NFV Strategies

'Job Security' Biggest SDN Security Challenge

Network virtualization requires deep cultural shifts for carriers, changes that executives, managers, and staff may find it difficult to keep up with, said Dan Pitt, executive director of the Open Networking Foundation, at a panel at Light Reading's Next-Generation Network Components events in Santa Clara, Calif., last week.

Network rules are changing, but carriers often don't keep up. For example, network operators are still obsessed with achieving five nines of reliability for their equipment, when the important thing is five nines for the service. That's what hypercloud providers like Google (Nasdaq: GOOG) and Facebook do -- they expect individual components to fail regularly, and build in redundancy so the whole service remains up and accessible, Pitt said.

Network operators unable to make the shift to the new way of doing things will find their jobs at risk, Pitt said.

"The biggest security challenge in SDN and NFV is job security," he said.

Dan Pitt, Open Networking Foundation; Charlene Marini, ARM; Peter Marek, Advantech; Dan Nilsson, Tieto; and Heavy Reading analyst Simon Stanley (l-r) discuss the issues.
Dan Pitt, Open Networking Foundation; Charlene Marini, ARM; Peter Marek, Advantech; Dan Nilsson, Tieto; and Heavy Reading analyst Simon Stanley (l-r) discuss the issues.

Pitt's message isn't new, but it's important and bears repeating. I discussed it with him a bit after the panel. Traditional network management means managing hardware, rolling trucks and installing equipment on-site. Virtual networks requires configuring software -- more precisely, managing the code that manages the networks. Managing that code requires familiarity with IT tools such as NETCONF and Yang, while traditional network management software relied on command-line interfaces.

That's a big change for network operators. The Open Networking Foundation , an SDN advocacy group, is looking to ease the transition with a skills certification program. (See ONF to Announce SDN Skills Certification Program.)

SDN and NFV face other challenges. Building ecosystems will prove challenging, said Dan Nilsson, director of pre-sales and business development at Tieto Corp. These ecosystems need to include to deliver service level agreements, testing and management layers.

Scaling out compute elements and making sure packets get delivered where they should to the right virtual machine will be another challenge, said Peter Marek, senior director of x86 solutions at Advantech Co. Ltd. "That's more than generic switching silicon can do," he said. A single 100Gbit/s pipe might contain a million flows.

"The need for speed is unbroken," Marek said. Network speed will double and triple over the next several years.

Learn more about learning more at our skills and training channel.

Maintaining industry momentum will be another challenge, added Charlene Marini, vice president, embedded segments, ARM Ltd. . The previous 18 months to two years has seen an explosion of proofs-of-concept and discussion, and they'll need to keep moving.

A year ago, operators thought commercial deployment was six months away. Now it's still not there. Full-scale deployments will take time, Nilsson said.

Going up the hype curve happens fast, but getting real products out there is slower, added Pitt. Traditional vendors will move as slowly as possible to preserve their investments.

Previously: ONF Expands OpenFlow Compliance Testing.

— Mitch Wagner, Circle me on Google+ Follow me on TwitterVisit my LinkedIn profileFollow me on Facebook, West Coast Bureau Chief, Light Reading. Got a tip about SDN or NFV? Send it to [email protected]

Page 1 / 2   >   >>
sam masud 11/17/2014 | 2:29:39 PM
No way I'm not sure I'd agree with Dan that the "biggest security challenge in SDN and NFV is job security." I think as we to to a vartualized eco-system, the security challenge will multiple because now we would not just be talking about security of individual boxes, but security for the whole shebang.
TomNolle 11/16/2014 | 1:57:53 PM
Re: Don't Minimize the Challenges I think all the OTTs have done a great job at optimizing network engineering for their application, but I also think that in many ways a large enterprise has a harder job.  They don't have a single application.  They have to support multiple levels of performance, security.  They probably have to support multiple platforms, and a whole passle of regulatory issues.  I think we need to re-learn network optimization, but I also think that optimization always has to be in the eye of the beholder (or optimizer!)
danielcawrey 11/16/2014 | 1:52:16 PM
Re: Don't Minimize the Challenges Companies like Facebook and Google have changed the way networking engineering is done, probably to the chargrin of existing IT professtional. 

But I like these changes. I think they are important to the industry as cloud reliability is more important than just network reliability. You can have service, but if it is not connecting into the the right data in the cloud, it is worthless. 
TomNolle 11/16/2014 | 7:30:39 AM
Re: Don't Minimize the Challenges I don't, Joe.  However, I was never called as a witness so I'd suspect that the vendor reached an accommodation with the customer out of court.
Joe Stanganelli 11/16/2014 | 12:17:46 AM
Re: Don't Minimize the Challenges Tom: Despite the failings of the employee who relied on those representations without checking them, I imagine the vendor would have faced some pretty significant liability.  Do you know what the legal fallout was?
Joe Stanganelli 11/16/2014 | 12:16:21 AM
Re: Don't Minimize the Challenges @seven: It really highlights the necessity of constant uptime.

So many SaaS providers and the like like to brag things like "99.5% uptime!"  Well, that means that you have no service for 43 hours and 48 minutes every year.  When is that downtime?  When is that maintenance?  And how does this work with business needs?
mhhf1ve 11/14/2014 | 5:08:55 PM
The challenge is... Operators need to do both -- be able to roll trucks and maintain five9s of service AND deploy fault-tolerant services where possible. Newer OTT players don't need to bother with the truck rolls, so they're inherently more nimble about development.

Maybe someday when the network is truly distributed (hardware is all customer owned and mobile?) then operators wont need to worry about the truck rolls so much....
Atlantis-dude 11/14/2014 | 3:51:09 PM
Besides jobs how much does it affect the business model of the carriers?
TomNolle 11/14/2014 | 1:50:51 PM
Re: Don't Minimize the Challenges You can load-balance transactions like clicks onto an alternate server without the user even knowing it, though clicking again is always an option and most aren't aware of the fact they had to do it--it's second nature.  Replacing a failed trunk or device is another matter.

I don't think SDN threatens people's careers either, except perhaps at the equipment vendor level.  Where you might see job losses would be where SDN reduced opex, which is the same as saying "reduced headcount".  You might find people who knew (for example) Cisco routers and were threatened by SDN, but more of them would be working at Cisco than working at a network operator.

As far as SDN happening, it's a statistically insignificant portion of current capex.  Yes we have trials and some applications, but the money is being spent elsewhere for now.  Which is why I think SDN supporters should be looking at the benefit and risk analysis and figuring out why that is.
Mitch Wagner 11/14/2014 | 1:37:13 PM
Re: Don't Minimize the Challenges Tom, I don't think Dan is saying SDN adoption is slowed by network operators. I think he's saying it's happening and it threatens' operators' careers. 

As for Google and Facebook simply being able to reload pages that fail to come up -- how often does that happen? I can't remember it ever happpening. Reddit sometimes fails to load for me, but Google and Faecbook are always there. Even on Twitter, the "fail whale" hasn't shown up in a long, long time. 
Page 1 / 2   >   >>
Sign In