Network Functions Virtualization (NFV) or Virtual Network Function (VNF) is used as a virtualized method to design, deploy, and manage networking services. NFV takes network functions that operate from a hardware base and allows them to run within software as virtual machines. Network functions that can be virtualized with NFV include Domain Name Service (DNS), Network Address Translation (NAT), firewalls, and caching.
- NFV Architecture
- The Limitations of Legacy Infrastructure and Hardware
- Why is Network Functions Virtualization Important?
- Advantages of Network Functions Virtualization
- Threats to Network Functions Virtualization
- NFV vs SDN
- NFV in The Software Driven Age
- The Link Between Network Functions Virtualization, IoT, and 5G
- The Future of Network Functions Virtualization
The rationale behind NFV is to use software functions in place of hardware so that network administrators don’t need to configure and managed physical devices. Manual devices are complicated to manage because they need to be maintained and cabled together. In comparison, a NFV allows the user to interact with network functions at the server level.
The architecture of NFV is fairly complex. There are seven key segments of NFV architecture:
- Virtual Network Function
- Element Management (EM)
- VNF Manager
- Network Function Virtualization Infrastructure (NFVI)
- Virtualized Infrastructure Manager (VIM)
- NFV Orchestrator
- Operation Support System/Business Support System (OSS/BSS)
Virtual Network Function
Virtual Network Function is the core block within network function virtualization. Virtual Network Function is the virtualized network element that is used when deploying network function virtualization. If you were to virtualize a router then the router would become the virtual network function. A range of elements that can be turned into virtual network function includes IPS, firewalls, IPS, GGSN, and RNC.
Element Management (EM)
EM is known as the element management system of virtual network function. EM is used to manage the virtual network function and deals with configuration, fault, accounting, performance, and security management. It is important to note that a virtual network function can use one EM or one EM can manage multiple virtual network functions.
VNF Managers are used to managing one or more VNFs. VNF Managers are responsible for lifecycle management. Lifecycle management is the process of establishing and terminating virtual network functions. The difference between EM and VNFM is that EM manages functional components and VNFM manages virtual components.
Network Function Virtualization Infrastructure (NFVI)
Virtual network functions are run within an environment referred to as Network Function Virtualization Infrastructure. This includes:
- Physical Resources – This part of the infrastructure is used for computing, memory, and networking resources such as virtual resources.
- Virtual Resources – Where physical resources are turned into abstract virtual resources to be used by virtual network functions.
- Virtualization Layer – A hypervisor where physical resources are abstracted into virtual resources.
Virtualized Infrastructure Manager (VIM)
The Virtualized Infrastructure Manager is the system responsible for managing the NFVI. The Virtualized Infrastructure Manager is used to manage and control the computing, network, and storage resources of NFVI. The Virtualized Infrastructure Manager also measures performance and events.
The NFV Orchestrator creates, manages, and terminates the network services of VNF. In addition, the NFV Orchestrator has the responsibility of managing NFVI resources like compute, storage, and networking resources. The Orchestrator doesn’t do this directly but instead goes through the VNFM and VIM.
Operation Support System/Business Support System (OSS/BSS)
OSS/BSS is the term used to refer to the OSS/BSS of an operator. The OSS is for network, fault, configuration, and service management whereas the BSS is used for custom, product, and order management. The BSS/OSS of an operator can be integrated with NFV Management and orchestration as well.
The Limitations of Legacy Infrastructure and Hardware
In order to understand the importance of VNF, it is important to consider the limitations of network hardware. Hardware requires a large initial investment in order for you to purchase a device or lots of devices. This hardware can be updated but to replace it would require another significant investment. As a consequence, the network is limited in its capabilities by the hardware it’s currently using. If vendors don’t update their product, then the user is out of luck.
There is also very little opportunity to modify or customize these machines according to new requirements. This is the case for most proprietary technology but is also the case for products that are considered to be open as well. All of these limitations are underpinned by the fact that hardware needs to be maintained in order to stay operational.
