AWS for Industries

Architecting operational models for private MEC using AWS Hybrid and Edge services with Verizon private 5G networks

Multi-access Edge Computing (MEC) is an architecture that enables cloud computing capabilities and services at the edge of a mobile network. By running application workloads closer to mobile customers, network latency is reduced to tens of milliseconds and application response time is improved.

As one example of MEC, private MEC brings AWS compute and storage closer to the end-customer connected to a private network. This allows for not only the reduction of network latency to less than 20 milliseconds but also an increase in security and privacy. In this post, learn how Verizon’s managed private MEC solutions – available through their 5G Edge portfolio – bring near real-time insights, decision-making, and data security to on-premises locations of enterprise customers alongside private 5G networks. Using AWS Hybrid and Edge services, Verizon has helped enterprises select the right hybrid edge solution across network connectivity, access patterns, consolidated billing, and technical support. After introducing how AWS Outposts can be used to deliver private MEC solutions, we show examples of operational models created for private MEC using AWS Hybrid and Edge services alongside private 5G networks offered by Verizon.

Introduction

Across on-premises data center (Outposts), retail stores (AWS Snow Family), major cities (AWS Local Zones), or at the edge of a 5G network (AWS Wavelength), AWS is reinventing hybrid and edge computing models to provide a continuum of consistent cloud services wherever customers need it to support their businesses. Beyond the preceding core compute and storage solutions, enterprise customers have asked for best practices regarding how to deploy Hybrid and Edge services alongside Private Mobile Networks (5G and LTE). To address customer requirements, we introduce private MEC using Outposts to provide cloud computing capabilities on-premises for the customer, coupled with Private Mobile Networks to deliver mobile coverage, high data throughput, and low latency for applications.

Private MEC

As customers look to modernize their infrastructure operations, they frequently experience the following requirements:

Data Residency: Customers have stringent digital sovereignty requirements with a complementary desire to harness the capabilities, performance, innovation, and scale of the cloud.

Network Throughput: Customers want to run applications that involve huge volumes of data, making data transfer unfeasible due to limited available network bandwidth.

Local Processing: Customers want to use local data processing to maximize the speed of decision-making for their downstream connected devices.

Private MEC solutions deployed on Outposts address these challenges by providing a secure, dedicated cloud-computing platform and Verizon’s reliable private 5G network. Verizon’s private 5G network offers better performance, control, reliability, and density. By combining Verizon’s private 5G network with Outposts, customers are using the benefits of 5G and the cloud on-premises while deploying low latency, high-performance applications using the same AWS experience.

Managed Private MEC

The Cloud ContinumPrivate MEC use cases

Private MEC with Private Mobile Networks has enabled many use cases in the following verticals:

Industry 4.0
Industrial control and automation, computer vision for video surveillance and safety, augmented reality/virtual reality (AR/VR) applications for productivity gains, and visualization of 3D datasets for CAD models or digital twins.

Events and Venues:
Enhanced experiences with AR/VR, live information overlays, multi-camera, multiple angle views, personalized instance replaces, and many more use cases can improve the end user experience at venues such as sports, concerts, performances, and theme parks.

Healthcare:
5G and private MEC together can provide solutions for agile setups, real-time diagnostics with artificial intelligence/machine learning (AI/ML), rapid access to radiological scans on-site, and local processing of sensitive patient data in healthcare verticals.

Shipping Ports and Airports:
At shipping ports and airports, real-time processing of manifests, luggage and container processing automation, predictive maintenance, AR-enabled connected port/airport workers, autonomous guided vehicle (AGV) control, passenger security, safety and monitoring, passenger temperature screening, and social distancing enforcement.

Warehouses:
AR enabled connected warehouse workforce, way-finding, AGV control, and inventory monitoring and updating.

Schools and Universities:
Virtual desktops, private networks for students in rural regions or areas of inadequate coverage, and improved campus coverage.

Smart Cities:
Real-time sensor driven automation, safety monitoring, climate controls, and energy savings.

