to workers returning to the office, ENISA also point out that there has been simply more malware.

One of the most known malware threats is Pegasus malware a WhatsApp exploit which can affect both iPhone and Android phones and can be used to access messages, photos and emails, record calls and activate the microphone.

  • Most mobile malware comes from malicious applications downloaded and installed by users. In 2021 fake adblockers or adware were common for Android. These adblocking apps can look for extensive permissions when being installed from downloads on third-party app stores and online forums.

ENISA reported a rise in malware from crypto-jacking (the unauthorised use of devices to mine for cryptocurrency – further described below) and IoT malware. In the first six months of 2022, the malware attack volume on IoT was higher than had been recorded over the previous four years with Mirai botnets responsible for most (seven million) attacks. ENISA reported in 2021 and 2022 the most common IoT targets were networking devices such as Netgear (DGN), D-Link339 (HNAP), and Dasan (GPON).

  • In 2021 Flubot (a banking Trojan delivered via fake SMS messages claiming to be from banks or government organisations) was a prevalent form of phone malware, and) lured many Android phone customers into downloading nefarious applications.

ENISA Threat Landscape 2022 – prime threats

ENISA-Threat-landscape-2022

Source: ENISA Threat Landscape report 2022

  • Social engineering attacks target weaknesses in human behaviour, where false actors exploit an individual’s trust in communication and in their online habits. These attacks consistently rank high according to ENISA. The most common threat vectors for social engineering attacks include phishing, spear-phishing (targeting specific individuals/businesses), whaling(attacking individuals in high positions such as executives and politicians), smishing (a combination of SMS and phishing), vishing (a combination of phishing on a voice call where sensitive information is given over the phone), business e-mail compromise (BEC) and spam. ENISA reported phishing was the most common vector for initial access in 2022. This rise was attributed to more advanced and sophisticated phishing practices, fatigue among users as well as more targeted and context-based phishing practices.
    • E-mail may be used by bad actors to carry out man-in-the-middle-attacks effectively using software to eavesdrop on users by using an innocent link to accessing e-mail and intercept messages between two people in order to steal data. A man-in-the-middle-attack could also take place over an unsecured Wi-Fi network where the attacker intercepts data transmitted from a user’s device over the network.
  • Threats against data refer to data breaches or leaks of sensitive, confidential, or protected information to bad actors / hackers and occur due to cyberattack, insider job, unintentional loss, or exposure of data. This includes data theft or identity theft where personal identifiable information (PII) is stolen and used to impersonate an individual. It also usually results in hack attempts on personal online accounts as well as spam e-mail, spam calls and SMS. Customers can check if their personal data has been exposed on the dark web due to a breach using the free online service Have I Been Pwned. Similar resources are also offered by consumer cyber safety players.
  • Threats against availability occur when users of a system or service cannot access the relevant datafrom that service or system. This is often commonly achieved through Distributed denial-of-service DdoS attacks which prevent users from accessing a website or system by overloading the website or network with requests resulting in decreased service performance, loss of data and outages. The attack has been in use for over 20 years now with many criminals using it to extort ransoms on organisations. It is also increasingly being used as part of a state-sponsored attack. ENISA highlighted that traditional DdoS attacks are increasingly moving towards mobile networks and IoT where such (IoT) devices have limited resources and poor security protection. Threats against the availability of the internet was cited in the context of the Russian invasion of Ukraine where access to the internet and websites have been curtailed in certain captured cities where internet infrastructure has been captured leading to re-routing internet traffic over Russian networks, censoring of (western) websites and shutting down of Ukrainian mobile networks.
  • Disinformation – includes creation and sharing of false information, usually by social media. In recent years there are number of websites and digital platforms that present false or erroneous information for their particular agenda and these sites are generally spurred through sharing of information through social media channels. ENISA pointed to the war between Russia and Ukraine as one example of current disinformation to target people’s perception of the status of the war. Wrong and purposely falsified information can often be mistakenly shared. This is where the definitions of misinformation and disinformation come in. Misinformation is the unintentional sharing or reporting of inaccurate information in good faith. Disinformation is an intentional attack where false or misleading information is intentionally created and shared.
  • Supply-chain attacks refers to the targeting of individuals, groups of individuals or organisations hardware and software resources including cloud storage, web applications, online stores and management software. The supply chain attack is usually a combination of at least two attacks; the first on the supplier to access their assets and from there access the suppliers’ own network of customers and suppliers. The most recent high-profile attack was Solar Winds in 2020.
    • Cryptojacking or hidden crypto-mining occurs when a hacker secretly uses a victim’s computing power to generate cryptocurrency after the victim mistakenly and unwittingly downloads malicious software. Cryptocurrency is popular due to its ability to offer anonymity and its use as payment in ransomware attacks. Crypto-crime – i.e. crimes involving cryptocurrencies – is predicted to cost the global economy $30bn in 2025 according to Cybersecurity Ventures, while Chainalysis estimated crypto-scams (i.e. rug pulls on fake crypto projects) generated revenue of more than $7.7bn in 2021 and is one of the largest types of cryptocurrency-based scams.

