Intel is aggressively positioning itself to become the dominant platform for the virtualized network. That’s my takeaway from Intel Cloud Day.
While there will always be a role for traditional hardware switches and routers running silicon from Broadcom, Cavium, Mellanox and others, Intel sees an opportunity to make its processors the de facto platform for virtual switching and routing, as well as for virtualized network functions such as load balancers and firewalls.
Server CPUs will play an increasingly expanding role in providing network functions, whether it’s running virtual switches inside an OpenStack cloud, by providing virtual services that a service provider delivers to customers, or hosting firewall instances that can be spun up where needed an enterprise data center.
The more network capabilities that live as software instances, the more chips Intel can sell to drive those capabilities.
As part of Intel Cloud Day, the company showcased a variety of tools in its network functions toolbox.
The most significant is the Data Plane Development Kit (DPDK), which is an open-source effort to optimize Intel processors (and other platforms) for packet processing. DPDK was referenced through the Intel Cloud Day event.
But the company also touted other ongoing efforts to drive Network Functions Virtualization (NFV) and software defined infrastructure that will use Intel products to provide network services.
One is HyperScan, software that accelerates packet scanning for deep packet inspection. It came out of an Intel acquisition of Sensory Networks back in 2013 and is now an open source project. With HyperScan running on Intel hardware, it can challenge FPGAs or ASICs that are used for security functions such as firewalling or IDS/IPS.
Another tool in Intel’s toolbox is QuickAssist Technology, an adapter that offloads packet processing from server processors to accelerate various functions, including cryptographic functions such as key exchange, encryption, and authentication.
Intel also shared a few high-level details about an initiative on its roadmap called Open Security Controller. The goal of the Open Security Controller is to make it easier for telcos, cloud operators, and enterprises to deploy and manage virtualized security functions such as firewalls, IPSs, etc., by automating and orchestrating deployment of virtualized network functions.
Intel’s goal is for the controller to centralize security policies across both virtual and physical devices, and interact with other orchestration systems, such as an SDN controller or OpenStack implementation so that appropriate security controls can be placed alongside workloads.
A security controller fits within the vision of software-defined infrastructure. If organizations are going to move to more software-driven IT, in which services are called up and taken down essentially on demand, there will be a need for a central policy repository to track rulesets and configurations, as well as templates to ensure that security requirements are correctly applied to workloads. All this demands automation to make it actually feasible.
I’m curious about the industry reaction to an Intel-driven security controller initiative. Intel has demonstrated its ability to gather diverse vendors with competing agendas to align around technology initiatives, including DPDK and its Network Builders program.
But Intel isn’t just a neutral party here. The company’s McAfee unit (a.k.a Intel Security) puts it in direct competition with just about every big security vendor you could name. And a security controller/policy repository becomes powerful real estate that competitors might want to own for themselves.
And vendors of network hardware and appliances, while they have to play nice with Intel, probably aren’t thrilled at seeing the company chip away at performance advantages of high-margin ASICs and other specialized hardware.
As Timothy Prickett Morgan notes at The Next Platform, Intel isn’t content to let the cloud future happen around it—the company is actively shaping its own destiny to stay relevant, and perhaps even essential, to the next wave of cloud adoption and growth—including virtualized networks.
If you’d like to get other opinions about Intel’s various cloud initiatives in networking, storage, and compute, Tech Field Day recorded a variety of roundtable discussions you can watch here.
Disclaimer: I attended Intel Cloud Day as a Tech Field Day delegate. My travel, lodging, and meals were paid for by Intel and TFD. I also got a t-shirt.