Welcome to CIMI Corporation's Public Blog

Wall Street will be watching Cisco on their earnings call this week.  I will to, and so should you all, but probably with a different set of goals and looking for signals only slightly related to the Street interest.  Cisco is an important player whose behavior will tell us a lot about the timing and extent of our SDN and NFV revolutions.

Cisco has three primary product lines that we should be interested in; routing, data center switching, and servers.  The routing products will offer us some sense of where service providers are in their overall network infrastructure plans, and of course Cisco will talk about that in their call.  I think the likely story here is that service provider spending is still a bit weak—not a disaster but nothing to jump for joy at.  That would indicate that operators are still pursuing recapitalization of infrastructure but not enthusiastically.

If the story is that service provider spending is off significantly, if Cisco says a lot about weak secular trends in the space, then it’s telling us that the revenue/cost-per-bit squeeze is already being felt.  That would mean operators will be looking for a different strategy to adopt in 2016, and in the meantime are putting pressure on spending and prices.

If spending is much stronger, then it tells me that operators do not believe that they will get any relief from new technologies like SDN and NFV in 2016.  They’ll have to either wait longer or try a different approach, and that would be very bad news for our revolutionary duo.  Waiting longer isn’t possible for many of the operators, and so they’d likely either start looking for price-leader suppliers (Huawei) or start thinking about how to build networks with less routing intelligence, at least from traditional devices versus software routers.

We may get some hints from what Cisco says on the switching side.  While most of their sales will be to enterprises rather than operators, it’s possible Cisco would say something about strong sales to operators for cloud data centers.  Such a story would indicate that operators are either (finally) getting serious about offering cloud computing services or are preparing themselves for NFV commitments.  I don’t think this is the case, and I don’t think Cisco will have much to say about switching success to operators overall.

As I said, switching will be the bellwether for enterprise network spending health, and here is where I think there’s a chance that Cisco will beat estimates.  Enterprises are doing better in a profit sense and they’ve also held back on capital improvements or modernization for IT infrastructure and networking.  Cisco has always been the master of account control for enterprises, and so they should do well, meaning enough to beat estimates overall by a couple pennies per share.

If Cisco does not report strong enterprise switching sales, then it would suggest that SDN in particular is starting to overhang buying.  I don’t think we’re anywhere near the time where SDN actually steals budget dollars, but if you’re a planner and you see a change coming down the line, you slow-roll your investment in the old long before you start spending on the new.  Enterprises would stretch the useful life of gear just a bit longer, and we’d see that in a dip in buying interest.

If Cisco does a lot better in enterprise switching, it would mean that enterprises were cheerfully ignoring any near-term impact of SDN on their network plans.  That would mean that serious white-box competition is not only nowhere to be seen, but not even being hinted.  The bigger the win Cisco posts here the smaller the chance that anything is going to upset the legacy switching apple cart.  This could happen; it’s the second-most-likely outcome after the slight-beat in switching I opened with.

On the server side, I think it’s likely that Cisco will also beat expectations on UCS sales, but not gain much in the way of profit since UCS margins are slim (and price pressure strong).  The big question is whether Cisco reports the pace of UCS growth is accelerating, which they’d likely to by ballyhooing the progress.

We’re seeing in UCS sales a combination of where Cisco wants them to be in targeting terms, and how well that segment set is accepting them.  It’s not that Cisco would hesitate to sell servers to a pure-batch application play, but that their sales types would not be likely to pursue that sort of customer in the first place.  If Cisco whoops and hollers about UCS sales growth, then it’s saying that network-centric issues are a growing driver of server sales.  It means that the cloud, controller functions, and so forth are increasingly important.

The contrasting position, which is that UCS doesn’t seem to be sparkling, would suggest that network-centric server applications aren’t making much headway.  That would be a bad sign for the cloud, for SDN, and for NFV.  It would also be a bad sign for telecom spending, particularly if the other product areas suggest that telecom is weak as well.

The UCS positioning potentially plays off Cisco’s cloud strategies, which include its InterCloud offering to the telcos.  The first question will be whether Cisco makes the cloud connection strongly or blows a few cloud kisses.  If Cisco is seeing that buyer traction for cloud-centric IT and networking is developing, it will tout its accomplishments in that space.  If it doesn’t it will hang back a bit so it’s not tarnished with what might be a dry brush.

