Virtualization is transforming government IT, one benefit at a time
- By George Holland
- Aug 01, 2016
Federal network administrators confused about the benefits behind network functions virtualization (NFV) and software-defined networking (SDN) should remember the old adage, “what’s old is new again.” It certainly applies to network virtualization, which takes tools that have traditionally been housed in physical boxes -- firewalls, routers and more -- and deploys them as applications on the network.
But while the tools may be the same, the results are far different from what federal network administrators experienced when I first started in this business. Back then, everything was hardware-based, purpose-built, expensive and laborious to deploy. Now, virtualization allows administrators to forsake legacy systems and reduce both cost and complexity.
Let’s take a look at some of the primary benefits this new-yet-old solution offers.
Easier management, fewer costs
An agency with 500 devices operating at the network’s edge must install, support, upgrade and, ultimately, replace those devices. To manage them all, administrators must keep track of spare parts, coordinate manpower for troubleshooting and more. They are responsible for developing and managing a whole ecosystem of support.
By deploying NFV, SDN and blade servers, federal administrators can turn this headache into something that’s far easier and less costly to manage. Instead of keeping spare parts for each box, managers can have low-cost replacement servers on hand; if one goes bad, they can simply reload software onto the new Forget about sending people to look at one of the 500 boxes; troubleshooting, upgrades and reconfigurations can all be done through centrally managed software.
Automated control, greater security
Through NFV and SDN, processes that used to be manually managed can now be automated, giving administrators better control without having to manage 500 different people working on 500 different boxes in 500 different locations. Scripts can simply be pushed out automatically, lowering the chances for human error or miscommunication.
Automation also plays a key role in how virtualization helps improve security, but it’s not the only factor. In simpler times it would be enough for an agency to have firewalls, intrusion detection and unified threat management devices working independently to protect the network, but that approach is no longer viable. To fight increasingly complex threats and savvy hackers, it’s critical that today’s networks be intelligent and interconnected. Information and resources must be pulled and shared among various protection tools.
Such information sharing can only be accomplished through virtualization, which allows devices to work seamlessly together. For example, through NFV and SDN, software-based firewalls can be set up to work with intrusion detection and prevention systems. Security can be stronger and better coordinated as the various pieces share information and “learn” from each other.
Financial breathing room, better results
Virtualization also gives IT managers more financial flexibility and provides better results to end users. Managers no longer must get capital funding to constantly upgrade or buy new hardware. Virtualization gives them the ability to manage and enhance what they’re running at lower cost. End users -- from the warfighters who need more bandwidth-intensive applications to attorney generals’ offices that require enhanced distributed networking capabilities -- can enjoy more streamlined delivery of services without breaking their budgets.
Government agencies are already taking steps toward adoption of low-cost, zero-touch options that allow them to deploy services in minutes, making their networks far more agile than ever before. Federal CIO Tony Scott has advocated for a measured approach to network modernization -- incrementally replacing old parts with modern technology. Every time federal administrators buy a virtual tool to deploy a firewall or router, they’re edging closer to complete virtualization.
We’re heading in the right direction by building upon the tremendous progress that has already been made with compute and storage virtualization. NFV and SDN are the next logical extensions of those efforts. They can help networks become not only easier and more cost effective to manage, but also far more secure -- a value proposition too great to ignore.
George Holland is vice president, National Security Group, Juniper Networks.