Lessons from 5 Years of Network Function Virtualization | Interop NY Presentation from Chris Swan

copyright 2013

Lessons from 5 Years of Network Function VirtualizationChris Swan, CTO - CohesiveFT@cpswan

1

Tuesday, October 8, 13

copyright 2013

AgendaIntroducing Network Function Virtualization (NFV)The Networking Declaration of IndependenceBusiness use cases:• Wave 1 - bursting and containment• Wave 2 - hubs and spokes• Wave 3 - winning back control

Technical use cases

Summary2


copyright 2013

What isNetwork Function Virtualization?

3


copyright 2013

NFV is a networking Swiss Army knife

Firewall

Dynamic & Scriptable

SDN

Protocol Redistributor

IPsec/SSL VPN concentrator

Router Switch

NFV

Hybrid virtual

device able to extend to multiple

sites

Application SDN (Software Defined Network) Appliances • Allow control, mobility & agility by separating network location and

network identity • Control over end to end encryption, IP addressing and network topology

4


copyright 2013

A technical use case overview

5

Customer Data CenterCustomer Remote Office

NFV

Overlay NetworkSubnet: 172.31.0.0/22

Overlay IP: 172.31.1.1 Overlay IP: 172.31.1.5 Overlay IP: 172.31.1.9 Overlay IP: 172.31.1.13 Overlay IP: 172.31.1.17 Overlay IP: 172.31.1.21Cloud Server A Cloud Server B Cloud Server C Cloud Server D Cloud Server E Cloud Server F

Active IPsec Tunnel Active IPsec Tunnel

Failover IPsec Tunnel192.168.4.0/24 - 172.31.1.0/24192.168.3.0/24 - 172.31.1.0/24

Firewall / IPsec Cisco 5505

Firewall / IPsecCisco 5585

Data Center Server

Data Center Server

LAN IP: 192.168.4.50 LAN IP: 192.168.4.100

User Workstation

LAN IP: 192.168.3.100

User Workstation

LAN IP: 192.168.3.50

Chicago, IL USARemote Subnet: 192.168.3.0/24

London, UKRemote Subnet: 192.168.4.0/24

Public IP: 184.73.174.250Overlay IP: 172.31.1.250



Peered Peered

US East 1 EMEA

NFV

NFV

APAC


copyright 2013

Providers and Customers have different concerns

Layer 0

Layer 4

Layer 3

Layer 2

Layer 1

Layer 5

Layer 7

Layer 6

Virtualization Layer

Hardware Ownership

Layer

Limits of access, control, & visibility

Application Layer

Provider Control

Use

r C

ontr

ol

Service Provider SDN starts at the bottom of the network with the "device" and network flows.

Application SDN (using NFV) begins at the top of the network with the enterprise application, its owner and their collective technical and organizational demands.

6


copyright 2013

Positioning - NFV and SDN

7


copyright 2013

Networking Declarationof Independence

8


copyright 2013

Nicira’s “declaration of independence” from metal,freed NFV from OpenFlow

9

+

http://nicira.com/sites/default/files/docs/Nicira%20-%20The%20Seven%20Properties%20of%20Virtualization.pdf






copyright 2013

These same properties free NFV from the“constraints” of OpenFlow (technology, timing and target)

10

Nicira defined the 7 Properties of network virtualization as:

1. Independence from network hardware2. Faithful reproduction of the physical

network service model3. Follow operational model of compute

virtualization4. Compatible with any hypervisor

platform5. Secure isolation between virtual

networks, the physical network, and the control plane

6. Cloud performance and scale7. Programmatic networking provisioning and control


copyright 2013

With VM-based network devices you can use the cloud network as “bulk transport” and are indifferent to all else.

Independence from network hardware

11

Customer Data Center

NFVStandard IPsec Tunnel

Firewall / IPsec Device

Data Center Servers

Overlay IP: 172.31.11.xx

Public CloudRegion 1

IP: 192.168.1.xx LAN

Cloud Server Cloud Server

Overlay Network


copyright 2013

NFV devices “look” and “feel” like the same networking devices customers have used for ever, without boundaries

Reproduction of physical network model

12


Standard IPsec Tunnel

Data Center Servers

Virtual Network

Cloud Server


Overlay Network

Data Center Servers

Cloud Server

NFV


copyright 2013

Follow operational model of compute virtualization

13

NFV NFV NFV NFV

NFV functions can be dynamically brought on-line, up to the elastic limits of the total infrastructure available (!!)


copyright 2013

Compatible with any hypervisor platform

14

NFV does more than “follow” the model of compute virtualization, it exists via compute virtualization.

