SECURE NETWORK EVOLUTION

Part 2: Network as a Service (NaaS)

About This Page

This page is developed from work of the ONUG Collaborative NaaS Project and authored and posted on the Open Network User Group Web site including reviews and contributions from Steve Wood, Cisco, Ken Patel, Verizon and members of the ONUG Collaborative NaaS Project Team – Mark Fishburn – June 2024

The ONUG Collaborative NaaS Project is exploring the business requirements, leading use cases and underlying technologies critical for the adoption of Network-as-a-Service by large enterprises. 

The first iteration was presented at the ONUG Fall 2023 conference. It continues to evolve providing the context for use cases.

Complete NaaS Story PDF

NaaS is Enterprise-centric

NaaS is enterprise-centric rather than network or cloud-centric. This is the fundamental difference from other approaches such as SASE, or SSE, IP or Ethernet Services and MPLS. It’s a layered approach that is 

  • Agnostic to the manner and number of providers that an enterprise uses to provide the service. Large and multinational organizations might use several concurrently.
  • Transparent to the underlying architectures and the location of cloud, edge and data-center-based workloads. Sensitive to Critical Infrastructure OT direct links while using the internet for IT networking.
  • Independent of the automation, identity, authentication and security policies and implementation such as SASE and SSE.
  • Flexible to the on-demand business requirements as organizations constantly migrate independent of underlying technologies.

The Enterprise Aspiration

NaaS brings the opportunity for enterprises of all sizes to have a simple transparent interface with the network without having to get involved with how it works knowing that it will enable their applications (wherever they are situated) to work with consistent performance and work securely. The services are available on demand via subscription without being locked in to any provider or vendor.

Implications

As stated, NaaS differs from previous network and cloud-centric architectures and offerings such as SASE and SSE is that the focus is switched to the business, performance and application dynamics of today’s organizations. This is, after all, what technology must serve. It begins and ends with the business priorities supported by the network suppliers, cloud providers and integrators – rather than business requirements that can be accommodated (or not) by the network and cloud service providers.

The Need for Network as a Service

The executive priorities of agility and responsiveness to business change have not been served by current/past network and cloud paradigms. What is missing for today’s services is virtualization and on-demand service creation. The result has been long, complex and inflexible network implementation cycles.

Lack of support for low cost, simplified, connectivity has prevented, delayed or been unresponsive to rapidly changing business conditions such as frequent reorganization, new locations or M&A situations. Further, the complexity of network solutions of applications that span multiple cloud providers and multiple locations in multiple geographies make matters worse. In fact, being drawn into onerous support of complex architectures does not serve organizations. Added to this, what amounts to a cyber war creates added business risk, impeding running a successful, profitable operation.

Collectively, these amount to a counter-productive constraint on business rather than an enabler. It goes against CIOs and IT managers goals of minimizing network complexity, costs, risk and simplifying management, provisioning, procuring and maintenance.

At a time of simple on-demand consumption, such a fixed approach to networking is an anachronism. This page covers the implementation choices reflecting the amount of delegation to providers that work for the enterprise IT departments. Security is integral, with verification rather than trust being the watchword.

NaaS Attributes and Business Impact

Based on cost and business dynamics, the following is a deeper dive into why the attributes of NaaS impact the enterprises business goals. To be somewhat flippant, it comes down to what can only be summarized as a “wake me when it’s over and leave me to run my business” attitude to networking.

NaaS Attribute

Positive Impact

A provider-delivered model with on-demand properties of cloud allowing use of network services without owning, building, or maintaining their own infrastructure.

Lower Cost, rapid response to changing business conditions.

NaaS allows users high performance with seamless access to any application anywhere from any location.

Performance and flexibility to operate and function from any existing or new location. Allows scalability for enterprise application workloads to meet business demand.

It provides dynamic user choice via on-demand, consumption-based billing (via portal- or API-based).

Ability to add, remove or upgrade services at will without commitment. Flexibility to align costs with consumption and location as application loads and business conditions vary.

NaaS brings responsiveness to business dynamics, irrespective of the underlying technology.

Maximizes user productivity and always available uptime even during peak times.

Naas brings choice allowing users to select from Platform or Infrastructure as a Service or Managed Services.

Allows users to match their network infrastructure to their expertise and desired technical involvement.

Aligned with Zero Trust Principles, it enables proper verified delegation of all security functions reducing the cost and expertise needed by the enterprise.

Network-Security-Application- Performance combination is critical with regulatory and corporate compliance. NaaS Security eliminates the need for scarce network security expertise.

Finally, NaaS brings much sought-after simplification of operations for enterprises with resulting cost reduction

Perhaps, never as simple as turning on a network ”light switch,” NaaS – effectively “packages” network services to support the requirements of workloads rather than enterprises having to engineer the network services themselves.

Defining Network as a Service

Defining Network-as-a-Service

NaaS provides a cloud-enabled, usage-based consumption model that allows users to acquire and orchestrate a network without owning, building, or maintaining their own infrastructure. The business requirements outlined above are driving the need for agile digital platforms for delivering the wide range of cloud, networking and security services utilized by large organizations. NaaS features a number of attributes that are aligned with critical business objectives.

NaaS Offers Choices to Match Enterprise Requirements

These choices vary driven by resources, expertise and preferred supplier relationships. It seems highly likely that NaaS solutions will require several business collaborations. The following are three examples of choices for NaaS but combinations from several suppliers may need to be accommodated in different geographies or enterprise divisions:

Managed Services

A turnkey managed network to plug in client devices. Encompasses connectivity and security services as a package. Includes: customer premises equipment, third-party delivered and operated, provider delivered and operated, co-managed by customer and MSP and is dashboard/portal driven.

  • Typical contracted outcomes include latency and application performance levels, availability, security and interoperability

Platform-as-a-Service (PaaS)

A cloud-enabled platform that allows creation of custom transport service via virtualized service objects without owning, building, or maintaining their own infrastructure.

  • PaaS features: On-demand service enablement via Portal or APIs, outcome-based consumption, connectivity + network services, consumption-based billing and service agility.

Infrastructure-as-a-Service (IaaS)

An automated platform that allows creation of customer defined “bare-metal” services on another provider’s premises and/or equipment.  Provisioning may be traditional or API/portal orchestrated.

  • IaaS features: Racks, power, servers and network devices managed by the provider, configured by customer/clients. Lifecycle management by provider and customer managed/owned devices. IaaS may just apply to areas of operations where applications or operational technology networks have demanding real time requirements, feature legacy IoT systems or specialist security in a private data center.

What's Next?

These two pages establish the fundamentals of SASE, SASE Services and NaaS. The third page examines three areas: The security benefits of implementing NaaS for the enterprise,  the potential for combining NaaS with SASE or other technologies and the challenges faced with implementing the NaaS approach. Link to Part 3.