Main content

AWS makes 5G as easy as WiFi with Private 5G

Kurt Marko Profile picture for user kmarko December 22, 2021
At its re:Invent gathering recently, AWS announced a Private 5G service. Here's what it means for enterprises.


Wireless connectivity has transformed every business, but until now, enterprise wireless networks were an assemblage of WiFi LANs (WLANs) built from hundreds of APs and (ideally) managed through central controllers to enforce network and security policies. Although enterprise WLANs have become vastly more reliable, secure and performant thanks to new standards like WiFi 6 and vendors' sophisticated administration software, they still can't deliver the range, convenience and portability of a cellular LTE or 5G connection.

Until recently, the problem for organizations hoping to tap these capabilities of cellular networks has been the unavailability of unlicensed or so-called lightly-licensed radio frequency (RF) spectrum. In  2015 the US FCC and other regulatory bodies worldwide set a path towards wide enterprise accessibility to high-quality mid-band spectrum by establishing the Citizens Broadband Radio Service (CBRS), which the FCC says "created a three-tiered access and authorization framework to accommodate shared federal and non-federal use of the band."

Unfortunately, the way has not been smooth or quick and potential early adopters have gone around in circles waiting on promises of enterprise 5G being just around the corner. However, the nexus of second-generation 5G clients, mature standards and regulations and the impending availability of managed services means that enterprises may soon find deploying private 5G as easy as adding a new WLAN. Indeed, with AWS providing its imprimatur via a new Private 5G service, the number of organizations looking to augment their wireless footprint with 5G coverage is set to explode.


What is private 5G and why is it useful?

Mid-band CBRS is similar to the 2.4 and 5 GHz bands used by WiFi radios in that the 150 MHz of spectrum is carved into multiple channels that can be used by different transmitters and clients. However, unlike Wi-Fi, CBRS is designed for higher power operation (although still 25-28 dB lower than the power allowed in adjacent bands) to propagate longer distances and includes three access tiers, in part to prioritize legacy users of the spectrum like coastal Navy and satellite-based radar systems. Furthermore, organizations that require wide-area coverage can bid on one of the seven Priority Access Licenses (PALs) allocated for each county.

According to a tutorial by Trimble, a wireless GPS and GNSS component provider (emphasis added):

The entire  system relies on a series of CBRS standards that were developed by over 300 engineers and 60 different organizations in conjunction with the FCC. These standards consist of security measures, licensing details, and what protocols are used to communicate with devices. Certification programs were developed to help establish standards for installing proper CBRS deployments that follow the proper guidelines in identifying itself, as well as communicating with the necessary FCC databases for operation.

Benefits of CBRS include:

  • Greater mobility and range while still delivering throughput of 1 Gbps or greater with very low latency.
  • Supports a high density of device connections such as sports arenas or large industrial sites.
  • Better security via standards that prevent attacks using side-channels and network slices and other elements of the light, but scrutinous licensing process. CBRS also supports granular access controls and zero-trust (ZTA) authenticated connections.
  • Service optimization and prioritization features like QoS for bandwidth allocation and latency control.
  • Broad support for 5GNR client devices (for example, iPhone 12 and 13 models support mid-band channels 42, 46 and 48) and heterogeneous enterprise equipment.

As one might expect of a technology spawned from licensed telecommunications services, deploying mid-band private 5G isn't easy and requires substantial planning with detailed design work to accommodate the expected number of client devices and bandwidth requirements. Implementations also must source, integrate and test the equipment and software which can often come from different vendors. Unlike WiFi, which handles device and channel interference on a best-effort basis mediated by the controller, an added complexity of CBRS is a requirement to use a Spectrum Access System (SAS) consisting of automated controllers that use measurements from Environmental Sensing Capability (ESC) sensors to facilitate sharing spectrum among the three tiers. According to the FCC, "SAS Administrators must be capable to receiving and responding to interference complaints from Fixed Satellite Service (FSS) earth station licensees." The FCC has approved six SASs for commercial deployments and four ESC registrations.

Enter AWS Private 5G

The design, integration and operational overhead of private 5G is a severe impediment to most organizations, making it ripe for a managed service. AWS seized the opportunity at re:Invent 2021 by introducing a Private 5G product that provisions the necessary "small cell radio units, servers, 5G core and radio access network (RAN) software, and subscriber identity modules (SIM cards)." Configured via the AWS console, the service automates network setup and capacity scaling to accommodate new devices and increased traffic.


Although AWS hasn't released particulars about its hardware or deployment process, operationally Private 5G seems very similar to Outposts in that AWS ships custom hardware (servers, radio units and client SIM cards) that connect into a private LAN and are ordered and configured via the AWS console. AWS did provide some details in a re:Invent session (CMP330) entitled  Introducing AWS Private 5G Preview: Set up a private mobile network in days. In it, the 5G product lead highlighted the following capabilities.

  • Dynamic network scaling to scale coverage and device capacity on-demand.
  • Consumption-based pricing based on network capacity and the number of connected devices.
  • Cloud-based control plane and CBRS SAS that is integrated with the AWS management console and other logging and monitoring services like CloudWatch.
  • Uses the existing AWS IAM service for authentication and security, where access for individual SIM cards is controlled via AWS resource and group policies with 5G networks controlled using VPC security groups.
  • Ability to run the 5G core either on-premises or in AWS.

Like other hybrid cloud services, the customer must provide the local network infrastructure (LAN switches, IP address pool with DHCP) and connectivity to AWS (via private Direct Connect link or Site-to-site VPN (IPSec).


Usage scenarios

Enterprise scenarios that could greatly benefit from private 5G connectivity include:

  • Large manufacturing and logistics facilities that use remote sensors, robots and video surveillance systems.
  • Remote resource extraction sites such as mines and oil and gas fields that also use an array of connected devices.
  • Large medical complexes that require highly reliable and secure connectivity for diagnostic equipment, medical devices and portables (laptops, tablets) used for EHR.
  • School campuses that currently use WiFi, but would benefit from expanded coverage that eliminates dead zones and extends to sports fields.
  • Utilities and smart cities using connected meters, control systems and traffic control devices. Private 5G can also be used to provide subsidized Internet access to residential locations, particularly those lacking robust commercial ISP options.
  • Retail locations, performance venues and sports arenas for surveillance, digital signage and displays, public connectivity and future AR applications.

For example, the City of Las Vegas recently deployed a private LTE network using CBRS that provides Internet access to schools and families with broadband access. Initially, citizens could access the Internet via community centers where small cell base stations had been deployed, but could also apply for an indoor appliance to extend small cell access to their homes. The city hopes that its claim of having the nation's largest private municipal LTE network will attract new technology companies looking for a well-connected workforce.


My take

Despite the hype around faster phone connections, 5G evangelists have long contended that enterprise applications would be the long-term beneficiaries of the abundance of internal technical improvements provided by 5G. Although adoption is necessarily slower than the consumer market, as Martin Banks summarizes here, "over the next five or so years, it will be a rare business that is not affected by 5G and what it can provide."

A chief enabling capability for these business applications is private 5G connectivity using mid-band CBRS spectrum. However, as I previously detailed, the implementation obstacles are non-trivial, threatening to prevent all but the largest organizations from exploiting the technology. Cloud services like AWS Private 5G and others sure to follow promises to democratize private wireless networking and enable organizations to focus on the innovative applications and business processes that Banks describes without getting bogged down in the network implementation. When paired with edge colocation infrastructure like Vapor IO's INZONE service (see my overview here), private 5G will fuel a new class of edge applications and use cases.

A grey colored placeholder image