Attacks affecting customers identity, privacy, financial and emotional wellbeing

Threats such as ransomware, malware, phishing, man-in-the-middle and social engineering have given rise to fears of identity theft and financial losses as a result of hacked bank accounts, e-mail, and social media accounts. In the US for example, the Identity Theft Resource Center (ITRC) reported a sharp rise (1,000% in a year) in social media account take overs with criminals using stolen information not only to take over existing bank accounts but to set up new bank and credit accounts using information stolen in data breaches and phishing attacks. In a snap survey of 97 people who contacted the IRTC over a social media account take over, 66% reported strong emotional reactions to losing access to their social media account.

Snap Survey of social media account takeover victims in 2021

ITRC-social-media-account-takeover-victims-2021

Source: Identity Theft Resource Centre

Table of Contents

  • Executive Summary
    • The threat landscape in an increasingly connected life
    • How to build successful cyber security services
    • A digital life security opportunity
  • More connected lives, more cyber risks
    • A complex cybersecurity threat landscape
    • Are consumers willing to pay for cybersecurity?
  • Operator cybersecurity propositions
    • Vodafone’s Secure Net
    • Telia Security package
    • Telefónica – Secure Connection
    • NOS Portugal
    • MEO Portugal
    • Safe Net
    • Deutsche Telekom
    • AT&T USA
    • Comcast
    • MTS Russia
    • SmarTone Hong Kong
    • A1 Austria
  • Conclusions

Related research

 

Enter your details below to download an extract of the report

Network slicing: The greatest thing since sliced bread?

If you don’t subscribe to our research yet, you can download the free report as part of our sample report series.

The Network Slicing research project was sponsored by HPE. This report and the analysis it contains were independently produced by STL Partners.

Service providers continue to face a decline in revenue

STL Partners has written for some time about the significant pressure faced by communications service providers (CSPs), both from operator rivals and players in adjacent sectors. Traditional telecoms revenue streams such as voice and messaging are shrinking, and as a result operator growth is slowing. Figure 1 shows that the average year-on-year revenue growth rate for 68 major telecoms groups worldwide has fallen since at least 2010.

Figure 1: 68 major telecoms groups – aggregate telecoms revenue, 2009-16

Source: Company accounts; STL Partners analysis

Much of this decline is fuelled by the impact of new competition: digital players such as Google, Facebook (including Whatsapp), Microsoft (including Skype and Skype-for-business) and Netflix, who are equipped to provide their own digital services, including voice- and messaging-enabled applications, without the headache of maintaining capital-intensive network infrastructure. It is now widely acknowledged that voice minutes and SMS bundles will continue to decline as a revenue stream as other players can offer the same, or better, capabilities ‘over-the-top’ to consumers and organisations for much less or free.

Data is not enough to ensure future growth

Of course, in order to use these new digital services, organisations and consumers do need network connectivity and, as a result, data consumption levels have shot up. Currently, the only players able to offer data connectivity are the communications service providers themselves, and therefore many have pointed to data as the primary source of new revenues which might offset the gap left by the decline in voice and messaging. In developed markets, in particular, some operators hope that it may be possible to ‘premiumise’ data services and drive higher average revenues per user (ARPUs). We do not believe that the evidence supports this and anticipate that plummeting data connectivity rates ($/MB) will neutralise growth in volumes resulting in low or no net growth in revenues.