VNF is growing as an alternative solution because it allows enterprises to move away from the constraints of managing physical devices. Services can be customized and deployed when they are needed and not when a vendor device is appropriate. We’re in a phase where organizations are looking to take the steps away from more traditional legacy networks.
Why is Network Functions Virtualization Important?
As a concept, Network Functions Virtualization is extremely important to the movement towards abstracting physical resources. The limitations of physical infrastructure are the tip of the iceberg as far as the potential of Network Functions Virtualization. NFV is important because it allows you to take virtualized functions like routing and firewalling, and visualize them.
Traditional firewalling devices and routers are more prone to failure than virtualized versions. With Network Functions Virtualization you can deploy functions in the form of virtual machines on a range of hardware. This gives you the opportunity to change how your network is structured.
Once these functions have been virtualized they can be moved around and automatically restarted as needed. In other words, your network infrastructure becomes much more malleable and flexible once its virtualized than a network infrastructure that relies more on physical devices.
Network Functions Virtualization also has marked advantages in terms of disaster recovery. If a natural disaster or system failure affects your network then physical devices cannot escape being affected. However, a virtual device can be moved to another location or data center so that you can obtain normal operation much faster.
Advantages of Network Functions Virtualization
- Reduced hardware needs – By virtualizing your infrastructure you minimize the amount of hardware you need to purchase and maintain. You can also avoid the problem of over provisioning that is common with hardware.
- Saving space and power – One of the issues with hardware is that it takes up space and needs to be powered and cooled in order to stay operational. This isn’t the same for virtual services which can be managed entirely with software.
- Lowers time to releasing services – You can deploy networking services at a faster rate than is possible with hardware. Every time the requirements of your enterprise change you can make a change and keep up quickly.
- Scalability – Being able to upscale and downscale services on demand provide you with the long-term capacity potential that you need to be successful in the future.
Threats to Network Functions Virtualization
Though Network Functions Virtualization can deliver serious advantages to modern organizations, it also brings to the table a number of substantial risks as well. These risks vary but they boil down to limited transparency over virtualized infrastructure. For instance, network traffic is much more difficult to monitor and the creation of software components that depart from traditional networking (and thus need new expertise to manage).
Lack of Monitoring Visibility Over Traffic
One of the main risks raised by Network Functions Virtualization is that it limits the ability to monitor traffic. On a legacy network, traffic can be monitored through a range of means and measured by network monitoring tools from many different vendors. This is different in virtual environments because many traffic doesn’t interact with physical devices but virtual machines.
Data exchanged between virtual machines flies under the radar of most network monitoring tools and techniques. This is a substantial problem because it makes it difficult for administrators to diagnose performance issues and to detect cyber attacks. As such when you deploy Network Functions Virtualization your network is going to be much less transparent when you monitor network traffic.
New Security Concerns
Given that Network Functions Virtualization brings together a range of new architecture to a network, this architecture needs to be managed accordingly. This is an area where Network Functions Virtualization poses a number of security risks because an administrator has to be aware of a range of new concerns. For example, the user has to manage new software components like a hypervisor as well as mitigate security concerns like an attack on one VNF causing the failure of another VNF.
NFV systems are more complex than traditional networking environments. The challenge is that administrators need to know their way around these challenges in order to be able to ensure the integrity of the network. The administrator thus must secure the physical layer, virtualized layer, and implement carrier application security.
When making the transition to virtualized infrastructure you trade in the concerns of physical resources to virtual resources. You relinquish the concerns of powering physical devices but you now have to monitor for performance bottlenecks. Network Functions Virtualization is not immune to falling victim to poor performance. While Network Functions Virtualization performance is improving over time, it still needs to be closely managed.
For example, the virtual switch or vSwitch is the area where packets stop when flowing between virtual machines and network services. The vSwitch is a bottleneck and is affected by the type of traffic transferred through the network. Audio and video streams can be particularly demanding in terms of performance requirements.
NFV vs SDN
One of the technologies that comes up alongside NFV is SDN or Software-Defined Networking. In many ways, NFV and SDN compliment each other. Let’s take a look at the difference between the two:
- NFV – NFV is used to optimize network services by taking network functions away from hardware. Network functions run at the software level so that provisioning can take place more efficiently.
