[wp_tech_share]

 

Credit: RSA Conference 2023

 

Last week was the RSA Conference 2023 in San Francisco, the annual gathering of security vendors and their customers to review the latest in cybersecurity. This year’s theme was “Stronger Together.” According to the conference, it was selected to highlight that when the cybersecurity community works together, it strengthens the community.  Over 600 vendors heeded the call to come together in the vast halls of the Moscone Center.  While I had no intention of meeting with even a tenth of the vendors at RSAC 2023, I did meet with nearly 30 vendors across a swath of the vendor landscape.  (If you are a client of my research services, I will shortly send an email with thoughts from my meetings.)

For me, RSAC 2023 ended up a glass-half-full and half-empty event. While there was tangible progress and innovation, it lacked the same buzz of the 2022 and 2020 editions (2021 was canceled due to the pandemic). In this blog, I examine the three reasons I believe this was.

1) Zero Trust, Data Security, and Software Security were hot buzzwords but no common winner across the show. Meanwhile, SASE/SSE lost some intensity.

 During the worst of the pandemic, the rise of remote/hybrid work and attacks on Internet-based applications caused the industry to rally behind SASE and runtime app security solutions.  But all good parties must start winding down.

SASE appears to have come down from an apex in the last couple of years because, at RSAC 2023, it was no longer a pivotal conversation. Perhaps there is some marketing fatigue, but other externalities are at play, such as a reduced number of full-time remote workers as some have returned to the office full-time.

Similarly, the hot discussion about runtime application security (such as API security) has spread out as part of the “left shift” movement to greater design/coding security.  Now, there’s a greater breadth and depth of solutions to consider as part of a comprehensive cloud application security that inevitably has shifted the conversation to more generalized concepts like data and software security. As a result, cloud application architects now have an abundance of tools to contemplate. But, unfortunately, where to start is daunting, and the market fragmentation isn’t making it any easier.

Beyond what I noted above for SASE and cloud security, there was the factor of increased macroeconomic pessimism. Enterprise IT is no longer on a spending spree as it had been just last year. For vendors, it seems to have led to playing RSAC 2023 conservatively.

2) AI (artificial intelligence)-drive ChatGPT is coming to security, but we’re just scratching the surface of possibilities with AI

Unless living off the grid, you probably have heard, or even have tried, ChatGPT, the chatbot driven by AI technology that eerily feels human. From passing law exams at the University of Minnesota to writing computer code, ChatGPT has shined a bright light on AI and generated many new discussions about the possibilities for AI. So, it wasn’t surprising to hear ChatGPT dropped by more than a few vendors at RSAC 2023.

ChatGPT wasn’t part of the formal vendor marketing messages on the show floor – the arrival of ChatGPT happened too recently have made it into any of the marketing  – but many vendors in discussions talked up adding AI-driven natural language processing (solution-specific ChatGPT-like chatbot engines). Natural language processing promises that it will make solutions easier to use and increase the effectiveness of security admins. For example, rather than hunting through dashboards or reams of events, the security admin will be able to ask questions such as, “Where is my greatest security risk?”

Though ChatGPT brought AI awareness to the masses, AI has been in play for several years in the security industry, specifically in threat detection.  One of the first examples I remember was the 2020 firewall announcement by Palo Alto Network. It added machine learning to the firewall to improve malware and phishing detection.  Since then, I’ve run across other examples of AI-powered threat detection.  Still, the maturity and power of AI-drive detection need to improve. Of course, human security researchers are still vital, but I suspect AI will incrementally enhance and reduce the reliance over time.

3) Applications and IT infrastructure security are still top of mind but were – unfortunately –worlds apart.

It used to be that IT infrastructure teams held the keys to the security kingdom since applications could only get deployed once the infrastructure team did so. Infrastructure owned the servers, storage, and networking that applications relied upon.

From a security perspective, infrastructure teams tended to put significant thought into the application data security lifecycle because, over many years, they had come to understand the security implications of data in motion, in use, and at rest.

However, applications teams hated having to wait for the infrastructure teams. The infrastructure teams lost most of the security control when the cloud-based paradigm arrived with its continuous integration/continuous development (CI/CD) on ephemeral infrastructure (also known as a cloud DevOps culture).  Applications teams could now do as they pleased without involving or waiting for the infrastructure teams.  But unfortunately, cloud application security is far from as mature as it had been in the traditional monolithic days involving the infrastructure team. Consequently, security posture has suffered and led to notable cloud breaches.  However, as the saying goes, necessity is the mother of invention.

