Network Virtualization: Mainstream in 2015, Expanding Reach in 2016
Once again it’s time to look back on the last year, see what happened in our industry, and try to make some predictions for the coming year. Let’s start by seeing how last year’s predictions fared.
One of my main points last year was that 2015 would be a year of operationalization and production deployment of network virtualization. Indeed, 2015 saw hundreds of production deployments of network virtualization. As I write, over 200 customers are running VMware NSX in production data centers, with more being added every week.
With the rapid uptake of network virtualization in production settings, our team made a big push on operational aspects of NSX. On the product side, NSX 6.2 shipped in August with a slew of new features focused on operations, such as traceflow and a centralized CLI. We also invested heavily in documenting the best practices for operationalizing NSX in production. By surveying some of our successful production customers, we developed a set of guidelines and best practices for network virtualization deployments, which we documented and presented at VMworld.
Two observations stand out as we look at customer adoption of NSX in 2015. The first is the diversity of customers, in terms of both size and industry. This is an indication of the maturing of the market for this technology. In contrast to the early days, customers don’t need to be especially large or sophisticated to see the benefits of network virtualization, or to put the technology into production. While we still see lots of interest from our traditional large, technology-focused customers, adoption is clearly spreading across industry segments such as healthcare, retail, the public sector, and many others. Additionally, there are plenty of smaller customers in the mix with large enterprises and service providers.
The second observation is that no single use case is dominating adoption of network virtualization – in fact, the breadth of use cases continues to increase. While the emergence of microsegmentation as a use case definitely increased customer interest in NSX and continues to be important, customer deployments are spread across many different use cases such as agility and automation, service insertion, and multi-data-center applications such as disaster recovery. Increasingly we are seeing customers tackling multiple use cases in a single deployment. Overall this breadth of usage points to the general-purpose nature of network virtualization technology.
Now, what about 2016? Aside from confidently predicting more customers, deployments, and use cases, there is actually one other notable trend that should emerge in 2016. That is an increase in the range of endpoints that can be managed by NSX (a phenomenon that our marketing team is calling “NSX Everywhere”). This is a natural extension to the development of NSX over the past three years. From the early days we’ve had support for workloads running on a range of hypervisors (ESX, KVM, Xen), and we’ve been able to extend virtual networks to physical workloads as well. By integrating NSX with AirWatch, we’ve been able to extend the security capabilities of microsegmentation to applications running on mobile devices. We’ve started to use microsegmentation to improve the security of virtual desktops.
In 2016 we’ll see this ability to provide networking and security services to a range of endpoints move to another level. The set of endpoints that NSX can manage will extend to containers and public cloud workloads. We’ll also see NSX extending out to branch offices as Software Defined WAN (SD-WAN) solutions take root.
We actually demonstrated the extension of networking and security controls to containers and public cloud workloads at VMworld 2015. We’ll be working to productize these demos, and it’s becoming clear that these extensions to the reach of NSX will be important in 2016. A common theme among customers I’ve talked to is that they like the security and visibility features that NSX provides, and would love to have those same features available for public cloud workloads. Recognizing that for at least some of their end users, public clouds will be the chosen venue for a workload to run, IT managers want to have a consistent view of networking and security policy. They also want to maintain that consistency even if a workload at some point moves from one public cloud to another, or moves back to on-premise deployment. Meeting this requirement will be the objective as we expand NSX into public cloud environments. A similar desire for consistency in networking and security policies will drive the extensions to support containers as first-class endpoints for NSX.
Finally, it’s clear that SDN is spreading out of the data center and into the WAN. This is not the time to rehash arguments of what is and is not SDN, but let’s just say that logically centralized control of a distributed data plane, which has worked so well in enabling network virtualization to succeed, is now also being successfully applied to wide-area networking problems. There is a natural opportunity here for NSX to extend its reach out to branch offices. While the details of various SD-WAN implementations vary, all of them provide some mechanism for automatically building overlay tunnels among remote sites and data centers. These tunnels can readily be connected into a virtual network managed by NSX, at which point NSX can start to provide networking and security services to branch endpoints as well. Microsegmentation can extend out to the branch, separating the traffic of retail customers from that of internal IT operations, for example. We are already heading down this path with some of our customers, and we expect to see a lot more of this usage of network virtualization in 2016.
So, it continues to be an exciting time for network virtualization. Adoption of the technology will increase, and we’ll see still more breadth of customer types and use cases. Perhaps most exciting is that we’re moving well beyond our traditional “sweet spot” of delivering networking services to on-premise virtualized workloads, as we expand the reach of NSX to everything from handsets to public clouds to the software-defined WAN.