by Dave Martin, Vice President, Edgewater Networks
Year after year, I read about the “rapid rate of network commoditization.” Yes, it is indisputable. Even as network service providers have been investing billions to build out networks, the margins on connectivity services are shrinking and enterprises have more and more providers competing to get their business. To add insult to injury, market power has shifted to application and content providers—Google, Apple, Facebook, Salesforce.com and others—who are building high-margin businesses on the backs of the service provider networks.
Plenty of network service providers are fighting back and launching managed services in an attempt to elevate their brand’s value, generate new revenue streams and hold onto their customers and profits. It’s not an easy transition; the new services must be deployed without degrading existing connectivity services and without costly network upgrades. Additionally, SMBs and SOHOs represent the largest market opportunities for managed services. Providers must slash operating expenses and simplify enterprise-class platforms to win a share of this large and more cost-sensitive managed services market segment.
Fortunately, there are exciting alternatives being developed that build on Software Defined Networking (SDN) and Network Function Virtualization (NFV) advancements to enable affordable and profitable managed services for businesses of all sizes.
Getting Above the Fray: Taking Managed Services Further With SDN and NFVSDN gives service providers an evolutionary path for radically evolving network architectures by separating the control and data planes used to process and forward network traffic. This separation allows the provider to scale both planes in a very efficient manner. Additionally, instead of reconfiguring dozens of legacy network devices, many with proprietary interfaces, SDN centralizes intelligence in the service provider’s core, leaving individual routers or switches to handle simple forwarding. This dramatically simplifies configuration and network wide policy enforcement.
NFV enables the virtualization of many generic network functions such as IP routing, firewall, IDS/IPS, server load balancing, caching and VoIP B2BUA. Virtualization brings to these network functions all of the usual benefits: simplified provisioning, increased flexibility, improved performance and reduced costs.
An added benefit of NFV is the ability to share network functions in a multi-tenant environment. In the past, most network solutions have been designed with a one-to-one relationship between a tenant and the set of network functions being delivered. To scale the solution, the applications running on one blade would have to be replicated on another blade to support a new client. Alternatively, some solutions use a large, proprietary and expensive appliance in the datacenter to support multiple tenants with software-controlled partitioning.
It is possible, however, to build a cost-effective multi-tenant solution with NFV. Each network function can run in a process, which can be called by tenants as needed, at any time. This allows the service provider to leverage the cost-performance curve of industry-standard server blades and deploy scalable services using familiar technology components (database software, VM hypervisors, layer 2 switches in the core, etc.). If implemented in conjunction with SDN-enabled infrastructure service providers can dramatically reduce their costs and speed time to market for new services.
Example: An IP-Based Security ServiceConsider these SDN/NFV advancements within the context of introducing a managed security service for SMBs. Small and medium businesses are under attack, with cybercrime on the rise and extremely negative consequences associated with breaches that put customer credit card and identity information at risk. Complicating matters is the fact that legacy perimeter-based security solutions have become less effective with the proliferation of internal wifi hotspots, the increase in BYOD usage and the rapid adoption of cloud services. It is now commonplace to store critical data on both public and private clouds blurring the lines between “trusted” and “untrusted” networks. Even those SMBs with the desire and financial resources to build and manage their own security infrastructure have found it difficult to find qualified, knowledgeable IT personnel. The complexity of cyber-threats has clearly outpaced the ability of SMBs to adequately protect themselves. There is huge demand for an affordable managed security service yet service providers cannot profitably pursue this opportunity using the traditional approach of dedicated security appliances located in the datacenter or on-site at the SMB location.
SDN’s centralized control functions and NFV’s level of abstraction can dramatically lower the entry costs for the customer and the operating costs for the service provider. Instead of a rack of dedicated network and security appliances for each customer site, a simple CPE device can be designed to work in tandem with NFV-based software in the datacenter. All logic and policy enforcement can be done in the datacenter and implemented in a scalable manner using a multi-tenant approach. For example, a firewall process can provide application-layer filtering and be scaled independently from any other software by adding blades to the host VM/hypervisor running the application.
Using this design, the service provider is now positioned to roll out additional managed security services like IDS/IPS, anti-virus, URL filtering and more on the same platform. New services can be introduced without requiring additional dedicated CPE appliances and without network-wide software reconfiguration or updates. The business model improves as the service portfolio expands.
Keep Your Eyes on the EdgeThe next generation of network infrastructure will revolutionize the edge and service delivery and give service providers a highly effective weapon with which to counter the margin-eroding effects of commoditization. Until they hit the market, service providers can look at the existing edge platforms for delivering managed IP-based services. Start discussions today with the market leaders who have demonstrated success at the edge and who know how to work with service providers (and not compete with them). Find out how they plan to use SDN/NFV to lower operating costs, maximize service levels and scale functionality across multiple sites, clients and applications. The news at the edge is good – stay tuned for more details.
Dave Martin is a recognized expert in network edge technology and managed service platforms for the delivery of IP-based voice, video and data services. He currently serves as Vice President of Marketing for Edgewater Networks.