The last seven years have seen a bumper crop of new cloud workload security vendors (from acquired startups like Dome9, Twistlock, and PureSec to more recent pure-plays like Lacework, Orca Security, and Wiz).  These vendors are in tune with application developers’ operations and have identified key points in their workflows to insert security. The space is evolving quickly, and seeing how many were represented at RSAC 2023.  For the interested reader, in October 2022, I put out my first Advanced Research Report on Cloud Workload Security detailing market evolution and TAM (total addressable market).

Nonetheless, it was disheartening how these two camps, the infrastructure and application security, literally lived in different worlds at RSAC 2023. The north expo hall had the infrastructure security vendors, and the south hall had the applications security vendors.  Enterprise infrastructure and application teams must work together for the common security good. Still, developing beneficial synergies will be impossible if the vendors they rely on occupy different worlds. In addition, because application development moves to be “cloud-native,” it doesn’t eliminate the need and possibilities with the enterprise infrastructure teams.

Yes, the glass was half full and half empty on several fronts at RSAC 2023. But, then again, nothing is ever perfect, nor will it be. So rather than ending on this bittersweet note, I’ll end on a positive and highlight that my conversations at RSAC 2023 were enthusiastic, rich, and insightful, which demonstrated that as we come together, we do get stronger.

I look forward to RSAC 2024.

[wp_tech_share]

2022 marked a record year for broadband spending around the world, as service providers forged ahead with major network upgrades and expansions. In many cases, the focus of these investments was to expand the reach of fiber for business and residential services with the ultimate aim of de-commissioning legacy copper and DSL networks.

A major part of these network upgrades was the investment in PON technologies with the ability to deliver 10Gbps of bandwidth across a single OLT port, which is then shared by dozens of subscribers. The short-term goal is to be able to deliver symmetric 1-5Gbps of bandwidth consistently to each residential subscriber. The focus on delivering these speed tiers has resulted in a significant jump in the purchasing of 10Gbps-capable technologies, including 10G EPON, XG-PON, and XGS-PON. From 2020 to 2022, spending on OLT platforms and ONTs supporting 10Gbps technologies jumped 308% (Figure 1).

Figure 1: Worldwide 10Gbps-Capable PON Equipment Revenue

 

While these technologies will serve most operators well for the next 5 years operators in a growing number of markets want to ensure that the significant investments they are making today in expanding their fiber networks and ODN won’t be regrettable investments and that there is a technology roadmap in place that keeps them ahead of their competition in terms of speeds and latency, but also allows them to achieve a number of architectural goals, including delivering both residential and enterprise services using the same technology and ODN; collapsing access and aggregation networks to reduce the total number of network platforms; providing a simplified upgrade path through co-existence of multiple PON technologies, and; delivering wholesale mobile transport services.

Bandwidth demands show no signs of slowing, with the ITU having estimated that worldwide bandwidth consumption grew at a compound annual growth rate (CAGR) of 50% from 2015 to 2021, reaching a total of 932 Tbps, up from 719 Tbps in 2020. With governments and operators alike focused on expanding their networks to get more homes and businesses connected, as well as applications like virtual reality (VR) and online gaming set to expand, bandwidth consumption will almost certainly accelerate throughout the remainder of this decade.

For some operators in highly-competitive environments, 25G PON is the appropriate next step, as short-term demands for bandwidth beyond 10Gbps and for the need to address both residential and business customers from a single ODN push them to act within the next 1-2 years.

Meanwhile, the ITU-T’s 50G PON Standard and corresponding prototype platforms and components continue to evolve quickly, as operators and equipment vendors look to accelerate the availability of products so that they can undergo the rigorous testing and homologation required of any new technology. Considerable effort has already gone into defining the physical layer parameters, latency requirements, and Forward Error Correction (FEC), among other elements.

