n0. 1 editor’s deskdocs.media.bitpipe.com/io_11x/io_114007/item... · webrtc technology pulse...
TRANSCRIPT
BUILDING THE INFRASTRUCTURE TO ENABLE THE CHANGING FACE OF IT
F E B R U A R Y 2 0 1 4 \ V O L . 5 \ N 0 . 1
Wireless LAN
N F V
Will Network Functions Virtualization Ever Pay Off?
S U R V E Y S T AT S
Data Mine
S U R V E Y S T AT S
Pulse Check
k
k
k
T H E V O I C E O F E V O LU T I O N
Monitoring Can’t Buy You Network Security
k
C L O U D - B A S E D U C
Is WebRTC the Game Changer that Enterprise Video Needs?
E D I T O R’ S D E S K
SDN and NFV: Show Me the Business Benefits
k
kDOES SDN CHANGE EVERYTHING?When SDN and NFV deploy, they might not be what you expect. Here’s what to do now.
2 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 4
DATA MINE
WEBRTC TECHNOLOGY
PULSE CHECK
NETWORK FUNCTIONS
VIRTUALIZATION
THE VOICE OF EVOLUTION
NETWORK
ARCHITECTURES
EDITOR’S DESK | RIVKA GEWIRTZ LITTLE
SDN and NFV: Show Me the Business Benefits
Believe it or not, software-defined networking (SDN) is not about network gymnastics alone. We hear so much about the amazing things SDN can do in the network—flexibility, automation, virtual-ization, orchestration. But we don’t hear enough about how SDN will meet business goals.
As with any new, groundbreaking tech-nology, it’s fun to focus on the wow factor. But it’s crucial to ask the hard questions about these new features: Do they result in a capital savings? Do they bring about real operational efficiency? Could they poten-tially earn us revenue?
Because there is so little SDN in produc-tion right now, there are not enough an-swers. As a result, network engineers who are facing an immediate need for upgrade must consider investing in legacy equip-ment that could eventually lend itself to a next-generation network migration. They’ll continue to do this until they can find clearer answers to what SDN can do for them.
In this issue of Network Evolution, SearchNetworking editor Chuck Moozakis talks to engineers about how they are navi-gating the path to network upgrade keep-ing in mind the eventual implementation of
With all the excitement about programmable networks, is the technology ready to meet business needs?
3 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 4
NETWORK
ARCHITECTURES
DATA MINE
WEBRTC TECHNOLOGY
PULSE CHECK
NETWORK FUNCTIONS
VIRTUALIZATION
THE VOICE OF EVOLUTION
SDN. In the story, Current Analysis analyst Mike Fratto tells us, “There is a lot of hype around SDN, which is good if your job is to follow all that stuff. But if you are designing networks, not so much.” Fratto and a host of others warn engineers that they must treat legacy networks as if they’ll still be around for a while. Meanwhile, they’ve got to keep an eye on emerging SDN standards and applications, and begin to implement the technology for isolated purposes.
The good news is that in the service pro-vider network, where operators are already
moving ahead with SDN and network features virtualization (NFV) de-ployments, engineers are finding answers to how the technology will pro-vide measurable results.
While NFV was at first touted as a road to capital investment savings, now operators are finding that it will prove a clearer path to operational savings and potentially even to revenue generation. SDN and NFV both enable automated service chaining, or the dynamic provisioning of network services that support applications. Whereas net-work operators once had to manually build firewalls and load balancers to support fluid applications, they can now provision them dynamically. This will eventually allow ser-vice providers to charge for specialized net-work services that will no longer be difficult to deploy.
“While there are still challenges in using NFV to impact service velocity in a signifi-cant way,” writes analyst Tom Nolle in his feature, “the technology can already enable a new range of service features that will be
Engineers must treat legacy networks as if they’ll
still be around for a while.
4 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 4
NETWORK
ARCHITECTURES
DATA MINE
WEBRTC TECHNOLOGY
PULSE CHECK
NETWORK FUNCTIONS
VIRTUALIZATION
THE VOICE OF EVOLUTION
used to produce revenue. NFV will allow operators to offer context-aware network services, or the ability to ensure varying levels of service and performance accord-ing to application, user or location.”
More carrier solutions will continue to emerge as operators further deploy these technologies. And enterprise solutions will also begin to unfold as large firms deploy
SDN in their data center. Smaller enter-prises and cloud providers will look to these larger players to determine how to proceed.
We’ll be here to tell the story as it un-folds. n
Rivka Gewirtz Little
Executive Editor, Networking Media Group
5 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 4
Ω SDN is promising to upend the nature of network archi- tectures. How fast will it evolveand what should network archi-tects do in the meanwhile?
When Joe Rogers sits with his team to map out the University of South Florida’s 2014 networking strategy this month, there will be a lot more at stake than whether to upgrade to the newest router. For Rogers, senior network engineer at the university, everything is on the table—and evaluat-ing whether next-stage network architec-tures such as software-defined networking (SDN) will fit into USF’s future infrastruc-ture is just one piece of the puzzle.
