Digitalroute'S Mediationzone On Aws: Architectural Overview

Amazon Web Services DigitalRoute’s MediationZone on AWS
DigitalRoute’s MediationZone on
AWS
Architectural Overview
December 2020
Notices
Customers are responsible for making their own independent assessment of the
information in this document. This document: (a) is for informational purposes only, (b)
represents current AWS product offerings and practices, which are subject to change
without notice, and (c) does not create any commitments or assurances from AWS and
its affiliates, suppliers or licensors. AWS products or services are provided “as is”
without warranties, representations, or conditions of any kind, whether express or
implied. The responsibilities and liabilities of AWS to its customers are controlled by
AWS agreements, and this document is not part of, nor does it modify, any agreement
between AWS and its customers.
© 2020 Amazon Web Services, Inc. or its affiliates. All rights reserved.
Contents
Introduction ..........................................................................................................................7
About Billing Mediation.....................................................................................................8
About Usage Management ..............................................................................................8
Characteristics of Mediation Systems .................................................................................8
On-premises Mediation Deployment Challenges ...............................................................9
Challenges CDRs and Demanding Disks........................................................................9
Backup and Retention IT and Regulatory Policies, Expensive Storage.........................9
Stale Data that can be Used for Analytics .....................................................................10
Dimensioning Pain Point ................................................................................................10
Operational Issues with Backlogs ..................................................................................11
Fixed Resources and Fixed Environments....................................................................11
Restricted and Limited Access ......................................................................................11
The Future of Mediation Systems with AWS ....................................................................12
AWS and 5G...................................................................................................................12
Cloudification of BSS .....................................................................................................12
Monetization of 5G Networks .........................................................................................13
Benefits of the AWS Cloud ................................................................................................14
Raise your Security Posture with AWS Infrastructure and Services ............................14
Ensure Security with the Shared Responsibility Model ............................................ 14
Off the Shelf High Availability Across Different Physical Locations (AZs)....................15
About Availability Zones ............................................................................................ 15
Different Billing Options for Different Environments ......................................................16
Pay-Per-Use Productions .......................................................................................... 16
Elasticity for All Traffic Types .........................................................................................16
No End-of-Life for Hardware or Platform .......................................................................17
Data Lakes and Machine Learning ........................................................................... 17
MediationZone Overview...................................................................................................18
Functional Overview.......................................................................................................18
Workflow Engine ........................................................................................................ 18
Data Collection........................................................................................................... 19
Data Quality ............................................................................................................... 19
Aggregation and Correlation ..................................................................................... 20
Enrichment and Transformation ................................................................................ 20
Governance................................................................................................................ 20
Elastic Scaling............................................................................................................ 20
Application and System Overview .................................................................................21
Functional Integration Overview ....................................................................................22
Deployment Overview on AWS .....................................................................................23
MediationZone Architecture on AWS ................................................................................24
MediationZone Resiliency ..............................................................................................26
How Does Amazon EKS Work? ........................................................................................27
Amazon EKS Control Plane ...........................................................................................27
Cluster Autoscaler ..................................................................................................... 28
Amazon RDS – Postgres (Multi-AZ) ..............................................................................28
Amazon Elastic File System (EFS) ................................................................................29
Amazon Simple Storage Service (Amazon S3) ............................................................29
S3 Standard ............................................................................................................... 29
S3 Glacier and S3 Glacier Deep Archive .................................................................. 30
Native Application Integration with SNS from the Workflow ..................................... 32
Infrastructure as Code....................................................................................................32
MediationZone 10 Deployment on AWS .......................................................................33
Hybrid Networking ..........................................................................................................37
Example Deployment ........................................................................................................38
Production Environment.................................................................................................40
Kubernetes Pod requirements................................................................................... 40
AWS Services Requirements .................................................................................... 40
DEV/TEST Environment ................................................................................................41
More About AWS Services ................................................................................................42
Regions and Availability Zones......................................................................................42
Amazon Virtual Private Cloud ........................................................................................43
Amazon Relational Database Service ...........................................................................44

Amazon Simple Storage Service (Amazon S3) ............................................................44
Amazon Elastic File System (Amazon EFS) .................................................................45
Amazon Elastic Kubernetes Service (Amazon EKS) ....................................................46
AWS Auto Scaling ..........................................................................................................46
AWS Direct Connect ......................................................................................................46
Amazon Route 53...........................................................................................................47
Conclusion .........................................................................................................................47
About DigitalRoute.............................................................................................................47
About MediationZone ........................................................................................................48
Contributors .......................................................................................................................49
Further Reading .................................................................................................................49
Document Revisions..........................................................................................................49
Abstract
This whitepaper provides an architectural overview of how DigitalRoute’s
MediationZone, a platform for billing mediation and usage management, is deployed
and operated on the AWS Cloud. It covers benefits of operating mediation on the AWS
Cloud, and the advantages compared to on-premises deployments.
The intended audience includes telecommunications (telecom) executives, solutions
architects, and development teams who need to support the decision to deploy a usage
data platform for their customer, wholesaler, or enterprise business.
Introduction
To understand mediation systems in the context of telecom environments, let’s examine
the definition laid out by TMForum GB922 Usage Standard:
Put simply, usage is how much product is used, by whom is it used, where and
when is it used and circumstances under which it is used. Normally, when a
usage event occurs, it is stored in a network element, for instance in a switch,
router, gateway or in an application system. Resources (applications, network
and computing capabilities) usually store usage data in proprietary formats that
are not understood by external systems, such as billing systems. Depending on
the polling strategy, a mediation engine connects to resources, collects usage
data and formats them into a format that is understood by the billing system.
Outputs of a mediation engine are Usage Detail Records (UDRs). Examples of
UDRs are Call Detail Records (CDRs – used to describe usage details of voice
call services) and Internet Protocol Detail Records (IPDRs – used to describe
usage details of Internet Protocol based services).
DigitalRoute and Amazon Web Services (AWS) are working to enable telecom and
communication service providers (CSPs) to manage the flow of usage data between
key business support systems and their network and payment systems, to ensure that
records are not lost, duplicated or corrupted. Real-time metering and charging needs
are met with a robust, high-performance solution. MediationZone enables the
deployment of metered service bundles and real-time subscriber and slice usage control
functionality, which are necessary in 5G for a B2X go-to-market model. It can also meter
and help monetize edge-computing capabilities introduced in 5G. For more information,
see Telecom Mediation on the DigitalRoute website.
About Billing Mediation

Billing mediation provides data normalization across systems, and optimization of data
streams in both real-time and batch mode. Characterized by high performance and
robustness, billing mediation serves as a single point of integration for all types of data
management needs. It provides a unique degree of configurability and easy integration
with a large number of data sources, which makes bridging siloed IT infrastructures and
transitions to new network technologies easier to accomplish.
About Usage Management

The usage management extension to billing mediation provides a smart data
management solution for the entire business support system (BSS) domain and
beyond͘. It supports a rapid business model, and supports deploying new services with a
minimal impact on other systems. Online control of usage, such as quota management,
is performed early in the processing chain and near the data sources. This makes it
possible to provide services based on real-time processing to all users. It also enables
communication service providers (CSPs) to create more valuable information about
user consumption while reducing the cost for downstream data volumes.
Characteristics of Mediation Systems

Mediation systems perform the function of collecting and converting data from multiple
sources, normalizing the data’s format, and then passing the output on to another
destination, up- or downstream in the telecom domain. The main role of billing
mediation is to bridge systems within the confines of the telecom BSS domain,
specifically as part of the monetization (charging) chain. There are several reasons that
CSPs should consider when evaluating data integration or middleware applications to
perform the tasks of a billing mediation system. These include:
• Pre-integration — The systems and network elements of virtually all

communication networks depend on a large number of formats and interfaces
(with different versions and vendor-specific favors). Some of these have a long
history and are virtually unknown outside the telecom space, while others are
rapidly evolving. The leading billing mediation systems are uniquely able to
support these formats, and thereby shorten integration time.
• Batch and real-time — Mediation systems handle bursts of data, often as files,
or bidirectional real-time communication. There are few data management tools
that can handle both in the same system and scale simultaneously. However, for
billing mediation systems, the ability to meet these requirements has been critical
since the advent of prepaid services.
• Volume — One of the drivers for telecom-specific systems (rather than any data
integration software) is the sheer volume of real-time transactions and generated
files of charging data records. The cost for poor scalability quickly becomes
astronomical. This aspect of system design is an important concern for a system
that is designed to collect and process all the data there is.
• Transaction security — The accuracy of charging transactions in a telecom
network is vital to securing revenue. A small drop in accuracy can be devastating
for the revenue of the telecom.
On-premises Mediation Deployment Challenges

