Jumping the Shark

We were a recent guest blogger on SDx Central where we wrote about some emerging operational challenges facing NFV, including maintaining security integrity.

Securing NFV will be a key topic in 2015 as implementations from from labs and small-scale field trials to commercial implementations. There are many hurdles to first understand, and then overcome. In December we also presented some of our thoughts at a IEEE Standards Association study group on this very topic.

We’re entering an exciting phase in our industry. Realizing the commercial benefits of NFV rests on “crossing the chasm”, not “jumping the shark”.

At Nakina we’re excited to be playing a leading role in enabling this transformation. Visit our Resource Center to learn more and read our new whitepaper regarding Achieving Security Integrity in NFV Environments.


Another Security vulnerability…are we safe yet?

Another week, another security vulnerability makes headlines. As the software running in these network functions become more flexible, sophisticated and complex this trend will continue. After all, the data that networks carry is growing in value, and is valued by more 3rd parties in more ways.  Now Network Function Virtualization, (NFV, do we still need to introduce this acronym?), which moves more networking capabilities from hardware to software and provides a wealth of benefits also raises the question: what are the new security risks? Its clearly going to be an important topic as NFV starts to move from labs to the field the coming months and years. Security vulnerabilities may very well be the new normal. The questions in a NFV environment are: how do you perform Identity Access Management to both systems and humans? Are system interactions passing credentials in cleartext or storing cleartext passwords in an XML file? How do you apply service-aware, network wide, role based access policies? And when new vulnerabilities occur (and they will), how do you rapidly contain, isolate, and lock down your virtualized network?Security is one of the many considerations when “operationalizing” NFV. It’s a key area of focus for Nakina whose customers use our NI-GUARDIAN Identity Access Management solution to secure their networks.Nakina will be a speaker on a panel on this topic and an exhibitor at Carrier Network Virtualization, Dec 9-11 in Palo, Alto California.

Reflections on SDN World Congress

The middle seat on a transatlantic flight returning from the SDN and Openflow World Congress in Dusseldorf was an ideal setting to reflect and collect some thoughts about the event, the state of NFV in the industry, and my favourite movie…….#planestrainsandautomobiles
Keeping my socks on!!

Keeping my socks on!!

Being a service provider driven initiative, at this point, it is fairly safe to say that Network Function Virtualization (NFV) is more than a fleeting trend. The NFV track at the event by far garnered the greatest interest and participation. Many proofs of concepts are underway and it’s clear that virtualization technology will be used in carrier networks.Whether operators will be able to realize the degree of operational savings as well as new service innovation will rest largely on their ability to “operationalize” NFV. Moving from labs to field deployments require deployments at scale. This includes the ability manage and deliver services across heterogeneous networks (multi-technology, multi-vendor, and span physical and virtual networks). The management challenges and complexities that exist today will only be magnified in virtualized environments.
SDN and OpenFlow World Congress

SDN and OpenFlow World Congress

Managing security of virtual network infrastructures as well as virtual network functions is a critical (and seemingly overlooked today) operational consideration. Maintaining, updating, and managing the configurations of virtual network functions (VNFs) may very well be another significant operational hurdle – especially when VNFs can be located in more places, provided by more suppliers, and modified more regularly to keep up with the needs of the services they are supporting.
Dusseldorf

Dusseldorf

NFV is a transformation, or evolution, which will happen over time. This transformation is happening quickly, perhaps quicker than any in recent memory in our industry. “Operationalizing” NFV is one of the next frontiers and there are a lot of questions that remain unanswered.

Carrier Grade NFV

Carrier grade management of NFVi poses very similar challenges to those faced by Nakina’s customers in service orchestration.   There are a lot of attributes that define a carrier grade offering and here are some of them.
  • Scalability –   Real customers have networks of several thousand network devices and some of our customers have well over 100,000 devices.
  • Security – Real or virtual elements need to be secure.
  • Discovery and Device commissioning -  New devices and commodity hardware need more commissioning and initial setup than ever before.
  • Elastic Services – SDN services and NFV functions can scale in response increases in usage or demand.
  • Multiple Physical and Virtual Domains.  OpenFlow may provide elastic bandwidth capabilities, but this needs to be orchestrated with corresponding access configurations and computing resource configurations, which will be a combination of physical and virtual resources.
  • Software Development kit – A software development kit is needed to bring non-standard resources into the management and orchestration environment.
  • Open APIs / Third party Applications - An NFV Framework needs to provide open interfaces so that all information gathered and normalized can be made available to other OSS systems and software components.
  • Request bypass – Complete flexibility allows for a bypass capability allowing applications built on the NFV framework to directly address elements and software components to ensure rapid development.
  • Network Resource Store – An NFV framework needs to collect, normalize and store physical, logical, topology and service artifacts.
NFV and SDN will change the way we think of and manage telecommunications networks.   OSS systems will need to change to be more flexible, component based and open.   The capabilities outlined above are the result of many years of multi-vendor network management on some of the world’s largest telecom networks and Nakina has it!  The expertise that was required by the largest carriers in the growth of optical, MPLS, and mobile networks will be essential for all operators in the emerging world of virtual services.