OpenStack Summit 2016: Netronome Offers Scalable Zero-Trust Security and Higher-Performance Connectivity with New 25G Adapter

Glen Hunt - Principal Analyst, Transport and Routing Infrastructure

Glen Hunt – Principal Analyst, Transport and Routing Infrastructure

Summary Bullets:

  • Increased east-west server-to-server data center traffic leaves traditional perimeter defense mechanisms challenged to provide adequate trust and privileges for virtual machines (VMs) while current zero-trust mechanisms consume valuable server resources.
  • Netronome’s new Agilio CX intelligent server adapter promises to deliver 25 Gbps of throughput; integration with Open vSwitch firewall and Mirantis OpenStack delivers the benefits of hardware acceleration and improved VM performance.

At the August 2016 OpenStack Summit, Netronome announced enhancements to its Agilio Server Networking Platform with the introduction of the Agilio CX dual-port 25GbE intelligent server adapter (ISA) and Agilio OVS Firewall software. The new platform is integrated with the Mirantis OpenStack solution, with the goal of easing cloud-based provisioning, and promises to improve performance and scale when implementing Linux Firewall-based as well as zero-trust security using OpenStack security groups. As service providers migrate their infrastructures to a data center model to meet growing demands for cloud-based services, issues such as scale and security increase ever more. Read more of this post

GigaSpaces’ Cloudify 3.4 Provides a Solution to Combine VMs and Containers

Glen Hunt - Principal Analyst, Transport and Routing Infrastructure

Glen Hunt – Principal Analyst, Transport and Routing Infrastructure

Summary Bullets:

Supports Both VM and Container Stacks: Cloudify 3.4 simultaneously supports VM stacks, container stacks and hybrid stacks; providing support for current VM deployments while migrating to more efficient container-based solutions.

Leverages Open Source Innovation: Cloudify 3.4 leverages open source innovations such as Kubernetes technology, which helps support distributed container-based applications and deliver the hybrid stack capabilities.

The new Cloudify 3.4 release from GigaSpaces removes significant deployment barriers for service providers (and enterprises) that are considering migrating their virtualization architectures from a virtual machine (VM)-based model to a more streamlined and efficient container-based architecture to support microservices. The merits of this transition are covered well in many industry blogs and reports and will not be the focus here. However, what’s new is that this new version of Cloudify supports both environments (VM and container) as well as a combination of the two (hybrid). This is an important capability, because as the industry moves beyond simply proving the basics of network virtualization, traditional service provider strengths such as performance, scalability and efficiency move front and center. Cloudify 3.4 promises to support current implementations while enabling new applications to be container-based, thereby providing users a flexible migration path to the future. In addition to the dual-stack support, the new release supports fully automated “in-place” infrastructure upgrades, which helps to minimize down-time and eases migration to new software versions without impacting on-going services.

Read more of this post

Software-Defined Wide-Area Network (SD-WAN): The New Use Case du Jour Is Being Well Received by Operators and Enterprises

Glen Hunt - Principal Analyst, Transport and Routing Infrastructure

Glen Hunt – Principal Analyst, Transport and Routing Infrastructure

Summary Bullets:

  • Operators seeking new revenue opportunities find SD-WAN a lucrative addition to their traditional enterprise service offering; enterprises like the idea of more transport choices and on-demand services.
  • Juniper is expanding its Cloud-Enabled Branch CPE solution by adding incremental SD-WAN support based on its virtual SRX, to deliver scalable and secure networking features.

Juniper joins its competitors in offering an SD-WAN solution. There is little doubt regarding service provider interest in delivering new, more agile WAN services, and even less doubt that enterprises will also see the benefits. Given today’s desire to have everything on demand, enterprises like the concept of controlling their networks from a central location and moving bandwidth and connectivity around based on real-time business needs. So, what is needed to deliver a compelling SD-WAN solution? It has already been established that virtual customer premises equipment (vCPE) solutions address many of these requirements. As described in Juniper’s earlier Cloud CPE launch, vCPE promises to enable operators to create and automatically deploy services faster, at industry-leading scale, in on-premises, cloud or hybrid service delivery models. Read more of this post

MEF 2.0 Service Certifications Still Necessary, 55 Service Providers Now Certified

Glenn Hunt

Glenn Hunt

Summary Bullets:

• CE 2.0 certified services form the foundation for “Third Network” connectivity services, enabled by emerging Lifecycle Service Orchestration (LSO), SDN, and NFV technology solutions.