In this section, we will examine common challenges faced with mediation running on
traditional infrastructure. In the Benefits of the AWS Cloud section of this document, we
will look at how AWS solves these challenges.
Challenges with CDRs and Demanding Disks

File mediation is a storage-intensive workload. Each file processed contains a number
of records. Files must be written to disk by the upstream system (or a source system),
read by the mediation system, processed, transformed, and written back to disk before
being transferred to the destination systems. At scale, this workload can be very
demanding and require expensive storage solutions to offer the required storage
input/output operations per second (IOPS). Storage systems are also physically bound
with a predetermined size — terabytes (TBs) or petabytes (PBs) — and a theoretical
IOPS. Customers typically do not invest in storage as much in staging and development
environments compared to production environments. This may be a limiting factor for
testing large data sets for operational or troubleshooting purposes, or for availing these
records to data scientists who want to experiment with a machine learning model to
predict customer churn for example.
Backup and Retention IT and Regulatory Policies,

Expensive Storage
Telecom operators are often required to store call detail records and other network
generated records and billable events for long-term. CSPs store CDRs to comply with
group IT backup policies, finance policies, reconciliation purposes with interconnect
systems, and clearing houses, to name a few. CSPs are often required to store records
for compliance reasons set by national regulatory authorities.
Storing these CDRs on-premises while securing another copy in the form of backup is
challenging. These items are volumetric in nature, and come in millions of files and
billions of records. A durable, redundant, highly available storage system is essential,
but storing historical data can be a burden on an organization. Archived data does not
contribute to daily operations and is not monetized.
Stale Data that can be Used for Analytics

Customers and operators have to store historical data for one, five, or even ten years to
comply with local regulations. This data contains personal information that must be
secured and backed up, which increases the operational cost of managing it over time.
This data can be used for future revenue simulation processes as well as for customer
analytics, to drive new business models and offerings.
Dimensioning Pain Point

Right sizing mediation systems in advance is challenging, and difficult to get right the
first time. It’s easy to accidentally size on the high side, because you have to dimension
for peak usage, which is tricky given the burst nature of mediation data. Many variables
enter the equation, including:
• The number of files

• Records within files
• The number of workflows
• The number of downstream systems and the business logic implemented on
each record in the form of decoding
• Formatting
• Extracting needed information
• Transforming the records and sending to downstream post processing systems
such as:
o Billing
o Revenue assurance
o Fraud systems
o Data warehouse
o Other internal IT systems
These factors contribute to the complexity of sizing, and add to the guesswork of
hardware capacity planning.
Operational Issues with Backlogs

Mediation systems are mission-critical to the business support ecosystem in an
operation or enterprise. Mediation systems that handle online events can’t afford
downtime because they deal with real-time transactions, yet they are not as disk-
intensive as file mediation workflows. File mediation can afford a bit of downtime
because it is offline in nature. However, it can suffer from long downtimes because the
system has to process the backlog of files and records that accumulated during the
downtime, in addition to the records that are freshly and continuously generated by the
network. Voice calls, data traffic, other billable events do not stop generating. This
problem can adversely impact the processing time of records, and may require hours or
days to clear the backlog during low-traffic hours when the system is processing fewer
files and has some capacity to spare. Backlogs can also have a revenue loss impact
and a bad customer experience for a missed billing cycle.
Fixed Resources and Fixed Environments

In a traditional infrastructure environment, you have to work with fixed resources
because of the upfront cost and lead time of introducing new hardware.
As-needed requests from Data Warehouse (DWH) and Business Intelligence (BI) teams
to reprocess historical data can include use cases such as adding or calculating a new
parameter that was not in the DWH schema. Other cases may be operational; for
example, a DWH faces some technical issue that requires a record set to be pushed
again. With traditional on-premises mediation systems, a customer typically has named
environments such as Production, Pre-Production, Development, and Test with fixed
capacities in terms of processing power, memory, disk sizes, and speeds. With a limited
on-premises hardware capacity, getting an on-demand elastic environment up to speed
within minutes can be challenging or impossible.
Restricted and Limited Access

A mediation system is typically accessible only by the network operations team, who
can access the system and the data. This can be a limiting factor to other people in the
organization. While mediation systems are not business-facing, they can be useful for
data scientists, core planning teams, and other individuals who may find the system
useful for their use cases. However, it is not scalable nor secure to give privileged
access to these users, which would add further disk read/write overhead to production
needs.
The Future of Mediation Systems with AWS

AWS and 5G
The transformation of both the core network and radio-access networking (RAN) in the
5G era makes AWS an ideal platform for hosting them, because of the breadth and
depth of AWS services, and our application programming interface (API)-driven
approach to designing modern, cloud-native applications. Additionally, the promise of
network slicing is expected to bloom in the 5G era, creating a private and enterprise-
oriented network. As such, the 5G network should be built on a hyper-scalable platform.
AWS is a natural choice for providing 5G network creation, not only for its breadth and
depth of services, but also because AWS has the strongest and widest partner
ecosystem across network equipment providers (NEPs) and communication service
providers (CSPs) in the telecom industry.
Openness is a requirement of CSPs and the AWS Cloud provides exactly that – a
strong foundation for all NEPs to build and innovate on. For more information, see the
5G Network Evolution with AWS whitepaper, which provides a reference architecture
diagram of 5G on AWS to help CSPs and NEPs build a carrier-grade 5G production
network, and lays out the typical deployment journey of 5G evolution, from using a non-
standalone (NSA) core, to a new standalone (SA) core network and RAN.
AWS has stretched its service coverage to the edge cloud by using AWS Outposts,
AWS Local Zones, and AWS Wavelength. The 5G Network Evolution with AWS
whitepaper highlights how these AWS services can contribute to building a seamless
5G network by providing the best value, the most cost-savings, and the best
monetization strategy.
Cloudification of BSS
The convergence of telecom and the cloud is increasingly relevant, as telecoms look for
the agility, security, and flexibility that hyperscalers provide to improve their reach to
new customers while managing their cost structure. Meanwhile, hyperscalers are
building out their infrastructure to ensure that cloud computing moves closer to the edge
so that new applications can leverage the possibilities that 5G brings, such as latency,
throughput, and quality of experience.
As a natural consequence of this distributed compute model, and to deploy and operate
standalone 5G networks, telecoms look at a distributed deployment model for their
networking infrastructure and BSS systems. Telecoms want the agility and flexibility that
5G brings, and they want a consistent way to reconcile and manage usage, reduce the
risk of standalone deployments, and ensure a consistent way of billing and charging
their customers.
As BSS systems move to cloud infrastructure, mediation plays a key part of data
migration to the cloud. This ensures that legacy communication protocols, along with
new 5G HTTP2 OpenAPI protocols, are supported and can be stored in a way that is
both secure and compliant with local regulation. Data can be used for analytics to drive
new revenues and reduce churn through modern machine learning frameworks.
Monetization of 5G Networks
Existing mediation infrastructure is challenged by requirements from 5G network
standards. The 5G standard describes a service-based architecture, where legacy
telecom protocols like The GPRS Tunneling Protocol (GTP) and Diameter are
abandoned for new open protocols based on HTTP/2 and OpenAPI. Mediation enables
5G use cases by bridging between the 5G and 3G/4G world.
Mediation enables operators to monetize new services like 5G network slicing. In
network slicing, virtualized and independent logical networks runs in parallel on the
same physical network infrastructure. Each network slice is an isolated network tailored
to fulfil requirements requested by a particular application in that slice. This means that
the BSS layer must be able to be provisioned on-demand when a new network slice is
needed, and decommissioned when the network slice is terminated.
With 5G, marketing will unlock more B2B and B2B2x selling. 5G service providers will
need to partner with enterprises to deliver and monetize these services. It will be
important to have a flexible and capable mediation layer, operated on a cloud
infrastructure, to make the necessary business innovation happen.
Why MediationZone on AWS?

