Sashkin - Fotolia
Cisco has introduced a hardware platform that brings together the technology needed to deploy virtualized network services in the data center and in the branch office.
Launched this week, the Enterprise Network Compute System (ENCS) 5400 Series is a modular platform for hosting virtual network functions (VNFs) from Cisco or its partners. Cisco VNF services that can run on the platform include routing, firewalls and WAN optimization.
ENCS provides "a straightforward, converged" system that provides "a high degree of flexibility and scalability," said Nolan Greene, an analyst at IDC.
ENCS -- unveiled at the Cisco Live conference in Berlin -- is the latest piece in the vendor's Digital Network Architecture, which is the company's marketing and technology push to get customers to manage networks through Cisco software.
Cisco's SDN approach
For decades, Cisco shops have managed networks through command-line interfaces in the company's routers and switches. Engineers who have spent years learning how to use CLIs have resisted moving to Cisco's software-defined networking (SDN) products.
Cisco is countering that resistance with nimbler network-controlling software deployed on the vendor's latest gear. Cisco's hardware-centric approach is an alternative to the products of rivals, which separate the control plane from the underlying hardware and place the former in applications running on a commodity x86 server. As a result, technology from companies like Cumulus Networks and Pica8 are taking market share from Cisco.
ENCS follows Cisco's overall SDN strategy. The Cisco VNF software inside the system could run on an x86 server, but there are significant consequences, said Prashanth Shenoy, a Cisco vice president for enterprise solutions marketing.
"We won't be able to guarantee the performance and the benchmark capabilities that we can provide with [our] hardware," he said.
Cisco has built ENCS as a "complete package solution" that includes automation software for service chaining and provisioning, Shenoy said. ENCS can run in the data center, or a wired or wireless LAN in a branch office.
Besides the ENCS platform, companies can run Cisco VNFs on the vendor's 4000 Series Integrated Services Routers. Companies also can deploy the network services on Amazon's or Microsoft's public clouds. Instances of the Cisco software are available through the cloud providers' marketplaces.
Cisco software-defined security
Cisco also announced security enhancements aimed at protecting the company's virtualized network services. The additional technology is needed to address security problems that come with the use of virtualization, said Jim Duffy, an analyst with 451 Research.
"Though virtualization makes a network more agile and responsive, the abstraction also reduces visibility into how it's operating or what it's transporting," Duffy said. "And as more things are easily connected in a virtual network, those new connections also present more opportunities for intrusions."
Cisco delivers security to virtualized network services through its Identity Services Engine. Network engineers use ISE to create policies and push them out to Cisco's TrustSec technology. Products with TrustSec include data center switches, routers and firewalls.
TrustSec uses the instructions to set up logical groups of computers that share a network resource. The groupings, called network segmentation, prevent hackers from running freely in corporate networks.
With the ENCS announcement, Cisco has made TrustSec available on the company's branch routers, wireless controllers and access points. As a result, the vendor said it could provide segmentation from the edge of the network to the data center.
Getting started with network functions virtualization
Planning a virtual network functions deployment
Risks, benefits of virtual network functions