<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=2975524&amp;fmt=gif">
BLOG

Network Functions Virtualization—What Is It and Why Should You Care?

February 7, 2017

Remember back in 2013 when software-defined networking (SDN) was going to change the 
world? It’s still the future of the data center, but the revolution is happening slower than 
people expected four years ago.

Amidst all of the SDN hype, many companies seem to have lost track of its companion 
technology—network functions virtualization (NFV). 

Some may think NFV and SDN are the same, but they’re actually complementary. If SDN seems 
too far out of reach, you might want to start thinking about laying the foundation for the future 
with NFV.

What Is Network Functions Virtualization?

The idea of network functions virtualization originated with service providers that wanted to make it easier to deploy new network services. Typically, they would have to introduce a wide range of new physical devices for routing, switching, security, WAN optimization, and more just to offer new solutions.

With NFV, you consolidate network functions typically deployed with black boxes onto industry-
standard commercial-off-the-shelf (COTS) servers. We know that it’s getting increasingly 
difficult to introduce new appliances to your physical architecture, so being able to decouple 
network functions from dedicated hardware will become more of a necessity than a luxury 
soon.

At first glance, this might just seem like a small piece of the software-defined networking promise. However, you can start to deploy NFV as a standalone strategy without actually approaching SDN at first.

The key difference is that SDN focuses on separating the data plane from network control logic 
for centralized, automated control over traffic. Network functions virtualization focuses less on 
abstraction and more on the data plane itself, leveraging virtual machines and open source 
software.

Learn more about SDN and NFV!

Because there is still debate over open source SDN controller technology, NFV may seem more 
approachable as you lay the groundwork for a future 40G/100G data center. Here are just a few 
of the possible use cases for virtualized network functions:

  • Virtual Switching: Connect physical ports to virtual ports/servers and employ virtualized services and VPN gateways. Stop worrying about physical location and focus more on your network resources.
  • Virtual Network Appliances: Simplify your network architecture by bringing network monitoring, load balancing, traffic analysis, and more into virtual machines.
  • Virtual Applications: Businesses run on cloud applications and NFV frameworks can help you optimize your network for an increasingly mobile workforce.
Even though NFV was originally created for service providers, data centers of all sizes will have 
to pay close attention to the emerging technology as traditional, physical architectures give way 
to faster, co-located and virtual alternatives.

Why You Should Start Planning for NFV 

Cost efficiency is usually the prevailing motivation for network administrators considering 
SDN—and NFV is no different. Shifting to COTS servers and virtual network functions can 
certainly reduce both CapEx and OpEx, but you shouldn’t focus solely on cost.

Just because you can reduce costs in the long run doesn’t mean this is a free transition. Luckily, 
there are other great reasons to start planning for NFV. 

In the wake of digital transformation and the need for companies of all sizes to become more 
agile, quick provisioning and flexible scalability are significant benefits of NFV. You might be 
talking about a move to 40G or 100G in your data center today—but those speeds are only 
going to continue increasing.

Aside from reducing operating expenses, quick provisioning can free up IT resources so you can 
focus more on pushing the company forward and less on menial management tasks. For 
example, you can use NFV to streamline your chaining at the edge.

Rather than struggling to add new physical appliances on a complicated link, you can virtually 
chain the edge with functions like a router, firewall, deep packet inspection, intrusion 
prevention and more. There’s just one catch—you can’t forget the visibility plane. If anything, 
it’s even more important than in a traditional data center.

The SDN reality is slowly coming to fruition, but if you want to get out ahead of the 
competition, implementing NFV in certain areas of your data center can help. If you want to 
learn more about how you can prepare for SDN and NFV in a 40G/100G data center, download our free white paper, Architecting Data Centers for SDN and NFV.

See Everything. Secure Everything.

Contact us now to secure and optimized your network operations
Contact Us

Heartbeats Packets Inside the Bypass TAP

If the inline security tool goes off-line, the TAP will bypass the tool and automatically keep the link flowing. The Bypass TAP does this by sending heartbeat packets to the inline security tool. As long as the inline security tool is on-line, the heartbeat packets will be returned to the TAP, and the link traffic will continue to flow through the inline security tool.

If the heartbeat packets are not returned to the TAP (indicating that the inline security tool has gone off-line), the TAP will automatically 'bypass' the inline security tool and keep the link traffic flowing. The TAP also removes the heartbeat packets before sending the network traffic back onto the critical link.

While the TAP is in bypass mode, it continues to send heartbeat packets out to the inline security tool so that once the tool is back on-line, it will begin returning the heartbeat packets back to the TAP indicating that the tool is ready to go back to work. The TAP will then direct the network traffic back through the inline security tool along with the heartbeat packets placing the tool back inline.

Some of you may have noticed a flaw in the logic behind this solution!  You say, “What if the TAP should fail because it is also in-line? Then the link will also fail!” The TAP would now be considered a point of failure. That is a good catch – but in our blog on Bypass vs. Failsafe, I explained that if a TAP were to fail or lose power, it must provide failsafe protection to the link it is attached to. So our network TAP will go into Failsafe mode keeping the link flowing.

Glossary

  1. Single point of failure: a risk to an IT network if one part of the system brings down a larger part of the entire system.

  2. Heartbeat packet: a soft detection technology that monitors the health of inline appliances. Read the heartbeat packet blog here.

  3. Critical link: the connection between two or more network devices or appliances that if the connection fails then the network is disrupted.

NETWORK MANAGEMENT | THE 101 SERIES