“The biggest challenge is how quickly
Network Architectures
SDN Changes Everything in Network Architectures—Or Does It?
BY CHUCK MOOZAKIS
NETWORK
ARCHITECTURES
DATA MINE
WEBRTC TECHNOLOGY
PULSE CHECK
NETWORK FUNCTIONS
VIRTUALIZATION
THE VOICE OF EVOLUTION
6 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 4
everything is changing,” said Rogers. “There is no consensus within the industry, and certainly no standardization. You talk to one vendor and get their solution; talk to another one and you get another one.”
“It’s almost funny,” said Mike Fratto, principal analyst, enterprise networking and data center technology, at Sterling, Va.-based Current Analysis. “In some ways there is way too much information and in others not enough. There is a lot of hype around SDN, which is good if your job is to follow all that stuff. But if you are design-ing networks, not so much. Compounding
the problem is this: A lot of these technologies are so new that the benefits aren’t always evident, and I bring this up because a lot of enterprises consume
their new technology through value-added resellers, and the VARs aren’t up to speed with what’s going on with their chosen vendors.”
Networks Are Always in Flux, but This Evolution Is DifferentOf course, change—in and of itself—is noth-ing new for networking pros. The history of networking is underscored by the myriad evolutions that have burnished the indus-try—from mainframes to processors and from asynchronous transfer mode to IP. Yet SDN—and its associated management com-ponents—is a development that represents an utter transformation of conventional networking. At the same time, the underly-ing physical network—with its collection of legacy protocols and legacy challenges—is
Change is noth ing new for networking pros.
NETWORK
ARCHITECTURES
DATA MINE
WEBRTC TECHNOLOGY
PULSE CHECK
NETWORK FUNCTIONS
VIRTUALIZATION
THE VOICE OF EVOLUTION
7 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 4
not disappearing. For Rogers, and his peers at organizations large and small, making sure their core networks are up to date even as they assess the potential impact of next-stage networking is mission No. 1.
“There have been a lot of rapid devel-opments in other areas, like wireless, but those are all standards-based,” thus eas-ing the migration, Rogers said. SDN’s stan-dards, such as they are, remain in flux, providing another level of uncertainty.
“I’m not going to deploy an app that doesn’t have standards.”
Rogers has the funding to upgrade the school’s existing three data cen-ters, which are anchored by Cisco Catalyst 6500 switches. He’s examining
all of the latest devices, including Cisco’s Nexus 7000 and 9000 series, to determine what will best serve USF’s needs in the coming years. A key requirement: the abil-ity to migrate virtual machines between data centers and keep the same IP address space.
“That’s something we can’t do today, but it is something we can do with future tech-nologies, whether they are SDN or [Cisco’s] LISP [Location Identifier Separation Pro-tocol], or via multiprotocol label switching (MPLS), so we are trying to find the best way to provide that,” Rogers said. “ I still don’t think any vendor has really stepped up to answer the question of how to take the workload and move it at Layer 2 be-tween two data centers and have that traffic go efficiently.”
A robust Layer 2/Layer 3 foundation, in
“I’m not going to deploy an app that doesn’t
have standards.”
—Joe Rogers, Senior network engineer
NETWORK
ARCHITECTURES
DATA MINE
WEBRTC TECHNOLOGY
PULSE CHECK
NETWORK FUNCTIONS
VIRTUALIZATION
THE VOICE OF EVOLUTION
8 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 4
fact, will remain a key ingredient of USF’s future infrastructure regardless of Rogers’ decision—whether that includes VMWare’s NSX, Cisco’s Application-Centric Infra-structure (ACI) or some other next-stage topology.
“You need that reliable infrastructure for the NSX tunnel to be supported,” Rogers said, adding that he believes that the Trans-parent Interconnection of Lots of Links protocol may be the standard that will en-able the scaling up of bandwidth necessary to support future network designs.
Overlays Cannot Replace Core Network UpgradesFor his part, Seattle-area network architect Teren Bryson said curiosity about virtual overlays and tunnels can’t displace the
need among enterprises to shore up their core networks. “Unless you are trying to solve a specific problem, SDN might factor into the equation, but it doesn’t necessarily sway the buying decision.” Case in point: switches that support OpenFlow. Although the protocol is being touted as a standard through which SDN networks can be pro-grammed independently, Bryson said there is no guarantee OpenFlow will ultimately prevail—particularly as vendors jockey for position. “If I were going to put a lot of money down on new core switches today, I’m not sure there is anything out there that would cause me to move from one platform to another,” he said. “It’s cool to look at, but I don’t think this will be the cycle [in which SDN-centric decisions will be made].”
That said, Bryson is holding off on core upgrades—for now. A longtime Cisco
NETWORK
ARCHITECTURES
DATA MINE
WEBRTC TECHNOLOGY
PULSE CHECK
NETWORK FUNCTIONS
VIRTUALIZATION
THE VOICE OF EVOLUTION
9 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 4
customer, Bryson said he will be upgrading some of his existing Catalyst 6500 switches into the Nexus line, but Cisco’s November unveiling of its Nexus 9000 and ACI strat-egy has delayed his purchasing decision un-til he gets more information.