In many developed markets, intense competition and strict regulation restricts the ability of operators to resist data price decline and squeeze more out of customers. Figure 5, for example, shows that despite mobile data consumption in the United Kingdom growing 243% between 2013 and 2015, ARPUs actually fell 4.5% over the period. More data, it is clear, does not automatically translate into more money.

 Figure 5: UK mobile ARPUs and data volumes, 2013-15

Source: STL Partners, Ofcom

In Figure 6 below, we show our revenue forecast for a telecoms operator offering converged fixed and mobile telecoms services to both enterprise and consumer customers in a developed market. In this conservative estimate, data revenues grow slightly, but not enough to offset voice and messaging revenues falling by half.

Figure 6: Forecast revenues for converged telco in advanced market

Source: STL Partners analysis

It is STL Partners’ belief that the path to sustainable telecoms growth lies not just in better monetising connectivity, but rather in telcos developing new capabilities of their own, continuously innovating and launching new products and services that more readily meet the needs of their customer base. It is only by doing so, and by leveraging new technology and network assets where possible, that telcos will be able to truly compete with digital players. In essence, communications service providers must either evolve to overcome commoditisation or to embrace it. Either way, they cannot continue business as usual.

Virtualisation and slicing: enablers for change?

STL Partners has written previously about Telco Cloud, a concept in which telcos redefine themselves by adopting cloud business platforms and practices (similar to internet and content players), alongside virtualisation of their core assets. This could lead to increased service agility, and the ability to create new, network-integrated services. In turn, this could drive new revenue growth.

Network virtualisation is still at an early stage, but its adoption is increasingly seen as inevitable. Operators worldwide are already deploying NFV/SDN technology, some setting ambitious virtualisation targets over time. The forthcoming 5G standards, as well as IoT technologies, are being developed with virtualisation in mind, and technology vendors are increasingly evolving their software offerings. If managed effectively, virtualisation could be the catalyst for the transformation towards the digital service provider.

One way in which virtualisation might enable this change is through the concept of ‘network slicing’, under which network operators would be able to operate multiple logically separate virtual networks over a single network infrastructure. This paper examines what network slicing might look like in practise, and what that could mean for CSPs.

Slicing: a vision for fundamental transformation

Defining slicing is not about the ‘what’, it’s the ‘how’

Network slicing is a term that has been discussed quietly in the industry for some time, but it has gained prominence more recently in parallel with the industry’s developing new 5G standards. Slicing has recently become the focus of a public disagreement between industry players involved in driving 5G standards. In essence, one group of operators and vendors are keen on accelerating New Radio (NR) standards in 5G, whereas another group see this as potentially undermining future standards in end-to-end slicing. A related debate also exists within operators between the core network and radio access teams, but that is neither new, nor surprising. These debates are not about slicing, since most parties appear to broadly agree on its potential, but more about how 5G will be introduced: as an evolution of 4G or as a completely new network.

A few considerations

In recent years, network slicing has also gained prominence as a way of creating unified 5G networks, which cover multiple very-different use-cases with a single infrastructure. Turning a necessity into a virtue, this technical “fix” is now being seen as a possible basis for extra capabilities and new services. However, many of the benefits could – and should – be achievable before 5G.

While network-slicing can in theory extend all the way through core networks and down to the radio connection, it is still subject to the laws of physics: if there is no coverage, poor RF propagation, or limited overall capacity, there is a hard limit to what performance can be guaranteed. There are also boundaries at the device, 3rd-party server/cloud interface, or where other networks interconnect, which mean that “end-to-end control” doesn’t always mean an entire system.

It’s important not to fall into the trap of thinking that because we have a slicing “hammer” that all problems start to look like “nails”. Telcos have many other approaches to future service creation and revenue expansion, that lie outside the core network. Content partnerships, vertical-industry solutions, in-home automation and new forms of connectivity all offer opportunities. If network-slicing does not reach its aspirations, there are still plenty of other options for the industry to prosper.

Independently of the 5G debate, slicing can be considered part of a wider trend (in both fixed and wireless networks) towards a more software-centric infrastructure leading to more flexible networks. As more network resources become virtual (rather than physical), operators could readily allocate resources to a particular ‘network slice.’ Hence, slicing is arguably really about the orchestration of operator assets and how an operator is able to effectively manage its network.

