Anuta Networks, which orchestrates multivendor configuration of Layer 2 through Layer 7 network devices across the data center, LAN and WAN, has added orchestration of global virtual data centers and Multiprotocol Label Switching (MPLS)-based data center interconnects to its roster of services. Additionally, it expanded the number of third-party network devices that it supports.
Anuta Networks' NCX 3.0 is a multivendor network orchestration system that can make policy-based configuration changes to switches, routers, firewalls, application delivery controllers and other devices by interacting directly with the command-line interface (CLI) or by making calls to a vendor's application programming interface (API). NCX features a GUI console where engineers can define policies and then drag and drop those policies to apply them to new applications and services. NCX then translates those policies into configuration changes on the infrastructure to assign network resources, services and security to those applications.
"NCX automatically discovers the network, whether switches, routers, firewalls or load balancers," said Anuta CEO and founder Chandu Guntakala. "It will discover the topology for data centers, campuses and branches. Then it can orchestrate network services. A user defines network service policies and publishes them to a catalog so other users can pick out those policies and provision them for access networks. For example, if the business intent is to create a worldwide block of Netflix, Facebook and Dropbox, an administrator can click checkboxes in our front end, and use the drag-and-drop function to do policy updates in an instantaneous fashion rather than taking months with manual configurations."
United Airlines Inc. is testing NCX's data center orchestration features, but the company is much more interested in its ability to orchestrate campus and branch networks, said Brandon Mangold, United's enterprise network architect. The airline's network spans multiple campuses, reservation centers, data centers and more than 800 remote sites at airports worldwide.
"Our WAN and LAN requirements are much more difficult because of our legacy infrastructure," Mangold said. "We've got sites all over the world, and refresh efforts take a while. If we want to roll out new capabilities to all our sites, that's very difficult. With something like NCX, it abstracts the complexity.
"We have [around a dozen] third parties that handle different systems that we interface with [at airports], and we also carry a lot of Layer 2 tunneled traffic where we have multiple baggage systems that are on a proprietary system, or a ground communications systems that uses some type of proprietary Layer 2 protocol. We have got to be able to do Layer 2 tunneling, segmentation or third-party interfaces [with those systems]. So, I would personally love to have a single tool where, say, I am going to onboard this new tenant. [I want him] to have access to this segment or slice of the network. He can talk to himself, but if vendor A wants to talk to this new vendor Z, he's got to go through a firewall first. To be able to orchestrate that flow in a GUI instead of having to configure two dozen network devices with [virtual LANs], VRFs [virtual routing and forwarding], trunks and subinterfaces is important. Anuta is somewhat unique to their approach to handling that."
Anuta Networks NCX 3.0: More device support
Anuta's NCX 3.0 release adds device support for the Cisco ASR-9000 router and Metro Ethernet switches, Juniper Networks' SRX security appliance and vGW virtual security appliance, Fortinet firewalls, and Radware load balancers. The update also supports the new Intelligent WAN, or iWAN, technologies that Cisco has embedded on its enterprise routers, including performance-based routing.
NCX already supports the orchestration of a variety of software and hardware products, including those from Juniper, Cisco, HP, VMware, Citrix Systems, Hitachi Data Systems, Fortinet, Microsoft, Brocade and Red Hat. The new release also enables NCX to orchestrate Layer 2 and Layer 3 VPNs for MPLS-based data center interconnects and to support the creation of global virtual data centers across local and wide-area networks.
Anuta Networks needs to prove its scale and its ability to keep up with vendors
NCX is deployed centrally in a customer's data center and scales across the WAN by running agents on router blades or virtual servers in other locations. As with any management tool that automatically programs the CLI, NCX's scalability will be an important factor for engineers, said Brad Casemore, research director for Framingham, Mass.-based IDC.
"[Anuta says] it scales very well … to tens of thousands of devices in a network … but the proof will be in the pudding," he said. Enterprises will prove for themselves whether NCX's distributed architecture can scale as it automates network services through CLI programming and API calls. NCX also has to scale with "its understanding of resource contention and the deployment of virtualized services," Casemore said. "There are some Layer 2 through [Layer] 7 services that are straightforward in certain environments and others that can be complicated based on the workload you are supporting. A lot of it will depend on how the NCX controller and its agents recognize their environments and monitor their environments."
Anuta's ability to keep pace with new devices and code updates from vendors is a chief concern, United's Mangold said.
"They have a lot of smart engineers plugging CLI on all these updates. My read is, the first big accounts they have, they are going to work very hard to make sure whatever vendors you are using, they're going to be in line with," Mangold said. "As they get market adoption and have 50 large accounts they are trying to balance, they're going to have an army of people to keep up with all the features of capabilities. If you decide to use Anuta, you have to make sure you are using the vendors underneath that Anuta works best with."
Anuta Networks fulfills the programmability aim of SDN, but isn't SDN
Since Anuta first released NCX commercially in early 2013, the company has marketed it as SDN technology. However, NCX works exclusively in the management plane of the network. It doesn't function as a control plane, like an SDN controller, but the company does plan to interact with SDN controllers through northbound APIs.
Mangold considers Anuta more of a network management or configuration tool, rather than an SDN technology, but it achieves some of the programmability that engineers are looking for from SDN.
"It's really just a piece of software that abstracts the complexity of configuration away from the person deploying it so that the network engineer deploying a new service doesn't see the CLI below it. It auto-generates [CLI] and you can review it."