“If I were able to build a data center from scratch, my decision would be completely different because I wouldn’t have to lever-age the millions of dollars in existing equip-ment that I have.
“So we will take a look at all of it, and when it comes to what we will do, it will be definitely incremental, with some dabbling at the edges with SDN. As far as production and purchasing decisions, we are not quite there yet. But no matter how much virtu-alization goes on top, you still need to have gear [to interact with it] on the underside.”
Michael Martin, a New York-based global
infrastructure architect for security and networks, said the bigger issue for next-stage network design may hinge upon apps with the ability to multiplex and diver-sify how they communicate. Application models must be able to take advantage of multithreading and multi-transactional processing, he explained. “This is where you can see, at the application layer, mak-ing the most efficient use of capacity. As an engineer, I hear every day, ‘Why is network so slow?’ It’s not slow; it’s the application.”
A Delicate Transition to New Network Architectures Upgrading networks is a very delicate tran-sition, said Dave Chandler, practice lead for enterprise networks at St. Louis-based systems integrator World Wide Technology
NETWORK
ARCHITECTURES
DATA MINE
WEBRTC TECHNOLOGY
PULSE CHECK
NETWORK FUNCTIONS
VIRTUALIZATION
THE VOICE OF EVOLUTION
10 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 4
Inc. (WWT). “I think the industry is getting into a phase now where people understand that their networks—as they are—will be around for a very long time, but what they can do is investigate some of the low-hang-ing fruit potential of SDN.”
To clients with questions about where to invest in their core networks, Chandler said he ultimately advises them to sit tight.
“I believe we are looking at two things right now,” he said. “The initial push was development of southbound APIs, so there
was a lot of talk about OpenFlow and vendor-specific APIs. Now I think the second shift is over the programmatic access to the network, and now we don’t care so much how we talk on the southbound
API from the controller. There is much more interest in the controller and the ap-plications the controller can run.”
To that end, legacy protocols such as command-line interface and simple net-work management protocol may have to bridge the gap between legacy network-ing and SDN. “The simple legacy protocols that I’m using today”—that is, protocols that will enable administrators to continue to use their existing gear and without hav-ing to upgrade software—“I can continue to use … but more in a controller-operation model,” Chandler said.
As the industry moves forward and sees a better or richer development of APIs or OpenFlow, organizations can then upgrade but remain grounded in a controller-opera-tion model.
Network administrators will be able
Legacy protocols may have to bridge the
gap between legacy network ing and SDN.
NETWORK
ARCHITECTURES
DATA MINE
WEBRTC TECHNOLOGY
PULSE CHECK
NETWORK FUNCTIONS
VIRTUALIZATION
THE VOICE OF EVOLUTION
1 1 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 4
to take a page from cloud’s evolution to help them map their migration paths, said Chandler.
“We will begin to build out, maybe a net-work management tool or some sort of programmatic access tool, that will per-mit us to use our old mechanisms and then move them into this new process over time. It won’t be a big bang. Cloud wasn’t a big bang.”
Likewise, overlay networks and ap-proaches that rely on traditional legacy protocols to serve as southbound APIs out of the controller will ensure that legacy networks continue to thrive.
“The message is to continue to invest in
existing infrastructure, and at WWT we are still training and demonstrating the net-works we have been training and demon-strating for years,” Chandler said, adding that where a next-stage implementation might make sense, say, for a network tap, WWT is showing its clients how an SDN-flavored tap would differ from a conven-tional device.
“It’s doing the same function, but a dif-ferent capability because it’s coming from a controller,” Chandler said. “This is how we can help the customer decide where is the right place to continue legacy investments and where to move into SDN, at least ini-tially.” n
NETWORK
ARCHITECTURES
DATA MINE
WEBRTC TECHNOLOGY
PULSE CHECK
NETWORK FUNCTIONS
VIRTUALIZATION
THE VOICE OF EVOLUTION
12 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 4
n=1,000; Source: Uptime Institute’s 2013 Annual Data Center Industry survey
k What are the top three technology challenges in running your network?
Business challenges are often the root of technical issues. The biggest business challenges are often internal issues.
N=1,836; TechTarget 2013 Network Purchasing Intention Survey
k Where will you invest in 2014?
Network monitoring and management is this year’s top investment priority.
k Where are your network management “blind spots”?
BYOD blind spots far outrank any other management concern.
