Two recent IT innovations – cloud computing and virtualization – are slowly but inexorably reshaping service provider and enterprise networking and business models. One measure of this growing influence: nearly half of the 287 network operator respondents to Arbor’s 2014 Worldwide Infrastructure Security report offer a wide range of cloud and hosting services. These large network operators are quickly realizing new operational efficiencies and monetization opportunities from virtualizing (“cloudifying”) their infrastructure and services. The ability to add capacity dynamically when and where it is needed, so service velocity keeps pace with the needs of 21st century Internet users, is no doubt a key technical and economic driver behind these initiatives.
Network virtualization in particular is taking multiple forms, including abstraction of software from dedicated service delivery infrastructure, software-defined networking (SDN), and virtualization of network functions (NFV) that were previously performed by discrete devices. Virtualization of service delivery infrastructure is already implemented or well underway in most service providers’ data centers and hosting environments; transformation is still lagging in the transport and access parts of the network. They see virtualization as a way to abstract software from the underlying physical infrastructure, lower their equipment costs and separate network control from traffic forwarding. Their ultimate aim is to simplify and ‘flatten’ the network and allow for more dynamic, scalable associations of network processes with service activities; in other words, to create a framework for deploying services in a more agile way from a pool of virtualized resources.
AT&T is notable for its recent goal to virtualize and control more than 75 percent of its network using a software-driven architecture by 2020. Telefónica has likewise committed to have one third of its infrastructure supported by a virtualized framework by 2016. The list of prominent global and regional service providers pursing similar goals is a long one.
In light of these ambitious technical and business goals, virtualization represents a significant enabler and disrupter. As traditional network architectures come under increasing strain and operational demands, virtualization in its various forms holds the promise of making them more open, predictable, flexible, user- and service-friendly and lower cost to operate. But it will also almost certainly make networks more complex to integrate, manage, support and secure on a large scale, requiring a radical shift in operational assumptions and best practices.
Virtualization clearly has value wherever services need to be deployed in an agile, dynamic way and to help absorb episodic and unpredictable traffic, however there are still cost and performance benefits to purpose-built networking systems in certain applications and at large scale. Rapid price/performance improvements in commodity server architectures are closing the gap, yet these platforms do not yet scale for complex, high-capacity network applications such as core routing and threat protection.
Virtualization also introduces new challenges from a security perspective. For example, how do you provide traffic visibility into these dynamic, complex new virtual networking environments when traditional telemetry protocols such as NetFlow, SNMP, BGP, etc., may not be present? And how do you protect virtualized network and security functions – including the API services that underpin these functions – from protocol misuse and other unsanctioned inter-functional communication resulting from malicious acts as well as simple misconfigurations? These and other as-yet-undiscovered architectural vulnerabilities will no doubt be addressed over time, but they nevertheless highlight the complexities inherent in major technology migrations.
So where is this leading us? Network operators have traditionally designed networks to be cheap to buy. Managing cost has been of paramount concern due to the complexity and enormous fixed costs to build and operate a network. But in the Internet age, rolling out compelling services demands far greater flexibility and speed than is possible with the static, manually intensive networks of today. So now operators must design them to be cheap to buy as well as fast and flexible to operate.
Arbor’s efforts are focused in the three areas where we see the greatest benefits for our customers: redirecting traffic via SDN control; leveraging the power of the network (i.e., to provide overall visibility as well as to detect and block security threats as data center forwarding fabrics evolve); and, virtualizing our platforms and services for seamless integration with both legacy and next-generation networks.
For more on the work we’re doing to protect the next wave of infrastructure, listen in on the recent webinar on SDN and NFV I hosted as part of our recent virtual summit series.
The post V is for Virtualization: Its growth and influence today appeared first on Arbor Insights - Our People, Products and Perspective.