Carrier Class NFV – A Guest Blog by Charlie Ashton, Wind River

Charlie Ashton Wind River

Nakina is pleased to welcome Charlie Ashton, Director of Business Development at Wind River, as a guest blogger:

If 2014 was the year NFV became a leading industry buzzword, 2015 may very well be the year when rubber meets the road and the operational realities of implementing carrier class networks become evident. While virtualization is by no means new (enterprise class data centers have been virtualizing servers for a decade), service provider networks present new challenges and requirements.

For instance a service provider workload, unlike common enterprise workloads, requires critical data plane capabilities which, in most cases, are involved in the delivery of services to hundreds of thousands (or more) subscribers. Examples include elements in the Evolved Packet Core (EPC) of a 4G LTE mobile network. Additionally, telecom networks have critical requirements in terms of availability, performance and security. Many Virtual Network Functions (VNFs) need deterministic, low-latency performance, which must be guaranteed by the NFV Infrastructure (NFVI) software.

Assuring the integrity of the network is critical in order to ensure seamless and continuous operation. Configuration parameters of NFVI and VNF components must be maintained to ensure that their performance supports Service Level Agreements (SLAs) for both business and consumer services, implying a mix of real-time, content-rich and interactive applications. It is easy to see how this becomes more challenging in virtualized networks in in which configurations are more dynamic, workload performance is key and protecting the security integrity of the environment critical.

The joint solutions from Wind River and Nakina address many of the looming operational complexities in NFV. Wind River Titanium Server is the industry’s first fully-integrated and feature-complete NFV software platform. It’s the only platform to guarantee six-nines (99.9999%) uptime for NFV infrastructure. No other commercial server solution enables service providers to maintain the rigorous uptime required as networks transition to a virtualized infrastructure. Nakina’s management and orchestration enablement solutions include a suite of orchestratable applications used to assure network and operational data integrity in physical and virtual networks. These applications continuously audit VNFs and NFVIs to ensure that configuration parameters match those expected by orchestrators, inventory and other OSS systems. Nakina also protects the security integrity of networks, enforcing and tracking the appropriate role-based access policies enforced end-to-end for both personnel and processes (like orchestrators, element management and VNF managers).

Wind River and Nakina will jointly present these and other topics from March 2nd through 5th at Mobile World Congress 2015 in Barcelona. Visit Wind River in Hall 7 Stand 7J65 and visit Nakina in Hall 7, Stand 7J11 .

We look forward to seeing you in Barcelona!

Is the Orchestrator the Brain of NFV?

This was the question posed towards at the end of a recent NFV roundtable discussion hosted by VanillaPlus which included colleagues from Ericsson, Cisco, JDSU, TMForum, Analysys Mason and Nakina. At the time, my knee-jerk response was “yes”.

Is an orchestrator really the brain? I’ve been thinking a lot about that question over the last week. On the one hand, an orchestrator is a central controller for NFV. Its main responsibilities are orchestration of NFVI resources and management of network services between VNFs (or service chaining). But how does an orchestrator decide what actions to take? Does it learn and make its own decisions after processing inputs from multiple sources, like analytic engines, or is it instructed by other systems, like policy engines? Is it the master controller (i.e. like a brain) or is a slave (i.e. another system that acts based on instruction from other sources)?

Orchestration is also only part of an overall MANO (management and orchestration) strategy. Orchestrators will be supported and supplemented by other “intelligent” management systems like VNFMs and VIMs. It is also unlikely that there will be only one master orchestrator. Many service providers are discussing domain-specific orchestration, with multiple orchestrators which would then be federated together in some fashion. Does this mean that there are multiple brains?

Unquestionably, the orchestrator plays a crucial role. But policy managers, OSS/BSS, analytic sources, VNF managers, and other orchestrators are some of the pieces that will comprise a complete solution. Physical networks are not disappearing and legacy networks will continue to be involved in end-to-end service delivery so service orchestration will need to span all these environments. We are still in the early days and there will be growing pains. Over time some questions will become clearer and others will emerge.

Is an orchestrator the brain of NFV? I would say “not really”. What do you think?

Visit our resource center to read more about some of our solutions or contact us.

Jumping the Shark

We were a recent guest blogger on SDx Central where we wrote about some emerging operational challenges facing NFV, including maintaining security integrity.

Securing NFV will be a key topic in 2015 as implementations from from labs and small-scale field trials to commercial implementations. There are many hurdles to first understand, and then overcome. In December we also presented some of our thoughts at a IEEE Standards Association study group on this very topic.

We’re entering an exciting phase in our industry. Realizing the commercial benefits of NFV rests on “crossing the chasm”, not “jumping the shark”.