Data Mine
Corporate doesn’t match the
tech budget to tech demand
Vendor support
Keeping IT and corporate goals aligned
Network monitoring
BYOD/ Consumer
devices
Cloud Computing
Wireless LAN
Network performance management
Network security monitoring
NETWORK
ARCHITECTURES
DATA MINE
WEBRTC TECHNOLOGY
PULSE CHECK
NETWORK FUNCTIONS
VIRTUALIZATION
THE VOICE OF EVOLUTION
13 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 4
NETWORK
ARCHITECTURES
PULSE CHECK
NETWORK FUNCTIONS
VIRTUALIZATION
THE VOICE OF EVOLUTION
WEBRTC TECHNOLOGY
Ω If WebRTC means anybody,using any browser, can launch video chat, will it take over enterprise video?
Web Real-Time Communications (WebRTC)—a technology that enables video, talk and text through simple Web browsers—is set to turn enterprise collabo-ration on its head.
The open source technology from Google, which is now a standard in development with the IETF, could lead to inexpensive and interoperable video in the business world, where large enterprises have been forced to invest hundreds of thousands of dollars in collaboration architecture, and where smaller companies couldn’t even
WebRTC Technology
Is WebRTC the Game Changer that Enterprise Video Needs?
BY DAVID GEER
DATA MINE
14 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 4
NETWORK
ARCHITECTURES
PULSE CHECK
NETWORK FUNCTIONS
VIRTUALIZATION
THE VOICE OF EVOLUTION
WEBRTC TECHNOLOGY
consider the technology due to price and complexity.
WebRTC will enable real-time video communications in browsers without re-quiring the downloads, plug-ins or installs that have slowed end-user adoption of pro-prietary video technologies. As a result, WebRTC has the ability reach the billion-plus existing Internet-connected mobile devices, in addition to every PC and Mac with an installed browser, says Rob Arnold, senior industry analyst at Frost & Sullivan.
The Inner Workings of WebRTC TechnologyThe IETF intends to embed video com-munications, accompanying audio, and text- and file-sharing capabilities into Web browsers using WebRTC protocols and the
JavaScript APIs that the World Wide Web Consortium (W3C) is developing.
The existing technology, Real-Time Communications (RTC), already offers browser-based clients for call control, pres-ent modifications and call handling to en-able browser-based video communication, but the IETF is designing WebRTC to make video work without the plug-ins, down-loads or installs that RTC relies on.
WebRTC requires specific new technolo-gies to bypass software client installs and browser plug-ins. “JavaScript and HTML5 are the main programming mechanisms for developers building WebRTC apps,” says Arnold. Developers will have to use Java-Script APIs and HTML5 programming to create video chat and video conferencing Web apps that work browser to browser. WebRTC also provides APIs so developers
DATA MINE
15 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 4
NETWORK
ARCHITECTURES
PULSE CHECK
NETWORK FUNCTIONS
VIRTUALIZATION
THE VOICE OF EVOLUTION
WEBRTC TECHNOLOGY
can optimize their browsers with the technology.
WebRTC supplies three APIs for develop-ers: The first API, GetUserMedia, identifies and captures the end-user microphone and camera for use in video chat. The second API, PeerConnection, enables audio/video call setup. The third API, DataChannels, supports peer-to-peer data sharing be-tween Web browsers.
Small Business Sees WebRTC Benefits WebRTC is free, compatible with multiple browsers and easy to use, so it is likely to bring video collaboration to even small companies.
“With WebRTC, there is no cost and no software to buy,” says Joan Vander-mate, vice president of marketing at
videoconferencing provider Vidyo. Cross-browser compatibility will bypass the pro-prietary standards and clients that don’t talk to each other. The fact that one propri-etary client or standard won’t work with another has put small businesses off from investing in video chat, because the busi-ness would not be able to meet with all the people and businesses that they would like, he said.
With WebRTC, end users need only click a link or paste a URL into a browser and enter the meeting. “You won’t have to download a client or plug-ins. There’s no complicated sign-in procedure you have to learn,” says Arnold.
This way, small businesses that don’t have IT teams to get over the hurdles of more complex video clients will be able adopt WebRTC-based video chat.
DATA MINE
16 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 4
NETWORK
ARCHITECTURES
PULSE CHECK
NETWORK FUNCTIONS
VIRTUALIZATION
THE VOICE OF EVOLUTION
WEBRTC TECHNOLOGY
“Adoption rates have a lot to do with user confidence. People will get more use out of the technology because it helps to have a critical mass of people with access to the same application so that they can use it to-gether,” says Arnold.
WebRTC Technology Brings New Collaboration to Large EnterprisesThe idea that WebRTC allows partners and customers outside the firewall to join inter-nal meetings also changes the role of video in the enterprise.
WebRTC’s compatibility protocols, STUN, ICE, TURN and RTP-over-TCP, en-able enterprises to use video chat even in a customer-support setting, allowing care representatives to demonstrate solu-tions to the customer using diagrams and
illustrations through video, for example.What’s more, WebRTC eases the burden
on IT staff. Previously, video conferencing was a scheduled event that required lead time to book a conference room and pre-pare equipment. With WebRTC, business users can launch impromptu video chats without scheduling. Plus WebRTC brings all of the plusses of enterprise video—multi-tasking and collaboration, less travel for in-person meetings—without the costly infrastructure and human resources investment.