• Some 55 service providers, to date, have earned CE 2.0 service certification, with 16 added in 2015, showing that aside from the march to SDN/NFV utopia, fundamental service delivery remains king.

Using the MEF’s upcoming Gen15 networking event in Dallas as a backdrop, it is obvious that vendors and operators alike continue to see the merits of obtaining CE 2.0 service certification in order to deliver on fundamental Ethernet services. Not only are vendors and operators spending the resources necessary to obtain certification, but they are also actively engaged in the upcoming Gen15 event. During 2015, trials and PoCs involving NFV and SDN are clearly moving to the very real beginnings of deployment – this is where the value of CE 2.0 really begins to shine. Not only can operators continue to offer an industry standard set of Ethernet services (E-LAN, E-Line, E-Tree and E-Access), but now with the added agility that is promised by NFV implementations (e.g., CE 2.0 as a virtual network function [VNF]), and with broad industry cooperation, customers can also expect that these more dynamic services will continue to be interoperable across vendor platforms and across multiple operators.
Read more of this post

ON.Lab’s ONOS Deployed in Two More Research Networks – New Applications Support WAN Scenarios

Glenn Hunt

Glenn Hunt

Summary Bullets:

  • Uses ICONA, an application developed on top of ONOS, to extend its capabilities to support intra-domain sessions which leverage BGP to established router-to-router connectivity.
  • Uses an ONOS SDN-IP peering application hosted on Americas Lightpaths (AmLight), creating SDN facility based on OpenFlow which interconnects five Latin American research and education networks (RENs).

ONOS continues to gain exposure and provide an effective platform for researchers and network developers to continue to evolve SDN-based solutions and help the industry transform from closed vendor-specific network devices to those using open software and COTS hardware. First, ON.Lab announced, in concert with GEANT, an ONOS deployment in a pan-European network that interconnects Europe’s national research and education networks; a second announcement, in concert with Florida International University, involved deployment to interconnect five Latin American RENs. Both announcements provide valid proof points to support the goal established by ON.Lab, which is to create a carrier-grade platform to host critical network applications using open source software. Read more of this post

Virtual EPCs Appear to be Gaining Momentum to Support New Services

Glenn Hunt

Glenn Hunt

Summary Bullets:

  • Virtual EPCs (vEPC) begin to see commercial application, but PoCs and trials still outweigh deployments by a wide margin.
  • Operators appear to be sampling the wares of multiple vendors before taking the plunge – small and larger vendors claim significant operator interest in their solutions.

Current Analysis recently updated its mid-year assessments of the products of the six primary mobile core vendors, all of which continue to add enhancements to their traditional physical EPC solutions; but over the past period they have also expanded their virtual EPC (vEPC) offers and note considerable traction (albeit mostly on the trial and PoC front) with operators from all geographies. This is only natural since the promise of network virtualization, if only partly realized, could significantly change network architectures, benefiting both consumers and operators. Read more of this post

ODL Gains Momentum with Lithium and ONF Gains Deployments with ONOS

Glenn Hunt

Glenn Hunt

Summary Bullets:

  • ODL’s third release (Lithium) appears to close the gaps from earlier versions, such as testing, performance, native support of OpenStack Neutron and broader community participation.
  • ONOS logs its first commercial/production deployment since its release in December 2014. It should mark the beginning of many more, as it touts the carrier-grade characteristics needed to run live traffic.

Why is the OpenDaylight (ODL) Lithium release (its third) an important step in the evolution of the controller? Although the details are many, several features stand out as being important for adoption in a service provider environment. These features include support for: quality of service data, because RestAPIs are more robust in the data identification process; service chaining, to provide the infrastructure needed to provision a service chain and provide the end-user application for defining it; rigorous testing, to characterize multiple use cases to help boost scalability and performance; and better support of security and automation, because with most network functions going virtual, the need for a security architecture becomes more critical, and the ability to automate functions to minimize human errors and improve productivity helps operators reduce the risk of security breaches while reducing overall operational expenses. Read more of this post