By now it's been well established that NFV provides important benefits to service providers. Not only does it provide cost savings by reducing operational costs and truck rolls to deploy new hardware, but it also improves the speed with which new network services can be introduced. Along with that flexibility, however, there are important considerations for companies to keep in mind, particularly when moving Domain Name System (DNS) infrastructure to an NFV implementation.
Security is one area in which moving DNS architecture to NFV raises unique security considerations. With software managing more of the networking functionality than ever before, a rethink of traditional protection should accompany the change. Many operators are still running open source or commodity software to protect the virtualized environment, but that entails risks they may be unaware of. Here are a few concerns that highlight the need for an intelligent approach to security in NFV.
With DNS-related security issues requiring additional attention as carriers adopt NFV, they should ensure that their security environment meets these requirements.
With each new generation of technology, network planning has had to work to manage the risks while gaining the rewards, and NFV is simply the next step in creating tomorrow's highly dynamic, automated networks. When service providers proactively address security during the implementation process rather than as an afterthought, the result is a flexible, transparent network that meets immediate and future needs while keeping valuable resources safe.
— Dilip Pillaipakkamnatt, Vice President, Service Provider Business, Infoblox Inc.