Virtual network services are fast and easy to use. By enabling deployment of networking virtually on industry standard hardware or cloud platforms, businesses save on CAPEX by using a more cost-efficient OPEX financial model.
The choices of network virtualization have grown in recent years, especially with the variety of cloud and *-as-a-service offerings. The two network virtualization services operating models that we’ll be comparing here are Network-as-a-Service (NaaS) and Network Edge from Equinix. NaaS provides shared access to virtual networking capabilities and/or security for multiple companies as a usage-based service from a third-party provider without users needing to select components, design, build and monitor their own networking stacks. Network Edge is a network functions virtualization (NFV) platform that allows you to deploy your own virtual network devices using a choice of leading NFV providers’ solutions. Unlike NaaS, each of these offerings serves a specific purpose to give users control in selecting components and designing, building and monitoring their networking stacks ̶ based on their network deployment, control, performance and security requirements.
Modernize Your Network, Virtually
Create a digital ready distributed infrastructure by deploying and interconnecting virtual network services across Platform Equinix at the digital edge.Read More
NaaS: A shared, multi-user networking and security service
According to SDXCentral, “NaaS packages networking resources, services, and applications as a product that can be purchased for a number of users, usually for a contracted period of time.” [i] These services can include Wide Area Networking (WAN) and data center connectivity, bandwidth capacity “on demand” and network security services. Many network service providers (NSPs) and some cloud service (CSPs) and Software-as-a-Service (SaaS) providers deliver NaaS solutions, including offering a “do it yourself” operating model directly to their customers. CSPs also offering virtualized cloud services such as SaaS, PaaS and IaaS and SaaS providers offer other added-value services on top of NaaS platforms such as security and management.
As the NaaS operating model is shared among multiple companies, it is typically designed and optimized to perform a specific set and/or group of network services. However, not all workloads will homogenously require the same network function, performance and operate at all times to meet all business/regulatory/industry requirements. In addition, the NaaS model limits the control a company would have over these services, the choice of network provider, and how they are being deployed, consumed, secured and monitored.
Some of the features provided by NaaS include:
- Virtual network devices and controllers from providers that are managed by the NaaS provider, rather than the customer.
- Third-party management of network services such as: WAN optimization, load balancers, SD-WANs, firewalls, virtual private networks or telecommunications services such as unified communications (UC) or voice-over-IP (VoIP).
- Flat-fee or monthly service pricing, standard service level agreements (SLA)s for uptime and performance, and security and data protection, privacy and sovereignty compliance policies.
- Lower CAPEX by moving to an OPEX model, where the NaaS solution can be either managed by the NaaS provider or the end customer.
Businesses that leverage NaaS may not have any WAN infrastructure of their own or were originally “born in the cloud” and do not have the physical infrastructure to deploy virtual network devices where they need them ̶ close to users, data and applications.
The main challenge that NaaS raises for some companies is around the deployment and management of capabilities such as distributed SD-WAN controllers, which manage all of the resources on an SD-WAN (i.e., virtual network devices and services). Compatibility is needed among these different SD-WAN and NaaS devices and services communications and security. This requires a large amount of coordination and integration as more SD-WANs and NaaS services are being deployed across a company’s corporate infrastructure.
Standard bodies, such as Metro Ethernet Forum (MEF) and European Telecommunications Standards Institute (ETSI), help define design paradigms and architectures for globally consistent implementations across different layers of NaaS application programming interface (API) integration. Additionally, NaaS integration can be treated as a black-box service. However, unless done collaboratively, working closely with NaaS provider, the integration may inadvertently create sub-optimal, retransmission and/or tromboning of traffic, thereby defeating the effectiveness of the service.
This may require additional development across multiple APIs to gain the end-to-end visibility, control and security that most companies require. End-to-end performance optimization of NaaS offerings could also be tricky given that each service could have a different SLA for each network service that is not in the customer’s control.
Network Edge: A dedicated, multi-user NFV service on a global platform
Network Edge on Platform Equinix® enables the deployment of industry-leading NFV devices such as SD-WAN, cloud routers, VPNs and firewalls from vendors such as Cisco, Fortinet, Juniper Networks, Palo Alto Networks, VMware VeloCloud™ and Versa Networks. These are customers’ dedicated virtual network devices that can be quickly and easily deploy within minutes via the Equinix Customer portal globally across Platform Equinix ̶ without deploying special-purpose physical network devices ̶ delivering the same cost-effective OPEX model and NaaS offerings. This enables organizations to easily build and interconnect digital infrastructure at the edge, leveraging direct and secure interconnection to virtual network devices and clouds.
The control of these virtual network devices and their integration with other services on Platform Equinix, such as cloud IaaS, PaaS and SaaS platforms using Equinix Fabric (formerly ECX Fabric®), is integral to the Network Edge service. For example, you can instantaneously deploy a SD-WAN infrastructure with VMware SD-WAN™ by VeloCloud® on Network Edge within a specific SD-WAN domain in a point and click fashion, without needing to find a NaaS provider(s) that supports that specific configuration or do additional development. Given the cloud on-ramp point is an integral part of the SD-WAN deployment, then the performance of those dedicated interconnection can be controlled and optimized by the customer. Native SD-WAN deployments deliver greater performance when interconnecting to hybrid multicloud architectures from the core to the edge.
In addition to fast time to consumption of virtual networks and cloud services, Network Edge provides the reach, performance, security and control of NFV devices/capabilities. Since the customer owns the virtual network devices it deploys using Network Edge, then it owns the management of those devices as well. This enables the following capabilities:
- The highest quality connection to the best cloud service for the workload can be used by just pointing and clicking on a choice of leading vendor’s NFV devices and clouds, and configuring them with high-speed, low-latency connections.
- Dedicated virtual network devices can be placed anywhere they’re needed globally on Platform Equinix ̶ close to users, data, applications and clouds.
- Proximate, direct and secure interconnection that bypasses the public internet lowers risk.
- Direct visibility, control and management over network devices and cloud interconnections across a single, global platform enables the creation of cohesive, robust digital infrastructures.
- End-to-end interoperability and consistency accelerate self-configuring and troubleshooting.
The diagram below illustrates the differences between NaaS and Network Edge solutions in terms of providing the customization required for end-to-end interoperability and consistency.
Choosing the best solution for your needs
Consider the capabilities that your company requires when deploying virtual networks and accessing critical cloud services. If you are looking for a fully-managed service where shared virtual network services meet your needs, then NaaS would be a good option. However, if your digital infrastructure requires a more integrated, customizable, dedicated approach, where you own and fully control the end-to-end NFV service deployment, cloud integration, performance and security, then a service such as Network Edge on Platform Equinix provides a performant approach.