Virtualization and Cloud executives share their predictions for 2017. Read them in this 9th annual VMblog.com series exclusive.
Contributed by Paul Andersen, senior director of marketing at Array Networks
Making Virtual Network Functions a Practical Reality
Recently, an increasing number of enterprises
have shifted away from using hardware appliances for all of their networking
and security needs. The realization is that while there remains a place for big
iron solutions, there is much to be said for the agility of virtual network
functions (NFV). Virtual functions can respond to the needs of applications in
a matter of minutes or even seconds, and truck rolls and installation are no
longer required to enable new services. These attributes greatly reduce both
CapEx and OpEx and create a significant business case for using virtual load
balancers, firewalls, routers and other functions in a growing number of
scenarios.
There is, however, a catch. There is a reason
that networking and security functions were originally offered as purpose-built
appliances (with specialized chip sets, components and architectures); it is
because these functions are far more compute intensive that the average
application workload. Combine this fact with the performance penalty of
hypervisor management, and it becomes clear why many NFVs do not scale well on
virtualized commodity x86 servers.
Nevertheless, the genie is out of the bottle;
IT professionals that have been exposed to software-centric solutions will not
abandon this powerful new approach. Rather, they will seek out solutions that
deliver the best of both worlds: the agility of cloud and virtualization and
the performance of dedicated appliances. As performance roadblocks for virtual
network and security functions are encountered, new deployment models will
emerge in 2017 to provide higher levels of guaranteed performance in shared
environments.
One approach, introduced by several vendors in
2016, and gaining in popularity is the hybrid virtual appliance, otherwise
known as a network functions platform. Network functions platforms provide the
best of both worlds, bridging the gap between the performance of purpose-built
hardware appliances and the agility of software virtual appliances.
In essence, the network functions platform is
a mash-up of a virtualized server and a dedicated appliance. It could also be
thought of as a virtual server on steroids. The platforms typically leverage an
open-source hypervisor; however, they employ specialized components and an
architecture that is purpose-built for networking and security functions. To
ensure guaranteed performance and higher levels of performance in virtualized
environments, the platform assigns dedicated resources such as CPU, SSL cores,
memory and interfaces for each virtual machine (VM). In addition, dedicated
resources are allocated for hypervisor management in order to eliminate VM
contention.
In order to truly deliver the best of both
worlds, network functions platforms address both performance and the need for
software-defined service chaining capabilities. In addition, they are designed
to be open and capable of supporting virtual ADC, SSL VPN, WAF, DDoS NGFW and
other functions from any networking and security vendor.
While virtual network functions will continue
to grow in 2017, the year will also be characterized by new deployment models such
as the network functions platform that address current challenges and set the
stage for continued and accelerated NFV growth in the coming years.
##
About the Author
Paul Andersen is the Director of Marketing at Array Networks. He has over 17 years' experience in networking, and has served in various marketing capacities for Cisco Systems, Tasman Networks and Sun Microsystems. Andersen holds a Bachelor's Degree in Marketing from San Jose State University.
