[192828] in North American Network Operators' Group
Re: Accepting a Virtualized Functions (VNFs) into Corporate IT
daemon@ATHENA.MIT.EDU (Jared Mauch)
Mon Nov 28 13:10:34 2016
X-Original-To: nanog@nanog.org
From: Jared Mauch <jared@puck.nether.net>
In-Reply-To: <CALb2afMbnhUY1C8=_ZtzB4dfF7VGz9Q=M9zWdJ+mu3RDWM1YkA@mail.gmail.com>
Date: Mon, 28 Nov 2016 13:10:29 -0500
To: Kasper Adel <karim.adel@gmail.com>
Cc: NANOG list <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
> On Nov 28, 2016, at 12:53 PM, Kasper Adel <karim.adel@gmail.com> =
wrote:
>=20
> Hi,
>=20
> Vendor X wants you to run their VNF (Router, Firewall or Whatever) and =
they
> refuse to give you root access, or any means necessary to do =
'maintenance'
> kind of work, whether its applying security updates, or any other =
similar
> type of task that is needed for you to integrate the Linux VM into =
your IT
> eco-system.
>=20
> Would this be an acceptable offering in today's IT from different type =
of
> Enterprises (Minux the Googles, Facebooks...etc) ?
my experiences say that most people would accept this. things like IT =
are a cost
and any way to externalize that cost makes sense. If you look at =
something like
a SMB service, where you have mandatory NID or provider managed =
CPE/handoff,
having a solution pre-built seems like a no-brainer.
Of course, if you=E2=80=99re on nanog@ chances are you could build your =
own pfSense based
solution or iptables setup. The question is does it scale, or how do =
you scale
or automate it? There are only so many Mark/Jared/Kasper=E2=80=99s out =
there.
I look at what happened with Hotel networking, with consolidation by a =
few players
like wayport, er AT&T and you have a mostly stable workable product that =
has
all the warts you=E2=80=99d expect from a consistent product delivery.
What I=E2=80=99ve observed from our customers, they appreciate =
consistent service delivery
globally, and the same would likely apply to those wanting to purchase a =
managed
firewall service.
- jared=