Managed private MEC: Solution overview

Managed private MEC, offered by Verizon, has relieved customers from the undifferentiated heavy-lifting of building on-premises infrastructure. Application builders use the same AWS API and tools with which they are familiar. This provides a seamless developer experience and development velocity. AWS and Verizon have helped end-customers with the following:

  • Selecting the right hybrid edge infrastructure option for the use-case (based on available site and network connectivity, workload types, scale/growth, cost, etc.)
  • Creating account structure for onboarding end-customers
  • Sharing resources to end-customers
  • Consolidated billing

Using multiple accounts plays an important role in how business, governance, security, and operational requirements are met. In a managed private MEC, Verizon orders an Outpost on behalf of the end-customer. Independent Software Vendors (ISVs) onboard various software, which provide business values to end-customers. In private MEC architectures, Verizon, end-customers and ISVs require multiple accounts to be created and overall deployment becomes very complicated very fast.

To address this requirement, AWS Organizations simplifies multi-account governance for customers with tools to centrally manage their AWS accounts. Organizations offers an account management service that enables the consolidation of multiple AWS accounts into an organization that is created and managed centrally. Organizations include account management and consolidated billing capabilities to meet the budgetary, security, and compliance needs of the end-customer. As an administrator of an Organization, accounts are created in an Organization and existing accounts are invited to join the Organization. As a best practice, accounts are grouped under Organizational Units (OUs) for better manageability and control. Organizations also supports nested OUs.

For data residency use-cases, you may consider applying Service Control Policies (SCPs) to restrict the usage of the AWS Region, thus only allowing resources to be launched on the Outpost. As a best practice, we recommend applying security guardrails to OUs rather than individual AWS accounts.

AWS Resource Access Manager (AWS RAM) workload architecture

Workloads are grouped based on business purpose and ownership by sharing resources on Outposts to distinct accounts using AWS Resource Access Manager (AWS RAM). Sharing Outposts helps align the ownership and decision-making with individual accounts. Billing and metering for Outposts is linked to the owner account where the Outpost was created. When Outposts resources are shared with the account that represents the billing boundary for a workload, cost is managed using allocation tags applied to the workload resource to identify the Outpost usage. With Organization tag policies, consistent tags are maintained for Outpost consumer accounts.

consolidated billing feature architecture

The consolidated billing feature also helps Verizon with billing consolidation and payment for multiple AWS accounts. Verizon has management accounts in Organizations that incur the costs of the member accounts (end-customers). Consolidated billing, offered at no additional cost, allows users to track the changes across multiple accounts and download the combined cost and usage data. By combining the usage across the accounts in the Organization, Verizon accrues volume discounts, reserved instance discounts, and savings plans driving cost efficiency.

Conclusion

In this post, AWS features such as AWS Organizations, AWS Resource Access Manager (AWS RAM) sharing, and consolidated billing along with Verizon’s private 5G network helped design a managed private MEC offering. This operational model helps enterprise customers deploy private MEC use cases and start using low latency, data residency, and local data processing use cases without the burden of building and managing private MEC infrastructure. This managed private MEC architecture results in simplifying and expediting private MEC deployments across multiple industry verticals benefiting both Verizon and their end-customers. To learn more about private MEC with Verizon, you can visit Verizon 5G Edge or Verizon’s private MEC solutions.

Ashish Shah

Ashish Shah

Ashish Shah is Senior Solution Architect in World Wide Telecom Business Unit at AWS. His main focus is to help enable partners and customers to build and deploy Mobile Edge Computing use cases on AWS to solve business challenges in various industry verticals. He also works closely with Telco CSPs helping them with their network transformation in the area of 5G Core, IMS and Radio Access Network and relevant Generative AI use cases. Prior to joining AWS, Ashish has been working in Telco industry for over 20 plus years and brings wealth of experience in the area of Telco Network workloads and cloudification journeys to bring CapEx and OpEx savings to CSPs.

Robert Belson

Robert Belson

Robert is a Developer Advocate in the AWS Worldwide Telecom Business Unit, specializing in AWS Edge Computing. He focuses on working with the developer community and large enterprise customers to solve their business challenges using automation, hybrid networking and the edge cloud.

Patricia Chang

Patricia Chang

Patricia is an Associate Director in the Network Planning Organization at Verizon. She is responsible for Edge Compute Architecture and Design. She focuses on providing innovative edge solutions for enterprise customers. An innovator with over seventy patents, Patricia is also a recipient of Verizon's prestigious Master Inventor Awards.