Already, a number of operators have either conducted early lab trials of prototype equipment or have endorsed the technology as their next choice, including China Mobile, China Telecom, China Unicom, Globe Telecom, Orange, Saudi Telecom, Swisscom, Telefonica Spain, Telekom Malaysia, and Turkcell. Other operators are keeping an eye on the standardization process but are also largely focused on their current rollouts of XGS-PON to make any formal commitment beyond that.

Additionally, a component ecosystem is emerging quickly, driven largely by system vendors who want to get products to market quickly, as operators want to be absolutely certain that the power budget requirements and dispersion penalty, along with the use of digital signal processors (DSPs) does not force any change in the existing ODN.

 

Recent Steps Forward

A number of major steps forward for 50G PON were announced in September 2022, during the ITU-T Study Group 15’s Plenary Meeting. The most significant announcement was the agreement on details for the simultaneous coexistence of all three ITU PON technologies (50G PON, XGS-PON, GPON) on a single ODN. Previously, simultaneous coexistence with GPON and XGS-PON had not been defined, meaning that operators would have to upgrade their GPON networks to XGS-PON prior to beginning their 50G PON deployment.

With the addition of a third upstream wavelength band (1284-1288nm) to the G.9804.1 standard’s existing 1260-1280 and 1290-1310 bands, 50G PON, XGS-PON, and GPON can now live together on a shared ODN. Additionally, combo PON implementations can now be supported using 50G + XGS-PON, 50G + GPON, as well as all three modes (50G + XGS-PON + GPON).

The support of both simultaneous coexistence as well as combo PON implementations is critical addition as operators have said time and again that they do not want to disrupt their ODNs when moving to a new technology. Additionally, operators are expected to make their transition to 50G PON through the use of combo PON, which takes advantage of the existing space in the central office, requires no modifications to the ODN, and does not require the use of a WDM multiplexing device, which can result in optical power loss.

 

Challenges Remain

50G PON represents a significant improvement in bandwidth availability and latency over today’s 10Gbps technologies. However, these benefits don’t come without their challenges. The biggest technical challenges are in the PHY layer. Specifically, the optical power budget required, dispersion penalty, and intersymbol interference (ISI) are all potential hazards in 50G PON systems. As bandwidth increases, overall performance typically declines, especially when the existing ODN defines a 32dB power budget. The use of DSP technology can reduce or eliminate these PHY layer issues. However, previous PON technologies did not use DSPs, so operators will want to test this thoroughly and ensure that point-to-multipoint communications between the OLT port and ONTs are occurring as expected and without error. The DSPs specifically help to reduce the dispersion and bandwidth limitation penalty, as well ensuring that lower-bandwidth GPON and XGS-PON ONTs are supported more efficiently.

At this point, current 50G prototypes are asymmetric, delivering 50G downstream and either 25G or 12.5G upstream. Though system vendors are working through the best options for delivering consistent, symmetric speeds and have already delivered some prototypes using semiconductor optical amplifiers (SOA) and FPGA-based DSPs, the ITU-T SG15 agreed back in September 2022 to further study the options for delivering symmetric speeds. Clearly, operators would prefer a symmetric option as early as possible. But the dramatic increase in downstream bandwidth and billboard speeds should more than suffice until the upstream technologies and components have been standardized and implemented in OLTs and ONTs.

 

Opportunities Continue to Grow

Though early, Dell’Oro Group believes total 50G-PON equipment revenue will increase from less than $3M in 2023 to $1.5B in 2027. Much more significant growth is expected after 2027, as operators begin to evolve their 10Gbps PON networks to next-generation technologies (Figure 2).

Beyond being able to anticipate future bandwidth growth coming from consumer applications such as VR, AR, online gaming, videoconferencing, and 8k video, 50G PON positions operators to address business services. Specifically, 50G PON allows a provider to offer four 10G Ethernet connections, split among multiple businesses. Additionally, 50G PON is ideal for POL (Passive Optical LAN) deployments, where fiber can be run to the desktop and deliver connectivity with less power, rack space, and less cooling than traditional point-to-point Ethernet architectures.

Figure 2: Worldwide 50Gbps PON Equipment Revenue

Figure 2: Worldwide 50Gbps PON Equipment Revenue

 

Similarly, 50G PON has applications in the backhaul of public Wi-Fi hotspots as well as private wireless LANs, both of which will see significant bandwidth growth with the availability and deployment of Wi-Fi 6E and Wi-Fi 7. Wi-Fi 6E allows individual subscribers to burst to 9.6Gbps while Wi-Fi 7 quadruples that throughput to nearly 40Gbps. Additionally, the Wi-Fi 7 standard defines extremely low levels of latency and jitter, which the evolving 50G PON standard is also incorporating.