What About Legacy Video Systems?WebRTC is not likely to be a loss for large enterprises that already own costly video systems and infrastructure.
“For the large enterprise that has already
DATA MINE
17 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 4
NETWORK
ARCHITECTURES
PULSE CHECK
NETWORK FUNCTIONS
VIRTUALIZATION
THE VOICE OF EVOLUTION
WEBRTC TECHNOLOGY
deployed video, WebRTC brings the cost of new software clients to zero,” says Van-dermate. WebRTC enhances legacy video-conferencing rooms and systems by adding value to these existing investments.
Now the enterprise can expand its eco-system of endpoints and reach more us-ers more cost-effectively. “Simply because you’re in a boardroom using an immer-sive or room-based conferencing system doesn’t mean there isn’t still value in con-necting a remote employee to your meeting using a WebRTC client,” says Arnold. “The interoperability piece is big as a way to sup-plement existing investments.”
WebRTC Technology: The Fight to Dominate a New StandardThe immediate challenge for the IETF
WebRTC project is to agree on the next WebRTC video codec to follow the cur-rent codec, Google’s VP8. The IETF rtcweb working group is not presently debating au-dio codecs or how text- and file-sharing will work with WebRTC.
Obstacles to interoperability include the fact that the current WebRTC video codec VP8 requires a gateway to talk to the H.264 video codec. This is the same issue that WebRTC’s VP8 has with legacy video cli-ents in general: It doesn’t speak their lan-guage (i.e., H.264).
“Cisco has been putting forth its H.264 advanced video codec that offers high-qual-ity video at low bit rates as a replacement for VP8,” says Arnold. But while today’s video hardware uses H.264 more com-monly, the codec has not been able to com-pete with Google’s open-source VP8 due in
DATA MINE
18 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 4
NETWORK
ARCHITECTURES
PULSE CHECK
NETWORK FUNCTIONS
VIRTUALIZATION
THE VOICE OF EVOLUTION
WEBRTC TECHNOLOGY
part to H.264 licensing fees. Cisco is now open-sourcing H.264 to
strengthen the position that the IETF should select that codec as the common format for the WebRTC protocol. In the meantime, Google and Vidyo are develop-ing the VP9 video codec, which is the next version of Google’s VP8 codec that the IETF currently favors over H.264. Google and Vidyo intend VP9 to run at half the bit
rate of VP8 while improv-ing video quality beyond that of VP8 and H.264. “Vidyo’s royalty-free Scal-able Video Coding exten-sion for VP9 will improve the codec’s video quality, moving it beyond that of its competitors,” says Vandermate.
While Mozilla has stood with Google, enabling VP8 compatibility with its Fire-fox browser, the browser developer now says it would enable compatibility with H.264 as well, given the open sourcing of that codec. Browsers currently compatible with WebRTC include Opera, Chrome (versions 23 and later) and Firefox (ver-sions 22 and later). Other interested orga-nizations include the W3C, Ericsson and innumerable real-time communications vendors.
Then you have companies like Micro-soft and Apple. WebRTC could threaten Microsoft’s Skype application and service. So Microsoft has submitted an alternate approach to WebRTC, its Customizable, Ubiquitous Real-Time Communication (CU-RTC-Web) to the W3C. “Microsoft’s motivations are multifold. Protecting
Browsers currently compatible with WebRTC
include Opera, Chrome (versions 23 and later)
and Firefox (ver sions 22 and later).
DATA MINE
19 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 4
NETWORK
ARCHITECTURES
PULSE CHECK
NETWORK FUNCTIONS
VIRTUALIZATION
THE VOICE OF EVOLUTION
WEBRTC TECHNOLOGY
Skype is certainly one of them,” says Arnold.
“I have a feeling that at some point Apple will simply implement WebRTC in its Sa-fari browser. They are not implementing it right now because they don’t have this up-date cycle as Google Chrome and Firefox do where they are updating their browsers all the time on the fly. They have these major versions like Safari 6, 7, 8, and they would like to be sure the standard (WebRTC 1.0) is stable,” explains Alexey Aylarov, WebRTC board member and CEO of online voice provider Zingaya, Inc.
The WebRTC Waiting GameWebRTC is on the horizon, but it won’t be fully standardized and turned into product in time for immediate investment.
The IETF could ratify the WebRTC pro-tocol and standard in two years, according to Arnold. Once that happens, developers will create increasingly mature Web apps for video chat and conferencing as demand for the technology grows. Once these apps emerge and are tested, it is very likely the enterprise will turn to WebRTC in larger numbers, even if that means to supplement existing video infrastructure. n
DATA MINE
20 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 4
Pulse Check
25+43+32
k What business benefits are expected from 2014 tech projects?WAN and LAN managers listed these as the top three:
• Operational efficiencies
• Increased employee productivity
• Simplified business processes
k What are the top three measures of an enterprise IT professional’s success?
