Making virtual a reality in your corporate networkBy Steve Coakley,
In my previous blog start investigations now for network virtualisation I discussed the benefits to a global enterprise of virtualised edge infrastructure. Quick and simple deployment of services at less cost is what the technology promises– but the inherent challenges of getting to the point of execution are less well understood. Just as mobile apps need an app store to develop and distribute them, NFV (Network Function Virtualisation) needs virtualised infrastructure to deploy into different parts of the network.
A dedicated platform is the best approach, enabling processes that can be put in place to test and secure the components and ensure edge devices are fit to run them. This is the complicated part, and there are three particular challenges that organisations need to be aware of:
1. Stop the lights (the red blinking ones)!
Virtualisation moves organisations away from one-box/one-application management, when flashing red lights would point to a problem that a vendor’s routine diagnostics could easily fix. Such straightforward demarcation changes with NFV because the function is abstracted from operations, making it harder to identify the root cause of an issue let alone resolve it.
2. Firewalls, where you need them, now!
Cloud and mobility have driven architectural changes in enterprise infrastructure, exponentially increasing an organisation’s attack surface. Connecting more sites directly to the internet exacerbates the problem; but SD-WAN and NFV can offer a solution if you know how to manage the virtualised infrastructure. By layering on a virtual platform, NFV components like firewalls can be rolled out more easily to a pre-installed SD-WAN edge device. For that there’s no truck-roll! Policy changes are made centrally and potentially pushed-out once. Such agile deployment is a big benefit for organisations but calls for a holistic approach to security management that will be a big challenge for many organisations.
3. Working on the (service) chain gang
Service chaining is a way to bring together different NFV components, applying and coordinating changes in one function to others in the chain. By deploying a catalogue of components in a virtual chain across a single network, organisations can connect and manage a range of services on commodity hardware. An SDN controller, for example, could be used to automate the way virtual network connections handle traffic flows across a chain. Such software provisioning is tantalising but difficult, made harder by a lack of clarity on where to start.
Having network infrastructure running on virtual circuits that can be deployed and dismantled as the business demands, mirrors the kind of agility organisations now expect when they access compute power from cloud providers. It doesn’t take much imagination to see how the combination could strategically benefit a business as it looks to innovate and test new markets. But it does take skill. Service chain provisioning and NFV orchestration are difficult to do.
The biggest challenge may be culture change and knowledge gaps if organisations want to see the optimum return from moving to more agile virtualised environments. The three examples above highlight why new skills are needed to attain control over a different kind of infrastructure. Relying on existing knowledge and resources – in and out of house – may not be enough and you risk locking yourself into a technology roadmap that’s inappropriate for your business.
Building the business case
Network virtualisation is still relatively new, At BT we’ve been at the centre of standards development since 2011 (we initiated and co-founded the ETSI NFV Industry Specification Group). We’re also working with closely with customers and partners to design and deploy services where the business case is strong. And its strength comes not from where we might expect - hardware cost-savings - but rather in reduced operational costs.
What we already know for certain is that creating a platform to underpin virtualised infrastructure is complex, expensive and demands highly specialist skills. We are not seeing many customers going the DIY route, and that’s unlikely to change in the foreseeable future because there is a scarcity of enterprise skills as well as that ‘tipping-point’ volume of proven use cases.
All this explains why it’s important when investigating virtualisation to consider a strategic partnership. In the next blog I’ll make the case for BT, one of the earliest movers on NFV technology.
Download our guide Build the infrastructure your business needs to thrive