AWS is the world’s leading cloud provider. AWS provides on-demand computing
resources and services in the cloud, with pay-as-you-go pricing. As of the date of this
publication, AWS serves over a million active customers in 245 countries and territories.
AWS has 24 launched Regions with 77 Availability Zones (AZs) worldwide, and four
announced Regions. (For more information, see About Availability Zones in this
document.) You can access servers on AWS and log in, configure, secure, and operate
them just as you would operate servers in your own data center.
With cloud computing, AWS manages and maintains technology infrastructure in a
secure environment. Businesses access these resources via the internet to develop and
run their applications. Capacity can grow or shrink instantly, and CSPs pay only for what
they use.
Benefits of the AWS Cloud

Raise your Security Posture with AWS Infrastructure
and Services
Using AWS, you will gain the control and confidence you need to securely run your
business with the most flexible and secure cloud computing environment available
today. As an AWS customer, you will benefit from AWS data centers and a network
architected to protect your information, identities, applications, and devices. With AWS,
you can improve your ability to meet core security and compliance requirements, such
as data locality, protection, and confidentiality, with our comprehensive services and
features.
AWS enables you to automate manual security tasks so you can shift your focus to
scaling and innovating your business. You pay only for the services that you use. AWS
is the only commercial cloud whose service offerings and associated supply chain has
been vetted and accepted as secure enough for top-secret workloads.
Ensure Security with the Shared Responsibility Model

A shared responsibility model of security between AWS and the customer is applied to
MediationZone implementation on AWS. The shared responsibility model describes this
as security of the cloud, and security in the cloud.
• Security of the cloud – AWS is responsible for protecting the infrastructure that
runs AWS services in the AWS Cloud. For Amazon Simple Storage Service
(Amazon S3), where most data resides, AWS is responsible for the underlying
infrastructure and its security. For Amazon Elastic Kubernetes Service (Amazon
EKS), AWS is responsible for the Kubernetes control plane, which includes the
control plane nodes and etcd database. Third-party auditors regularly test and
verify the effectiveness of our security as part of the AWS compliance programs.
• Security in the cloud – Your responsibility includes the following:
o The sensitivity of your data, your company’s requirements, and applicable
laws and regulations. This includes configuring Amazon S3 and Amazon
Elastic File System (Amazon EFS) with proper access policies and
encryption.
o Security configuration of the data plane, including the configuration of
security groups that allow traffic to pass from the Amazon EKS control plane
into the customer virtual private cloud (VPC).
o Configuration of the worker nodes and the containers themselves.
o The worker node guest operating system (including updates and security
patches).
o Setting up and managing network controls, such as firewall rules managing
platform-level identity and access management, either with or in addition to
AWS Identity and Access Management (IAM).
For more information about security and compliance, see Security and Compliance. To
learn more about AWS security, see AWS Cloud Security.
AWS compliance enables you to understand the robust controls in place at AWS to
maintain security and data protection in the cloud. AWS engages with external certifying
bodies and independent auditors to provide you with extensive information regarding
the policies, processes, and controls established and operated by AWS. To learn more,
see AWS Compliance.
Off the Shelf High Availability Across Different

Physical Locations (AZs)
AWS services such as Amazon S3 manage high availability for CSPs. For Amazon
EKS, MediationZone is designed to be highly available by spreading application
components and their underlying resources across physically isolated availability zones.
Resiliency is discussed in more detail later in this document.
About Availability Zones

An Availability Zone (AZ) is one or more discrete data centers with redundant power,
networking, and connectivity in an AWS Region. AZs give customers the ability to
operate production applications and databases that are more highly available, fault
tolerant, and scalable than would be possible from a single data center.
All AZs in an AWS Region are interconnected with high-bandwidth, low-latency

networking. They are fully redundant, with dedicated metro fiber providing high-
throughput, low-latency networking between AZs. All traffic between AZs is encrypted.
Network performance is sufficient to accomplish synchronous replication between AZs.

AZs make partitioning applications for high availability easy. If an application is
partitioned across AZs, companies are better isolated and protected from issues such
as power outages, lightning strikes, tornadoes, earthquakes, and more. AZs are
physically separated by a meaningful distance, many kilometers, from any other AZ,
although all are within 100 km (60 miles) of each other.
Different Billing Options for Different Environments

When designing for AWS, you can take advantage of the dynamically provisioned
nature of cloud computing. Think of servers and other components as temporary
resources. You can launch as many as you need, and use them only for as long as you
need them.
AWS supports an on-demand pricing model, meaning you pay only for the resources
that you use. For example, if you are using a development environment for only 40
hours a week (8 hours a day, 5 days a week), you can shut down the environment when
it’s not in use. You pay only for 40 hours of Amazon EC2 compute charges instead of
168 hours (24 hours a day, 7 days a week) for an on-premises environment running all
the time. This can result in a saving of 75%.
Similarly, Amazon EC2 Reserved Instances (RIs) provide a significant discount (up to
72%) compared to on-demand pricing. RIs are recommended for mission-critical
production environments that run 24/7. CSPs can leverage Reserved Instances for 1-
year or 3-year terms.
Amazon EC2 is free to try. There are five ways to pay for Amazon EC2 instances:
• On-Demand
• Savings Plans
• Reserved Instances
• Spot Instances
• Dedicated Hosts
Dedicated Hosts provide you with EC2 instance capacity on physical servers dedicated
for your use. For more information about how to optimize your Amazon EC2 budget,
see Amazon EC2 Cost and Capacity Optimization.
Pay-Per-Use Productions
MediationZone is designed to scale out and scale in depending on usage. The elastic
nature of the application design, enabled by the underlying auto-scaling of AWS
services, frees you from the need to “guesstimate” when planning for a new
implementation of mediation, or when forecasting capacity upgrades.
Elasticity for All Traffic Types

MediationZone is designed to handle massive scale online usage transactions as well
as file and batch processing at enterprise-grade scale. Typical online protocols are
GTP, DIAMETER in 3G/4G and HTTP/2 in 5G.
MediationZone uses a modern application development approach built on top of a

proven platform that enables it to be elastic with virtually unlimited capacity. By using
the native, highly available autoscaling services offered by AWS, such as Amazon
Elastic Load Balancing (Amazon ELB), Amazon EFS, Amazon S3, and Amazon EKS,
MediationZone on AWS manages underlying infrastructure for you.
No End-of-Life for Hardware or Platform

All hardware platforms have end-of-support and end-of-life (EOS/EOL) dates, at which
point the hardware is no longer supported and you are forced to refresh the underlying
infrastructure. In complex environments, this can incur a long migration from the old
hardware to the new hardware stack where the application is freshly deployed. This
migration entails:
• Software installations
• Patch management
• Business configuration migrations
• Data migrations
• Integrations with surrounding ecosystem
• Regression testing
• Possibly a parallel run for both environments
The project must be managed and controlled within time and budget, and it can be
costly and time consuming. In the AWS Cloud, you can simply upgrade the platform
instances to new AWS instance types in a single click, at no cost for the upgrade. AWS
manages the underlying hardware lifecycle on your behalf.
Data Lakes and Machine Learning

