Covering Disruptive Technology Powering Business in The Digital Age

image
Network Digital Twins: The Next Revolution in Network Management
image

Attributed to: Allison Freedman, Product Marketing Manager, Keysight Technologies

The communication network infrastructure of data centers, telecom companies, and militaries are vast and complex. Their operations, uptime, performance, and security have always required constant monitoring. The increasing popularity of cloud computing and artificial intelligence has further complicated these networking concerns. Additionally, regulators, investors, and customers are paying increasing attention to the sustainability, energy consumption, and emissions of networking infrastructure.

In this demanding business environment, digital twin technology and automation offer solutions for many networking challenges.

A network digital twin is a highly detailed virtual model of a real wired or wireless network that models its architecture and components while accurately mirroring its real-time state, configuration, and behaviour. This digital model is a safe environment for analyzing, optimizing, and predicting network performance and behaviours under various scenarios.

A network digital twin models the dynamic behaviour and functionality of a wired or wireless network, and it communicates with the physical network and its network management systems to obtain real-time data like its network metrics and traffic. It can send reconfiguration commands to the physical network’s devices for optimizing some aspects of the network, and it can use physical and environmental data collected from temperature sensors or data acquisition systems to inform its optimization strategies. This is unlike traditional network management where network planning generally does not consider such aspects directly.

Another major difference is that a network digital twin replicates the physical network for its entire lifespan. So the twin must accommodate long-term activities like equipment upgrades, downtimes, and decommissioning. In contrast, network models and simulators are generally only used in initial design stages until the network is deployed.

Network twins can therefore transcend the restrictions of physical networks, in terms of costs, security policies, and allowed configuration changes. The twin is an enabler of a higher level of decision-making that’s based on aggregate network performance metrics, environmental factors, regional traffic patterns, sustainability goals, and other such factors that are traditionally outside the scope of network management.

The most important component of a network digital twin is the network topology. It models all the relevant network devices with their layer two and layer three identifiers, and their connections relevant to the use case.

Other key components of network digital twins include device characteristics of the network equipment, control and application traffic as well as traffic profiles for various use cases, network and device configurations, various network protocols and their required data for realistic emulation, cybersecurity aspects like firewall rules, device vulnerabilities, and possible cyber attacks, physical environment of the network, and device locations and surrounding land topology for use cases like telecom networks.

Cybersecurity posture

The physical network’s cybersecurity posture, consisting of its network security and data security aspects, is a crucial input for developing a high-fidelity network digital twin.

Security-related inputs to network digital twins include vulnerability assessments. Vulnerabilities in the physical network are identified using vulnerability scanners. These assessments become inputs to the modeling of cyber attack scenarios using the network digital twin.  The configurations of security devices like firewalls, intrusion detection and prevention systems, and physical access control systems are also crucial inputs to digital twin scenarios.

These inputs are used to model cyber attack scenarios. Different types of cyber threats are modeled and simulated in the controlled, isolated virtual environment of a network digital twin. They include denial of service, malware, intrusion, and eavesdropping attacks. These simulations enable security engineers to understand network behaviours and operational functionalities when under attack.

AI techniques like reinforcement learning can be trained to test long and complex exploit chains on the network digital twin. Generative neural networks like large language models can extract useful information from security-related vulnerability, incident, and assessment reports and dynamically generate appropriate exploit code. This code is run on the digital twin to simulate a cyber attack and study its impacts.

Realistic simulations often uncover previously unknown vulnerabilities in the network. These new weaknesses are added to the vulnerability database for future simulation cycles. And cyber attack mitigation and remediation workflows can be tested and hardened on the network twin in preparation for real attacks.

These network security applications on the digital twin help to discover more resilient network architectures and device configurations, which can then be applied to the physical network.

AI for network digital twins

In large enterprise networks, many intangible interactions and invisible cause-effect relationships exist. For example, a changed router configuration in part of a network may result in a kind of butterfly effect on the latency of an entire segment of the network.

AI enables the modeling and discovery of such emergent phenomena and latent relationships that lie hidden in the network and surface only under specific conditions. The training data for such AI models is obtained by simulating relevant traffic on the digital twin and recording network configurations and metrics.

Some concrete examples of such AI-enabled digital twin studies include reinforcement learning run on digital twins to simulate what-if scenarios, , the application of machine learning (ML) techniques to network data from digital twins to enable advanced optimizations that are generally not considered when managing typical physical networks. ML models can use aggregate metrics like a geographical area’s net throughput or environmental factors like power consumption — factors that are normally outside the scope of network management — to suggest optimizations.

For failure analysis, patterns in network failures and outages can be identified using algorithms like anomaly detection and time series forecasting on the metrics collected from the digital twin. Troubleshooting procedures for them can then be formulated and verified on the twin.

Network digital twin challenges

Implementing and maintaining network digital twins are not without challenges.

Networks can involve hundreds to thousands of network devices, each with its own complex configuration and behaviour. For example, 5G/6G telecom and data center networks are vast and complex, while the aim is to accurately model the network dynamics resulting from the interplay of relevant communication protocols, system configurations, network topology, physical network environment, and application traffic observed in  specific scenarios.

Modeling and simulation must be at a speed and scale required to get statistically valid and meaningful results without compromising accuracy but, over time, there is a risk of configurations and behaviours programmed in a network twin diverging from those of the underlying physical network. To minimize this, automation needs to regularly sync the networks as well as sync them after any manual configuration changes.

Syncing requires real-time integration between the physical network’s hardware and software and the ones modeled in the twin. This can be very challenging because of multiple vendors and a lack of standardization in hardware and software interfaces. But these issues can be minimised  by limiting the scope of a network twin to address specific problems.

Going forward, practical use cases for network digital twins include dynamic network planning and optimization of data centers based on device locations, power usage, power capacity, and other such factors.

For example, temperatures and power consumption can be measured using internet of things (IoT) sensors or data acquisition (DAQ) systems connected to racks. If these metrics start crossing some thresholds, traffic can be throttled or dynamically routed through other paths to keep them under control.

Such measures are increasingly necessary to comply with sustainability and emission targets mandated by regulations.

Network digital twins can also dynamically optimize routing and power configurations of optical networks, based on measurements of physics phenomena like attenuation, dispersion, and nonlinear effects.

In mobile networks, network twins can use real-world factors like channel congestion and radio frequency power to dynamically optimize beamforming parameters, network element configurations, power usage, and more.

If such dynamic changes are applied directly to a physical network, it can degrade the quality of service for users or inadvertently breach emission power limits. However, engineers can safely experiment with them on the digital twin to find optimal configurations.

A concrete example of this is the use of AI and network digital twins for 5G mobile edge computing networks to optimize resource allocation and energy savings using reinforcement learning.

(0)(0)

Archive