Finally, as operators continue to converge their residential, business, and wholesale fiber networks onto a single ODN, 50G PON is envisioned as the universal technology to deliver services across those networks. Mobile midhaul and fronthaul applications, expanding IoT devices and services, wholesale fiber access to macrocells, backhaul of fixed wireless access (FWA) nodes—all of these can in theory be delivered using 50G PON. Other applications and use cases are certain to emerge as operators continue to reap the benefits of converting their disparate networks onto a shared ODN, with throughput and services delivered via 50G PON.

[wp_tech_share]

Following four consecutive years of modest telecom equipment growth across the six telecom programs tracked at the Dell’Oro Group*, preliminary findings show that the aggregate telecom equipment market moderated somewhat from the 8% revenue increase in 2021 to 3% year-over-year (Y/Y) in 2022.

Looking back at the full year, the results were slightly lower than the 4% growth rate we projected a year ago going into 2022. In addition to more challenging comparisons in the advanced 5G markets and the supplier exits in Russia, the strengthening USD weighed on the broader telecom equipment market. Supply issues also impacted the market negatively during 1H22 but eased somewhat in the second half.

Regional developments were mixed, underpinned by strong growth in North America and CALA, which was enough to offset more challenging conditions in EMEA and the Asia Pacific. With China growing around 4%, we estimate global telecom equipment revenues excluding China increase around 3% in 2022.

From a technology perspective, there is a bit of capex shift now underway between wireless and wireline. Multiple indicators suggest Broadband Access revenues surged in 2022, however, this double-digit growth was offset by stable or low-single-digit growth across the other five segments (Microwave Transport, Mobile Core Network, Optical Transport, RAN, SP Router & Switch).

Vendor dynamics were relatively stable between 2021 and 2022, with the top 7 suppliers driving around 80% of the overall market. Despite on-going efforts by the US government to limit Huawei’s TAM and access to the latest silicon, our assessment is that Huawei still leads the global telecom equipment market, in part because Huawei remains the #1 supplier in five out of the six telecom segments we track. At the same time, Huawei has lost some ground outside of China. Still, Nokia, Ericsson, and Huawei were the top 3 suppliers outside of China in 2022, accounting for around 20%, 18%, and 18% of the market, respectively.

Following five consecutive years of growth, the Dell’Oro Group believes there is more room left in the tank. Collectively the analyst team is forecasting the overall telecom equipment market to increase 1% in 2023 and record a sixth consecutive year of growth. Risks are broadly balanced and the analysts will continue to monitor the 5G rollouts in India, capex cuts in the US, and 5G slowdown in China (preliminary data by MIIT suggest new 5G BTS volumes will drop by a third in 2023 relative to 2022), wireless and broadband investments in Europe, forex fluctuations, and inventory optimization.

*Telecommunications Infrastructure programs covered at Dell’Oro Group, include Broadband Access, Microwave & Optical Transport, Mobile Core Network (MCN), Radio Access Network (RAN), and SP Router & Switch.

[wp_tech_share]

OFC 2023 was a great conference this year with the exhibit hall packed with people exchanging thoughts and ideas. One of the main technology themes at the show was around terabit-capable coherent wavelengths. Hence, my main takeaway from the conference was that we are now in the Terabit Era.

During the conference, practically every component and systems manufacturer showed off their plans for a 1.2 Tbps-capable coherent wavelength. The only exception was Ciena with an advanced 1.6 Tbps single carrier solution.

New High-Performance Coherent DSPs

The next generation of coherent DSPs was announced and displayed by several companies. Based on conversations at the show, the first significant quantity of shipments could begin as early as 2H 2023 with a ramp in production during 2024. The following is a list of announcements related to high-performance sixth-generation coherent DSPs.

