Network operator, software vendor team up to allow NTT to deliver managed security services on-demand alongside its cloud services.

March 23, 2015

4 Min Read
NTT, UBIqube Team on Managed Security DevOps

When NTT Communications wanted to extend its managed security services to its enterprise customers who were moving into the cloud, the carrier intended to make those new services available through its customer portal in the same kind of on-demand fashion as the cloud services themselves. The challenge was extending the new functionality in a way that is seamless to the existing operations, and can be automated -- something NTT is doing across the board. (See NTT Communications Deploys UBIqube .)

NTT Communications Corp. (NYSE: NTT) opted to work with UBiqube Plc , to deploy its MSActivator Orchestration framework, and to also enter into a DevOps partnership with the software company. All of that was done with one goal in mind: integrating physical and virtual elements under a single orchestration process that would allow NTT to offer portal-based self-management of the full range of security services regardless of the equipment or vendor involved.

The DevOps approach is something NTT has done internally, says Kazu Yozawa, VP, Managed Security Service Taskforce, Corporate Planning at NTT Communications, both within its security group and in the broader context of NTT integration of IT and network. What is different this time around was the joint work of the NTT and UBIqube engineers, which was made possible by the MSActivator framework.

"We first applied this to our version of private cloud services, which are the set of service [customers] order through our customer portal," Yozawa tells Light Reading. "We are able to extract the customer information and the billing information automatically. But we needed to work together with UBIqube to match and connect through the API [applications programming interface] to the ordering system and the portal."

Within NTT's security business, the operational team collaborated with the development team on an advanced analytics engine, and on device management, he adds. The two teams work together through the implementation process and operations provides its feedback to development on changes needed, in an iterative fashion. Outside the security business, NTT is using a DevOps approach extensively, Yozawa says, including tying together its customer support and operations support teams.

"The DevOps approach will be expanding to become our standard approach especially for areas that are heavily operations focused," he says. In areas where NTT has already implemented automated processes, it becomes less important. The advantage to the DevOps approach so far has been speed to market, letting NTT compete more effectively, and identify and eliminate defects on the fly after service introduction.

UBIqube CTO Hervé Guesdon also expects this collaborative approach to become a "de facto industry best practice going forward," and a trend that accelerates with the deployment of network functions virtualization.

"This is a new agile way of designing network services we are already using with leading research labs and telco labs globally, particularly around NFV trials" of virtual CPE and virtual security," Guesdon notes in an email. "It is an operationally sound implementation of MANO-compatible orchestration principles in real live deployments."

MANO is the industry shorthand for management and network orchestration, the part of the NFV architecture that knits together virtual and legacy network components, among other things.

Read the latest on issues around network security in our dedicated security section here on Light Reading.

UBIqube didn't set out to create a network orchestrator but that has been the end result, as the company's software is being used to glue together the many different components needed to deliver a service in the virtual realm, says Nabil Souli, CEO and chairman.

"One fundamental thing that makes us different from other companies that are developing these software solutions is what we came at it by addressing a problem in the physical world at the edge of the network -- by trying to solve the problem where you have the most devices in terms of sheer numbers, and where you have the most vendors," Souli says in an interview.

In order to provide a managed security infrastructure, UBIqube created an object-based abstraction layer that, once virtualization hit the telecom world, grew into the MSActivator management framework. New elements and new vendors are added as new objects, without the need for massive integration efforts, or additional vendor-specific management capabilities.

"Having approached the design of our framework in a very pragmatic field-driven way has led to 'agility by design' in the code to adapt to all use cases encountered and empower the community with the means to customize services on the fly," Guesdon says.

UBIqube uses a device adaptor to communicate to and push service-specific configuration updates onto devices, using the command language interface (CLIs) that is vendor-specific or other industry-accepted languages and has a software development kit for creating the specific syntax required. Adding new vendors is generally as simple as creating new objects, without affecting what's already deployed and in use.

As the telecom industry is preparing to adopt NFV and SDN, the ability to implement orchestration as a layer of abstraction has become more important and is generating more interest for the privately funded software company, headquartered in Ireland. Most recently, UBIqube was announced as the VNF manager for the Orange Business Services deployment of NFV services for small-to-midsized businesses. (See Orange Unveils NFV-Based Offering for SMBs.)

— Carol Wilson, Editor-at-Large, Light Reading

Read more about:

Subscribe and receive the latest news from the industry.
Join 62,000+ members. Yes it's completely free.

You May Also Like