Until now, Embrane's management and orchestration platform, heleos Elastic Services Manager (ESM), has only offered orchestration of the company's own load balancing, VPN and firewall software. Now, Embrane has partnered with Cisco to orchestrate Layer 4-7 services from other vendors in Cisco's Application Centric Infrastructure (ACI). Embrane has integrated ESM with Cisco's Adaptive Security Virtual Appliance (ASAv) and Sourcefire virtual appliance, as well as A10 Networks' vThunder and Citrix Systems' NetScaler VPX and Netscaler 1000v. The company is working out integration with other undisclosed ACI partners, too.
"When you deploy a general application, there are multiple steps that go into that process, and there is a lifecycle of layout, relocation, recovery, troubleshooting, state changes, upgrades and ultimately removal of the application," said John Vincenzo, vice president of marketing for Embrane. "When you go virtual, you try to offer network services functions to each application. To do that, you need to mirror the virtual appliances along that application lifecycle. Today, that's a manual process. Our lifecycle management automates that process."
In automating the lifecycle of each third-party software-defined network service, Embrane's ESM manages everything from licensing, configuration and service-chaining, to billing and retirement of services. When someone sets up an application in Cisco ACI and requests network services and security, Cisco's APIC controller will forward those requests to ESM, which will do the work of spinning up and managing the services. Since Embrane has integrated directly with network security and services products from Cisco, Citrix and A10, it can provide the lifecycle management in any environment, not just ACI networks.
Status quo of virtual network services orchestration not good enough anymore
Lifecycle management of virtual network services needs to change in software-defined data centers (SDDCs), particularly around licensing, said Brandon Mangold, principal architect at United Airlines, and who is evaluating ACI, Embrane and VMware NSX.
"As we get into more agile infrastructure concepts, specifically in the SDDC model, we need a new model that meets the requirements of on-demand and mobile compute … the ability to spin up and tear down 'service nodes' as demand requires, and to perform hotspot management by moving those services where they are most efficiently placed," Mangold said.
United Airlines wants to "containerize" its workloads with a system that can manage the relationships between compute workload demand and virtual network service requirements, he said. "Currently, the licensing models, as well [as] the lifecycle management of these virtual services, [are] where a solution such as Embrane's [is] required."
Embrane has always aspired toward third-party orchestration
Embrane's forte has always been the ability to scale out network services and manage the complicated task of interconnecting service functions, said Eric Hanselman, chief analyst for New York-based 451 Research. Embrane "has always aspired to [a] broader third-party model," he said.
Embrane's aspiration to be an insertion point for third-party Layer 4-7 vendors was mostly ignored by other vendors until ACI came along and pulled these companies into an ecosystem, Hanselman said. Embrane's ESM offers an easy way of orchestrating Layer 4-7 services with the ability to pin streamlined services directly to applications efficiently.
"The idea of spinning up small virtual instances [of network services] has value when you make that service instance as granular as application instances," Hanselman said. "The idea is you can take a service instance, tie it to a particular instance of the application it's servicing, and you don't have worry about multi-tenant aspects of creating larger, more generalized services."
Long View, a cloud services provider with data centers in Calgary and Denver, is deploying Embrane in its new Toronto data center, according to Craig Cook, the provider's chief architect. Long View, which already uses Layer 4-7 services from Cisco and Citrix, had been evaluating Embrane for a long time, but the company held off on adopting the technology until Embrane integrated with Cisco and Citrix.
"To me, the value is in the platform, not having a new load balancer or firewall [from Embrane]," Cook said. "Being able to automate, orchestrate and configure network services through a single API and engine without having to figure out all the other nuances of it is valuable."
Long View is two years away from considering Cisco ACI in its infrastructure, but it's ready to take advantage of Embrane's integration with individual services today, he said.
"We have a whole bunch of infrastructure automated, and then the workflow stops while things in the network layer [that are] specific to customers -- including load balancers and firewalls -- are [being] set up," Cook said.
Automation has reduced provisioning time in Long View's cloud from weeks to days. With Embrane's lifecycle management integration, Cook said the lag will be reduced from days to hours. Customers will be able to provision their own network services in a self-service portal, thanks to Embrane.
"Embrane gives us the ability to offer differentiated services to our customers. You can have a low-cost firewall, or if you want to standardized on Cisco or bring in a next-generation firewall from Sourcefire, we can do that. And we don't have to worry about writing to all these APIs that different vendors use. Embrane can manage the lifecycle of it, meter it and eventually bill on it."