Public Clouds

Virtual Infrastructure Private CloudsCloud


copyright 2013

Secure isolation

15

Isolation takes many forms: from underlying infra, allow my protocols, keep my “chattiness” in, keep others out, etc..



Overlay Network



Overlay Network



Overlay Network



Overlay Network


copyright 2013

Secure isolation

16

Isolation takes many forms: from underlying infra, allow my protocols, keep my “chattiness” in, keep others out, etc..

User Workstation User Workstation

Data Center Server


copyright 2013

Cloud performance and scale

17

Where NFV really shines today, create a WAN in minutes, use cloud as points of presence for your business

Customer Data CenterCustomer Remote Office

NFV

Overlay NetworkSubnet: 172.31.0.0/22

Overlay IP: 172.31.1.1 Overlay IP: 172.31.1.5 Overlay IP: 172.31.1.9 Overlay IP: 172.31.1.13 Overlay IP: 172.31.1.17 Overlay IP: 172.31.1.21Cloud Server A Cloud Server B Cloud Server C Cloud Server D Cloud Server E Cloud Server F

Active IPsec Tunnel Active IPsec Tunnel

Failover IPsec Tunnel192.168.4.0/24 - 172.31.1.0/24192.168.3.0/24 - 172.31.1.0/24

Firewall / IPsec Cisco 5505

Firewall / IPsecCisco 5585

Data Center ServerData Center ServerLAN IP: 192.168.4.50 LAN IP: 192.168.4.100User Workstation

LAN IP: 192.168.3.100

User Workstation

LAN IP: 192.168.3.50

Chicago, IL USARemote Subnet: 192.168.3.0/24

London, UKRemote Subnet: 192.168.4.0/24




Peered Peered

US East 1 EMEA APAC

NFV

NFV


copyright 2013

Programmatic networking provisioning & control

18

+http://maxoffsky.com/code-blog/building-restful-api-in-laravel-start-here/

Cloud Compute and Network APIs + NFV Device APIs allow previously unimaginable flexibility and power

Public Clouds

Virtual Infrastructure Private Clouds

Cl


http://maxoffsky.com/code-blog/building-restful-api-in-laravel-start-here/

http://maxoffsky.com/code-blog/building-restful-api-in-laravel-start-here/

copyright 2013

Business Use Cases

19


copyright 2013

Wave 1Bursting and Containment

20


copyright 2013

Mutual fund securely extends HPC grid resource

Highlights:

Automatically flex existing HPC solution up and down by bursting into public cloud.

Image management tool configured and contextualized nodes in custom cloud environment.

Used existing workload manager / grid engine software / vendor to extend their grid.

Significantly reduced infrastructure costs, while increasing flexibility and responsiveness.

The Goals: Large Mutual Fund (LMF) must reduce the time to results. They seek an on-demand, lower cost capacity expansion.

Security & Compliance:

• Guaranteed customer control of the network layer

• Visibility, insight and control over the infrastructure

• Swapped out physical infrastructure with IaaS on a pay as you go basis

• Vendor neutral, more than one cloud

• Natural look and feel of a existing grid extension

• Encrypted data in motion, end-to-end

LMF needed more security and control than public cloud to “extend” their existing grid on the same IP network.

Outcome:LMF seamlessly flexes their grid up and down with an overlay network for the EC2 grid compute nodes with NFV.

Fund bursts into public cloud to extend HPC

Private Data Center

NFV

US-east-1

Active IPsec Tunnels

Firewall / IPsec

Data Center Node

Boston, USA

Node

US-west-1

Overlay Network

Peered

Node

Node

NFV

21


copyright 2013

Mobile provider creates secure dev/test environments

Highlights:

Wanted speed for dev/test but couldn’t sacrifice security

Challenged to improve quality and amount of testing with multiple vendors

Telco had insufficient hardware resources and lacked initial install media

Guaranteed consistency with identical topologies in virtual network

The Challenge: Our customer needed a solution when traditional dev/test processes created a 3 month bottle neck in getting services to market.

The customer wanted to use cloud for dev/test environments on-demand, and to migrate 10 year old Oracle, Stellent Tibco, and Websphere images to AWS and VMware environments.

They needed to securely connect two developer offices and dev partners in a third office.