  • Cisco/Acacia Jannu: 1.2 Tbps-capable DSP on a 5 nm node process operating at up to 136 Gbaud. General availability target is mid-2023.
  • NEL ExaSpeed GAIA: 1.2 Tbps-capable DSP on a 5 nm node process operating at up to 140 Gbaud. General availability target is mid-2023.
  • Nokia PSE 6s: 1.2 Tbps-capable DSP on a 5 nm node process operating at up to 130+ Gbaud. General availability target is end-2023.
  • Infinera ICE7: Customized 1.2 Tbps-capable DSP from a partner supplier on a 5 nm node process operating at up to 148 Gbaud. General availability target is mid-2024.
  • Ciena WaveLogic 6e: 1.6 Tbps-capable DSP on a 3 nm node process operating at up to 200 Gbaud. General availability target is mid-2024.

On a side note, Huawei was not at this conference. However, in separate meetings with the company, we understand they have plans to develop a 1.2 Tbps-capable DSP operating at up to 130+ Gbaud. The semiconductor process technology is unknown at this time, but it may be 7 nm if SMIC can produce it.

Among the vendors, Ciena is the only one launching a coherent DSP that can do a single carrier 1.6 Tbps wavelength. To accomplish this, the company is not only going with a more advanced semiconductor node process (3 nm rather than 5 nm), but is also developing advanced coherent drivers and receivers that can push the transponder to 200 Gbaud (no other company has 200 Gbaud drivers at this time). To remove any concerns about timing and progress of the WaveLogic 6e development, especially since it is using such an advanced semiconductor process node, Ciena took the time to detail out its development progress behind closed curtains.

Terabit Era Ready

There were a number of announcements by service providers confirming that 1.2 Tbps-capable devices are ready, and that they themselves were looking forward to these new high-performance transponders. Three of those announcements were as follows:

  • Windstream did a field trial in a live network to confirm technology readiness in a real world setting. The field trial used the Acacia CIM8 based on the Jannu DSP and showed that a 1 Tbps wavelength could be carried over at least 541 km with excess performance margin. The wavelength operated over SMF28 fiber with approximately 6 WSS filters along the way.
  • GlobalConnect did a field trial of Nokia’s PSE 6s in a live network. In this trial, GlobalConnect tested the 1.2 Tbps-capable DSP for a long haul route, operating at a wavelength speed of 800 Gbps. The route length achieved in this trial was 2,019 km.
  • China Mobile did a field trial of the Acacia CIM8 in an ultra-long-haul application, demonstrating that a 1.2 Tbps-capable transponder can transmit a 400 Gbps wavelength 5,616 km in their live all-optical network.

These field trials are a great demonstration of how the coherent 1.2+ Tbps-capable technology delivers on both higher capacity and longer spans. In the January 2023 Optical Transport five-year forecast report, we projected that demand for 400+ Gbps wavelength shipments will grow at a 40% CAGR, and that one of the key enablers for this growth will be these new sixth-generation coherent DSPs.

[wp_tech_share]

We just returned from MWC after a couple of intense days of meetings. RAN might not be the fastest growing market but from a technology perspective, the pace of change simply remains impressive and the MWC is a great event to witness the progress. Although we are not the right source to capture all of the PR activity involving incremental product announcements, we want to point out a few RAN-related observations that could potentially impact the RAN forecast or vendor dynamics.

 

Virtualized RAN is gaining momentum

As we now know, vRAN started out slow but picked up some speed in 2022 in conjunction with the progress in the US. The challenge from a forecasting perspective is that the visibility beyond the greenfields and the early brownfield adopters is limited, primarily because purpose-built RAN still delivers the best performance and TCO. As a result, there is some skepticism across the industry about the broader vRAN growth prospects.

During MWC, we learned four things: 1) Near-term vRAN visibility is improving – operators in South Korea, Japan, US, and Europe are planning to deploy vRAN in the next year or two. 2) vRAN performance is firming up. According to Qualcomm, Vodafone (and Qualcomm) believes the energy efficiency and performance gap between the traditional and new Open vRAN players is shrinking (Vodafone publicly also praised Mavenir’s OpenBeam Massive MIMO AAU). Samsung also confirmed (again) that Verizon is not giving up any performance with Samsung’s vRAN relative to its purpose-built RAN. 3) vRAN ecosystem is expanding. In addition to existing vRAN suppliers such as Samsung, Ericsson, Mavenir, Rakuten Symphony, and Nokia announcing improvements to their existing vRAN/Cloud RAN portfolios, more RAN players are jumping on the vRAN train (both NEC and Fujitsu are expecting vRAN revs to ramp in 2023). And perhaps more interestingly, a large non-RAN telecom vendor informed us they plan to enter the vRAN market over the next year. 4) The RAN players are also moving beyond their home turf. During the show, Nokia announced it is entering the RAN accelerator card segment with its Nokia Cloud RAN SmartNIC (this is part of Nokia’s broader anyRAN strategy).

