Dedicated appliances are a thing of the past. Gone are the days of buying hardware that does things like traffic inspection, VPN concentrators, and application delivery controllers (ADCs). Instead, those network functions are being virtualized and installed as software components of a larger system.
This Network Function Virtualization (NFV) push has seen the majority of software being developed for delivery to a variety of locations. Now that the core processing power of an ADC can be done in pure software, the location of that device no longer needs to be on-premises in front of the devices it serves. Instead, it can be located at any point along the path of a packet. With the addition of service chaining, that packet path can be routed wherever it needs to be sent in order to ensure that traffic traverses the correct devices.
NFV was originally designed to remove purpose-built devices from the enterprise and replace them with virtual machines (VMs) that are easier for organizations to manage. Instead of worrying about hardware failing in an aging box, NFV appliances can be upgraded, moved, and even cloned at will to provide enhanced services as needed. This makes NFV a great fit for the cloud as well. These software images can be deployed close to the workload and provide their features without needing to send anyone to a colocation facility to install or paying someone to wire it in correctly.
That’s not to say that NFV doesn’t have it’s drawbacks. One of those is performance. But giving up dedicated hardware designed to run the software at full speed, you trade some of that speed for the flexibility of the VM form factor. You also have to take into account that the VM hypervisor adds overhead to the processing of the NFV VM. In the event of contention in the host, who will win the war for resources? Careful planning must be done to ensure that improperly configured VMs don’t starve the NFV infrastructure, while at the same time ensuring the runaway NFV VMs can’t cause other issues.
Building The Array
One of the most recent entrants into the market for NFV comes from Array Networks. When I saw Array Networks at Interop, I was curious about their technology. They seemed to be talking about an appliance on site, which was a bit confusing. Isn’t NFV supposed to do away with physical devices?
As it turns out, Array Networks is taking the best of both worlds and running with it. They work with NFV software images on their physical appliance, which is a hypervisor platform built from the ground up to work with NFV. Instead of worrying about contention between NFV and production VMs in your environment, Array Networks runs your NFV software in its own area. This provides the performance of a purpose-built device with the flexibility of a VM.
But the special part of Array Networks to me was that this platform is open to everyone. That means that the Array Networks appliances don’t just run one vendor’s NFV VM. They can run a variety of them, from Fortinet to Palo Alto to Arbor Networks. That’s some pretty impressive security pedigree. And knowing how much performance matters when processing packets for security, you can believe that these NFV software images have been tested thoroughly with Array Networks.
As you can tell from the lineup, these boxes push some pretty impressive throughput. They’re perfect for installation into an environment to handle whatever you want to throw their way. One of the uses cases that excited me the most from my former professional life was that of an MSP. MSPs could purchase an Array Networks device and offer to manage it for a customer. As the customer’s needs grew to require more functions like SSL VPN termination, DDoS mitigation, other kinds of services, the MSP could add the new software on to the Array Networks system without the need to send a technician on site to configure the new setup.
Putting It All Together
I think that Array Networks is on the right track here. They’re playing the long game by betting on both the cloud and on-premises software deployments. By providing flexibility for the NFV software to move back and forth as the needs of the organization change, Array Networks is in a position to provide value to the organization in any scenario. Their open platform encourages collaboration and ensures that Array Networks is going to have a stake in any discussion. They are the underlay that is needed to speed adoption of NFV in the next few years.
For more information about Array Networks and their NFV platform, check out http://ArrayNetworks.com.