A very strong cloud story on the earnings call would mean that Cisco thinks the cloud is going to be big for it, and that it might be moving from its traditional fast-follower to leader role in cloud positioning.  The other indicator we’d want to watch there is software.

Cisco has never been able to make software work for it, but it’s pretty hard to see a cloud-centric vision that lacks software, or a cloud leader that lacks software leadership.  If Cisco decides to make a serious run at the cloud, at being the next IBM, then it will have to make software a major focus.  They’re not likely to talk about their future plans on an earnings call, but if Cisco says much about software or if Cisco starts talking about cloud software differentiation working for them, we’ll know what’s really behind the yammering.  It will be a precursor to some software-centric moves.

Another general indicator to watch is what Cisco says about competition.  Chambers dismissed white-box competition, and I think that’s fair to do given the difficulty in driving an SDN-centric vision of switching in the current market.  If Cisco says that competition is driving down margins and sales by driving down prices, that unit buying is still good, then they’re saying that buyers are reinvesting in the present network model and applying a risk or ROI premium to the deals.  If they admit that buyers are waiting for a new model, they’re saying that Cisco will be there with that new model down the line.

So there we are.  I’ll be watching what Cisco says on their call, and I’ll comment here on what I think it signifies for us all.

Composing services in an agile and market-responsive way is a critical requirement for the future of network operators.  That means it’s critical that technologies like SDN and NFV support it, and if proponents of those technologies want to play the agility card to justify their preferred revolution, then their technology has to support it better than alternatives.  One of our challenges is that it’s hard to say whether that could happen because we don’t seem to be able to draw a picture of what we expect.

I’ve been in software design and development for many decades, and I’ve seen what happened in the software industry as we populized computing.  Most haven’t really thought about this, but the fact is that microprocessor revolutions alone couldn’t create PCs or tablets or smartphones, you needed a lot of software.  It’s software that gives the devices utility.

Services are in many ways like software in a consumption sense.  We used to sell bit-as-a-service to large enterprises, and the revolution of the Internet was that we defined services that could be consumed by people who weren’t network professionals.  Just like personal software revolutionized computing, personal services revolutionize networking.

One of the key things that happened in software that facilitated “appliance populism” was the concept of object-oriented or modular programming.  When I learned to program there were no libraries of classes or objects to build from.  You had to write code for everything, and that tool a long time, expert resources, and a lot of errors along the way.  Worst of all, there simply weren’t enough programmers to produce the quantity of stuff that a populist market would want.

Today we have languages like Java whose class libraries contain enormous pools of functionality, and we follow a library-class model when we write our own code.  Most software today was designed to be reused, to be plugged in here and there to make one development task serve a lot of application missions.  The trend is toward higher-level languages that make things easier, and development increasingly leverages units of functionality developed as “utilities” for broad application.

So it must be with services, I believe.  We should be looking at the future of services the way a developer would look at an application.  I need a “class library” of generalized useful stuff, perhaps some specialty objects of my own, and a way to assemble this and make it work.  If I have that, I can build something functionally useful in less time than a programmer of my era would have spent getting their code sheets keypunched.

So where is this concept?  We do hear about service libraries, but we don’t hear much about the details, and the devil is in those details.  Any developer knows that a class library has documentation on the functions and interfaces available, so there are “rules” that let a developer know how to integrate a given object.  We should be asking about those kinds of rules for services too, and I don’t hear much at all.

Let me offer an example.  We could say that a connection service has three configurations—LINE, LAN, and TREE—that express endpoint relationships.  If we added a functional dimension we could describe two other “configurations”, what we could call in-line and on-line.  In-line configurations for functional services are configurations where the service sits on a data path and either filters or supplements what’s sent along the “line”.  On-line means that the service attaches as an endpoint itself.  Got it so far?

Given this, we could now see how service composition would work.  For example, a simple three-site VPNs is three LINEs connected to a LAN (multipoint) operating at L3.  Suppose we wanted to add a firewall to each site.  We’d now break our LINEs into two segments each, and we introduce an “in-line” firewall service.  Simple.  If we want to add something else, we either add it by making it another “in-line” (encryption for example) or an “on-line” like DNS or DHCP.

