In the first part of my interview with Martin Casado, the OpenFlow inventor and VMware chief networking architect discussed the history of network virtualization’s adoption in the enterprise, the challenges standing between network virtualization and broad adoption, and the unexpected benefits of virtualizing enterprise networks. Today, we delve into Casado’s thoughts on what’s yet to come for network virtualization technology and the industry as a whole.
VMware’s 2014 network virtualization roadmap
2013 was, of course, the year that VMware’s NSX network virtualization solution hit the market. Building on that, 2014 will be a year of growth, Casado told me. “We’re at the point where we want to focus on getting customers into production and being successful at scale,” he said. VMware will continue working on general product development and evolution and then, he added, “we’re going to continue to re-implement networking pieces within the virtual domain so that more and more falls under the scope of these network virtualization platforms.”
VMware Chief Networking Architect Martin Casado
Security in the virtualized network: The Goldilocks Zone
One of the networking pieces Casado considers particularly important is security, around which VMware plans to do a lot of new work in 2014.
In Casado’s view, network virtualization has the potential to “totally change the security paradigm.” The hypervisor and virtual network are a “Goldilocks Zone” for security, he said: close enough to applications to provide meaningful visibility and semantics, but far enough away to create isolation, therefore neither too hot nor too cold. This Goldilocks Zone allows for deeper, more contextual knowledge and insight of application processes and user behavior than what a traditional, hardware-based network can provide and can then make that information available for security devices like next-generation firewalls.
“I think this really is, by itself, pretty revolutionary. So a lot of focus is going to be, How do we use this position to get more visibility, and how do we push that throughout the virtual network to get more and ubiquitous enforcement, independent of what’s running and what’s moving around the topology,” Casado said. Overall, VMware plans to harness the unique capabilities of virtualized networks to enable what he described as “ubiquitous, very context-aware security.”
Hardware vs. software: The competitive landscape
Within the networking industry, Casado said that he sees most of the competition happening “at the architectural level.” The battle to watch is between hardware-based data center strategies that focus on ASICs and proprietary systems, and the wholly software-defined paradigm VMware pushes. In those terms, VMware “aligns very well with the public clouds and those that are implementing value in software, and less with those that want to provide a hardware converged system,” he said.
On the tactical level, meanwhile, Casado said that VMware’s biggest market hurdle isn’t any particular competitor or technology, but rather “the traditional way of doing things” in IT. “Inertia in IT is surprisingly strong,” he said. To overcome it, VMware and their ilk must convince enterprises that if they adopt network virtualization, it will not simply be just as secure as the traditional model, but even more secure; not just as easy to manage, but in fact easier.
“We need to convince people that flying is safer than driving,” he said.
The state of SDN
Of course, one can’t talk to Martin Casado without bringing up software defined networking. He was, after all, one of the original inventors of the open source OpenFlow protocol instrumental in giving rise to the SDN movement. And when it comes to SDN, Casado reiterated a sentiment he expressed to Sean Michael Kerner last year: “When you ask me what SDN is now, I don’t know anymore.”
Software defined networking became complicated and difficult to define, Casado explained, when it “left the realm of focused research and moved into the marketing departments. Everyone’s recasting SDN to fulfill whatever their purpose is,” even when that purpose is to sell hardware with SDN-esque features added in a proprietary fashion.
“I don’t know how you could call some proprietary hardware box SDN, even though some people do,” Casado said pointedly. When asked whether he was thinking of Cisco’s Application Centric Infrastructure, he explained that while Cisco builds great physical networks, which will always be necessary, “I don’t think that adding features in hardware in a proprietary fashion is the right model for customers.” In that sense, his stance is similar to other vendors who’ve questioned Cisco’s hardware-defined model of software defined networking.
The role of the physical network is already moving towards increased simplicity, Casado explained. “If you look at the mega data centers, the physical network has become very simple—its primary function is passing packets. Most of the large mega data centers have arrived at this architecture totally organically over the last ten years.” The features and intelligence of their networks come primarily from software implemented at the network edge. That, Casado said, is what SDN was meant to be.
“We do the same thing, except we allow anybody to adopt this model and get all the OpEx and CapEx benefits,” he said.
And that’s the direction Casado agrees with. From his point of view, there’s strong interest in the disaggregation of features from hardware and in using software to enhance operations, visibility, and security.
“I actually believe that the work we’re doing is one of the very few pure SDN plays,” Casado said.
He recognizes, however, that not all enterprises will jump at the chance to embrace a purely software defined approach to networking. When it comes to network virtualization, “the great thing is that if you do it correctly, if you have a decoupled solution, then if the customers see value in ASICs, they can buy those, and if they don’t, they don’t have to buy them.”
2014: Software-defined network functions will continue to evolve
When discussing networking’s outlook for 2014, Casado was reluctant to whip out his crystal ball, but he did return to the topic of the mega data centers and their architecture for a landmark.
“If you look at them, Google or Amazon EC2 or Yahoo, you see hardware becoming general-purpose pools of capacity and you see features implemented in software as part of the application at the edge,” Casado said. He believes software’s role in the data center network will continue to grow and evolve, becoming “a more dominant player in providing network functions with more semantics and more power than we’ve seen in the past,” he said.
“People are going to get very comfortable with virtual networking, consume more day-to-day operations, and we’re going to see the power of software come to bear,” Casado concluded.
Header photo courtesy of Shutterstock.
Jude Chao is managing editor of Enterprise Networking Planet. Follow her on Twitter @judechao.