Building the Open Virtual Branch powered by flexible, open orchestration
- February 5, 2018
- Posted by: Sebastian Grabski
- Category: Network Orchestration, Networking, NFV
Virtual branch is not a new concept. It’s been around for a while and has had varying degrees of uptake. The biggest promise of the virtual branch is to drive up operational efficiency and drive down operational cost by having a highly automated branch environment. In traditional environments this is not an easy task – sometimes it’s not even possible.
The High Price of Specialized CPE
An average branch, depending on its size, runs at least a few network customer premises equipment (CPE) devices – routers, firewalls, switches, access points etc. – and at least few application servers – email, CRM, file server etc. Operations is rather expensive and very often requires onsite personnel to manage daily routines.
Many vendors have been trying to address these challenges by building specialized CPE’s, where multiple functions are implemented on routers. This is how switches, access points, storage, x86 blades, and call managers were imported to highly specialized CPE’s – which lowered operational cost, but increased capex, due to the relatively high price of those specialized CPE. Furthermore, it introduced vendor lock-in which many companies today are trying to avoid.
Virtualization Brings Universality
Server virtualization has brought new opportunities for virtual branches. The ability to virtualize applications brought a lot of relief in the daily management of application server infrastructure. Next came the virtualization of network functions (VNFs), and so, the universal CPE (uCPE) concept was born.
Being able to run a vRouter, vFirewall, vLB on an x86 COTS server was indeed a great idea. However, running virtual functions and creating a service from them are two different things. In order to run a service you need to service chain network elements – in other words – orchestrate them.
Open Orchestration for the Virtual Branch
This is where things went a bit south in many cases. Vendors were using either the wrong tools for the orchestration job or the orchestrators were too rigid to meet the flexibility and needs of virtualization. As a consequence, many solutions violated the promise of universal CPE by not delivering operational efficiency at lower cost, but rather increasing complexity and overall TCO.
Over time, the market and some tools matured to the level where today it is possible to put the whole branch on virtualized infrastructure: network elements and even application servers all together on a virtualized x86 server (or in a cloud) in order to create a Virtual Branch.
An especially interesting use case for our customers is the ability to combine network elements with application servers in a “single box”. Most solutions in the market are either focused on network elements or application servers. But the opportunity to have both under a single orchestration umbrella is exceptionally tempting, especially with to operational efficiency benefits.
Customers can leverage lean operations, especially in cases where they need to manage a large number of distributed branches. Yet the promise of lower operational cost and lower TCO is largely unproven as vendors continue to build closed solutions, which in many cases fail to deliver on the lower TCO promise.
The key to addressing the demands and promises of the virtual branch is OPENNESS.
Meet the Open Virtual Branch with Cloudify Open Orchestration
So, we are very excited to introduce a different concept we call Open Virtual Branch. This solution is based on an open orchestration system which helps avoid vendor lock-in and enables customers to take the control of their own business. By being in control of the orchestration platform, customers decide when and how they want to orchestrate their services.
If the customer decides to change any component at any time, they have the full freedom to do so. This is where Cloudify comes into the picture. Cloudify is an open source, TOSCA-driven orchestration platform that enables the Open Virtual Branch concept. With Cloudify Manager, customers can build their own virtual branch, retaining full control over their solution without the risk of being locked in by any vendor. This is how organizations can realize the full benefits of open orchestration to build Open Virtual Branches in order to raise operational efficiency while lowering operational costs.
In order to prove its feasibility, here is a Proof of Concept for the Open Virtual Branch:
In a PoC we recently ran, we use Openstack as the virtualization layer on which we instantiate a vRouter as well as vFirewall along with an application server. Next, we enable services on top: IPSEC VPN (to enable secure connectivity with HQ) and port forwarding on a vFirewall to expose the application server which is running behind a firewall on a protected network. As a result, HQ can access web application resources through a secure channel.
If you’re interested in learning more about this concept, or want to see the demo in action, please contact us directly.