I’m not suggesting that these simple connection and service models are complete, but they’re complete enough to illustrate the fact that you can build services this way.  Maybe we need another model or two, but in the end everything would still obey a basic rule set.

An “in-line” has two ports to connect to and a service between.  I can connect in-lines to other in-lines or to LINEs.  That frames a simple set of rules that a service creation GUI could easily accept.  That means that a service architect could “build services” by assembling elements based on these concepts.

Obviously you need a bit more than topology to make this work.  An “interface” of any sort means an address space and protocol set, which in the modern world will usually mean either “Ethernet” at Level 2 or IP at Level 3.  You might refine either by specifying tunnel protocols and so forth.  Similarly you’d need to have some sort of SLA that provided basic QoS guarantees (or indicated that the service was best efforts).  So what we need, in addition to our hypothetical five topological models is an interface description and SLA.  If we have all this stuff we can conceptualize what a service architect might really do, and what might really be done to support that role.

A “library” in this model is a collection of objects classified first by the topology and then by interface and SLA.  An architect who wanted to build a service would first frame the service as a collection of functions and then map functions to library objects, presuming a fairly comprehensive library.  If that assumption wasn’t valid, then the architect would likely explore the functions available and try to fit them to match service opportunities.

One obvious consequence of this approach is that it’s implementation-opaque.  The “objects” are truly intent models, with an abstract set of features that would be realized in any number of ways by committing any number of different combinations of infrastructure.  You could build a Level 3 VPN, for example, by using an overlay encryption approach (IPsec), an IP feature (MPLS, RFC2547), a set of virtual functions/devices, or SDN.  If all these implementation options produced the same interfaces, features/topologies, and SLAs, then they’d be equivalent.

Another consequence is that management could be harmonized using the objects themselves.  A “service” as a collection of functional objects could be managed in the same way no matter what the implementation of the objects were, providing that we added a set of management variables to the SLA and expected everything that realized our function would populate those variables correctly.

This is what creates both the support for an SDN/NFV revolution and a risk to that revolution’s benefits.  If service agility and operations efficiency are the primary benefits of SDN and NFV, and if these benefits are actually realized using object/intent modeling above either SDN or NFV and embracing legacy options as well as “revolutionary” ones, then we could build agile services and efficient operations at least in part without the revolutions.

This isn’t to say that this higher-level approach would negate the value of SDN or NFV, only that it would force both SDN and NFV to focus on the specific question of how either technology could augment efficiency or agility inside the object/intent model.  While I think you could make a strong case for both SDN and NFV doing better, the improvement would be less than an improvement created by using efficient object/intent models only for SDN and NFV, and expecting legacy to live with current practices.

That’s what I think is the big question facing the industry.  We cannot realize service agility and operations efficiency purely within SDN or NFV, in part because neither really defines a full operations and service lifecycle model and in part because it’s unrealistic to assume a fork-lift from legacy to SDN/NFV with no transition state.  Will SDN and NFV address the models within their own specifications and thus tend to associate model benefits with SDN and NFV, or will we have to solve operations and service modeling needs somewhere else, a place as likely to support legacy technology as the new stuff?

SDN and NFV cannot create agility, nor efficiency, by themselves—in no small part because the standards bodies have put many of the essential pieces in the “out-of-scope” category.  What they can do is work within a suitable framework, and at the same time guide the requirements for that framework so that it doesn’t accidentally orphan new technology choices.  I think we’re starting to see a glimmer of both these things in both SDN and NFV, and I’m hoping that will continue.

Arista’s quarterly results might be showing us something important about the evolution of networking.  The company reported stronger-than-expected revenue, but what surprised many on the Street and in the media was the comment that white-box switching wasn’t seen as competition.  That might even be why revenues were better than expected, I think.

I also think that there should be no surprise here.  Both SDN and NFV have struggled to show a benefit case, and in the case of NFV, thinking has evolved away from “capital cost” savings (meaning box costs) to operations and service agility benefits.  SDN hasn’t made that transition, and so you could argue that it’s still stalled in a weak benefit situation.