This vision affirms that the ‘one size fits all’ model will not applicable for the future where a diverse set of requirements will need to addressed with more customised services: from (enhanced) mobile broadband (eMBB), to ultra-low latency types (uRLLC), to low-power machine-type communications for IoT devices (mMTC).

Taking the work done by industry organisations, such as The Next Generation Mobile Networks (NGMN) Alliance , 5G Americas and the Open Networking Foundation (ONF) into consideration, STL Partners has developed the following definition for network slicing as the basis for this paper:

‘Network slicing is a mechanism to create and dynamically manage functionally-discrete virtualised networks over a common infrastructure’

 

  • Executive Summary
  • Introduction
  • Slicing: a vision for fundamental transformation
  • Defining slicing is not about the ‘what’, it’s the ‘how’
  • How slicing could enable growth
  • New services from network slicing
  • Evidence of the demand for slicing
  • Examples of new services
  • The slicing business models
  • So, where is the money?
  • Scenarios for the telco of the future
  • The scenarios imply different business models and ways of making money…
  • How slicing might work in practice
  • Key challenges to achieving slicing
  • Early 5G trials and proofs of concept
  • The evolution to slicing
  • A tricky transition with major obstacles to address
  • Conclusion

 

  • Figure 1: Benefits of network slicing
  • Figure 2: How might (operator) assets translate into demand for slices?
  • Figure 3: ‘External’ slicing business models
  • Figure 4: 68 major telecoms groups – aggregate telecoms revenue, 2009-16
  • Figure 5: UK mobile ARPUs and data volumes, 2013-15
  • Figure 6: Forecast revenues for converged telco in advanced market
  • Figure 7: With slicing, networks can be adapted to customers and applications
  • Figure 8: Diagram of slicing
  • Figure 9: Network slicing compared with existing technologies and services
  • Figure 10: Potential benefits of network slicing for network operators
  • Figure 11: Google Chrome’s release channels – a model for network development?
  • Figure 12: How operating models could change under network slicing
  • Figure 13: How might (operator) assets translate into demand for slices?
  • Figure 14: Example 1 – Emergency Services VMNO
  • Figure 15: Example 2 – Low Power IoT Service
  • Figure 16: Example 3 – Pop-up Network
  • Figure 17: Example 4 – Global Streaming Service
  • Figure 18: Example 5 – Smart Meters
  • Figure 19: Example 6 – Renewable Energy
  • Figure 20: Example 7 – Mining
  • Figure 21: Slicing Business Models
  • Figure 22: Mapping out the scenarios
  • Figure 23: Where will revenues come from?
  • Figure 24: Traditional telco cost structure and operating model is set up to operate networks not innovate in services
  • Figure 25: Under the slicing scenarios, the cost structures shift accordingly
  • Figure 26: Challenges identified from interview programme
  • Figure 27: Phases of network transformation for slicing future

CDNs 2.0: should telcos compete with Akamai?

Content Delivery Networks (CDNs) such as Akamai’s are used to improve the quality and reduce costs of delivering digital content at volume. What role should telcos now play in CDNs? (September 2011, Executive Briefing Service, Future of the Networks Stream).
Should telcos compete with Akamai?
  Read in Full (Members only)  Buy a single user license online  To Subscribe click here

Below is an extract from this 19 page Telco 2.0 Report that can be downloaded in full in PDF format by members of the Telco 2.0 Executive Briefing service and Future Networks Stream here. Non-members can subscribe here, buy a Single User license for this report online here for £795 (+VAT), or for multi-user licenses or other enquiries, please email contact@telco2.net / call +44 (0) 207 247 5003.

To share this article easily, please click:

//

Introduction

 

We’ve written about Akamai’s technology strategy for global CDN before as a fine example of the best practice in online video distribution and a case study in two-sided business models, to say nothing of being a company that knows how to work with the grain of the Internet. Recently, Akamai published a paper which gives an overview of its network and how it works. It’s a great paper, if something of a serious read. Having ourselves read, enjoyed and digested it, we’ve distilled the main elements in the following analysis, and used that as a basis to look at telcos’ opportunities in the CDN market.

