Daniel Plaiasu University of Applied SciencesVienna, Austriati18m023@technikum-wien.at
Abstract Network function virtualization (NFV) was recently proposed to improve the flexibility of network service provisioning and reduce the time to market of new services.
NFV offers siginificant network functionalities which are nowadays not thinkable. Easily adding desired network functions to a specific organization or customer with less effort saves cost and time and is momentous flexible.
There are few advantages which leads to replace expensive proprietary standalone hardware but also security leaks which have to be focussed on.
Because it can cause some challenges to the provider. NFV is exactly what customer needs to address dynamic user requirements, growing workloads and the complexity of spry development.
Keywords NFV, Network, Functions, Virtualization
Nowadays it is significantly difficult to bring new services into today’s networks due to the proprietary nature of existing hardware applications, the cost of offering the space and energy for a diversity of middle-boxes, and the lack of skilled professionals to integrate and maintain these services.
The network function virtualization (NFV) was proposed to ease these problems in combination with other emerging technologies, such as software defined networking (SDN) and cloud computing. CITATION BoH15 l de-AT Instead of choosing hardware implementations (hardware router, hardware firewall), functionalities are implemented as software. It takes a router software and implements it on a virtual machine and has a virtual router. These implementations are possible thanks to the development of advanced computer processors. In NFV hardware is replaced by software. This helps to save costs and, among other things, helps to significantly reduce operating costs. I do not need a suburb anymore because I can do it remotely. I get the same functionality as the hardware with a license.
Network Functions Virtualization (NFV) stands for the concept of providing software-based network functions on hardware, as appropriated by manufacturer specific devices like network routers or switches. In 2012 the concept of Network Functions Virtualization was for the first time introduced by some network service providers at the SDN and OpenFlow World Congress. NFV is propelled by the ETSI Industry Specification Group (ISG) for Network Functions Virtualization.
The various functions of the hardware are inbuild in NFV on a single commodity, virtualized platform and controlled by software. This method creates an enormous flexibility, which gives new services the possibility to be implemented rapidly and with little effort. In the first instance network functions virtualization is interesting for service providers who would like to adopt their services to the requirements of the market within a very short time. CITATION And17 l de-AT The engaged standard hardware which is used is independently from the manufacturer and multi-client capable. It is possible to have one hardware machine for more clients. The difference is that every client gets his own license to the required functions. The hardware is virtualizable and replaces expensive proprietary standalone solutions.
The OpenFlow communication protocol helps the Network Functions Virtualization to control the hardware and the forwarding plane. CITATION And17 l de-AT The Network Functions Virtualization (NFV) contains four main components. The hardware is a fast standard one which is a Commercial-off-the-shelf (COTS) like servers from Intel.
COTS are series-produced products from the electronics or software sector (see standard software).
The second component are the software-based network functions. Network functions which are previously running on a dedicated appliance do now become a software image which runs on a standard server.
For the virtualization the computing virtualization like a Linux Kernel Based Virtual-Machine (VKM) is needed.
The last component is the standard Application Programming Interface (API). API is a part of a program that is made available by a software system to other programs for connection to the system.
Network Functions Virtualization is the capability to run any network function on a standard hardware, possibly with the help of computing virtualization to achieve an efficient use of resources. CITATION Ful12 l de-AT For NFV there are two possible deployment scenarios for its services.
In software-based devices the services run on a standard hardware like routers, firewalls, Broadband Network Gateways (BNG) in white box implementation instead of having the service in a dedicated appliance.
In this case the virtualization is not used common or internally, without allowing the server to be integrated in the datacentre of the provider. The software-based devices are usually created using DPDK-based functions.
DPDK is the Data Plane Development Kit that consists of libraries to accelerate packet processing workloads running on a wide variety of CPU architectures.
The second possible deployment scenario for NFV services are the function modules.
This refers to data plane and control plane which can be DHCP, NAT, Rate Limiting or something similar. The functions modules appear as pure software packages. CITATION Ful12 l de-AT strenghts
Network Functions Virtualization offers a few advantages to customer. Thanks to the virtualization we can manage resources without focussing on the physical location, how expensive and organized it is. CITATION Ful12 l de-AT It is possible to manage easily thousands of devices. For custom changes it is potential to change behaviour thanks to the possibility of programming spontaneously. Throw Dynamic Scaling different workloads can be adapted. Getting an automatization and resources and connectivity monitoring makes NFV user friendly which is a big benefit for customers. The performance serves to optimize the network device utilization and offers multi-tenancy which saves hardware components. A variety of customers can choose from a variety of service modules to get their custom specified package which fulfils their needs. CITATION Ful12 l de-AT NFV is exactly what customer needs to address dynamic user requirements, growing workloads and the complexity of spry development.