The Outcome:Functionally equivalent multi-tier distributed system ran both in AWS and VMware to give testing capacity on demand from a public cloud and production on premise.

Ensured consistent topologies within secure virtual networks.

AD Configuration with Dual NIDs

Developer Office

NFV

US-east-1

Active IPsec Tunnels192.168.4.0/24 - 172.31.1.0/24

Firewall / IPsec

USA

User WorkstationUser Workstation

Partner Data Center

Firewall / IPsec

Data Center Servers

Private Cloud

Peered

Hybrid Network

Virtual MachineVirtual Machine

NFV

22


copyright 2013

UK non-profit reduces CO2 with IBM SmartCloud

Highlights:

Energy Savings Trust (EST) needs to analyse data while keeping costs to a minimum

Must gather, analyse, and compute big data sets and graphically display usage

Non-profit securely connects and automates in Smart Cloud

"The services we provide […] make it possible to achieve energy efficiency targets faster and at less cost." - Will Rivers, Housing Data Manager, Energy Saving Trust

The Challenge: EST has over 20 years of energy data with 250M data points on 25M households, and wanted to both grown compute resource while saving costs.

“IBM SmartCloud means that the services we can offer are no longer constrained by the limitations of our on-site hardware,” Simon Elam, Programme Manager, Energy Saving Trust

The Goals:

• Encourage energy efficiency through real-time data and energy maps

• Collect and analyst large sets of public utility and energy data

• Create maps with geographic information system (GIS)

• Grow without impacting performance

Outcome:CohesiveFT and Assimil8, both IBM Business Partners, helped migrate and connect EST’s IBM software running in IBM SmartCloud Enterprise.

Energy Savings Trust analyzes data in SmartCloud

On-Site Hardware

NFV

Active IPsec Tunnel

UK

Firewall / IPsec

Data Center Servers

Virtual MachineCloud Server

Ehningen

23


copyright 2013

US Sports Association flexes up and down during large annual events

Highlights:

Added capacity without the hardware, overhead and management costs

Wanted to scale and control capacity

Secure communication with partners, customers and media members with a cloud-based solution

Secure, encrypted data in motion and access to data center with NFV

The Situation: A US National Sports Association looked to public cloud to expand capacity for an annual live, international sporting event.

Challenge: For a few days a year, the network and servers must react, scale quickly without any outages.

Information could not be unsecured beyond the DMZ - data in plain text was not an option.

Solution Featured:

• Scalable with the capacity needed around global events

• Encryption for all data in motion• Overlay network on top of public cloud

infrastructure• Perpetual license to accommodate scaling needs

Capacity expansion: meeting game day demand

Main Offices

NFVActive IPsec Tunnels

New York, NY USA

Data Center

Virtual MachineCloud Server

us-east-1

Media Partners

Firewall / IPsec

EMEA, & US & ANZ

Workstations

24


copyright 2013

SaaS vendor reaches customers without on-site data centers or physical networks

Highlights:

Large independent logistics firm wanted to move to SaaS delivery model without burdening clients

Removed migration complexity without changing the business model or operations

Solved end client’s issues with on-site data centers and large software clients

Overlay network allows customer to deploy to any public cloud provider

The Situation: Mobile banking solution provider wanted to connect many financial institution customers to a cloud-based common platform to connect partners and customers

Challenges:

• Limited multi-tenant environments for customers to pass industry-standards tests

• Connectivity without the hurdles of traditional networks, data centers and enterprise rules

• Managing apps across different public and private clouds

• End customer security concerns

Outcome:The customer can offer a SaaS version of their BPMS where end customers can access it as if it were a subnet on their network.

The solution guarantees data in motion encryption.

The BPMS firm can now connect their clients’ software to cloud-based data centers without up-front, capital intense processes.

BPMS-as-a-SaaS without traditional complexity

Home Data Center

NFVActive IPsec Tunnels

Firewall / IPsec

Boston, MA USA

us-east-1

Customer Data Center 2

Peered

Federated CloudOverlay Network

NFV



Cloud-based SaaS tool

Failover IPsec

Private CloudData Center Servers

us-west-2

Berlin, DELondon, UK

25


copyright 2013

Wave 2Hubs and spokes

26


copyright 2013

Connect customers in a shared, private environment.

Highlights:

Customer switched from on-premise to cloud-based data analysis SaaS for retail clients.

Needed additional resources with secure, shared infrastructure.