Data lakes are the foundation for machine learning (ML). By storing your organization’s
valuable data on the cloud, you can set up a data lake in days or weeks using AWS
Lake Formation or leveraging AWS Quick Start deployments. You can plug in your
favorite analytical and business intelligence tools to extract value and gain insights.
Some use cases include churn prediction using ML powered by Amazon SageMaker.
Another use case is fraud detection, which you enable by training your ML models using
the data that already resides in your data lake. With the right access, and the fine-
grained controls that AWS data lakes provide, everyone in your organization can
leverage the data lake securely and with least privilege access.
MediationZone Overview
Functional Overview
Workflow Engine
MediationZone enables you to create and run an end-to-end workflow customized for
your business needs. Workflows are a collection of agents that are connected into a
data processing workflow. Workflows are visually designed in the MediationZone
workflow designer tool.
The agents in a workflow are either collection agents, processing agents, or forwarding
agents.
A batch workflow processes input that originates from a specific source, often a file. The
workflow creates batches from the data and processes them one by one. Real-time
workflows are applicable in systems where instant processing requests need to be
addressed as they occur.
In real-time workflows, many of the collecting agents communicate in a two-way
manner; they receive requests and provide replies.
Figure 1 —MediationZone workflow designer - Batch workflow example
Data Collection
MediationZone supports data collection from various kinds of protocols used within the
CSP (SFTP, Diameter, GTP, Radius, HTTP, SNMP). It also brings support for a highly
configurable decoder/encoder supporting various data formats like Binary, ASCII,
ASN.1, XML, JSON, and Protobuf.
The decoder normalizes the external data format into internal data records (called a
Usage Data Record or UDR) on which the subsequent business logic is applied.
Data Quality
MediationZone has an error correction system that can filter out erroneous usage data
records, fix them, and reinsert corrected data into the workflow. This prevents the
revenue loss that results from discarding the erroneous records altogether.
Aggregation and Correlation

MediationZone has a flexible and configurable aggregation and correlation functionality
that can aggregate multiple usage records into a single consolidated usage record,
called a session, in real time.
Enrichment and Transformation

MediationZone can enrich and transform incoming usage records based on data
retrieved from sources like databases or APIs.
Governance
MediationZone can track exactly what happens at all points in the workflow and present
that data internally or externally.
Elastic Scaling
MediationZone utilizes AWS and Kubernetes technologies to elastically scale, based on
throughput or triggered from an external orchestrator. One of the new use cases in 5G
is network slicing. In Figure 2, a new workflow in MediationZone is dynamically
provisioned, implementing a 5G charging function to handle the charging consumption
from the new network slice.
Figure 2 — A new workflow in MediationZone is dynamically provisioned
Application and System Overview

The MediationZone system architecture is designed to be completely distributed and
scalable. It can be deployed on virtualized servers or in a containerized deployment.
Logically, the MediationZone platform is layered into three different zones:
Figure 3 — The three layers of a MediationZone platform

• The Access Zone is the layer where users access the system through a
graphical interface or command line interface (CLI) to perform operations and
maintenance tasks.
• The Control Zone hosts configurations and provides storage and a range of
services that are essential to the MediationZone system.
• The Execution Zone is a scale-out layer that provides processing capacity in the
system. This layer contains one or several execution contexts, which are
distributed over any number of processes.
Execution contexts are responsible for executing and supervising workflows.
The system processes in the various zones are referred to as pico instances and can be
of different types:
• Platform
• Execution context (EC)
• Desktop
Functional Integration Overview

MediationZone collects usage data from the CSP’s network elements using telecom
standard protocols. In the 5G 3GPP standard, the main protocol is HTTP/2. In the 3G
and 4G standards, the interface can be Diameter or GTP. For offline scenarios, the
collection interfaces are typically file-based. MediationZone process the usage data and
forwards the rest to the BSS stack, including rating and account balance. Usage data
can also be forwarded to an analytics layer for business intelligence or service
assurance purposes.
Figure 4 — MediationZone in the Telco BSS landscape
Deployment Overview on AWS

MediationZone is available as an AWS cloud-native version or as a traditional
deployment. In this whitepaper, we will review the cloud-native deployment version.
When deploying the cloud-native version on AWS, the software is deployed using Helm
in Amazon EKS. Kubernetes, also known as K8s, is an open-source system for
automating deployment, scaling, and management of containerized applications. It is
extendible, and new customer resource definitions can be added to solve a specific
need from the orchestration perspective.
In this document we will focus on how to deploy using Amazon EKS. The basic
functionality in Kubernetes is extended to enable elastic scaling of the system.
Following the Infrastructure as Code (IaC) principle and to simplify the setup of the
infrastructure, Terraform templates are provided to customers. Through the DigitalRoute
support team, docker images are made available for customers on Amazon Elastic
Container Registry (Amazon ECR).
Deployment typically happens in the customer’s AWS account. We recommend that
CSPs set up a multi-account environment using AWS Control Tower. AWS Control
Tower is the easiest way to set up and govern a new, secure, multi-account AWS
environment.
MediationZone adds a custom resource definition called Execution Context
Deployments (ECD) in Kubernetes. The custom resource definition is used to manage
the Execution Contexts (EC), with all its Kubernetes resources and MediationZone
workflows. The Execution Context Deployment is managed as one complete package

that will run, scale and balance on its own.
An operator is an application-specific controller for a custom Kubernetes resource that
extends the standard API.
The resources managed through EC Deployment are:
• Deployment — The collection of Points of Delivery (PoDs) that execute the ECs,
with parameters like CPU and memory usage limits, JVM configuration, and
default number of replicas.
• Ingress – How HTTP interfaces are exposed externally from the cluster.
• Service – How TCP and UDP interfaces are exposed externally from the cluster.
• HorizontalPodAutoscaler — How workflows are automatically scaled based on
CPU or custom metrics.
• Workflows – What workflows are executed on the ECs and what parameters
they are executed with.
It is the Kubernetes operator’s role to ensure resources in the Kubernetes cluster match
what is described in the definition of the EC deployment.
MediationZone Architecture on AWS

Figure 5 illustrates a deployment of MediationZone on AWS, across two AZs inside an
AWS Region. Note that the system can also be deployed across three or more
Availability Zones, based on the AWS Region.
CSPs may already be on their journey to the cloud, or they may not have started it yet,
so this diagram includes a hybrid environment where a CSP can still host some
workloads on-premises, especially for 3G/4G networks. By using AWS Direct Connect,
you can achieve a seamless connectivity to AWS and extend (or burst) your
environment into the AWS Cloud.
Figure 5 — Example MediationZone deployment
Table 1 explains the functionality of each MZ component, and maps them to the AWS
service:
Table 1 — MZ10 component description and deployment on AWS
Component Tier Purpose Deployment
Execution Application Executes business Container on

Context logic and workflows Amazon
EKS
Desktop Application Provides the UI Container on

(MZ UI) Access Zone element of the Amazon
application EKS
Platform Application Hosts configurations, Container on

provides storage and Amazon
a range of central EKS
services
Load Application Load balancing AWS ELB

balancing between scaled-out
replicas of ECs
File Data Interface with Amazon S3

collectors upstream/downstream
systems
Long term Data Backup and long term Amazon S3

archival archival on low-cost Glacier
storage class.
Internal file Data Record aggregation, Amazon

share data record de- EFS
duplication and inter-
workflow
communication
Internal Data/Persistence Stores internal Amazon

Database configuration data for RDS -
the application Postgres
MediationZone Resiliency
The MediationZone application is designed to be resilient and follows the Reliability
Pillar of the AWS Well Architected Framework for all system components.
Table 2 — High availability and shared responsibility
Component High availability Responsibility
Kubernetes Control At least two API server Managed by AWS

Plane nodes and three etcd nodes
that run across three AZs
within a Region
Kubernetes worker Spread across a minimum of Configurable by user, managed

nodes two AZs by AWS
Amazon S3 Standard S3 operates in a Managed by AWS

minimum of three AZs
Amazon RDS Multi-AZ deployment Configurable by user, Managed

by AWS
Amazon EFS Objects are redundantly Managed by AWS

stored across multiple AZs.
How Does Amazon EKS Work?