NFV offers a high number of advantages to customers but there are also weaknesses which are not negligible. There are serious risks when organizations are implementing NFV architectures. For that, solutions are given but must be focused on them. CITATION IXI19 l de-AT In the virtualization a significant portion of network traffic never hits a physical link. By 2019 Cisco estimates that approximately 73% of the data-center traffic will me produced from within the data center. Buried deep inside the physical hosts is most of the traffic for virtual machine to virtual machine (VM to VM) communication. This could cause difficulties for diagnostic network performance issues or leads to failure of spotting malicious agents within a virtualized data center. CITATION IXI19 l de-AT opportunities
NFV is a way to bring network services in the world of cloud technologies. Cloud is an IT infrastructure over the internet. It can contain storage, computing power or application software as a service. NFV can be realized mostly with existing technologies in practice. CITATION Ful12 l de-AT The virtualization of network functions offers important advantages, allowing services to be launched quickly while ensuring the efficient use of networks. But there are some obstructions to be overcome before network functions virtualization (NFV) can reach its full potential.
It is known from the industries that they are facing a major challenge. To focus on software NFV requires a complete overhaul of proprietary hardware-based networks. These raises arguments spanning the technical through to the cultural. CITATION Die171 l de-AT Threats
Network Functions Virtualization can create also some significant threats to customer and organizations. CITATION IXI19 l de-AT There are some security challenges which NFV can creates. Operators must be aware of four major NFV-specific security issues. CITATION IXI19 l de-AT When new software components are introduced that did not exist in the traditional market
In NFV there is a reduced isolation in which almost all network elements are capable of communication directly with each other, at least at the physical level.
There is a risk of sharing multiple unrelated components due to resource pooling. When an attack to a virtual network function happen, could this affect other VNFs running on the same virtual machine or physical server. CITATION IXI19 l de-AT The problem with key handling can occur security problems. How is it possible to share keys effectively and security credentials between hosted network functions in ways to prevent access by attackers. CITATION IXI19 l de-AT NFV environments are characterized by additional complexity. Usual systems are recursive, built up of complex services on top of elementary ones. For this reason, there are three layers which need to be secured. CITATION IXI19 l de-AT The physical layer including compute storage and networking, as well as management systems, such as lifecycle, orchestration and application program interface (API) access. CITATION IXI19 l de-AT Virtualized network zones defined by virtual firewalls or other network segmentation functions. CITATION IXI19 l de-AT Carrier application security: Virtualized functions used by applications, such as evolved packet core, software-defined networking controller (SDNC), and home subscriber service (HSS), are placed in the established security zones. Their security is assured by a combination of native application security controls and those provided at the network zone layer. Additional security is provided by the physical/platform layer. CITATION IXI19 l de-AT Even if all components are correctly secured, there is a lot of information which have to rely on manual processing. Operators of NFV should rely on centralized, automated security processes to establish that security is correctly applied across the entire network. CITATION IXI19 l de-AT Acquisition of monitoring data can be for analysis from security tools a challenge. There are security tools which provide a valuable service in threats that could be hiding within the virtual data center. CITATION IXI19 l de-AT Conclusion
Network Functions Virtualization (NFV) offers important network functionalities which are nowadays not thinkable. Easily adding desired network functions to a specific organization or customer with less effort saves cost and time and is significant flexible.
NFV supports a huge number of network functions with different architectures. It provides for transparent (e.g. firewall, network monitor) and non-transparent (e.g., SFTO server, DHC/DNS servers) network functions. CITATION Ful12 l de-AT V. G. L. J. a. S. L. Bo Han, Network Function Virtualization: Challenges and Opportunities for,” IEEE Communications Magazine, p. 97, 2015.
A. Donner, IP-Insider, 1 August 2017. [Online]. [Zugriff am 11 J?nner 2019].
P. d. T. Fulvio Risso, Network Functions Virtualization, .: ., 2012.
I. -. A. K. Business, IXIA, 14 J?nner 2019. [Online]. Available: [Zugriff am 14 J?nner 2019].
D. Lopez, www.isemag.com,” ISE – ICT Solutions and Education, 1 Dezember 2017. [Online]. Available: [Zugriff am 15 J?nner 2019].
Cite this essay
Paper NFV – A Network Architecture Concept by Daniel. (2019, Dec 08). Retrieved from https://studymoose.com/paper-nfv-a-network-architecture-concept-by-daniel-example-essay