Related Telco 2.0 Research

In the strategy report Mobile, Fixed and Wholesale Broadband Business Models – Best Practice Innovation, ‘Telco 2.0′ Opportunities, Forecasts and Future Scenarios we examined a number of different options for telcos to reduce costs and improve the quality of content delivery, including Content Delivery Networks (CDNs).

This followed on from Future Broadband Business Models – Beyond Bundling: winning the new $250Bn delivery game in which we looked at long term trends in network architectures, including the continuing move of intelligence and storage towards the edge of the network. Most recently, in Broadband 2.0: Delivering Video and Mobile CDNs we looked at whether there is now a compelling need for Mobile CDNs, and if so, should operators partner with existing players or build / buy their own?

We’ll also be looking in depth at the opportunities in mobile CDNs at the EMEA Executive Brainstorm in London on 9-10th November 2011.

Why have a CDN anyway?

The basic CDN concept is simple. Rather than sending one copy of a video stream, software update or JavaScript library over the Internet to each user who wants it, the content is stored inside their service provider’s network, typically at the POP level in a fixed ISP.

That way, there are savings on interconnect traffic (whether in terms of paid-for transit, capex, or stress on peering relationships), and by locating the servers strategically, savings are also possible on internal backhaul traffic. Users and content providers benefit from lower latency, and therefore faster download times, snappier user interface response, and also from higher reliability because the content servers are no longer a single point of failure.

What can be done with content can also be done with code. As well as simple file servers and media streaming servers, applications servers can be deployed in a CDN in order to bring the same benefits to Web applications. Because the content providers are customers of the CDN, it is possible to also apply content optimisation with their agreement at the time it is uploaded to the CDN. This makes it possible to save further traffic, and to avoid nasty accidents like this one.

Once the CDN servers are deployed, to make the network efficient, they need to be filled up with content and located so they are used effectively – so they need to be located in the right places. An important point of a CDN, and one that may play to telcos’ strengths, is that location is important.

Figure 1: With higher speeds, geography starts to dominate download times

CDN Akamai table distance throughput time Oct 2011 Telco 2.0

Source: Akamai

CDN Player Strategies

Market Overview

CDNs are a diverse group of businesses, with several major players, notably Akamai, the market leader, EdgeCast, and Limelight Networks, all of which are pure-play CDNs, and also a number of players that are part of either carriers or Web 2.0 majors. Level(3), which is widely expected to acquire the LimeLight CDN, is better known as a massive Internet backbone operator. BT Group and Telefonica both have CDN products. On the other hand, Google, Amazon, and Microsoft operate their own, very substantial CDNs in support of their own businesses. Amazon also provides a basic CDN service to third parties. Beyond these, there are a substantial number of small players.

Akamai is by far the biggest; Arbor Networks estimated that it might account for as much as 15% of Internet traffic once the actual CDN traffic was counted in, while the top five CDNs accounted for 10% of inter-domain traffic. The distinction is itself a testament to the effectiveness of CDN as a methodology.

The impact of CDN

As an example of the benefits of their CDN, above and beyond ‘a better viewing experience’, Akamai claim that they can demonstrate a 15% increase in completed transactions on an e-commerce site by using their application acceleration product. This doesn’t seem out of court, as Amazon.com has cited similar numbers in the past, in their case by reducing the volume of data needed to deliver a given web page rather than by accelerating its delivery.

As a consequence of these benefits, and the predicted growth in internet traffic, Akamai expect traffic on their platform to reach levels equivalent to the throughput of a US national broadcast TV station within 2-5 years. In the fixed world, Akamai claims offload rates of as much as 90%. The Jetstream CDN  blog points out that mobile operators might be able to offload as much as 65% of their traffic into the CDN. These numbers refer only to traffic sources that are customers of the CDN, but it ought to be obvious that offloading 90% of the YouTube or BBC iPlayer traffic is worth having.

In Broadband 2.0: Mobile CDNs and video distribution we looked at the early prospects for Mobile CDN, and indeed, Akamai’s own move into the mobile industry is only beginning. However, Telefonica recently announced that its internal, group-wide CDN has reached an initial capability, with service available in Europe and in Argentina. They intend to expand across their entire footprint. We are aware of at least one other mobile operator which is actively investing in CDN capabilities. The degree to which CDN capabilities can be integrated into mobile networks is dependent on the operator’s choice of network architecture, which we discuss later in this note.