- SDN – SDN separates the control plane from the forwarding plane and provides a top-down perspective of the network infrastructure. This allows the user to provision network services as they are needed.
Both of these technologies turn legacy networks on their head in favor of a software-based networking approach. Virtualizing networking services allows resources to be provisioned faster and more efficiently in a way that supports scalability. These two don’t need to be used together but they complement each other in a number of ways.
For instance, with SDN you can enable network automation to determine where network traffic is sent on. NFV can complement this by allowing you to manage routing controls at the software level. Combining the two allows you to mix automation with software-level routing to create the most efficient service across the network.
See also: The Importance of SDN
NFV in The Software Driven Age
We’re in an age where incorporating virtualized infrastructure has become a prerequisite to efficient operations. Many organizations are deploying NFV and SDN in an attempt to move beyond the limitations of legacy infrastructure.
For too long enterprises have been dependent on hardware that needs to be reconfigured when new services are installed. These installations have been bound to be performed as on-site installations that take up real world space and resources. This model has been slow to respond to the needs of organizations and is being replaced by a movement towards virtualization.
NFV has become one of the key technologies providing enterprises with more flexibility than ever before. NFV can allow you to respond to the needs of your network without having to deploy new physical devices and lose physical space. To maximize the effectiveness of NFV it has become advisable to combine it with SDN for the most flexibility.
The Link Between Network Functions Virtualization, IoT, and 5G
One of the wider technological trends that gets a lot of press is the development of 5G. 5G promises to build on the widespread connectivity delivered by 4G and enable more wireless devices to connect to the internet. The growth of 5G is increasing the need for a network architecture that departs from the legacy model. Network functions virtualization is one of the key technologies that can ally with 5G to form the next generation of networking.
Within the context of 5G, NFV can be used to separate one physical network into multiple virtual networks. This is referred to as network slicing. Network slicing will enable organizations to segment networks and cater towards different types of services and customers. Administrators will be able to manage multiple networks in a format with less latency and more security than ever before.
The biggest improvements delivered will be seen with regards to performance where network slicing will allow administrators to allocate sections of the network (including resources) to certain services to provide the best all round speed. The end result will be more automation and flexible deployment.
The Future of Network Functions Virtualization
No matter where you stand in the NFV vs SDN debate, the future of network function virtualization looks very bright. As it stands, there is a lot to do before Network Functions Virtualization takes root completely. The transition to NFV will not be an immediate transition, but a slow process that coincides with the rise of virtualization as a whole.
So long as organizations need to deploy functions automatically and virtually, NFV will remain relevant. Its greatest rival, SDN, can also act as its closest ally in this movement depending on the needs of the enterprise in question. More enterprises are starting to recognize that traditional infrastructure isn’t in the position to keep up with their growing requirements.
The future trajectory of NFV is tough to pin down at this stage because there are many different changes that will determine its long-term viability. However, if the growth of IoT devices is anything to go by, the traditional networks will be in dire need of NFV as more devices started to be integrated into networks in the future.
Provisioning resources in these environments is an area where Network Functions Virtualization has a lot to offer. Being able to update and configure software on demand will make sure that organizations can manage these environments without running into any hiccups.
NFV is one of the most promising trends in virtualization. For a long time organizations have been limited in what they can do by the infrastructure that they own. The deployment of NFV is helping organizations to move away from these limitations. Many companies are using virtualization to reduce the costs associated with managing and powering physical infrastructure
Organizations using NFV are free to move virtual resources around cost free in a way that isn’t possible with physical infrastructure. While this delivers clear benefits it is not a fix-all solution. The user reduces hardware concerns but replaces them with the complexities of managing Network Functions Virtualization. There is much more pressure to manage network traffic to make sure that the network performs well and stays protected from outside threats.
Many of the risks associated with NFV can be mitigated by learning as much about the technology as possible. However, the complexity of managing virtual resources over physical devices should not be underestimated. After all, it is one thing to monitor an endpoint, it is another to attempt to monitor a hypervisor.