Application services meet up with SDN in the cloud
Enterprises and service providers are looking beyond collections of boxes and toward virtual data centers that are better at growing and changing, and now application services such as security and acceleration are about to fit into that picture as well.
F5 Networks, a major vendor of application delivery systems, has created a new architecture to make it easier to provide those services in the age of virtualization and clouds. The Synthesis architecture is based on F5's already shipping BIG-IP hardware and software and its BIG-IQ management system. It makes them easier to license and deploy for applications that may run in an enterprise data center, a public cloud, or both.
The so-called Layer 4-7 services that F5's products provide are closely tied to both underlying network infrastructure (so-called Layers 2-3) and the applications that enterprise employees or service-provider customers actually use. Those services may include authentication, access control, mobile optimization and other features. The way networks and applications are deployed is changing dramatically with cloud computing and software-defined networking, so F5 aims to help IT shops deliver application services in this new environment.
SDN architectures have been focused primarily on orchestration of networks, said analyst Zeus Kerravala of ZK Research.
"While that's important, there still are application services, things that happen above that network stack, that need to be orchestrated as well," Kerravala said. F5 is in a good position to do that because it supplies the application delivery controllers in so many data centers, he said.
Part of the architecture is a new way of licensing F5's products that will make it feasible for customers to apply Layer 4-7 services to all their applications, said Dean Darwin, F5's senior vice president of worldwide marketing.
The new architecture is more economical because it's less structured, Darwin said. Up until now, customers have typically identified a critical application and dedicated a hardware appliance to it. Now they'll be able to divide each box into multiple virtual appliances, cluster the boxes to pool capacity, or even run the appliance software on public cloud infrastructures such as Amazon Web Services, he said.
By clustering both physical and virtual appliances like this, enterprises and service providers will be able to build what F5 calls a Synthesis ScaleN service fabric. One ScaleN fabric can handle network throughput of 20.5Tbps (bits per second), accommodate as many as 2,560 instances of an appliance, and support as many as 9.2 billion connections, according to F5. Those are connections to applications, which can number far more than network connections to client devices. However, it's unlikely any customer could use up all those connections, said Senior Product Manager Lori MacVittie.
The Synthesis ScaleN service fabric can serve multiple tenants, so cloud providers can use it to add application services to their offerings for subscribers, F5 says. If an enterprise expands its fabric beyond the data center to a public cloud, all the services assigned to applications go with it, Darwin said.
The new licensing is available now, and customers can start implementing Synthesis with the BIG-IP and BIG-IQ platforms immediately, MacVittie said. Additional capabilities will come over the next two or three years.
With the ScaleN fabric, F5 is updating the way its technology scales to bring it in line with how SDNs and virtualized data centers expand, IDC analyst Brad Casemore said. This will force IT shops to change the way they think about application services, but with a revolution going on in networking, this is the right time to do so, he said.
F5's rivals, including Citrix Systems' NetScaler business, are moving in the same direction, Casemore said. Citrix has a partnership with Cisco and announced earlier this year that NetScaler would work with SDNs based on VMware's NSX architecture.
Synthesis should work with all architectures for SDN, according to F5. It includes a set of APIs for communicating services requirements to SDN and virtualization platforms. VMware, Hewlett-Packard, Arista Networks, Big Switch Networks, Dell and other SDN vendors will endorse Synthesis, Darwin said.
But enterprises shouldn't worry about getting locked in to exclusive stacks of SDN and application-services software, Casemore said. With giant Web-scale network builders such as Google and Facebook calling their own shots in their data centers, other large IT shops are demanding more from vendors, either by themselves or through organizations such as Open Networking User Group (ONUG), Casemore said. He thinks F5 will make Synthesis work with all the SDN vendors that customers demand.
The new licensing model will probably simplify purchasing of F5 products, which hasn't been the company's strong suit, analyst Kerravala said. F5's purchasing model until now has been best suited to enterprises with the expertise to know what products to buy, he said. Now more IT shops are looking for packaged solutions, such as Hewlett-Packard FlexFabric or Cisco UCS, and F5's new licensing helps it address that trend, Kerravala said.
While Synthesis may help some customers save money, especially at first, the new method of scaling up F5's products also has an upside for the vendor, Casemore said. "I imagine it will be stickier for them as a vendor," he said. "They should see increased revenues over time."