When AT&T decided to virtualize network functions while embracing software-defined networking, it didn't have the coronavirus pandemic in mind. But those decisions have made AT&T battle-ready in the face of the COVID-19 outbreak, especially as companies send their entire workforces home.
In a Thursday blog post, AT&T's Andre Fuetsch wrote: "You don't design your network for a pandemic. But it turns out that building your network on software and open hardware specifications can help make it ready for just about anything."
From a bandwidth capacity standpoint, service providers around the globe have largely been up to the task of keeping customers connected as office employees and students become home-bound. Prior to COVID-19, most virtual private networks (VPNs) weren't designed to have a company's entire workforce log-in from home each day around the same time to a corporate network.
AT&T has been a pioneer in the development and use of white boxes, which pair network operating systems (NOS) with low-cost routers, switches and gateways. Out of that white box development, AT&T offers a network-based IP remote access VPN that's called SD-WAN Static or ANIRA. ANIRA, which is an acronym for "a network-based IP remote access," uses IPSec to authenticate and encrypt data packets over a wireless or wired broadband network.
Over the past few weeks, Fuetsch said ANIRA customer connections have surged by roughly 700%.
"These were customers in healthcare, financial services, and other vital segments around the world," Fuetsch said. "And AT&T was able to accommodate that demand surge without missing a beat. Just a few years ago, that would have been impossible. In fact, we’ve been adding more capacity to be ready for future needs…
"It’s been the ultimate proof point for our push into software-centric networking, and I couldn’t be prouder of what our team has done for our customers."
The ANIRA service was first launched in the early 2000s. The network platforms supporting the service have gone through several iterations of refreshes with the most recent being a move to a cloud-native design for AT&T's VPN Internet Gateway (VIG) and the white box client.
The NOS development is driven by AT&T Labs, and is now in the eighth generation. AT&T uses hardware from various vendors for ANIRA, which a spokesperson said allows it to ramp up quickly as demand increases.
"The service can work with a software client application that runs on the user’s laptop or a hardware device, called AT&T Global Network Client," according to Fuetsch, who is executive vice president and chief technology officer at AT&T. "The white box, or gateway, that works with the service can be placed on the customer’s premises and support multiple users and various broadband access methods."
Since ANIRA is a cloud-based software platform, it doesn't require a technician to install it on the plug-and-play white box. Once it's plugged in, the device automatically configures itself, which Fuetsch said was a similar functionality that's used on the new AT&T TV platform. All of which is beneficial to the health of the technicians, as well as a faster installations for end users.
“There were a couple long, hectic days, but we feel really good that our investments in building a software-defined network paid off," said AT&T's Mike Beltzer, assistant vice president for network infrastructure operations, in Fuetsch's blog. "The AT&T team was able to respond quickly by spinning up new instances of the VIG on cloud compute resources from a pool of pre-deployed assets."
In addition to IPSec, ANIRA enables users to subscribe to hybrid VPN solutions based on multiprotocol label switching (MPLS) via the AT&T Global Network client.
In Fuetsch's blog, Alan Klausner, the director of remote client development for AT&T Labs, referred to the AT&T VPN gateway as the telco's original white box solution. Klausner said AT&T has more than 100,000 active units in operation.
“Over the past few years AT&T has made significant investments in the infrastructure that supports the ANIRA service, transforming it from a hardware appliance model to a software-based cloud native architecture," said AT&T Labs' Bill Mueller, who is also a director for remote access development, in a statement. "We developed these infrastructure components internally because off-the-shelf products just didn’t have the scale, performance or cloud-native designs we wanted.
"The VPN Internet Gateway software incorporates some industry-leading middleware that has allowed us to achieve dramatic improvements in real time packet throughput. And we’ve made the VIG cloud native—meaning it runs as a tenant in a general-purpose compute environment. We’ve also focused on automating the provisioning of network connectivity between the VIG and the AT&T IP/MPLS network.”