In a 2016 SDxCentral analysis article — NFV Will Drive Enterprise SDN Adoption — the potential benefits of enterprise network functions virtualization (NFV) were characterized in the following way: “From both a capital expense and operational cost perspective, NFV is just too compelling an advance for IT organizations to ignore.” Further bolstering the case for enterprise NFV, a recent market research report published by ACG Research suggests the total cost of ownership (TCO) of NFV versus physical appliances could be as much as 62 percent lower.
However, industry surveys and analyst reports, including the 2016 Guide to SDN and NFV published by Webtorials, generally indicate that less than 15 percent of enterprises have deployed NFV somewhere in their production environment. On the other hand, over 50 percent are exploring their options in terms of NFV strategies and vendors. So the question is: with all of the potential upside that NFV offers for IT operations, why aren’t enterprises pulling the trigger? From what we at Array Networks can discern, it appears it boils down to three major categories of inhibitors:
- Organizational disruption, skills deficits and associated risk
- Performance (SLAs) and security (compliance) challenges
- Uncertainty (market maturity) and/or unquantifiable ROI
In essence, while the end state vision for NFV, as well as software-defined networking (SDN), is highly compelling and very desirable, potential pitfalls and related consequences are causing organizations to take a cautious approach. So let’s take a closer look at these inhibitors to better understand them, and discuss strategies aimed at helping enterprises get off the fence and on the path toward NFV.
Organizational Disruption and Skills Deficits
The concern is that networking teams understand networking and often operate in their silo; this is often also true of application, security, server, and virtualization teams. NFV spans all of these areas of operation and as a result runs the risk of devolving into organizational gridlock.
NFV also might require skills not possessed by existing teams. This includes choosing the right server and server configuration, hypervisor management, resource allocation, and service chaining. Without the requisite knowledge and expertise, NFV initiatives will ultimately fail.
The key to avoiding these risks is to seek out NFV platforms that can be purchased and deployed by any IT team, without the need for advanced virtualization expertise or assistance from virtualization groups. Emerging NFV platforms are capable of abstracting hypervisor management, CPU pinning, Non-Uniform Memory Access (NUMA) boundary settings, Single Root Input/Output Virtualization (SR-IOV), drivers, physical and virtual port mapping, and many other tasks.
These same platforms allow for simplified creation of service flows between virtual functions – again eliminating the need for specialized skills and allowing enterprises to become more software-centric in the near-term with minimum operational or organizational disruption.
Performance and Security Challenges
Many enterprise applications are business-critical and feature high-volume traffic, complex configurations, and strict requirements for compliance and end-user experience. Anticipated NFV benefits such as reducing the time needed to deploy services or becoming more agile and efficient in the use of IT infrastructure do not outweigh the cost to the business should applications go offline, underperform, or become compromised.
Because servers were originally designed for application workloads — not networking and security workloads — general-purpose hardware, hypervisor overhead, virtual machine (VM) contention, and virtual switches can all conspire to rob enterprise applications of the performance needed to meet and maintain necessary service level agreements (SLAs). In addition, the very nature of shared virtual environments can fly counter to the isolation often required to meet compliance requirements.
To mitigate these challenges, new NFV platforms are emerging capable of reserving and assigning hardware resources (such as CPU cores, hardware-accelerated SSL, memory and physical and virtual interfaces) for each virtual function. The result is an approach that combines the agility of cloud and virtualization with the performance of dedicated hardware appliances. This approach also provides demonstrable isolation in terms of independent operating systems with partitioned management in order to fully address inhibitors associated with performance and security.
Uncertainty and Unquantifiable ROI
Another key concern regarding NFV is uncertainty, as well as the need to establish demonstrable return on investment (ROI). Another way to frame this concern is that the promise of increased agility and reduced capital expenses and operational costs can seem vague when not tied to a specific implementation or use case.
One of the best ways to mitigate this inhibitor is to look for NFV platforms and approaches that are capable of providing proven and needed capabilities today, while laying the foundation for broader NFV adoption in the future.
For instance, if an organization has a need for next-generation firewall, web application firewall, or application delivery controller (load balancing) products, an NFV platform could support these functions in a way that provides significant multi-tenancy and consolidation advantages. Rather than refreshing dedicated hardware appliances with a new batch of expensive fixed hardware appliances, the same needed capability can be delivered using an NFV platform.
Should the enterprise decide not to pursue a broader NFV strategy, or to take a different approach to NFV down the road, ROI for the initial NFV platform purchase has already been achieved through supporting needed and well-established networking and security functions. Should the enterprise adopt a strategic NFV focus and find that they are already on a solid foundation, further ROI will be realized.
A key to tipping the scales in favor of enterprise NFV adoption will be shining a light on the unknown, addressing inhibitors, identifying select use cases, and seeking out approaches capable of delivering on the promise of NFV while avoiding risk and potential pitfalls. By seeking out emerging platforms that address organizational disruption, skills deficits, performance and security challenges, and the need for demonstrable ROI, the 50 percent of enterprises currently exploring their NFV options should be able to hop off the fence and confidently start their journey towards SDN and NFV.