Dave Martin is vice president of product management at Edgewater Networks, which provides voice-centric, business-class customer premises equipment (CPE) solutions that communications service providers use to offer managed services.
What impact do you see NFV having on Edgewater customers and how they offer managed services?
Martin: NFV is poised to dramatically alter the way our customers build and maintain their networks. The benefits of moving to a software-based infrastructure are incredibly compelling: lower opex, reduced reliance on proprietary and expensive hardware, and faster time to market with new services. Internet application companies such as Google, Facebook, Apple, and others have demonstrated that you can build cost-effective, reliable software-based services that scale to millions of users while maintaining an agility normally associated with only smaller companies. It’s clear from our customer conversations, the large number of proof-of-concept trials, and the overall industry response to NFV that service providers are wholeheartedly adopting this new approach to managed services delivery.
What are the types of end customers who consume Edgewater-driven managed services via a service provider?
Martin: Our service provider customers use our products to ensure secure and reliable delivery of IP-based services. Edgewater has worked for more than a decade with more than 200 carriers, CLECs, MSOs, OTT providers, and systems integrators to deliver the world’s most advanced managed voice and data services. Customers use our products to deliver SIP trunking and IP PBX services, and we have shipped more than 6 million voice sessions supporting an estimated 18 million end users. Our end users span all the traditional verticals, but they have one thing in common: They require a service that simply must work, every time, all of the time. Our customers now look to supplement their managed voice services with managed security services. Specifically, they are seeing interest from end users in unified threat management (UTM) solutions that provide strong security by including firewall, antivirus, IDS/IPS and URL filtering in simplified bundles.
What are the key end customer and service provider challenges today for delivering managed services? What’s changed?
Martin: At a high level, the overall challenges for both end customers and service providers have not changed dramatically over the years. End users still are looking for value, innovative functionality, and reliability, while service providers are seeking to meet these needs at the lowest cost possible. What has changed is that the managed services landscape has become increasingly complex from a technology standpoint. This has placed stress on the service provider whose business model is increasingly relying on managed services as a means of increased revenue and differentiation. Also, this technological complexity is making it more difficult for end users to adequately secure their network.
What types of services are end customers asking their service providers to deliver to solve these new challenges?
Martin: We are seeing an increased demand in managed security services. The complexity and cost of today’s security technologies have outpaced the ability of many small- and medium-sized businesses (SMBs) to protect themselves. In a recent study by Verizon of 855 security incidents, more than 70 percent occurred in organizations of 100 people or fewer. The breakdown of the traditional network perimeter due to BYOD, mobility, remote workers, internal Wi-Fi hotspots, and the increased adoption of cloud services have combined to put adequate security beyond the reach of the SMB. As a result, many SMBs are turning to their service providers for help in securing their networks.
How do service providers solve these problems today? How well are their solutions coping with evolving challenges?
Martin: The predominant model of introducing new services to the end user today is to “add a box” at the customer premises. That is: add a firewall, add a web proxy server, add an IDS/IPS, add an ESBC to secure voice, and so on. As more services are introduced, they often require additional specialized appliances. Many service providers have reached a tipping point where the cost and complexity of so much hardware at the customer premises reduce profitability and prevent scale. Also, from a security perspective, it is critically important to fix vulnerabilities as quickly as possible. As new threats are discovered, it takes way too long using the add-a-box model to update policies, upgrade system software, or introduce new technologies across several devices. This method of delivering managed security services unnecessarily increases the exposure and risk for the end user.
Given the challenges traditional approaches face delivering SMB security solutions at the right scale and price points, how can NFV enable a next generation of managed services?
Martin: A completely new approach is required to deliver security services at scale to SMB customers. The SMB represents a huge, untapped market for service providers that has been difficult to reach due to the traditional approach of delivering security services. Today, most providers simply replicate firewall instances for each customer or deploy a series of security appliances per customer at the edge or in the data center. This approach has worked for the enterprise, but it quickly breaks down when trying to extend the model to the sheer number of SMB prospects. The software-based nature of NFV simplifies service orchestration and enables the service provider to rapidly provision and manage new security services through APIs or intuitive GUIs. NFV also opens up the opportunity for the end customer to “self-provision” new services through web-based portals.
It sounds like you are advocating for a new type of NFV platform focused on managed security services for SMBs. What should service providers look for in an NFV-based managed services platform?
Martin: Service providers should choose a vendor and NFV solution that enables them to pursue immediate business opportunities but also achieve their vision for a longer-term services delivery platform. The NFV solution should offer an API for automation and testing, it should support the ability to load third-party commercially available software for best-of-breed offerings, and it should be multitenant to deliver economies of scale. Finally, in a security context, it should provide sophisticated but easy to use analytics that enable the service provider to spot new exploits and then patch to the community at large quickly.
Should customers know or even care if their managed security services are NFV based?
Martin: Absolutely. Security in general is a “measure/counter-measure” world where new exploits are discovered and remediated with regularity. Unfortunately, IT administrators are never done when it comes to securing critical company assets. Those considering a managed security service should ensure that it is NFV based because this architecture enables the service provider to introduce new security technologies and policies at the greatest speed possible. The faster you can identify and resolve security vulnerabilities, the less the overall risk.
What should service providers be doing today around NFV for managed services?
Martin: We see many service providers starting internal trials, issuing RFIs or surveys, and asking vendors for their longer-term NFV roadmaps. They are in the process of identifying the business and technical benefits of this new approach to services delivery while thinking through the impact to their overall operations. If service providers are interested in learning more about NFV, they can download our latest white paper or contact us directly.