This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
Virtual Switching: What Might It Mean to the Enterprise?
When Intel announced it would be releasing a reference architecture for software-defined networking (SDN) and network functions virtualization (NFV), this naturally raised the question of whether hosted virtual switches and routers might be displacing real devices in networks. It's also raising a question about just how developments like SDN and NFV might be bringing the once-separate worlds of IT and networking together. At the least, Intel is signaling that such a marriage could change server design, and at the most it may be promising to drive the convergence along.
Virtual networking, virtual switching, SDN, and NFV have all gotten wrapped up in a wave of hype and confusion--no surprise. What's made it worse is that the network equipment vendors who are the logical linchpins of any sort of network change see all of these initiatives as potentially damaging to their near-term sales. Thus, most have been happy to spin yarns instead of making concrete and useful proposals. Intel might be able to change that.
Intel's concept is called the Open Network Platform (ONP), and it's a combination of a high-performance Xeon chip, specialized networking chips, and optimized software (from Wind River). The platform also includes a developer kit that's designed to facilitate the deployment of high-performance networking applications on servers.
An example is the vSwitch application that's increasingly used as an element in SDN strategies. vSwitches provide tunnel-based overlay network connectivity management, first to segment data center networks for public cloud hosting, and more recently as an element in an end-to-end software VPN strategy (Alcatel-Lucent announced this in early April, for example). NFV, a carrier initiative to host service features like firewalls on servers instead of using special appliances, also depends on efficient server handling of network connections, so a network super-server would support both NFV and SDN, which seems to be what Intel has in mind.
Network super-servers aren't necessarily designed to replace conventional network devices, though. The vSwitch concept still depends on there being a real underlying network built of real network devices, and if you look at the Intel ONP concept carefully, it seems clear that it's more about making a server into an effective termination point on a network than about building whole networks from ONPs. Any real-time network application in the data center or the cloud--such as UC or UCaaS--could benefit from the improved data-path handling that this would provide.
Thus, if ONPs begin to deploy in the cloud (albeit probably no earlier than 2014), they could drive greater interest in cloud-hosted UC. Since NFV is all about creating hosted versions of carrier services, it's also possible that Intel's support for NFV (they're an active participant in the process) would likewise promote carrier interest in offering UC services.
There's another possible impact of these SDN trends besides the growth of cloud UC services. If Intel encourages users to build enterprise networks whose "branch routers" are really ONP servers, then it would be easy for the enterprise to push virtual networks out to the branch--providing, of course, that somebody comes up with some compelling value proposition for that move. Even Alcatel-Lucent in its presentation of "software-defined VPNs" didn't offer a lot of detailed examples of how such VPNs change the game.
However, here's one possibility: Using end-to-end SDN to link not just users or servers but also applications. An example is that if every application were on its own software-created virtual network, and every such network were extended to the branch office, a vSwitch there could link users only to those application networks the users were entitled to access. This could create network-level security that could be better than what's available today using conventional firewall technology.
NFV can fit into the same picture. The same branch server, hosting things like SSL software or even in-line virus-scanning, could improve network security further. Management tools could also be hosted, not only to link remote offices with central enterprise network support, but even to provide network operators with surveillance in managed service applications.
Something like this might also make it easier to mix public cloud services with private data center applications. If you created a software virtual network for each of the public cloud services, they could be extended to workers as needed, and the vSwitch technology at the edge could prevent other traffic from riding along on the connection. That offers more control than putting the cloud service on a company VPN or making every user tunnel over the Internet to reach the cloud service. Further, the enterprise's own software virtual networks can be hosted in the cloud; in contrast, the enterprise can't install its own physical network devices within a service provider's cloud infrastructure.
From the first, there have been two camps in the SDN world. One (the OpenFlow movement being an example) has focused on controlling real network devices and managing traffic. The other (software virtual networks) has focused on controlling connectivity. Publicity has blurred the boundaries, but Intel's ONP may separate the two formally--and place itself in the latter camp--by nurturing the development of applications that are directly linked to vSwitches and that exploit servers as platforms for network features. If that happens, then it may cause network equipment vendors to expand their own vision of the future of networking and its role in both our work and our lives.
Follow Tom Nolle on Google+!
Tom Nolle on Google+