By: Marc LeClerc
A storm is brewing at the network edge.
The very nature of networking is evolving rapidly as an ever-greater percentage of people’s daily interactions—both business and personal—are conducted electronically via communications networks. Pervasive device connectivity, the Internet of Things, the cloud and 5G are changing longstanding relationships and supply chains, driving the need for network infrastructures that are far more agile, can accommodate applications that span multidomain networks, can seamlessly integrate with legacy digital services, and can ease the deployment of new services based on new business models that push the envelope on current network architectures and capabilities.
Innovative technologies such as SDN, NFV, and virtualization have made possible great strides forward in delivering this vision—but big challenges remain.
First, given the mission-criticality of the network, those involved in the delivery of network services are rightfully concerned with network robustness, availability, and security. Because they don’t want to risk making the situation worse, they are inherently suspicious of vendor claims and are slow to change. On the silicon vendors’ side, fixed network ASICs are static in their capabilities and cannot evolve as fast as software to support the growing demand for automation and agility. Similarly, incumbent network equipment vendors have long development cycles and existing revenue streams they do not wish to disrupt, and consequently they are slow to engage new solutions such as SDN. Instead, they deliver limited agility and resist innovation. The result is a networking marketplace that, in the ten years since the inception of SDN, has still to deliver on the full promise of this technology.
In the meantime, the compute world has experienced a massive sea change with major impacts on networking: virtualization of network functions and the disaggregation of hardware from software provide greater agility in the deployment of networking solutions but at the cost of increased network complexity and new challenges for solution integration, operations, and scalability. Some of these challenges have come up somewhat unexpectedly: not all functions virtualize well because, by its nature, networking (large segments of non-repeating code and large segments of highly variable data) translates poorly to the cache-based architectures of general purpose processors, leading to hard limits on the scalability of many network functions and escalating costs that quickly overcame the benefits of executing these tasks on COTS hardware.
Another issue soon became apparent, too. As ever more traffic was transmitted encrypted, it forced those who extract commercial intelligence to move to more sophisticated ways of generating intelligence and security information based on network flows and usage patterns. The lack of real-time visibility and the limited capacity for conventional network hardware to generate telemetry limits the information available—and thus also limits the scope of information that can be generated by analytical tools and the potential for both automation and mitigation based on the generated analysis.
Another trend exerts great influence, too. The growth of east-west traffic across data centers and the use of ever more cloud-based processing has led to a particularly vexing issue: in most networks ingress and egress points at the network edge have become a morass of complex installations linking multiple layers of network monitoring and security tools (such as firewalls, packet brokers, DDoS prevention and DPI stacks). With the never-ending and exponential growth in traffic, multiple appliances are required to meet the throughput requirements. Also, as stated above, many of these tools have been virtualized, multiplying the number of servers for each function. The resulting tool farms each require a complex cabling setup, dedicated switching, network TAPs, and often their own load balancing. These ‘layers of tools’ each add their own latency to packet flows. They also multiply networking costs, place hard limits on scalability or drive up costs, and fix the order of execution of these networking functions.
A new approach to networking is needed to overcome these challenges, one that leverages the capabilities of programmable network forwarding planes at the network edge to bring network infrastructure into full partnership with both the applications that consume network resources and the multi-domain orchestration systems that coordinate information flows across enterprises, commercial clouds and the global communications network.