 

256T256R Massive MIMO

For a technology that was initially viewed as being mostly fit for high-traffic locations, Massive MIMO has come a long way in just a few years, ramping at a much faster pace than initially expected. As we recently outlined in the Massive MIMO 2022 blog, the days of exponential growth are in the past but there is still Massive MIMO upside ahead to support TDD MBB expansions in the less advanced markets, FDD hotspot deployments, FWA, and TDD product refresh to take advantage of continuous product improvements such as wider IBW, lower power consumption, smaller form factors, and more transceivers/antenna elements.

With limited new sub-7 GHz spectrum on the horizon, improving the spectral efficiency using more didoes and transceivers will continue to play a fundamental role with 5G, 5G-Advanced, and 6G. This is not a surprise. However, since we previously assumed the 128T128R would be the de-facto configuration for the 6 to 7 GHz band, it was somewhat surprising to see Huawei’s 256TRx prototype in the booth (ZTE had a 128T128R AAU in its booth).

 

Private 5G ecosystem is evolving

Private 5G is running behind schedule. We recently adjusted the private wireless forecast downward to reflect the current state of the market. Still, the slow uptake is not dampening the enthusiasm for private wireless. If anything, the interest is growing and the ecosystem is evolving as suppliers with different backgrounds (RAN, core, Wi-Fi, hyperscaler, in-building, SI) are trying to solve the enterprise puzzle. Below is a summary of the private RAN, core, and SI/services providers that we are currently monitoring.

 

More suppliers want a piece of Europe

Per our 4Q22 RAN report, Ericsson, Nokia, and Huawei collectively accounted for around 95% of the European RAN market in 2022. Other RAN suppliers have tried to expand their respective footprints over the past couple of years without much success. One of the takeaways from the MWC discussions is that activity with the smaller suppliers is on the rise:

  • Samsung highlighted its vRAN/Open RAN progress with Vodafone in the UK, Germany, and Spain and remains optimistic its European RAN revenues will soon become more material.
  • NEC started recognizing European RAN revenues in 2022 (primarily driven by 1&1 in Germany).
  • Fujitsu believes its European RAN growth prospects will improve in 2024.
  • Mavenir has 10 K brownfield Open RAN sites in the pipeline for 2023/2024 – Deutsche Telekom is part of the mix, however, the exact upside in Europe remains unclear.
  • Rakuten Symphony recently estimated its Open RAN pipeline is worth around $2B (half of the total pipeline). We don’t know the size of the European component. However, the company recently reported that nearly half of the # (not value) of prospecting clients (for RAN and non-RAN) are located in Europe per the chart below.

While it is unlikely that management over at Ericsson, Nokia, and Huawei are losing a ton of sleep at this juncture from these announcements, it might be worthwhile to check back in a year if the collective share of the top 3 is still around 95%.

 

Skepticism is on the rise

Not surprisingly, disconnects between vision and reality are common when new technologies are introduced. Even if this is expected, we are sensing more frustration across the board this time around, in part because RAN growth is slowing and 5G still has mostly only delivered on one out of the three usage scenarios outlined in the original 5G use case triangle. With 5G-Advanced/5.5G and 6G starting to absorb more oxygen, people are asking if mMTC+/mMTC++ and URLLC+/URLLC++ are really needed given the status of basic mMTC and URLLC. Taking into consideration the vastly different technology life cycles for humans and machines, there are more questions now about this logic of assuming they are the same and will move in tandem. If it is indeed preferred to under-promise and over-deliver, there might be some room to calibrate the expectations with 5G-Advanced/5.5G and 6G.

And most importantly, this was our first live MWC event since 2019. It was great to be back and meet people in person without any Covid restrictions. The energy level at the show was amazing – now if this energy could somehow start showing in the RAN numbers, that would be even more exciting.