Offered multitenant cloud-based services to customers and partners.

Created secure connections with both IPsec edge connectivity and SSL/TLS VPN

A retail data analysis firm wanted to expand cloud-hosted resources while securely link customers to a new cloud-based service.

Challenges:

• Guaranteed encryption for all data in motion and at rest.

• Overlay network to federate across any public cloud provider.

• Secure connections with both IPsec edge connectivity and SSL/TLS VPN

• Customer created a true Cloud WAN network with overlays and cloud providers.

Customer now manages more than 100 cloud environments across a mix of dev, internal IT, and customer implementation categories in a seamless “single network” mix.

Cloud “Meet Me Room”

Data Center

NFV


US

Firewall / IPsec

Data Center Servers

Virtual Machine

Customer Network UK

Browser-basedportal access

SaaS App

eu-west-1

Federated Multicloud Network

Cloud Server

27


copyright 2013

Firm extended offerings with global cloud points of presence

Highlights:

Offered global redundancy at dramatically lower cost than traditional infrastructure.

Needed secure connections to existing data centers and networks.

Access critical infrastructure “in region” without delays or capital of physical resources.

Global reach for products and global redundancy for security.

A global end point threat prevention company wanted to have global reach for cloud-based threat protection and virus scanning system.

Additionally, they wanted to ensure global redundancy using multiple cloud providers.

Customer Required:

• Working with multiple cloud providers and cloud regions

• Connections across clouds and down to existing physical data centers and networks

Outcome:• Guaranteed encryption for all

data in motion and at rest• Overlay network to

federate across any public cloud provider

• End customers can access critical resources without waiting for inter-continental lag times, at much lower costs.

Cloud WAN for global reach and redundancy

Data Center


Frankfurt, Germany

Firewall / IPsec

Data Center Server

Customer 2Tokyo, Japan

Workstations

APAC-1

Cloud W

AN

Peered

US East Coast

NFVPeered

OfficeLondon, UK

Data Center Server

NFV NFV

Netherlands

28


copyright 2013

Cloud WAN connectivity without the expensive assets or contracts.

Highlights:

Global reach for products and global redundancy for security.

Needed secure connections to existing data centers and networks.

Access critical infrastructure “in region” without physical resources.

Offered global redundancy at dramatically lower cost.

A pharmaceutical information systems firm wanted to integrate US-based offices together and to integrate offices to their cloud infrastructure.

Challenges:Offices had different hardware and software, networks and data needs. The firm did not want to invest in assets or long term contracts with vendors.

Solution Featured:

• Guaranteed encryption for all data in motion and at rest

• Overlay network federates across public cloud providers

• IPsec and data in motion encryption

• Customer created a true Cloud WAN with overlays and cloud provider edges.

Outcome: Each office connected to the cloud-based systems and also connected to each other using the cloud as network backbone.

Pharmaceutical system federates infrastructure

Data Center


New York, USA

Firewall / IPsec

Data Center Server

Medical Office 2

San Francisco, USA

US-west-1

Cloud W

AN

PeeredNFV

Peered

Medical Office 1

CustomerHospitalBoston, USA

Data Center Server

NFV

US-east-1

Salt Lake City, USA

Private Cloud

SaaS portal SaaS portal

29


copyright 2013

Connecting mobile banking customers to a common cloud-based infrastructure

Highlights:

Online & mobile banking company needed connectivity solution to meet regulatory requirements.

Financial customers could use a "security lattice" approach, encrypting all critical data in motion

Enabled customer to server end customers from a common platform.

Multitenancy model allowed customer to pass along cloud economies of scale.

The Situation: Mobile banking solution provider wanted to connect many financial institution customers to a cloud-based common platform to connect partners and customers

Challenges:Multi-tenant infrastructure required secure connectivity with minimal complexity and manpower expense.

Public cloud flexibility and savings plus additional security and connectivity.

Solution featured:

• Connections with standard IPsec equipment

• A connection “edge” to customer deployments and cloud infrastructure

• Encrypted data in motion

Outcome:Cloud-base banking platform brought customers online quickly at lower cost.