If you start at the top, buyers have made it pretty clear that their preference for the network of the future would be a cheaper (capex-wise) version of the network of the past, but one that could then respond to additional economies in operations and additional revenue-generating or revenue-enhancing features.  What they want is evolution and not revolution.

If you apply this to SDN, you see some immediate issues.  Evolution, in infrastructure terms, means being able to introduce new technology in place of old where the “old” has been sufficiently depreciated.  That means that to “evolve” to SDN you either have to make SDN devices serve in legacy missions, or you have to make legacy boxes serve in SDN missions.

Most of the vendors out there have already made their legacy devices capable of OpenFlow control, but obviously you don’t save anything by substituting a new box for an older version of the same box (unless the box is a lot cheaper now, which is what vendors are trying to avoid).  That leaves making SDN work in place of legacy, and in order to do that you have to either buff up the white-box features to the point where it’s simply a new switch/router, or you have to create an enclave of new white boxes that look like a virtual legacy device and can replace a series of legacy devices.

I don’t think that SDN players, particularly white box players but even those who supply SDN controllers, have thought this through.  They draw pictures of a network of white boxes without asking how we got there financially.  The most credible model for SDN “evolution” is one where a series of legacy switches of various age are first migrated to SDN behavior using OpenFlow and then gradually replaced with white boxes.  That’s possible, but the problem is that with an expected useful life for switches running around five years, the process is very slow.  It also poses the largest possible risk right up front, when you switch from legacy to OpenFlow control.

It seems like the Arista strategy is smart given this situation.  If you go to Arista’s website you have to dig to get anything on “SDN” at all.  Their products look, in their PR face, pretty much like competitive legacy switching devices.  Their switch literature concentrates on legacy support, meaning that it concentrates on introducing their products as substitutes for aging legacy switches from other vendors (Cisco comes to mind!)  Yes, when you do this you get SDN capability, but most competitive switches also offer that in some form.

One of the questions this poses is what would drive SDN faster than it’s now being driven.  Recall that analysts said SDN was no threat to Cisco, but NFV was.  Might the rationale for this be that SDN really doesn’t have a convincing driver?  Do we know what it might be?

We do, sort of.  The only thing that can drive switching or anything else is benefits, and benefits have to be either reductions in TCO or improvements in revenue or (in the enterprise case) productivity.  So we’re back to capex, opex, and service agility.

We’re back to the same problems with those drivers too, the same as NFV poses.  SDN has a very narrow scope, as narrow as NFV.  It’s addressed the bottom-layer technology issues and hasn’t yet gotten to the top layer.  Sadly, businesses connect to networks at the top not at the bottom, which means that we’re still struggling to climb up to where users actually get something different and valuable.

OpenDaylight seems to be on the right track here, with a little help from a topic that’s rolled into NFV via its SDN integration—the intent model.  The basic notion of ODL is that you give it a service in abstract form at a northbound interface (NBI), and it uses a variety of southbound interfaces (SBIs) to realize that service using whatever resources are provided.  What makes ODL valuable versus “basic” OpenFlow is its ability to control devices that are not OpenFlow white-boxes, and to exploit that capability to tell a network evolution story.

The question for SDN is whether this NBI/SBI cooperation leads to evolution to SDN and not just to evolution.  Remember, the buyer doesn’t particularly want new technology—that’s just a path to new risks.  They want better benefits, including lower costs.  Might we be seeing this whole abstraction thing creating a path to lower cost in another way—not through technology but through commoditization?

Premier players like Cisco get more for their devices, in part because of their brand.  If we put an ODL mask on a device or device complex, does that legacy device brand shine through?  Arista might be benefitting from the fact that it might not.  They might be a specific example of buyer thinking of low-apple pure-device-cost gains now, and letting more profound benefit sources develop in their own time.  Corporate-speak translation: Save a buck today and live to see tomorrow.

Cisco’s greatest threat, then, would be not the white boxes but the box-anonymizing architectures.  Arista’s greatest benefit might still be its EOS, but the reason that might be a benefit is that it would allow Arista to do cheaper legacy devices today and evolve them if necessary to a more benefit-complicated future.  Cisco could argue that’s what IOS and all their other three-letter acronyms do too, but they have to be cautious because if they encourage users to migrate faster than the 20%-per-year depreciation tradition would allow, they put more of their own devices up for grabs.