• Ensuring the reliability of IT services
• Completing projects on time
• Meeting (individual) productivity goals
N=258; Source: TechTarget 2013 Annual Salary and Careers Survey (LAN and WAN Managers)
k Is your IT organization’s mood half full or half empty?
32% say the mood is optimistic
25% say the mood is pessimistic
what made the optimists most upbeat?Their companies encourage innovation.
what got the pessimists down the most?Limited career advancement.
43% were decidedly
neutral
takeaway
Companies expect more bang
for their buck with improvement in efficiency and
productivity.
takeaway
Reliability and meeting goals are top of mind for
organizations when evaluating
IT pros.
NETWORK
ARCHITECTURES
DATA MINE
WEBRTC TECHNOLOGY
PULSE CHECK
NETWORK FUNCTIONS
VIRTUALIZATION
THE VOICE OF EVOLUTION
21 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 4
NETWORK
ARCHITECTURES
DATA MINE
WEBRTC TECHNOLOGY
THE VOICE OF EVOLUTION
NETWORK FUNCTIONS
VIRTUALIZATION
Ω With NFV, operatorscan’t yet toss their expensive routers, but they may find increased revenue in a new level of service agility.
Network Functions Virtualization (NFV)–the technology that allows opera-tors to virtualize network functions and run them on less-expensive off-the-shelf servers–has generated quite the buzz with the promise of cost savings.
Yet despite initial dreams of tossing out expensive proprietary routers for com-modity servers, NFV’s path to network spending reduction is fuzzy. It remains un-clear whether the technology will ever of-fer the performance necessary to replace
Network Functions Virtualization
Will Network Functions Virtualization Ever Pay Off?
BY TOM NOLLE
PULSE CHECK
22 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 4
NETWORK
ARCHITECTURES
DATA MINE
WEBRTC TECHNOLOGY
THE VOICE OF EVOLUTION
NETWORK FUNCTIONS
VIRTUALIZATION
proprietary routing and other core network functions in large-scale networks.
However, NFV will enable the virtualiza-tion of plenty of other network features, and will lead to a new level of service agility. With that, the technology promises an even more enticing promise than operational cost savings: It could mean new service revenue.
The idea is that NFV will let operators virtualize network appliances and services, which can then be dynamically provisioned and integrated into a larger orchestration context. Essentially, network services such as firewalling and load balancing will be provisioned as flexibly as the applications they support.
Until now, operators have been able to automate applications that live on vir-tual servers, but then they would have to
manually provision the supporting net-work services, sometimes even on a hop-by-hop basis. This manual process has been counterproductive to automated, orches-trated application provisioning.
NFV is still in its early stages, but if the technology eventually enables dynamic provisioning of network services, it could become the dominant network technology shift of the decade.
Service Agility, the Holy Grail of NFV When it comes to NFV, operators love to toss about the term “service agility.” That’s because currently it can take between two weeks and two months for operators to provision business services. Worse, if these services require new supporting infrastruc-ture, it can take more than six months of
PULSE CHECK
23 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 4
NETWORK
ARCHITECTURES
DATA MINE
WEBRTC TECHNOLOGY
THE VOICE OF EVOLUTION
NETWORK FUNCTIONS
VIRTUALIZATION
lab work and then additional time to build the new devices. With NFV, operators hope to avoid this lengthy deployment because services are created through software inte-gration and can be validated and deployed faster.
While NFV could clearly substitute for appliances like firewalls and load-balanc-ers, or even for internal components of IP Multimedia Subsystem, the catch will be in how much of a provisioned service is actually software-based. The more legacy equipment involved in provisioning a new service, the less impact NFV can have on service agility. And that will be a common dilemma, since operators won’t likely re-place access equipment. They won’t, for example, replace carrier Ethernet with hosted Ethernet switching. Even where an operator uses virtual switching, optical
transport and other deeper OSI functions won’t be converted into virtual functions. So in order to maximize NFV benefits, op-erators must extend NFV orchestration outside the boundaries of network func-tions to underlying legacy network. Ven-dors and operators are still working on strategies to extend NFV orchestration in this way.
New Network Features for Potential Review While there are still challenges in using NFV to affect service velocity in a signifi-cant way, the technology can already en-able a new range of service features that will be used to produce revenue. NFV will allow operators to offer context-aware network services, or the ability to ensure
PULSE CHECK
24 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 4
NETWORK
ARCHITECTURES
DATA MINE
WEBRTC TECHNOLOGY
THE VOICE OF EVOLUTION
NETWORK FUNCTIONS
VIRTUALIZATION
varying levels of service and performance according to application, user or location. Ultimately, providers will be able to charge accordingly for these granular services and performance assurances.
The ETSI specifications for NFV make it clear that NFV and cloud computing, or hosted applications, are very closely re-lated. A network function could eventually be composed and provisioned in exactly
the same way as a SaaS ap-plication. This could cre-ate a totally new model of services, blending net-work features with cloud computing or blending cloud-hosted application components with network services.