Amazon EKS works by provisioning (starting) and managing the Kubernetes control
plane and worker nodes for you. At a high level, Kubernetes consists of two major
components: a cluster of 'worker nodes' that run your containers, and the control plane
that manages when and where containers are started on your cluster and monitors their
status.
Without Amazon EKS, you have to run both the Kubernetes control plane and the
cluster of worker nodes yourself. With Amazon EKS, you provision your worker nodes
using a single command in the EKS console, CLI, or API, and AWS handles
provisioning, scaling, and managing the Kubernetes control plane in a highly available
and secure configuration. This removes a significant operational burden for running
Kubernetes and allows you to focus on building applications instead of managing AWS
infrastructure.
Amazon EKS Control Plane

The Amazon EKS control plane consists of control plane nodes that run the Kubernetes
software, such as etcd and the Kubernetes API server. The control plane runs in an
account managed by AWS, and the Kubernetes API is exposed via the Amazon EKS
endpoint associated with your cluster. Each Amazon EKS cluster control plane is single-
tenant and unique, and runs on its own set of Amazon EC2 instances. The control plane
nodes are managed by AWS.
Amazon EKS Nodes

Amazon EKS nodes run in your AWS account and connect to your cluster's control
plane via the API server endpoint and a certificate file that is created for your cluster.
Cluster Autoscaler
MediationZone Autoscaling is supported and implemented by using the Horizontal
method, which is also known as scaling out or in:
The cluster auto-scaler is a tool that automatically adjusts the size of the EKS cluster by
adding or removing EC2 worker nodes when one of the following conditions is true:
• There are PoDs that failed to run in the cluster due to insufficient resources,
• There are nodes in the cluster that have been underutilized for an extended
period of time and their PoDs can be placed on other existing nodes.
The horizontal PoD autoscaler automatically scales the number of PoDs based on
observed CPU utilization (or, with custom metrics support, on some other metrics). The
Kubernetes operator provided by DigitalRoute enables the scaling of MediationZone
Execution Contexts (ECs) by allowing workflows to scale across multiple PoDs.
Amazon RDS – Postgres (Multi-AZ)

MediationZone leverages Amazon Relational Database Service (Amazon RDS) which is
a managed database service for the Postgres database. The database holds
configuration data such as users, application event logs, and run-time batch transaction
states.
Amazon RDS takes away the time-consuming and undifferentiated heavy lifting by
automating typical administration tasks patching and backups. Administrators can easily
scale the instance size up or down, or change the instance type completely, either
programmatically or with a few clicks.
Multi-AZ Deployments — This deployment option for the production database (DB)
instances enhances database availability while protecting your latest database updates
against unplanned outages. Amazon RDS automatically provisions and manages a
standby replica in a different Availability Zone (independent infrastructure in a physically
separate location). DB updates are made concurrently on the primary and standby
resources to prevent replication lag. In the event of planned database maintenance, DB
instance failure, or an Availability Zone failure, Amazon RDS will automatically failover
to the up-to-date standby so that database operations can resume quickly without
administrative intervention. Prior to failover you cannot directly access the standby, and
it cannot be used to serve read traffic. For more information, see Amazon RDS Multi-AZ
Deployments.
Amazon Elastic File System (EFS)

Amazon EFS takes the burden of managing shared storage away from customers, with
a managed network-attached storage (NAS) service with virtually unlimited capacity.
Shared storage is needed when a disk should be available from multiple AZs in case of
a failover scenario. We use this type of storage for batch aggregation, data record de-
duplication, and inter-workflow communication.
Amazon EFS is used by MediationZone for internal processing needs, and acts as an
interim storage medium for collection and distribution (also referred to as collectors and
forwarders) of files. In the context of mediation, input and output CDR files are collected
and forwarded from/to upstream and downstream systems respectively, but not
necessarily retained on this storage medium.
General purpose performance mode for EFS is used for MediationZone deployments.
Amazon Simple Storage Service (Amazon S3)

Amazon S3 is an object storage service that offers industry-leading scalability, data
availability, security, and performance.
S3 Standard
1. Native application integration with S3 from the application workflow
MediationZone comes with Amazon S3 agents that provide native integration to
S3 for object storage. Customers can leverage these agents to connect directly
to their data lakes built on S3. in the context of mediation, S3 can be regarded as
a collector for input records or a forwarder for processed records.
Figure 6 — Native S3 integration in MZ10 workflow designer
2. Backup and data archival

Amazon S3’s cost-effective storage makes it a perfect candidate for a CSP’s
CDR backup needs. The recommended use case is short-term (0 to 3-6 months
of raw CDRs and processed data).
S3 Glacier and S3 Glacier Deep Archive

These S3 storage classes retain objects long-term at the lowest rates. Using
configurable S3 lifecycle policies, CDR files can be moved from one class (S3
Standard) to a “colder” class (Amazon S3 Glacier or Amazon S3 Glacier Deep Archive)
for data that may be accessed once or twice a year. Long term archival of CDRs is a
common industry requirement for compliance purposes. For more information, see
Amazon S3 Storage Classes.
Table 3 — Estimated cost benefits of leveraging different storage classes
Size of
Recommended stored Monthly
Use case storage class data cost* Tradeoff
Readily S3 100 TB 2,304.00 General purpose

accessible USD storage for any
CDRs and files, type of data,
and freshly typically used for
generated files frequently
accessed data
Size of
Recommended stored Monthly
Use case storage class data cost* Tradeoff
Short term S3 Infrequent Access 100 TB 1,280.00 For long-lived but

backup files (0- USD infrequently
6 months) accessed data
that needs
millisecond
access
Long term S3 Glacier Deep 100 TB 101.38 USD Long-term data

backup and Archive archiving
archival (1-5+ accessed once or
years) twice in a year
that can be
restored within 12
hours
*The table shows estimated costs for storage in Ireland (eu-west-1) Region and does
not include data transfer costs, which is subject to different customer architectures. To
do your own estimations, see the AWS Pricing Calculator.
The recommended use case is long-term (1 to 5+ years of historical CDRs and
processed data), typically to meet a CSP IT policy for file retention and/or compliancy
with regulatory authority.
Amazon Simple Notification Service (Amazon SNS)

Amazon SNS is a fully managed messaging service for both system-to-system and app-
to-person (A2P) communication. It enables you to communicate between systems
through publish/subscribe (pub/sub) patterns that enable messaging between
decoupled microservice applications or to communicate directly to users via SMS,
mobile push, and email.
Native Application Integration with SNS from the Workflow
Figure 7 — Native SNS integration in MZ10 workflow designer
MediationZone has an event notification service that offers the possibility of routing
information from events generated in the system to various targets, one of which is
Amazon SNS. There are many types of events triggered throughout the system such as
workflow events, user events, system events, and so on.
Through native integration with Amazon SNS, the mediation workflows can publish
messages to a configured SNS topic, which is consumed (or subscribed to) by any
service running on the AWS Cloud. SNS can also send SMS, email, and mobile push
notifications. For example, if a workflow ends unexpectedly, users can receive a
notification. SNS notifications can also be leveraged to trigger another system within the
CSP larger ecosystem, to execute a certain function.
Amazon SNS is a fully managed service, handling capacity planning, provisioning,
monitoring, and patching. The service is designed to handle high-throughput, burstable
traffic patterns, and enables you to send millions of messages per second.
Infrastructure as Code
Infrastructure as Code (IaC) is a fundamental component of modern DevOps practices
because it enables you to deploy any version of your application infrastructure at will,
and facilitates the full lifecycle management of all the resources required to run and
monitor your application. Organizations that have adopted DevOps practices often
deploy hundreds or even thousands of changes to production a day, allowing them to
deliver software faster, cheaper, and with lower risk.
Terraform by HashiCorp, an AWS Partner Network (APN) Advanced Technology

Partner and member of the AWS DevOps Competency, is an IaC tool similar to AWS
CloudFormation that enables you to create, update, and version your AWS
infrastructure.
Customers are provided with container images and Helm charts, in addition to
Terraform templates which enable them to deploy the MediationZone application in a
quick and maintainable fashion.
Figure 8 — Deployment flow on AWS
MediationZone 10 Deployment on AWS

To deploy MZ Docker:
1. Download MZ Docker images and template files. Speak to your DigitalRoute
support team for links.
2. Modify the Terraform templates provided. Set up the VPC, security groups, and
RDS database.
3. Create the EKS cluster and deploy MediationZone.
The following is a sample helm chart for context deployment for illustration purposes
only:
# Default values for MZ-ec.

