Case Study

How To Get The Balance Of Performance & Flexibility In A Virtual Environment

Performance & Flexibility

By Paul Andersen, Array Networks

The age of virtualization is upon us. A majority of IT professionals believe all network services will be virtualized in the coming years and agree finding a workable network virtualization solution is either important or business critical.

However, virtualization (private or public cloud) is not a panacea for every problem associated with running networking and security functions. Layer 4-7 services such as ADCs, next-gen firewalls, SSL VPNs, and DDoS protection are compute-intensive — when running in cloud environments they are prone to degraded performance under heavy workloads.

The issue lies with the very nature of virtualization built on general-purpose servers with shared resources and hypervisor-imposed overhead. The result is resource contention and inconsistent best-effort performance. Virtualized environments just weren’t designed to support networking and security applications; conversely, these functions were not originally designed to run in virtualized environments.

Until recently, there were only two choices: run virtual editions of network functions (in either private or public clouds) if the workload and performance expectations allowed it, or install dedicated physical appliances where top-end, guaranteed performance was required. Today, a new approach is emerging to tackle these limitations using multi-tenancy ADC solutions, and it’s quickly replacing the practice of using one dedicated ADC to accommodate today’s growing virtual and shared environments

Hybrid virtualized appliances now offer the agility and flexibility of virtualization with the guaranteed performance and throughput of single-purpose physical appliances. In many cases, hybrid virtualized appliances can support more than 30 individual virtual machines, each capable of supporting a range of Layer 4-7 networking and security functions with higher levels of guaranteed performance.

Hybrid virtualized appliances are far more robust than general-purpose virtualized servers. Each virtual machine benefits from dedicated I/O, CPU, SSL and RAM resources. In addition, the hypervisor overhead is segregated into its own space where it will not impact application performance.

Using this unique approach, virtual machines supporting load balancing, SSL VPN, WAF, DDoS and other functions can be deployed with agility and flexibility, without making any compromise on performance needed to support business-critical applications and customers.

In the enterprise, where efforts are underway to consolidate infrastructure and streamline management, the need to guarantee performance for business-critical applications stands as a barrier to wide-spread adoption of virtualized network functions. By leveraging hybrid virtualized appliances, businesses can deploy virtual network functions in a purpose-built environment where performance is assured.

For cloud infrastructure-as-a-service (IaaS), hosting, and managed service providers (MSP), the need for higher performance and service level agreements (SLAs) stands as a barrier to offering services to enterprise-class customers. By leveraging hybrid virtualized appliances as a service creation platform, service providers can offer Layer 4-7 services with guaranteed performance capable of supporting business-critical applications.

Essentially, the hybrid virtualized appliance enables virtual network functions that function without compromise.

A quick look at alternative deployments models shows each is a compromise. Single-purpose hardware appliances deliver best-of-bread functions and guaranteed performance, but compromise on agility and cost. Vertically integrated physical appliances provide ease of use, but compromise on almost every other front — they are not agile, they are very rarely best of breed, and performance suffers with multiple functions enabled. Software virtual appliances are agile, but compromise on performance.

In contrast, hybrid virtualized appliances support virtual functions from best-of-breed networking and security vendors, the agility and portability of virtualization, the performance of dedicated appliances, and the ability to greatly consolidate and streamline data center infrastructure to save on space, power, cooling, and other operational expenses.

The age of virtualization is indeed upon us, but like any new technology, there are a few kinks to iron out as enterprises look for the best deployment as they undergo this virtualized transition. What organizations need is an agile approach to networking to support their virtualized infrastructures, and the hybrid virtualized appliance approach will be an important tool in bridging existing performance gaps and enabling virtual network functions that function without compromise.

Paul Andersen is the Sr. Director of Marketing at Array Networks. He has over 15 years of experience in networking, and has served in various marketing capacities for Cisco Systems, Tasman Networks and Sun Microsystems. Mr. Andersen holds a Bachelor’s Degree in Marketing from San Jose State University.