What does the USDA’s National Information Technology Center (NITC) think of that? Rick Kundiger, the center’s chief of enterprise architecture, shrugs it off. His organization already runs a lot of networks.
“We have provisioned another network for NSX. We haven’t found it’s complicated. I suppose in a small company, it could be a problem, but for a large organization, it’s par for the course,” he says.
Kundiger and the NITC have placed their bet on VMware’s NSX for a major migration to software-defined networking (SDN). He likes a lot of the capabilities NSX provides, and it had one key advantage over Cisco’s Application-Centric Infrastructure (ACI): It existed, albeit as a pending Nicira product at the time.
ACI “looks great on paper,” Kundiger says, and he’ll look at it eventually — but he was shopping before the ACI marketing machine had kicked into gear.
That factor accounts for at least some of NSX’s head start against other network virtualization and SDN platforms. Earlier this week, VMware announced that NSX, which started shipping in October had 150 customers and was selling at a rate of $100 million per year.
Competing With Amazon
The NITC is a cloud provider within the USDA. Yes, that’s the U.S Department of Agriculture, the same agency in charge of things like the swine genome project — but the NITC itself is no cowtown operation. Its charter includes hosting the networks and applications of other government agencies, and it does compete with the likes of Amazon Web Services to collect fees for those services.
Oddly enough, NITC is the only government-based provider with Federal Risk and Authorization Management Program (FedRAMP) certification, which is required for selling cloud services to other federal agencies. Plenty of companies are FedRAMP-approved, including IBM and Microsoft (Azure got certified in September), and Amazon has RAMP certification with at least one agency. The point is — that’s the competition he’s facing: the usual cloud providers everybody has heard of, including the biggest one.
In that arena, NITC had been facing the usual struggle to provision services quickly. Virtual machines were easy enough to create, but to initiate functions such as firewalls or IP connectivity took the involvement of disparate groups. “It takes a good amount of time just to get the underlying network transport layer down,” Kundiger says. “Whether that takes a week or a month, it’s too long.”
Nearly two years ago, Kundiger and the NITC got challenged by the office of USDA CIO Cheryl Cook to find a better way to provision services. “We were given a 90-day period to come back with a proposal of where we should go,” he says.
Around this time, SDN was breaking through to mainstream attention, so Kundiger’s team started looking in that direction. “The integrator we were working with had a number of options, and Nicira was far and away the best,” Kundiger says.
Readying NSX for Production
The product that would become NSX got glommed onto the NITC’s OpenStack platform, and the NITC has been refining the deployment since then. The whole thing is stable enough to let customers play around on the network, but it’s being released to full production only now, after one final update — a “dot-x revision,” Kundiger says.
Yes, that’s a long span between a 2012 decision and a 2014 deployment. Some of that has to do with the time to procure the products; Kundiger had to get all this approved by the government, after all.
The NITC is still getting a feel for its options in a more agile, virtualized environment, but Kundiger has some ideas. Old applications won’t simply be converted into virtual machines that sit inside a fence for customer isolation. Kundiger wants to extend those fences to reach across the WAN into other data centers.
“There are ways of reaching out with SDN that we otherwise wouldn’t be able to do,” at least not without a time-consuming, budget-eating hardware buildout, he says.
“The main theme is speed, agility, and enablement,” he adds, noting that it’s appealing to consider an automated network that users can provision themselves. “A lot of government data centers and systems are restricted in terms of what the consumer of that service can do.”
Here’s some more about ACI and NSX.
- VMware’s NSX is a $100M Business
- More ACI-Related Bits from Cisco Live 2014
- Cisco Spruces Up ACI for Center Stage at Cisco Live
- Cisco Plans to Give Away APIC Enterprise Module
- Cisco’s APIC Will Ship As an Appliance
- VMware, Biting Back at Cisco, Claims 100 NSX Customers