One of my responsibilities is to help customers and commercial teams spec out network security changes. Some of these shifts are minor, while others are highly visible sea changes of network architecture. But I am noticing across the board that C-levels in my projects are demanding a networking and security app store experience. Put simply they're saying, "I pay X, I get Y, and I don't care about details."
As an example, I have been asked to deploy advanced firewall features, such as intrusion detection, application control and packet shaping, for approximately 10,000 subscribers; a fraction of the total user pool. The request sounds simple enough, but there are many variables involved. Predicting the impact on latency, CPU and RAM, and implementing the logging and authentication infrastructure, is little more than educated guesswork. One could argue that ludicrously expensive consultants such as myself are paid to make judgment calls on the customer's behalf, but with all the traffic analysis and benchmarking in the world, the outcome is still a crapshoot.
How can organizations make procurement of these kinds of services simpler and more predictable? The fundamental answer is to drive platform costs down to zero -- or at least write them off up front.
This accounts for the explosive popularity of cloud platform services from RackSpace and Amazon. However, in some cases, these services don't quite fit the "Pay X, get Y" equation. After all, one never owns a leased platform, and cloud customers are always beholden to someone else to secure, deliver and maintain the infrastructure.
More on network applications and SDN
HP's app store brings life to an SDN ecosystem
Netsocket's WAN offers network services on demand
Yet, for organizations where the network is symbiotic to the business function -- such as financial industry firms, banks and network carriers -- flexible networking becomes imperative. These users need to be able to turn network services on and off when commercial opportunities materialize -- and they need to do it without lengthy project cycles.
The use of specialized hardware and point solutions is the anathema to flexibility. Every day spent running new cable or racking tin cuts into the time-to-ROI on any new project. Vendors that can fold their product offerings into a flexible, software-defined architecture will be the ones that succeed. They will be deployed faster and with much lower overhead than those with traditional boxes. Software-based networking levels the field and makes it possible to employ a cost-per-user, per-service strategy.
Organizations that can bear the cost of deploying their own hardware platforms and use SDN to implement network functions and services will ultimately reap the competitive rewards. Programmable infrastructure will allow for the provisioning of generic transport, storage and compute resources that can be deployed and scaled linearly. This will enable network functions, such as security and load management, to be deployed in software on demand, shrinking time-to-delivery. In effect, enterprises will become their own app stores, enabling end users and departments to choose their applications as needed.