# This is a YAML-formatted file.

# Declare variables to be passed into your templates.
# Only on-premise and aws supported for now

environment: aws
#Timezone MediationZone EC should run as, e.g. 'Europe/Stockholm'

timezone: UTC
replicaCount: 1
repository: xxxxxxxxxx.dkr.ecr.eu-west-1.amazonaws.com/drx
tag: 10.0.0.0-dev-20191104094422.xxxxxxx-ec
pullPolicy: IfNotPresent
debug:
script:
enabled: false
log:
level:
codeserver: info
jetty: 'off'
others: warn
jmx:
remote:
enabled: false
port: 8818
export:
enabled: false
port: 8888
log:
# Format can be "json" or "raw". Default is "raw"
format: raw
# Pattern is only for raw format, refer to log4j standard
pattern: '%d: %5p: %m%n'
# Add/override jvm arguments

jvmArgs:
- XX:MaxDirectMemorySize=4096m
- XX:MaxMetaspaceSize=256m
- Xms256m
- Xmx512m
# Add/override system properties

# It is possible to refer to another system property by wrapping it

in ${...}
# Example:
# someprop=${mz.home}/somevalue
systemProperties:
- ec.webserver.port=9090
# Configure the execution context(s) to one or several ec groups

# The value should be given as a comma separated list - example:
ecGroups: ecGrp1,ecGrp2
# No special characters are allowed apart from the comma separating
each ec group name.
# This value overrides the pico.groups system property.
ecGroups:
persistence:
# If persistence is enabled, the platform persistent disk will be
mounted to
# /opt/mz/persistent
enabled: false
service:
enabled: false
externalTrafficPolicy: Cluster
# type is only applicable for on-premise environment
type: NodePort
ports:
- name: http
port: 8080
#nodePort: 30808 # Use this to explicitly set the external
port
targetPort: 8080
protocol: TCP
resources:
{}
# We usually recommend not to specify default resources and to
leave this as a conscious
# choice for the user. This also increases chances charts run on
environments with little
# resources, such as Minikube. If you do want to specify
resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces
after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
# Uncomment the section below to enable autoscaling.

#autoscale:
# minReplicas: 1
# maxReplicas: 4
# metrics:
# - type: Resource
# resource:
# name: cpu
# target:
# type: Utilization
# averageUtilization: 50
probes:
# If a pod does not reach ready state (readiness probe success)
it will be restarted.
# If a pod's liveness probe fails for X times, the pod will be
restarted.
liveness:
initialDelaySeconds: 300
periodSeconds: 15
timeoutSeconds: 10
successThreshold: 1
failureThreshold: 3
readiness:
initialDelaySeconds: 10
periodSeconds: 5
timeoutSeconds: 10
successThreshold: 1
failureThreshold: 120
nodeselector:
enabled: false
nodeSelector:
name:
tolerations:
key:
effect:
affinity: {}
## aws setup
# Setup aws load balancers and route53 records for the hosted zones
and
# control allowed cidrs to access the platform services
aws:
cluster_name: mz-eks
region: eu-west-1
domain: mz-eks.example.com
acm_certificate: arn:aws:acm:eu-west-
1:1234567890:certificate/xxxxxxxx-xxxx-xxxx-xxxxxxxxxxxxxxxxx
access_cidr_blocks:
- 0.0.0.0/0
Hybrid Networking
CSPs and enterprise environments are often a mix of cloud, on-premises data centers,
and edge locations. Hybrid cloud architectures help organizations integrate their on-
premises and cloud operations to support a broad spectrum of use cases, using a
common set of cloud services, tools, and APIs across on-premises and cloud
environments. CSPs can maintain IP addresses of their on-premises systems and
integrate with resources in AWS seamlessly.
Using Direct Connect is key for the continuous CDR/file transfer use case from sources
such as core switches, packet core, and other record-generating network elements that
may reside in a CSP’s on-premises environment. You don’t have to expose your core
network to the internet, only to a private connection.
AWS Direct Connect is a cloud service solution that enables you to establish a
dedicated network connection from a CSP data center to AWS. Using AWS Direct
Connect, CSPs can establish private connectivity provides some main benefits that fit
the following MediationZone use case:
• Reduce your network bandwidth costs — For bandwidth-heavy workloads such

as mediation, where a small-sized CSP of about a million subscribers generates 60
TB of input data per month, AWS Direct Connect reduces your network costs into
and out of AWS in two ways. First, by transferring data to and from AWS directly,
you can reduce your bandwidth commitment to your internet service provider.
Second, all data transferred over your dedicated connection is charged at the
reduced AWS Direct Connect data transfer rate rather than internet data transfer
rates.
• Increase bandwidth throughput — AWS Direct Connect enables you to scale your
connection to meet your needs. AWS Direct Connect provides 1 Gbps and 10 Gbps
connections, and you can provision multiple connections using a link aggregation
group (LAG) if you need more capacity.
• Provide a more consistent network experience than internet-based
connections — Network latency over the internet can vary because the internet is
constantly changing how data gets from point A to point B. With AWS Direct
Connect, you choose the data that utilizes the dedicated connection, and how that
data is routed. This can provide a more consistent network experience over internet-
based connections.
• Establish a highly resilient network connection between AWS and your on-
premises infrastructure — Highly resilient, fault-tolerant network connections are
key to a well-architected system. AWS recommends connecting from multiple data
centers for physical location redundancy. See AWS Direct Connect Resiliency
Recommendations.
Figure 9 — Maximum resiliency for critical workloads
Example Deployment
The following example gives a high-level view of the required infrastructure to run
MediationZone on AWS, with estimated costs. Having multiple Execution Zones (ECs)
is very typical, as they handle all processing, both offline (batch) and online (real-time).
It is good practice to have several ECs, both for load distribution purposes and high
availability (HA) purposes. A batch deployment typically does not need any active
stand-by, while many real-time protocols rely on an active alternative. Parallelization is
customary in load-balancing scenarios, so a minimum of 2 Execution Contexts are
recommended for real-time deployments. Figure 10 shows a combined batch and real-
time convergent deployment.
Figure 10 — Example of a combined batch and real-time convergent deployment
Some notes on good practice and behavior for convergent type of deployments:
• Batch and real-time processing should have separate ECs.

• Real-time processing should be replicated at least once.
• The affinity rules for real-time ECs should be one per host.
• There is no built-in load balancer on the collection side in MediationZone for real-
time protocols. Load balancing services for selected protocols such as Diameter
can be load balanced using ELB in AWS. These are included in the provided
AWS installation templates, where applicable.
Table 3 describes a benchmark traffic profile for a small CSP, and the corresponding
sizing to start from.
Table 3 — Benchmark traffic profile
Use case Metric Workflow complexity
Batch/Offline interfaces (CDRs) 4 million CDRs Collection, decoding (ASN.1 data),

per day deduplication, enrichment,
aggregation, and forwarding to
billing system
Real-time/Online Interfaces 2,000 TPS Integration with OCS

(such as HTTP/2, Diameter)
Production Environment
Kubernetes Pod requirements
Table 4 — Kubernetes Pod requirements for EKS
Type Name Required # of Compute requirements

pods
Execution context Batch 1 2 vCPU
Execution context Online 2 2 X 2 vCPU
Web MZ_Internal 1 0.1 vCPU
Operator MZ_Internal 1 0.1 vCPU
Platform MZ_Internal 1 0.5 vCPU
Total 6.7 vCPU
AWS Services Requirements

Table 5 — Production environment estimated costs
Service Count Monthly Type/Size Comments

(USD)
EKS control 1 cluster 72 0.10 USD per hour

plane
EKS Worker 2 instances* 241.10 m5.xlarge Each instance is 4

nodes vCPU allocated,
16G RAM
RDS 1 cluster 114.74 db.t3.small 2 vCPU, 2GiB

Memory, Multi-AZ
ELB 1 instance 19 N/A 100 GB data

processed per
month
S3 50 TB 640.00 S3 Standard, For archival needs

infrequent access
EFS 1 filesystem 165.00 500 GB Pay only for the

amount of file
system storage
you use per month
Estimated monthly AWS 1232.74

costs**
* At least 2 container instances, spanning 2 AZs for high availability.

