BACKGROUND IMAGE: iSTOCK/GETTY IMAGES
All the advantages of server and storage virtualization mean very little if VMs are bound to a physical network....
Physical networks require manual provisioning, which slows down application deployment times and leaves room for human error. Fortunately, there's a solution to this problem: network virtualization. Network virtualization abstracts network traffic from the underlying physical network and combines network resources into independent secure channels. This improves network speed, security and scalability, and provides organizations with a central management system.
Network function virtualization (NFV) takes the concepts behind network virtualization (NV) a step further. NFV abstracts network services and applications, such as load balancing and firewalls, from proprietary hardware. The long-term goal of NFV is to eliminate the need for dedicated hardware devices, reduce overall costs and increase agility and flexibility.
Now that you know the basics, take a look at these five quick tips to learn more about NV and NFV.
The benefits of software-based networking
Network virtualization has expanded to the realm of software-based systems and has brought with it a number of benefits. Gone are the days of manually provisioning and modifying hardware-based networks; developers can now design applications abstracted from network resources. This level of abstraction is especially beneficial to automation.
Network automation eliminates the human element from network deployment, configuration and management, which saves time and reduces the risk of human error. Network automation allows businesses to scale to meet the complexity of distributed applications, improve quality of service and network security, reduce operational costs and more -- but it's not without its challenges.
Behind the scenes, it's still difficult to deploy and manage physical and network resources. There's also the challenge of choosing an appropriate NV vendor. A number of companies have NV products in the works, but their efficacy remains to be seen. That said, software-based networking and network automation is still valuable, so long as enterprise IT professionals carefully evaluate the available products.
NSX boosts efficiency, security
VMware is one of the biggest players on the field of network virtualization. VMware's NV product for software-defined data centers, NSX, enables administrators to consume and repurpose physical network resources on demand. NSX does this by decoupling the network control plane from the underlying physical hardware and attaching network configuration to the VM. NSX also improves security. If it discovers a virus or malware on a VM, NSX encases that VM in a firewall and places it in quarantine.
NSX comes in three licensing editions: Standard, Advanced and Enterprise. Standard Edition covers the basics. It automates workflows, brings agility and reduces cost and complexity. Advanced Edition offers the same features as Standard, but allows third-party integration and adds greater security with microsegmentation. Microsegmentation is one of NSX's main selling points; it establishes a zero-trust safe zone around a designated set of resources and allows enterprises to set up granular network security. Finally, Enterprise Edition NSX offers the same capabilities as Advanced Edition but allows users to extend these capabilities across multiple domains. Although NSX has hit a few roadblocks in the past year, it remains popular for its agility, efficiency and security.
NFV unites data center networks
Once upon a time, network communications segmentation required separate network devices. Thanks to network function virtualization, that's no longer the case. NFV executes segmentation with network devices, which centralizes network configuration and reduces powering, cooling and racking requirements. Ideally, NFV breaks down the barriers between networking and operations staff members.
There is a clear distinction between network function virtualization and network functions virtualization. The plural form refers to a type of NFV that carriers and mobile operators drive and the standards maintained by the European Telecommunications Standards Institute. Also, be aware that, in some circles, NFV is referred to as network services virtualization or NSV. NFV/NSV virtualizes load balancing, security and local area network optimization in the data center.
Pros and cons of network function virtualization
The core of NFV's infrastructure is the virtual switch. Although it originated as a simple switch that provided Layer 2 connectivity between VMs on a single host, the capabilities of the virtual switch are now comparable to those of a top-of-rack switch. A step above the virtual switch is the distributed switch. A distributed switch is a virtual switch that stretches across multiple hosts. It creates a logical network overlay decoupled from the underlying physical underlay, and independent NFV devices run on this overlay, all of which is managed by a network controller. This structure enhances application and workload mobility and network segmentation -- also known as microsegmentation -- for virtualized workloads.
As previously mentioned, microsegmentation is one of the driving forces behind NV and NFV's popularity because it establishes a zero-trust policy to secure resources. Also, because the network control plane and data plane are abstracted from the physical network, they are highly agile and can run on any network, including cloud providers.
Despite these advantages, there are still drawbacks to NV. Some network controllers lack the maturity and visibility necessary to seamlessly manage a virtualized network. Virtual and physical network management lack standards. Finally -- and perhaps most frustratingly -- it's difficult to extend flexibility from the virtual network to the physical, especially on security domains across on-premises and public cloud resources. While it looks like NFV has the potential to seriously shake up IT, it still has a ways to go before it overtakes traditional IT practices completely.
An interview with NFV experts
According to experts Ken Gray and Thomas D. Nadeau, co-authors of Network Function Virtualization, NFV is an exciting technology with serious potential, but it is not without its flaws. NFV is useful for its agility and customization, but runs into trouble when it comes to complexity and security.
Furthermore, NFV has yet to fully live up to expectations: It hasn't made much of a difference in VM performance and has yet to evolve to meet data center needs, largely due to its complexity. Despite these concessions, Gray and Nadeau remain optimistic, pointing to NFV's success in over-the-top services consumption. Ultimately, the success or failure of NFV depends on its ability to adapt to the marketplace; it's too early yet to decide whether or not it lives up to the hype.
The evolution of NSX in 2016
Microsegmentation boosts virtualization security
Network virtualization's hybrid cloud benefits