Since 2009, there has been a significant push to encrypt all web traffic in order to protect internet users against surveillance of the content of their communications. The goal was to transition from HTTP, which is notorious for being easy to manipulate, to the more secure HTTPS protocol. Although encryption can provide a sense of security to the everyday Internet user, mobile service providers know that there are associated difficulties that must be overcome in order to provide traffic management and the Quality of Experience (QoE) that subscribers deserve.
Encryption is essential if we want to have any hope of protecting our data from third party surveillance, cookie theft and account hijacking. In the past few years, there has been substantial progress made in shoring up the Internet’s defenses with some of the largest and most visited sites adopting HTTPS. Sites, such as Google and Facebook, default to HTTPS so that there is no action required by the user. While there has been widespread adoption of HTTPS by the largest sites – making up just 1% of all websites – this actually accounts for 50% of all internet traffic.
An encrypted headache
On the surface, the move towards improved Internet security is a massive benefit for all parties involved. Yet, there are significant drawbacks, especially when it comes to optimizing mobile networks. Traditionally, websites have been content optimized (images compressed, videos cached and transrated etc), but with more sites becoming encrypted this is no longer a viable option using standard technologies. The spike in HTTPS traffic poses a challenge for operators that HTTP didn’t.
Before encryption, network operators were able to see most of the traffic on their network and therefore able to apply content management techniques including optimization. However, encryption has ‘blacked-out’ the network. Carriers no longer have network visibility to make the modifications needed to allow data traffic to flow more smoothly. This in turn can result in a negative QoE for subscribers. CEO and Analyst of Core Analysis, Patrick Lopez, recently summed up the difficulties that operators are currently facing: “Encrypted traffic is a problem for all network operators and is a very real threat to their business model. Essentially, when traffic is encrypted, the network cannot inspect, protect, prioritize, optimize or load balance it effectively.”
Since over 90% of all Internet traffic is TCP based, TCP optimization provides at least a partial solution to this problem because it can be used on both encrypted and unencrypted traffic at the network level. The main problem with TCP optimization alone is that while operators have more access to the data, it is still extremely restricted compared to what they are accustomed to. At best, TCP optimization allows a partial glimpse at the data on the network, but not much more than that. Mobile operators have become accustomed to being armed with the capability of inspecting the data on their networks with such precision that this type of handcuff is a major step backwards.
So, what is the solution to this problem of managing traffic you cannot actually see? The answer lies in a multifaceted approach involving heuristics and mediation, in addition to the broad based TCO Optimization discussed above.
First, heuristics. Applying heuristics based on the TCP domain and destination will allow for better insight into what type of content is being pushed through the TCP flow. Once it is determined what type of data is attempting to pass through, i.e., HD video, SD video, audio, etc., rate-limiting techniques will help to optimize the traffic flow, which helps service providers cut costs, save data and provide subscribers with a better QoE.
The other part of this encrypted data traffic optimization plan is a mediating tool. This data traffic accelerator is based on an opt-in opt-out agreement between the service provider, end user and/or the content provider. If the end user opts-in, the service provider will be allowed into the encrypted path in order to optimize the data flow for high-quality end user experience.
Ultimately, mobile operators need to look beyond just the TCP/IP transport layer and look at optimizing the application layers too, including, of course, video and audio. Carriers need to have the solutions that can detect and fingerprint bandwidth-hungry objects. Cisco projects mobile data traffic to grow by 57% Compound Annual Growth Rate (CAGR). Secure traffic is not just a flash in the pan. More – if not all websites will adopt HTTPS and app developers will introduce deeper encryption protocols. Encrypted traffic will become the norm. Mobile network operators must take action now. No carrier would want their network to go completely ‘dark’.