** Estimated based on 1 Year Reserved Instance pricing in Ireland (eu-west-1) Region.
DEV/TEST Environment
Table 6 — Development and Test environment estimated costs

(USD)
EKS control 1 cluster 72 N/A 0.10 USD per hour

plane

(USD)
EKS Worker 1 instance 89.33 m5.large 2 CPU cores

nodes allocated, 8G RAM
RDS 1 instance 116.74 db.t3.small 2 vCPU, 2GiB

Memory, Single-AZ
S3 10 TB 128 S3 Standard, For archival needs

Infrequent Access
EFS 1 filesystem 33.00 100 GB Pay only for the

amount of file
system storage you
use per month
Estimated monthly AWS 439.07

costs*
** Estimated based on-demand (100% Utilized/Month) pricing in Ireland (eu-west-1)

Region. This can be optimized depending on the usage patterns of the environment per
CSP.
More About AWS Services

Regions and Availability Zones
As of the date of this publication, AWS spans 77 Availability Zones within 24 Regions
around the world. Each AWS Region is a separate geographic area that is isolated from
the other Regions. Regions give you the ability to place resources, such as Amazon
EC2 instances and data, in multiple locations. Resources aren't automatically replicated
across Regions unless you specifically do so. An AWS account provides multiple
Regions, so you can launch your applications in locations that meet your requirements.
For example, you might want to launch your applications in Europe to be closer to your
European customers or to meet regulatory requirements. Each Region has multiple,
isolated locations known as Availability Zones. Each Availability Zone runs on its own
physically distinct, independent infrastructure, and is engineered to be highly reliable.
Common points of failure, such as generators and cooling equipment, aren’t shared
across Availability Zones. Each Availability Zone is isolated, but Availability Zones within
a Region are connected through low-latency links. For more information about Regions
and Availability Zones, see Global Infrastructure.
Amazon Virtual Private Cloud

Amazon Virtual Private Cloud (Amazon VPC) enables you to provision a logically
isolated section of the AWS Cloud in which you can launch AWS resources in a virtual
network that you define. You have complete control over your virtual networking
environment, including selection of your own private IP address range, creation of
subnets, and configuration of route tables and network gateways. You can leverage
multiple layers of security, including security groups and network access control lists, to
help control access to EC2 instances in each subnet. Additionally, you can create a
hardware virtual private network (VPN) connection between your corporate data center
and your VPC, and then leverage the AWS Cloud as an extension of your corporate
data center.
Amazon Elastic Compute Cloud

Amazon EC2 is a web service that provides resizable compute capacity in the cloud that
is billed by the hour or second. As of the date of this writing, you can run virtual
machines (EC2 instances) ranging in size from 1 vCPU to 128 vCPU, and memory
sizes from 0.5 GB memory to 24 TB memory.
Amazon EC2 provides a wide selection of instance types optimized to fit different use
cases. Instance types comprise varying combinations of CPU, memory, storage, and
networking capacity, and give you the flexibility to choose the appropriate mix of
resources for your applications. Each instance type includes one or more instance
sizes, which enables you to scale your resources to the requirements of your target
workload.
Amazon EC2 currently has instances for virtually every business need. AWS offers
instances with a choice of Intel, ARM and AMD. EC2 supports GPU instances, and 100
gigabits per second (Gpbs) Ethernet connectivity for high-volume workloads.
Amazon Machine Images (AMIs) are pre-configured with an ever-growing list of

operating systems. We work with our partners and community to provide you with the
most choices possible. You are empowered to use our bundling tools to upload your
own operating systems. The operating systems currently available to use with your
Amazon EC2 instances include:
• Windows Server 2012/2016/2019

• Oracle Linux
• Red Hat Enterprise Linux
• Ubuntu
• SUSE Linux
Amazon Relational Database Service

Amazon RDS is a web service that makes it easier to set up, operate, and scale a
relational database in the cloud. It provides cost-efficient, resizable capacity for an
industry-standard relational database, and manages common database administration
tasks. Amazon RDS provides you with six familiar database engines:
• Amazon Aurora
• PostgreSQL
• MySQL
• MariaDB
• Oracle
• SQL Server
With Amazon RDS you can go from project conception to deployment, using the AWS
console or CLI to access a production-ready database, in minutes. There is no need to
install and maintain database software or infrastructure provisioning. You can scale your
database with only a few mouse clicks or an API call, often with no downtime.
Amazon Simple Storage Service (Amazon S3)

Amazon S3 is an object storage service that offers industry-leading scalability, data
availability, security, and performance. This means organizations of all sizes and
industries can use it to store and protect any amount of data for a range of use cases,
such as websites, mobile applications, backup and restore, archive, enterprise
applications, IoT devices, and big data analytics.
S3 provides easy-to-use management features so you can organize your data and
configure finely-tuned access controls to meet your specific business, organizational,
and compliance requirements. S3 is designed for 99.999999999% (11 9s) of durability,
and stores data for millions of applications for companies all around the world.
Amazon Elastic File System (Amazon EFS)

Amazon EFS provides a simple, scalable, fully managed, elastic network file system
(NFS) for use with AWS Cloud services and on-premises resources. It is built to scale
on demand to petabytes without disrupting applications, growing and shrinking
automatically as you add and remove files, eliminating the need to provision and
manage capacity to accommodate growth.
Amazon EFS offers two storage classes: The Standard storage class, and
the Infrequent Access storage class (EFS IA). EFS IA provides price/performance cost-
optimized for files that are not accessed every day. By simply enabling EFS Lifecycle
Management on your file system, files not accessed according to the chosen lifecycle
policy will automatically and transparently be moved into EFS IA. The EFS IA storage
class costs only $0.025/GB-month*.
While workload patterns vary, customers typically find that 80% of files are infrequently
accessed (and suitable for EFS IA), and 20% are actively used (suitable for EFS
Standard), resulting in an effective storage cost as low as $0.08/GB-month*. Amazon
EFS transparently serves files from both storage classes in a common file system
namespace.
Amazon EFS is designed to provide massively parallel shared access to thousands of
Amazon EC2 instances, enabling your applications to achieve high levels of aggregate
throughput and IOPS with consistent low latencies.
Amazon EFS is well suited to support a broad spectrum of use cases from home
directories to business-critical applications. Customers can use EFS to lift-and-shift
existing enterprise applications to the AWS Cloud. Other use cases include:
• Big data analytics

• Web serving and content management
• Application development and testing
• Media and entertainment workflows
• Database backups
• Container storage
Amazon EFS is a regional service storing data within and across multiple Availability
Zones (AZs) for high availability and durability. Amazon EC2 instances can access your
file system across AZs, regions, and VPCs, while on-premises servers can access
using AWS Direct Connect or AWS VPN.
Amazon Elastic Kubernetes Service (Amazon EKS)

Amazon EKS enables you to deploy, manage, and scale containerized applications
using Kubernetes on AWS.
Amazon EKS enables you to provision and manage the compute capacity for your
cluster with a single command. EKS manages worker nodes for your cluster using the
latest EKS-optimized AMIs in your AWS account, while node updates and terminations
drain nodes to ensure your applications stay available.
Amazon EKS supports both Windows Containers and Linux Containers, to enable all
your use cases and workloads.
AWS Auto Scaling

AWS Auto Scaling monitors your applications, and automatically adjusts capacity to
maintain steady, predictable performance at the lowest possible cost. Using AWS Auto
Scaling, you can set up application scaling for multiple resources across multiple
services in minutes. The service provides a simple, powerful user interface that enables
you to build scaling plans for resources, including Amazon EC2 instances and Spot
Fleets, Amazon ECS tasks, Amazon DynamoDB tables and indexes, and Amazon
Aurora Replicas.
AWS Auto Scaling provides recommendations that enable you to optimize performance
and costs, or balance between them. If you’re already using Amazon EC2 Auto Scaling
to dynamically scale your Amazon EC2 instances, you can combine it with AWS Auto
Scaling to scale additional resources for other AWS services. With AWS Auto Scaling,
your applications always have the right resources at the right time.
AWS Direct Connect