An example of this
would be distributed load-balancing for cloud bursting. In a model in which copies of an application are hosted in the cloud, but are dispersed and shared among users, NFV and its dynamic provisioning can be used to load balance effectively across sites and users.
This kind of granularity in management lets operators define QoS/QoE goals for a cloud application according to users’ spe-cific needs and meet those goals at the net-work level. Additionally, they can integrate managed security and availability features into applications dynamically. Network op-erators will use this capability to differenti-ate their own higher-level services by tying them directly to network behavior.
NFV services must offer this kind of inte-gration of applications and network behav-ior in order to be differentiated from other
The ETSI specifications for NFV make it clear
that NFV and cloud computing, or hosted applications, are very
closely re lated.
PULSE CHECK
25 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 4
NETWORK
ARCHITECTURES
DATA MINE
WEBRTC TECHNOLOGY
THE VOICE OF EVOLUTION
NETWORK FUNCTIONS
VIRTUALIZATION
cloud services. But there are also other im-portant features beyond transport/connec-tion QoS.
Network access security, as well as net-work resiliency and manageability, are all features that can be linked to the network and offered more easily and granularly with NFV. NFV’s dynamic distributed load-bal-ancing and management across data cen-ters or clouds will allow operators to secure sites from DDoS attacks, as well as to man-age an array of remote devices, and even to use IT tools for facilities management, to
make power usage deci-sions for example.
NFV could also be ex-tended to non-connec-tivity features of the network. Probably the most relevant of these
use cases is context-aware networking or the ability to make performance and pro-visioning decisions based on location, user activity and even social context. If users are busy, they don’t have to receive application access. Or they can receive varying levels of access depending on the type of application they need.
Ultimately, it’s not likely that NFV will introduce new services that couldn’t oth-erwise be provided. NFV is about function hosting, and there are many ways to host functions—from appliances to dedicated servers, through virtualization and via the cloud. But NFV will create a framework for deploying complex applications and oper-ating them with high reliability and low op-erational expenditure costs. This will allow operators to price even complex contextual applications at levels that are consistent
NFV doesn’t change the game, but it optimizes
how it’s played.
PULSE CHECK
26 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 4
NETWORK
ARCHITECTURES
DATA MINE
WEBRTC TECHNOLOGY
THE VOICE OF EVOLUTION
NETWORK FUNCTIONS
VIRTUALIZATION
with broad adoption and still make a satis-factory profit from their investment. It will also allow operators to bring new services to market faster, accelerating revenue real-ization and encouraging investment.
The future of carrier networking depends on a combination of utility for buyers and profit for the operators. NFV doesn’t change the game, but it optimizes how it’s played, and that’s just as important today. n
PULSE CHECK
27 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 4
NETWORK
ARCHITECTURES
DATA MINE
WEBRTC TECHNOLOGY
PULSE CHECK
THE VOICE OF EVOLUTION
THE VOICE OF EVOLUTION | MICHELE CHUBIRKA
Big Data Fail: Monitoring Can’t Buy You Network Security
Information security professionals are beginning to shake off their love affair with big data. Collecting, storing and pars-ing information is proving to be a prohibi-tively expensive and daunting endeavour. In our constant security-monitoring ef-forts, we’re discovering that our data glut-tony may just be making us fat and stupid, not omniscient as we hoped.
For years, we’ve been on a quest for more and better tools to process the truck-loads of information we’re gathering. But this has led us nowhere. We are like Dorothy dancing down a yellow brick road, hoping for Kansas, only to find a
fake wizard behind a curtain of smoke and mirrors.
Big Data Glut in Enterprise SecurityOnce, during a technical interview, a net-work security engineer on the panel told me that he always set syslog to debug on the firewalls he managed so that he could have everything, just in case he needed it. These were perimeter devices on a medium-sized enterprise network, but he told me he was accumulating about 30 GB of logs a day. I was flabbergasted, because that’s about the same amount of log data I saw when
We’ve heard big hype about big data, butsometimes it’s just too much information to analyze.
NETWORK FUNCTIONS
VIRTUALIZATION
28 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 4
NETWORK
ARCHITECTURES
DATA MINE
WEBRTC TECHNOLOGY
PULSE CHECK
THE VOICE OF EVOLUTION
I worked for a financial services provider that was located in three regions with around 400 firewalls.
The same company’s hiring manager told me his team was using a commercial log analysis product that licenses based upon the amount of data consumed, and like in most organizations, the team was struggling to decide whether to invest fur-ther or move to a less costly option, such as open source. Besides the heavy hard-ware and software investment, I asked whether he had considered other possible
consequences of so much monitoring, such as the increased risk of an out-age due to performance is-sues caused by processing logs during heavy traffic loads, or a denial of service
(DoS) attack. Needless to say, I didn’t get the job.
Prior to that job interview, I rode around on my high horse on the topic of advanced event correlation. I wanted every log, every event, with complete visibility, and I didn’t want to hear about the cost. If a mosquito landed on a switch in a remote hub-site, I demanded to have it logged with access to advanced analysis tools. Then I had to work in environments with budgets too tight for my flights of security fancy. I had to start getting smarter about what was collected, why and when. I was forced to justify ev-erything that we gathered, really thinking through how much intelligence I could gain from certain types of data. I asked myself, “Can I live without this?”
