Have you been to a DMV office recently? You take a ticket and wait. You get called to a window and then are told to go to a different window. You take a ticket and wait. And so on. The same sort of waiting game happens to network traffic as it passes through infrastructure based on virtual network functions (VNF). Fortunately, its newer counterpart, cloud-native functions (CNF) is far faster and more efficient.
CNF is an important component of SASE networks. If you’re not yet familiar with it, SASE (secure access service edge) is a new model for network architectures proposed by Gartner that is reshaping the way organizations manage and secure their networks. Gartner SASE is a response to the growing need for network & security architectures that are more fluid at the WAN edge.
SASE is first and foremost a cloud-native concept. The need for flexibility and speed requires a cloud-native foundation. VNF implementations cannot provide the levels of agility, scalability and low latency required at the WAN edge. CNFs are more suitable to meet these needs.
CNFs: Lightweight and Faster than VNFs
A VNF is a software implementation of a network function that runs on one or more virtual machines (VMs) on bespoke or white box hardware. VMs can be linked together to form service chains that support full-scale networking communication services. That’s where the DMV experience begins (Fig. 1). It starts when significant overheads for VM spin up and spin down. Next comes service chain orchestration—take a ticket—followed by VM-to-VM handoffs and their resulting hop-by-hop latency—move to the next window, take another ticket. The whole process then repeats all the way through the chain. Latency is built into the architecture.
Figure 1: VNF and its “take a ticket and wait” experience versus highly streamlined CNF
In contrast, a CNF is a lightweight container-based software network function that enables spin up and spin down to proceed much faster. Once a container is spun up, traffic is processed, and policies are applied all in a single pass. No more tickets, no additional windows, minimal latency. As a member of the Cloud Native Computing Foundation (CNCF), it is our mission at Infoblox to make cloud-native computing ubiquitous for foundational network services.
The CNCF site provides real-world examples of how CNF implementations save time and money. Here are just a few:
- Comcast: “Autoscaling has improved [our] ability to address services that are over capacity or oversubscribed. Before, it was a week long process in the environment. Now, we have the agility to very quickly rescale an application or free up capacity.”
- T-Mobile: “Teams went from five or six days of waiting time, to five or six seconds.”
- New York Times: “Some of the VM-based deployments took 45 minutes; with Kubernetes, that time was just a few seconds to a couple of minutes.”
Beware of the SASE Hype
In the rush to grab their piece of the SASE business, vendors are glossing over the details of their implementations. Organizations considering their SASE options would be wise to look carefully before jumping in. The value of SASE depends on the breadth of services a platform offers. CNF is a critical component of service delivery in SASE. In order to realize the full promise of SASE networking, nothing short of a CNF-based platform will suffice.