In nearly every country I traveled to in the past two quarters, the same vision repeated itself: giant billboards promoting 4G mobile services — that are already commercially available! It seems that Long Term Evolution (LTE) keeps gaining momentum, exhibiting unprecedented mobile traffic demand and setting more stringent cost-effectiveness requirements to mobile and wire-line service providers. The result? Today, more than ever, mobile operators require their networks to be more flexible, programmable, and — smart.
To accomplish smarter networks, two key shifts are emerging in the industry – Network Functions Virtualization (NFV) and Software Defined Networking (SDN). NFV allows deploying typical network functions on top of industry-standard virtualized server infrastructures. This eliminates the cost and complexity associated with deploying and administering a physical network function. In order to roll-out more complex services, service providers will typically perform “service chaining” which means to serially employ a set of these network functions by chaining them. How does that work architecturally? Each network function/feature is packaged as a software entity called Virtual Network Function (VNF) which can be accessed and managed via standard interfaces. A Virtual Network Function Component (vNFC) is a software component hosted on a virtual machine, consisting of some or all of the VNF functionality. vNFCs are then grouped into packages, and so forth.
What are the NFV business benefits for service providers?
There are many, let me just mention the key ones:
- CAPEX/OPEX reduction – lowering space/power/cooling expenditures due to deploying a software-based functions on an already-available compute infrastructure
- Improved resource utilization – as a virtualized network allows service providers to dynamically allocate the available resources per the required functions
- Simplified network design – since the NFV-based network has less “moving parts”, it allows ease of operation and greater flexibility to support future needs
- Higher agility – new services (e.g. mobile portals, monetization engines or any other value added services) can be provisioned and scaled in minutes and even seconds
- Vendor agnostic – NFV allows to deploy various network services regardless of the underlying technology/vendor
- Ability to build NFV-based clouds or consume services using other public clouds – allowing to dynamically use network services and allocate the required resource on demand
If NFV allows the building of virtualized network functions, the next question is how are these functions being managed? Who takes the decision when new VNFs need to be provisioned? Who programs and controls this new breed of network? Which entity updates their policies and/or configuration?
Programming and controlling the network in a centralized manner is the sole role of SDN. SDN essentially decouples the control-plane (i.e. the system that makes decisions about where traffic is sent) from the data-plane (the underlying systems that forwards traffic to the selected destination). Not surprisingly, NFV and SDN not only complement each other but, in fact, they work together in harmony (you can read more in an interesting article I read recently).
Where are we going to see NFV adoption?
Well, in various network designs and many network entities. Generic network elements such as routers, firewalls, load balancers and DoS mitigators/IPS, as well as service provider’s network-specific elements such as PCRF, Session Border Controller (SBC), DPI, Carrier Grade NAT (CGN), P-GW, S-GW, IMS Control and other Evolved Packet Core (EPC) components.
What is our strategy at Radware with respect to NFV and SDN?
Radware leverages SDN and NFV to pioneer an integrated Security and Application Delivery framework that seamlessly enables comprehensive Cyber defense and service delivery as network-wide native services. Our vision is to provide next-generation NFV-compliant data-plane product line and introduce unique SDN applications enabling new application-aware network control-plane. We do that by actively contributing to open source and standards (including ONF, OpenDaylight and OpenStack) and investing in broad partnerships with Cisco, HP, NEC, IBM, Mellanox and more.
Later this month we will be presenting and demonstrating our NFV/SDN solutions at Mobile World Congress 2014 in Barcelona. Among them, DefenseFlow – a cutting-edge Cyber security control-plane application delivering multi-layer, real-time defense against application and network Denial of Service (DoS) attacks and mobile APTs (advanced persistent threats). So if you’re around, visit us to learn more. We’ll also be sending updates from what we are seeing and sharing from the show floor.
Until next time,
Nir Ilani owns the global product strategy and practices of Radware’s Cloud Security services including Cloud DDoS Protection, Cloud WAF and Cloud Acceleration. He has over two decades of diverse engineering and product management experience including managing the design, development and release of industry-leading, high-scale solutions. Nir is an expert in Cloud Computing, Cyber Security, Big Data and Networking technologies, and a frequent speaker in technology events. Nir holds a Bachelor in Computer Science and Business Administration as well as MBA, both from Tel-Aviv University. Nir writes about trends, technological evolution and economic impact related to Cloud, Security and everything in between.