I began to wonder whether we had be-come like Connor MacLeod in the movie
I had to start getting smarter about what was
collected, why and when.
NETWORK FUNCTIONS
VIRTUALIZATION
29 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 4
NETWORK
ARCHITECTURES
DATA MINE
WEBRTC TECHNOLOGY
PULSE CHECK
THE VOICE OF EVOLUTION
Highlander. Is there some kind of digital quickening that leads to increasing levels of wisdom with every piece of data we ingest? Or are we just becoming organizationally obese from information we don’t have the time or resources to use?
We Could Have Seen the Big Fail in Big Data Coming It isn’t as if there haven’t been plenty of warning signs when it comes to the chal-lenges of dealing with big data. You only need to look at the 2008 economic melt-down. Even with access to data scientists, huge data sets and advanced predictability models, the financial industry’s failure was epic. Simply put, the financial world didn’t use the information available to prevent the disaster.
And the financial industry is not alone in its inability to make good use of big data. A 2012 SANS Institute survey shows that a whopping 35% of organizations spend “none to a few hours per week” on log anal-ysis. Probably the best example of the ex-cess of data collection is within intelligence organizations, which reportedly gather way more data than is ever analyzed. Even after shattering revelations from Edward Snowden on the extent of NSA surveillance, experts in the intelligence community have indicated that their data-mining efforts are pretty useless in detecting threats.
If the federal government with legions of contractors and a generous budget can’t get it right, why do we think that the en-terprise can do any better? Why do we continue to fall for the big data lie? Maybe because as author and former derivatives
NETWORK FUNCTIONS
VIRTUALIZATION
30 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 4
NETWORK
ARCHITECTURES
DATA MINE
WEBRTC TECHNOLOGY
PULSE CHECK
THE VOICE OF EVOLUTION
trader Nassim Taleb points out, “Big data may mean more information, but it also means more false information.” The fail-ure seems to be a case of confirmation bias, in which we fall into the trap of finding a pattern to match our beliefs, and that we want to believe we can predict what is often unpredictable.
What’s the message here? We need to manage our expectations, always consider-ing the big cost of big data. We need to re-member that in security, just as in Vegas, the odds are usually against us. Solving the problem will not be about a simple analysis tool, but about a paradigm shift in the way we monitor and analyze data. n
NETWORK FUNCTIONS
VIRTUALIZATION
31 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 4
CONTRIBUTORS
MICHELE CHUBIRKA, aka “Mrs. Y,” is a recovering Unix engineer with a focus on network security. She enjoys long walks in hubsites, traveling to security conferences and spending extended hours in the Bat Cave. Michele believes that every problem can be solved with a “for” loop. She also hosts a podcast called Healthy Paranoia, a security feed of Packetpushers.
DAVID GEER writes about security and enterprise tech-nology for international trade and business publications.
RIVKA GEWIRTZ LITTLE is the executive editor of Tech-Target’s Networking Media Group. She and the Network Media Group launched SearchSDN.com, a site on soft-ware defined networking and network programmability.
CHUCK MOOZAKIS is the site editor for SearchNetwork-ing. He has covered networking, telecommunications, new media, and newspaper and magazine production technologies for more than 25 years. Prior to joining TechTarget, Chuck was editor-in-chief at News & Tech and also served as senior editor for InternetWeek.
TOM NOLLE is president of CIMI Corporation, a strategic consulting firm specializing in telecommunications and data communications since 1982.
COVER PHOTOGRAPH: CRANACH/ISTOCK/THINKSTOCK
Network Evolution is a SearchNetworking.com e-publication.
Kate Gerwig, Editorial Director
Rivka Gewirtz Little, Executive Editor
Shamus McGillicuddy, Director of News and Features
Kara Gattine, Senior Managing Editor
Brenda L. Horrigan, Associate Managing Editor
Chuck Moozakis, Site Editor
Tessa Parmenter, Site Editor
Linda Koury, Director of Online Design
Neva Maniscalco, Graphic Designer
FOR SALES INQUIRIES, PLEASE CONTACT:
Doug Olender, Vice President/Group Publisher [email protected]
TechTarget, 275 Grove Street, Newton, MA 02466
©2014 TechTarget Inc. No part of this publication may be transmitted or reproduced in any form or by any means without written permission from the publisher. TechTar-get reprints are available through The YGS Group.
About TechTarget: TechTarget publishes media for information technology profes-sionals. More than 100 focused websites enable quick access to a deep store of news, advice and analysis about the technologies, products and processes crucial to your job. Our live and virtual events give you direct access to independent expert commentary and advice. At IT Knowledge Exchange, our social community, you can get advice and share solutions with peers and experts.
@WEBSITE
Visit us EMAIL
Contact usTWITTER Follow us