AWS Direct Connect is a cloud service solution that enables you to establish a
dedicated network connection from your premises to AWS. Using AWS Direct Connect,
you can establish private connectivity between AWS and your datacenter, office, or co-
location environment. In many cases, this can reduce your network costs, increase
bandwidth throughput, and provide a more consistent network experience than internet-
based connections.
AWS Direct Connect enables you to establish a dedicated network connection between
your network and one of the AWS Direct Connect locations. Using industry standard
802.1q VLANs, this dedicated connection can be partitioned into multiple virtual
interfaces. This enables you to use the same connection to access public resources,
such as objects stored in S3 using public IP address space, and private resources such
as Amazon EC2 instances running within an Amazon VPC using private IP space, while
maintaining network separation between the public and private environments. Virtual
interfaces can be reconfigured at any time to meet your changing needs.
Amazon Route 53
Amazon Route 53 provides highly available and scalable Domain Name System (DNS),
domain name registration, and health-checking web services. It is designed to give
developers and businesses an extremely reliable and cost-effective way to route end
users to internet applications by translating names such as “example.com” into the
numeric IP addresses, such as 192.0.2.1, that computers use to connect to each other.
You can combine your DNS with health-checking services to route traffic to healthy
endpoints, or to independently monitor and/or alarm on endpoints. You can also
purchase and manage domain names, and automatically configure DNS settings for
your domains.
Route 53 effectively connects user requests to infrastructure running in AWS, such as

Amazon EC2 instances, Amazon ELB load balancers, or S3 buckets, and can also be
used to route users to infrastructure outside of AWS.
Conclusion
CSPs and enterprises readying for 5G networks, or those that want to transform their
legacy infrastructures and applications to deliver business value, will require adopting a
modern mediation application, agile ways of working, flexible application architectures,
and modern development practices that take full advantage of the AWS Cloud.
This paper serves as a deep dive into how MediationZone solves business problems in
the industry by leveraging an AWS cloud-native application architecture. It explains how
this is achieved by running a scalable, resilient, usage data platform that can handle the
exponential growth of data generated by an organization’s network. Running
MediationZone on AWS is a proven platform with experience in massive scale
workloads.
About DigitalRoute
The following quote is from the DigitalRoute website.
DigitalRoute, the only standalone mediation provider, has helped companies

monetize usage data for 20 years. Telecoms and enterprises use our platform for
billing mediation, usage-based monetization, quote-to-cash automation and
finance system consolidation. DigitalRoute has the only platform that is purpose
built to convert raw usage data into billable items, enabling more than 400
companies to capitalize on the growing wave of usage-based commerce.

DigitalRoute’s Usage Data Platform provides fast and accurate usage data
management in some of the most complex environments in the world.
About MediationZone
MediationZone is DigitalRoute’s cloud-native usage data platform (UDP) that empowers
organizations to liberate the value hidden in their usage information via a unique
approach to managing usage data. This approach supports multiple mission-critical
aspects of their business. MediationZone is designed so that DigitalRoute customers
benefit from fewer integration points and flexible data management.
MediationZone bridges components residing in any type of network architecture,

providing comprehensive functionality that ensures that systems can communicate with
each other as effectively as possible. Information is created based on raw data
distributed across any number of network elements and systems. Data streams are
optimized and enriched, translating into reduced cost for hardware, software licenses,
and maintenance while providing new opportunities to differentiate and personalize
services.
MediationZone is designed for online and offline processing on one platform. File-based
collection and processing is configured with the same graphical workflow technology
that is used to create bi-directional, real-time communication streams.
Design and change in MediationZone is achieved through configuration rather than

hard-coding. An intuitive and powerful drag-and-drop management user interface
covers all aspects of workflow design.
Once configured, workflows are automatically deployed, and scale according to
configured guidelines. The solution can elastically scale as the load on the system
changes. High availability capabilities ensure that workflows are executing at all times.
Processing functions include analysis, filtering, cloning, splitting, routing, normalization,

correlation/aggregation, de-duplication, validation, enrichment, and more. The standard
agents can be configured to support operator-specific business logic without the need
for customization of the standard product.
Integration with external systems for data exchange is achieved with plug-ins, which
implement the protocols to be used when communicating with other systems. A large
number of APIs and protocols are supported off-the-shelf, both for interfacing as well as
for secure and consistent operation. MediationZone configuration and control logic is
centrally managed, while processing can be distributed or scaled over multiple nodes in
a cluster.
Contributors
Contributors to this document include:
• Markus Björne, Technical Product Manager, DigitalRoute AB

• Tor Blomdell, Head of Products, DigitalRoute AB
• Ahmed ElHaw, Sr. Solutions Architect, Amazon Web Services
• Visu Sontam, Sr. Partner Solutions Architect, Amazon Web Services
Further Reading
For additional information, see:
• 5G Network Evolution with AWS (whitepaper)

• AWS in Telecom
• AWS Cloud Security
• Data Lakes & Analytics
• Machine Learning on AWS
• Fraud Detection Using Machine Learning
• Predicting Customer Churn with Amazon Machine Learning
Document Revisions
Date Description
December First publication

2020

Digitalroute'S Mediationzone On Aws: Architectural Overview

Uploaded by

Copyright:

Available Formats

Digitalroute'S Mediationzone On Aws: Architectural Overview

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Digitalroute'S Mediationzone On Aws: Architectural Overview

Uploaded by

Copyright:

Available Formats

Amazon Web Services DigitalRoute’s MediationZone on AWS

Amazon Relational Database Service ...........................................................................44

About Billing Mediation

About Usage Management

Characteristics of Mediation Systems

• Pre-integration — The systems and network elements of virtually all

On-premises Mediation Deployment Challenges

Challenges with CDRs and Demanding Disks

Backup and Retention IT and Regulatory Policies,

Stale Data that can be Used for Analytics

Dimensioning Pain Point

• The number of files

Operational Issues with Backlogs

Fixed Resources and Fixed Environments

Restricted and Limited Access

The Future of Mediation Systems with AWS

Why MediationZone on AWS?

Benefits of the AWS Cloud

Ensure Security with the Shared Responsibility Model

Off the Shelf High Availability Across Different

About Availability Zones

All AZs in an AWS Region are interconnected with high-bandwidth, low-latency

Network performance is sufficient to accomplish synchronous replication between AZs.

Different Billing Options for Different Environments

Elasticity for All Traffic Types

MediationZone uses a modern application development approach built on top of a

No End-of-Life for Hardware or Platform

Data Lakes and Machine Learning

Figure 1 —MediationZone workflow designer - Batch workflow example

Aggregation and Correlation

Enrichment and Transformation

Figure 2 — A new workflow in MediationZone is dynamically provisioned

Application and System Overview

Figure 3 — The three layers of a MediationZone platform

Functional Integration Overview

Figure 4 — MediationZone in the Telco BSS landscape

Deployment Overview on AWS

workflows. The Execution Context Deployment is managed as one complete package

MediationZone Architecture on AWS

Figure 5 — Example MediationZone deployment

Component Tier Purpose Deployment

Execution Application Executes business Container on

Desktop Application Provides the UI Container on

Platform Application Hosts configurations, Container on

Load Application Load balancing AWS ELB

File Data Interface with Amazon S3

Long term Data Backup and long term Amazon S3

Internal file Data Record aggregation, Amazon

Internal Data/Persistence Stores internal Amazon

Component High availability Responsibility

Kubernetes Control At least two API server Managed by AWS

Kubernetes worker Spread across a minimum of Configurable by user, managed

Amazon S3 Standard S3 operates in a Managed by AWS

Amazon RDS Multi-AZ deployment Configurable by user, Managed

Amazon EFS Objects are redundantly Managed by AWS

How Does Amazon EKS Work?

Amazon EKS Control Plane

Amazon EKS Nodes

Amazon RDS – Postgres (Multi-AZ)