Multitenant cloud-based partner network

Data Center Server

Home Network

NFVEncrypted IPsec Tunnels

USA

Firewall / IPsec

Data Center Server

Virtual Machine


USA


UK

Data Center Server

Virtual Machine

Mobile Banking Platform

US-west-1

30


copyright 2013

Mobile provider improved quality in secure dev/test environments

Highlights:

Wanted speed for dev/test but couldn’t sacrifice security

Challenged to improve quality and amount of testing with multiple vendors

Image management helped move existing images and templates into production-ready environments

Guaranteed consistency with identical topologies in virtual network

Problem: Customer needed solution when traditional testing an dev/test created a three month bottle neck while getting services to market.

Solution: The customer used the cloud for dev/test environments on demand by migrating 10 year old Oracle, Stellent Tibco, Websphere images to AWS and VMware, and securely connected two developer offices and dev partners in a third office.

Outcome: Functionally equivalent multi-tier distributed system ran both in AWS and VMware to give testing capacity on demand from a public cloud and production on premise.

The customer moved existing images and templates into production-ready environments.

Leading global mobile telco service provider

NFV

EMEA

Active IPsec Tunnel

Firewall / IPsec

Overlay Network

Peered

Private Cloud

Partner Data CenterLondon, UK

Dev/Test 2

Data Center Servers

Data Center Servers

Dev/Test 1Boston, USA

Data Center Servers

Cloud Server Virtual Machine

NFV

London, UK

31


copyright 2013

Scalable, pay as you go solution connects cloud-based apps to partner networks.

Highlights:

Connected telco partners with partners’ exact IP addresses.

Concerns over keeping customer and partner traffic separate and secure

Needed to quickly scale up and down, with a price package to match

Overlay network segmented partners to take control of security, addressing, and connection

The Situation: A telco with mobile app needed to connect cloud-based app servers to APAC partners on the partners’ exact IP addresses.

The solution required:

•Overlay networks• Instance-based solution using pay-

as-you-go virtual appliances• Customer-defined address pools• Guarantee encryption for all

data in motion, including customer session tokens and payment information

Outcome:Customer was able to create POPs in multiple regions with attestable security.

The network can be abstracted from the cloud vendors’ address schemes to create a scalable, pay as you go solution to match their business model.

Mobile app developer connects on overlay

Data Center Server

Virtual Network

NFV

Dedicated IPsec Tunnels

Firewall / IPsec

London, UK

Partner LAN 1

Cloud-based SaaS tool

Data Center Servers

Virtual Machine

Ehningen

Partner LAN 2

NFV

Customer Site

Virtual Machine

Peered

Osaka, JapanHong Kong

Asia Pacific (Tokyo)

32


copyright 2013

Research groups connect to location-independent infrastructure

Highlights:

US-based research groups have global observatories and collaborations

Platform would speed research, enhance collaboration

Location-independent data collection and analysts

NFV and image management helped the group create common, shared infrastructure

Challenge:needed to create a new computing architecture based on virtualization to support collaborative efforts through multiple layers of research groups.

The research groups had to have control over final output quality and virtual devices in complex sensor platform.

Solution New computing architecture needed to use virtualization, multiple separate research groups, and virtual devices in complex platform.

Outcome With NFV and image management, the customer created a common shared infrastructure that was location independent.

Scientific research groups connect, migrate to cloud

Research CampusPalo Alto, CA USA

Observatory 2Marshall Islands, USA

NFV

Observatory 1Honalulu, HI USA


Firewall / IPsec

Global Overlay Network

WorkstationsWorkstations


Node

US-west-1

33


copyright 2013

Overlay between public & private cloud

Public IP: 194.42.93.145 Public IP: 194.42.93.146 Public IP: 194.42.93.147 Public IP: 194.42.93.148 Public IP: 194.42.93.149 Public IP: 194.42.93.150

Public IP: 194.42.93.151 Public IP: 194.42.93.152 Public IP: 194.42.93.153 Public IP: 194.42.93.154

Public IP: 5.23.25.66

Cloud Servers

Peered

Location 1

Cloud Servers

Peered

Location 2

Cloud Servers

Peered

Location 3

Cloud Servers

Peered

Location 4

Cloud Servers

Peered

Location 5 PeeredPublic IP: 5.23.25.12

Region: Europe-1

NFV Overlay Network172.31.0.0/24

PeeredPeered

Peered

Peer

ed Peered

Peered

• Not technically very different from bursting, but motivation is different

• Get network (re)configured in minutes rather than

waiting weeks for a change request to be implemented by the (outsourced) NOC

• No need for new hypervisor or networking equipment

35


copyright 2013

The first “process” customizable cloud transport network device

NFV allows customers to embed features and functions provided by other vendors - or developed in house, safely and securely into cloud networks

• Not just a scripting interpreter that allows control over known, existing features• Completely new functions, processes, computation delivered to the core of the

customer cloud network (patent pending)

36

NFV

Customer controlled, and co-created, for

the best hybrid cloud experience

Router

ReverseProxy

ContentCaching

LoadBalancing

IntrusionDetection More....