It’s also worth noting that one of Akamai’s unique selling points is that it is very much a global operator. As usual, there’s a problem for operators, especially mobile operators, in that the big Internet platforms are global and operators are regional. Content owners can deal with one CDN for their services all around the world – they can’t deal with one telco. Also, big video sources like national TV broadcasters can usually deal with one ex-incumbent fixed operator and cover much of the market, but must deal with several mobile operators.

Application Delivery: the frontier of CDN

Akamai is already doing a lot of what we call “ADN” (Application-Delivery Networking) by analogy to CDN. In a CDN, content is served up near the network edge. In an ADN, applications are hosted in the same way in order to deliver them faster and more reliably. (Of course, the media server in a CDN node is itself a software application.) And the numbers we cited above regarding improved transaction completion rates are compelling.

However, we were a little under-whelmed by the details given of their Edge Computing product. It is restricted to J2EE and XSLT applications, and it seems quite limited in the power and flexibility it offers compared to the state of the art in cloud computing. Google App Engine and Amazon EC2 look far more interesting from a developer point of view. Obviously, they’re going for a different market. But we heartily agree with Dan Rayburn that the future of CDN is applications acceleration, and that this goes double for mobile with its relatively higher background levels of latency.

Interestingly, some of Akamai’s ADN customers aren’t actually distributing their code out to the ADN servers, but only making use of Akamai’s overlay network to route their traffic. Relatively small optimisations to the transport network can have significant benefits in business terms even before app servers are physically forward-deployed.

Other industry developments to watch

There are some shifts underway in the CDN landscape. Notably, as we mentioned earlier, there are rumours that Limelight Networks wants to exit the packet-pushing element of it in favour of the media services side – ingestion, transcoding, reporting and analytics. The most likely route is probably a sale or joint venture with Level(3). Their massive network footprint gives them both the opportunity to do global CDNing, and also very good reasons to do so internally. Being a late entrant, they have been very aggressive on price in building up a customer base (you may remember their role in the great Comcast peering war). They will be a formidable competitor and will probably want to move from macro-CDN to a more Akamai-like forward deployed model.

To read the note in full, including the following additional analysis…

  • Akamai’s technology strategy for a global CDN
  • Can Telcos compete with CDN Players?
  • Potential Telco Leverage Points
  • Global vs. local CDN strategies
  • The ‘fat head’ of content is local
  • The challenges of scale and experience
  • Strategic Options for Telcos
  • Cooperating with Akamai
  • Partnering with a Vendor Network
  • Part of the global IT operation?
  • National-TV-centred CDNs
  • A specialist, wholesale CDN role for challengers?
  • Federated CDN
  • Conclusion

…and the following charts…

  • Figure 1: With higher speeds, geography starts to dominate download times
  • Figure 2: Akamai’s network architecture
  • Figure 3: Architectural options for CDN in 3GPP networks
  • Figure 4: Mapping CDN strategic options

Members of the Telco 2.0 Executive Briefing Subscription Service and Future Networks Stream can download the full 19 page report in PDF format here. Non-Members, please subscribe here, buy a Single User license for this report online here for £795 (+VAT), or for multi-user licenses or other enquiries, please email contact@telco2.net / call +44 (0) 207 247 5003.

Organisations, people and products referenced: 3UK, Akamai, Alcatel-Lucent, Amazon, Arbor Networks, BBC, BBC iPlayer, BitTorrent, BT, Cisco, Dan Rayburn, EC2, EdgeCast, Ericsson, Google, GSM, Internet HSPA, Jetstream, Level(3), Limelight Networks, MBNL, Microsoft, Motorola, MOVE, Nokia Siemens Networks, Orange, TalkTalk, Telefonica, T-Mobile, Velocix, YouTube.

Technologies and industry terms referenced: 3GPP, ADSL, App Engine, backhaul, Carrier-Ethernet, Content Delivery Networks (CDNs), DNS, DOCSIS 3, edge computing, FTTx, GGSN, Gi interface, HFC, HSPA+, interconnect, IT, JavaScript, latency, LTE, Mobile CDNs, online, peering, POPs (Points of Presence), RNC, SQL, UMTS, VPN, WLAN.