BT tech boss happy UK has blocked public cloud in telecom

　　A backlash against American technology companies was visible in parts of the world long before Liberation Day. Yet the tariffs unleashed by US President Donald Trump last week certainly won't help them win friends. In the UK, the government has quickly drawn up a list of potential targets it could hit in retaliation. On the telecom side, it includes components such as passive optical splitters, sold by the likes of Claremont-headquartered CommScope. Software, as an intangible service, is off the list. But US public cloud already concerned the Brits and their telcos.

　　Back in January, the UK government published the provisional findings of a long-running investigation into the UK's cloud services market. Unsurprisingly, they show it is dominated by AWS and Microsoft, each of which holds an estimated share of 30% to 40%, with Google in a strong third place. Customers likely pay more than they should in a "well-functioning market," and that money could be reinvested elsewhere, said the government. Microsoft was also effectively accused of hindering customer attempts to run its software on AWS or Google.

　　Implementation of the UK's Telecom Security Act (TSA), meanwhile, is stymying efforts by public cloud providers to advance into networks. The legislation now coming into force is partly why Three UK, the smallest of the four UK mobile network operators, recently opted for a private cloud supplied by Ericsson for its new 5G core.

　　"The TSA is restricting heavily the amount of network control plane and network decision-making tools that can be in the public cloud," said Iain Milligan, the operator's chief network officer, in January. "You'd be buying an AWS, a Microsoft or a Google just for the badge. It wouldn't be a public cloud hyperscaler capability thing, because the TSA from March 27 restricts 80% of the ability to do that."

　　Keeping it on prem

　　BT, which runs the country's biggest mobile network by customer numbers, has also flown around the public cloud for its telco workloads and straight into a private one of its own creation. BT's Network Cloud, as the operator calls it, represents a marked contrast to the approach taken by Telefónica Germany, which runs part of its 5G network at AWS facilities inside Germany. Howard Watson, BT's chief security and networks officer, doubts UK legislation would allow BT to do that even if it wanted. "We haven't fully tested that because we don't plan to do it, but I don't think it would," he told Light Reading.

　　The latest rules, as described by Watson, essentially divide IT and telco workloads into three domains or categories. Domain 1 includes important network stuff such as the mobile core, with its control plane and user plane, as well as the Internet Protocol (IP) multimedia subsystem (IMS) and IP routing. In Watson's view, all that "absolutely has to be on premises."

　　"It's further than any other country has got with this, but you can't argue with it," said Watson of the TSA. "It's the right thing to be doing. And the good thing is that it applies to all telcos and is phased over a four-year implementation period. The hardest stuff we've been given more time to do."

　　Built with the support of Canonical, a UK-based software company, Network Cloud hosts control plane functions at eight BT sites in the UK and its user plane at 16. Each of those user plane sites performs like a relatively unburdened strongman, able to shoulder up to three times the normal load. "In other words, you could have two failures, and they could shift their user plane traffic to a third node," said Watson.

　　All this means BT takes only the core network applications from Ericsson, its vendor, and not the cloud platform the Swedish company provides to Three UK and various other telcos. Offering proof of its status as a multitenancy platform, able to support numerous third-party applications, Network Cloud also hosts RADIUS, a technology used for broadband authentication, besides the Ericsson core. BT is currently debating whether to put IMS on it, too.

　　It has not been easy. Within BT, a team of about 50 or 60 experts are employed to configure Network Cloud for any specific workload it must support. While there is some commonality between Canonical, IBM's Red Hat and other developers of cloud platforms, the industry does not have a uniform approach. "It's nowhere near a standard," said Watson. "You can't get away with it being as standardized as it is in the IT environment."

　　Taking charge

　　The criticism usually levelled at BT and other telcos building bespoke cloud platforms is that it results in fragmentation and makes work harder for the software developers, such as Ericsson, faced with a multitude of options. Commonly used software tools like Kubernetes, an orchestration system, are helping to address that.

　　But coalescing around a few big hyperscaler platforms would make better economic sense, insist critics. Nor must workloads necessarily be hosted in hyperscaler facilities. In the US, AT&T has deployed Azure Operator Nexus, described by Microsoft as a "hybrid cloud," at its own premises. Similarly, for its user plane function, Telefónica Germany has begun to install Outposts servers from AWS at Telefónica sites. Investment in those hyperscaler platforms and the technologies that surround them is impossible to match.

　　Watson concedes that Network Cloud cannot hope to measure up in some areas. "The tooling in public cloud-native deployments is impressive and better than we could do on premises," he said. But that does not offset the disadvantages of ceding control, he believes.

　　"where your customer data has gone is the overriding worry for me, and I quite like to be able to manage the traffic workloads myself and not delegate them," he explained. "If there's an outage, you're waiting for somebody else to fix it. You are putting the service you provide to customers in a wider set of third-party hands that may not operate all the same SLAs [service level agreements] customers are used to."

　　Under the TSA, UK telcos would appear to have greater flexibility to use the public cloud in Domains 2 and 3. According to Watson, Domain 2 covers real-time operational support systems related to inventory, provisioning and assurance. Domain 3, meanwhile, includes customer order management, billing and SAP-like enterprise systems. "You could probably still do whatever you like with it – on premises, hybrid cloud, public cloud," he said. "Domain 1, you certainly can't – it's got to be on premises – and we also think it makes sense for Domain 2 to be on premises."

　　The separate UK investigation of its cloud services market now threatens further trouble for the dominant US hyperscalers. Europeans also look antsier about reliance on AWS, Microsoft and Google. In the aftermath of Liberation Day, European Commission President Ursula von der Leyen suggested Europe's response could include tariffs imposed on digital services.

　　Even before last week, new concerns had arisen in the discussion about digital sovereignty. So far, US tech giants have been able to satisfy regulators by ensuring customer data is locally stored. In future, they could be at risk if they cannot meet a more stringent definition of what constitutes a trusted sovereign partner. "It feels like public cloud is in a bit of a reversal in terms of IT workloads," said Watson. In today's world, things seem unlikely to improve.