At Nakina we’re excited to be playing a leading role in enabling this transformation. Visit our Resource Center to learn more and read our new whitepaper regarding Achieving Security Integrity in NFV Environments.


Another Security vulnerability…are we safe yet?

Another week, another security vulnerability makes headlines. As the software running in these network functions become more flexible, sophisticated and complex this trend will continue. After all, the data that networks carry is growing in value, and is valued by more 3rd parties in more ways.  Now Network Function Virtualization, (NFV, do we still need to introduce this acronym?), which moves more networking capabilities from hardware to software and provides a wealth of benefits also raises the question: what are the new security risks? Its clearly going to be an important topic as NFV starts to move from labs to the field the coming months and years. Security vulnerabilities may very well be the new normal. The questions in a NFV environment are: how do you perform Identity Access Management to both systems and humans? Are system interactions passing credentials in cleartext or storing cleartext passwords in an XML file? How do you apply service-aware, network wide, role based access policies? And when new vulnerabilities occur (and they will), how do you rapidly contain, isolate, and lock down your virtualized network? Security is one of the many considerations when “operationalizing” NFV. It’s a key area of focus for Nakina whose customers use our NI-GUARDIAN Identity Access Management solution to secure their networks. Nakina will be a speaker on a panel on this topic and an exhibitor at Carrier Network Virtualization, Dec 9-11 in Palo, Alto California.

Reflections on SDN World Congress

The middle seat on a transatlantic flight returning from the SDN and Openflow World Congress in Dusseldorf was an ideal setting to reflect and collect some thoughts about the event, the state of NFV in the industry, and my favourite movie…….#planestrainsandautomobiles
Keeping my socks on!!

Keeping my socks on!!

Being a service provider driven initiative, at this point, it is fairly safe to say that Network Function Virtualization (NFV) is more than a fleeting trend. The NFV track at the event by far garnered the greatest interest and participation. Many proofs of concepts are underway and it’s clear that virtualization technology will be used in carrier networks. Whether operators will be able to realize the degree of operational savings as well as new service innovation will rest largely on their ability to “operationalize” NFV. Moving from labs to field deployments require deployments at scale. This includes the ability manage and deliver services across heterogeneous networks (multi-technology, multi-vendor, and span physical and virtual networks). The management challenges and complexities that exist today will only be magnified in virtualized environments.
SDN and OpenFlow World Congress

SDN and OpenFlow World Congress

Managing security of virtual network infrastructures as well as virtual network functions is a critical (and seemingly overlooked today) operational consideration. Maintaining, updating, and managing the configurations of virtual network functions (VNFs) may very well be another significant operational hurdle – especially when VNFs can be located in more places, provided by more suppliers, and modified more regularly to keep up with the needs of the services they are supporting.
Dusseldorf

Dusseldorf

NFV is a transformation, or evolution, which will happen over time. This transformation is happening quickly, perhaps quicker than any in recent memory in our industry. “Operationalizing” NFV is one of the next frontiers and there are a lot of questions that remain unanswered.

Carrier Grade NFV

Carrier grade management of NFVi poses very similar challenges to those faced by Nakina’s customers in service orchestration.   There are a lot of attributes that define a carrier grade offering and here are some of them.
  • Scalability –   Real customers have networks of several thousand network devices and some of our customers have well over 100,000 devices.
  • Security – Real or virtual elements need to be secure.
  • Discovery and Device commissioning -  New devices and commodity hardware need more commissioning and initial setup than ever before.
  • Elastic Services – SDN services and NFV functions can scale in response increases in usage or demand.
  • Multiple Physical and Virtual Domains.  OpenFlow may provide elastic bandwidth capabilities, but this needs to be orchestrated with corresponding access configurations and computing resource configurations, which will be a combination of physical and virtual resources.
  • Software Development kit – A software development kit is needed to bring non-standard resources into the management and orchestration environment.
  • Open APIs / Third party Applications - An NFV Framework needs to provide open interfaces so that all information gathered and normalized can be made available to other OSS systems and software components.
  • Request bypass – Complete flexibility allows for a bypass capability allowing applications built on the NFV framework to directly address elements and software components to ensure rapid development.
  • Network Resource Store – An NFV framework needs to collect, normalize and store physical, logical, topology and service artifacts.
NFV and SDN will change the way we think of and manage telecommunications networks.   OSS systems will need to change to be more flexible, component based and open.   The capabilities outlined above are the result of many years of multi-vendor network management on some of the world’s largest telecom networks and Nakina has it!  The expertise that was required by the largest carriers in the growth of optical, MPLS, and mobile networks will be essential for all operators in the emerging world of virtual services.