Switch Firewall IPsec/SSL VPNConcentrator

ProtocolRedistributor

Dynamic & Scriptable

SDN

Proxy


copyright 2013

Encrypted Overlay network in VPC

NFV as a converged device gateway into cloud

37

NFV +

Web App 2Web App 1 Web App 3

Single IP address

• Customer created a customized reverse proxy application (NGINX) inside the NFV appliance

• NFV provides end-to-end encryption, private address control, firewalling, and port forwarding

• NGINX configuration files are completely customer controlled

• NGINX app sits at the transport layer inside the NFV appliance

• Runs on the encrypted overlay network in VPC


copyright 2013

Problem:

• Applications may be hard wired to specific IP addresses

• Cloud providers cannot provide portability of internal IPs

Cloud Address Control


NFV



Data Center Servers

Overlay IP: 172.31.11.xx


IP: 192.168.1.xx LAN

NFV Solution:

• Control static addressing

• Local Area Network (LAN) address extension to the cloud

• Servers and Topologies behave as though the are running locally

• Application centric network is portable


Overlay Network

39


copyright 2013

Problem:

• Enterprise software uses multicast protocols for service election and service discovery

• Most public cloud providers block multicast

NFV Solution:

• Send multicast traffic via NFV based overlay network before it is rejected by underlying network infrastructure

Cloud Protocol Control: Multicast




Data Center Servers

LAN



Overlay Network

NFV

40


copyright 2013

Cloud Security Control: IPsec Tunneling

Data Center


Data Center Servers


LAN


NFV


Overlay Network

41

Problem:

• Public Cloud is accessed via Internet

• HTTPS is fine for web apps and services but isn't always appropriate for other use cases

NFV Solution:

• Connect networks with industry standard IPsec

• Use existing network edge security appliances (Cisco, Juniper, Netscreen, SonicWall etc.)

• Use existing secure communication methods/practices - the same as currently used to connect offices, data centers or partners/customers


copyright 2013

Cloud Security Control: Multiple IPsec




NFV

Overlay Network

42

Problem:

• Cloud providers limit the number of IPsec connections

NFV Solution:

• NFV Manager enables multiple IPsec connections to a cloud-based overlay network segment

• Serves as user-controlled, virtualized switch/router inside the provider cloud

• Cloud deployed servers can communicate with multiple IPsec gateways via endpoint-to-endpoint encrypted connections

Customer Site N

Multiple IPsec Devices

Customer Site 2

Customer Site 1


copyright 2013

Problem:

• Cloud deployments cannot be connected to existing network operations center

Use Existing Monitoring Tools

NFV Solution:

• Use your existing monitoring tools for cloud deployments

• NFV allows the use of an existing NOC to monitor and manage devices in the data center and the cloud



Data Center Servers

Virtual Network

Cloud Server


Overlay Network

Data Center Servers

Cloud Server

NFV


43


copyright 2013

Problem:

• Securely connect customers, partners or branches to specific servers in shared infrastructure

Customer-Partner Networks in Public Cloud

NFV Solution:

• Industry standard secure connectivity to isolated servers in public cloud

• Data in motion in the public cloud is encrypted

Partner Data CenterEMEA

Customer 2USA

Customer 1APAC


Firewall / IPsec

Customer - Partner Network

Phsyical Data CenterPrivate Cloud ServerNode

Cloud Deployment


NFV

44


copyright 2013 46

NFV allows networks to be built out of the cloud

Users get control over their:• addressing• topology• security• protocols

When you give people a networking Swiss Armyknife to run in the cloud they do all kinds ofstuff that you might not have expected

Summary


copyright 2013

Questions?

CohesiveFT AmericasChicago, IL [email protected] 888.444.3962

CohesiveFT EuropeLondon, UK [email protected] +44 208 144 0156

47


mailto:[email protected]




Lessons from 5 Years of Network Function Virtualization | Interop NY Presentation from Chris Swan

Technology

Transcript of Lessons from 5 Years of Network Function Virtualization | Interop NY Presentation from Chris Swan