Today we have access to “cloud computing,” a fast and resilient way of offshoring several key network components. The cloud is what allows us to:
- Launch applications in a matter of seconds
- Adjust the amount of storage we have on demand instantaneously
- Scale the application in and out over time with minimum effort
As billions of devices are created, and existing devices move to the cloud, they demand an exponentially increasing amount of data. Consequently, security threats increase in both scale and complexity.
Every network you connect to needs network functions in order to guarantee the secure and consistent connectivity of its users. Network functions are devices like firewalls, network address translations (NATs), intrusion prevention systems, and load balancers. There can be hundreds to thousands of these in a network!
The way network functions are currently built limits their capability; they just don’t have the same type of agility as the cloud — and this is quickly becoming a serious problem.
Merriam-Webster defines agility as “the ready ability to move with quick and easy grace”. For network functions to match this, they will need three things:
- Seamless scalability: the ability to scale up and down without disrupting network traffic
- Failure resiliency: the ability to detect and recover from failure, again without disrupting network traffic
- Instant deployment: the ability to instantly launch network functions and configure their scalability and failure resiliency
A successful data center would need to be able to do all of this without sacrificing power and performance (throughput and latency). Though “tier 1” public clouds like Amazon Web Services and Google Cloud Platform can attain agility within their own customized solutions, no private-cloud solution has met these qualifications.
we outlined three clear goals network functions must meet in order to satisfy total network agility:
- Seamless scalability
- Failure resiliency
- Instant deployment
Network vendors have started offering virtual machine versions of their appliances, a step in the right direction. However, these technologies simply mimic the core architecture of physical appliances. Though you no longer have to physically plug in a box, in terms of performance and efficiency the system is still extremely limited.
The true problem lies with “state,” a temporary memory of preceding events or user interactions. It exists in every network function, and its wide dispersement throughout the network creates limitations.
Here, we’ll use a couple of analogies to help describe the problems networks currently face.
Imagine that you are at a restaurant with a bunch of friends, and your waiter has just taken the entire order without writing anything down. Before he can relay that information to the kitchen, he mysteriously vanishes. Ten minutes later, a new waitress comes by and asks if your table is ready to order. This is a huge problem! Time has been wasted, and now you’ve got to start the whole process over again. To top it all off, you’re still really hungry.
Or you could imagine that your workplace has a team of security guards who are constantly rotating. You might walk in and get clearance from one guard, but then on your way out you’re stopped by a different guard. He would have to contact each of the other guards to make sure that just one of them gave you clearance that morning. On a large scale with many employees and many guards, this gets hectic and complicated very quickly!
Of course, the problems of state are much more technical. Take firewalls, for example, which keep track of connections and other information to determine what to allow through the network and what to block. If a firewall fails, we can very easily create a new instance of that firewall. However, the “state” that existed (the previously tracked connections) in the first device has been lost, this creates disruption for the user — and this is just one example. Scaling faces similar problems. Multiple network functions must communicate constantly to ensure that state is synced, creating massive overhead with tens or hundreds of these devices.
Traditional network infrastructure will need a fundamental change in order to combat the problems with state.
Blog post by Stateless Inc. a seed investment of EVO Venture Partners