The outgoing 2015 was a year of transition for network-function virtualization (NFV) deployment. It was a year in which carriers were looking for a proof of concept and initial commercial deployment.
In 2016, this trend is expected to intensify further, and NFV will be deployed live and in projects such as vCPE and vEPC. Communication service providers (CSPs) must therefore address the challenges neglected so far. Some of these challenges include security, performance, return on investment (ROI), carrier-grade and interoperability with existing networks, Operational Support Systems (OSS) and Business Support Systems (BSS).
The way in which those challenges are addressed will affect CSPs’ ability to deliver high quality services and generate new revenues. So far, CSPs have preferred to ignore these challenges and have focused on feasibility, but the time has come to take a step forward to make NFV a success.
Here are some tips that can make the transition to NFV deployment easier:
1. Do not neglect NFV security vulnerabilities
The migration to software-defined networking (SDN) and NFV is a security-wise revolution. By doing so, you deploy software network functions to replace mature and security hardened hardware elements.
Software-based data planes are also far more exposed to denial of service attacks (DoS and DDoS). Moreover, by using open architecture of software-defined solutions, the control and management planes are remotely accessed.
The utilization of Open Source projects: (Open vSwitch), KVM and others. Each of these components has its own control and management interface as well as APIs toward the operating system and platform hosting it, opening the NFV infrastructure to additional attack vectors.
Moreover, each host runs a virtualized network that must be monitored and protected.
In order to succeed, carriers must bring network visibility, insights and network specific analytics into their security information and event management (SIEM) and security operations center (SOC). They should also adopt protection solutions designed for NFV platforms and deploy real-time on device analytics and active protection. In addition, they must monitor and control access within virtualized networks on each host, function-host and function-function interactions.
2. Focus on the business case
The success of NFV will eventually be determined by its business benefits. ROI will be based on carriers’ ability to sell entirely new services, or services that are currently very expensive.
To meet ROI targets, carriers will need to be certain about security, cost-performance, carrier-grade-ness and full interoperability. In addition, they need to make sure the standard commercial off-the-shelf (COTS) platforms of Intel x86 are cost-effective providing the cost/performance, thereby making the newly launched services profitable.
The ability to fast deploy a new service and try to buy models will increase the profitability and sales cycles of value-added services.
3. Do not forget you’re a carrier
To allow carriers to make a profit from NFV-based services, the NFV platforms must natively integrate into the OSS and BSS methodologies.
Providing vCPE, MEC, vEPC, vSwitch, vRouter, vNAT and other virtualized services must meet existing carrier-grade requirements. These requirements include:
- Carrier Ethernet 2.0 and MEF compliance, enabling carriers to terminate CE 2.0 and MEF services on any computer host on the network or data-center
- Ensuring the service level by testing and monitoring any physical element, virtual function and virtual network anywhere and from anywhere
- Providing security and resiliency
ROI is based on the ability to quickly deploy and provide service level agreement and maintain services at low cost.
For this, NFV solutions must seamlessly support existing architectures such as CE 2.0 and MEF. SDN needs to be manageable and flexible to meet changing needs, such as Netcon and OpenFlow support. It also has to be ready for integration with existing OSS and BSS.
Carriers are currently providing high quality services at a guaranteed service level agreement. The new service must also retain the same standard to fully exploit the benefit of NFV deployment.
To learn more download the white paper Protecting SDN and NFV Networks from Cyber Security Vulnerabilities