It’s hard to escape the conclusion that vendors in this space, from Arista to Cisco, are hurting themselves.  Arista should be driving abstraction full-bore because anonymizing stuff in intent-based NBIs would make what’s underneath brand-insensitive.  Cisco should be driving revolutionary benefits through its own application networking APIs to lance the boil of change and harness those benefits to justify continued investment in legacy infrastructure.  Nobody is doing quite enough, which raises the chance that somebody will decide to do more, and by doing that generate a lot of excitement.

Of all the suppliers (or even alleged suppliers) of NFV, the one who has shown the greatest and fastest gain in credibility is Oracle.  Over the last year they’ve jumped from almost-nonentity status to one of the three firms most likely to be called a “market leader” and “thought leader” by operators (Alcatel-Lucent and HP are the other two).  What’s behind this, we might wonder.  Well, let’s see.

The main cause of Oracle’s jump seems to be pretty simple.  The company started early this year to promote a very operations-centric vision of NFV.  This was the very moment when operators were starting to realize that the trials and PoCs being run were largely science projects with no direct pathway to proving out benefits needed for a real trial.  Was that a coincidence, we might wonder?  I don’t know of any way to prove it one way or the other.

We also can’t know whether Oracle has been continually developing to their operations-centric NFV vision or whether they’re simply responding to media attention by singing the song that gets the most jukebox nickels thrown.  Oracle’s recent announcements certainly double down on operations as the focus of NFV, and they’re gaining significant traction with operator CIOs (who are the people running the OSS/BSS systems) and with CFOs who think that a new approach to NFV is needed to reap some tangible benefits.

Deep inside, it’s more complicated.  Oracle does have some unique credentials that could be valuable for NFV, but I don’t think they’re particularly tied to operations or OSS/BSS.  If Oracle emerges as a winner in NFV it might well be because they changed horses in mid-positioning.

Efforts to standardize or define NFV have historically focused on the deployment of virtual functions.  That’s not unreasonable given that virtual functions are what NFV brings to the table.  The problem has been that NFV’s prospective benefits—capex reduction, opex efficiency, and service agility—are really difficult to realize if you limit your efforts to deploying those virtual functions.  Services and operations are end-to-end in topology and lifecycle, and so you have to attack them on a broad front to make any difference that matters.

The critical question of benefits has always come down to how you could build a super-efficient form of service automation.  If you could define services so that they could deploy on demand and so that service events could be handled by software, you’d cut the heart out of TCO and increase service agility by orders of magnitude.  NFV correctly framed the notion of management and orchestration or MANO as the heart of the future of networking…but they only defined it for those virtual functions and left the rest of the service and network out.

I said in an early blog on NFV that MANO was something that you could see through three different lenses.  It could be an NFV function and then expand to embrace the total service and infrastructure.  It could be an operations function and expand to embrace NFV deployment.  Finally, it could be something that knows lifecycles and processes and events and lives outside both NFV and OSS/BSS, and unites all the old and new into one model and vision.  The ISG has not taken the first path, and it’s hard to say how that vision could come about without ISG endorsement.  That means the second and third visions are the best shot, and the second is the one Oracle has taken…sort of.

Oracle’s approach to the problem is largely based on what I’ve called the “virtual device model”, which means that NFV is framed to operations systems like a device.  When it’s called for, an independent process resolves the resource commitments needed to make the NFV virtual device into something real.  That approach is a reasonable first step for NFV but it’s not an optimum strategy.  NFV needs to integrate resource and service management, which can’t be done if the deployment of resources and the management of those resources is opaque to operations.

Alcatel-Lucent’s and HP’s NFV strategy are actually better than Oracle’s in terms of implementation, because either would allow for the handling of service events to be mediated by a service model.  Why then is Oracle getting such good traction?  The answer is that while they may not be integrating NFV into operations, they are focusing on modernizing operations overall.

You could gain as much from redoing OSS/BSS implementations around a model-and-event framework as you could gain from either SDN or NFV.  In fact, it’s the operations improvements that are essential.  As operators have moved past the “prove-you-can-deploy-a-VNF” stage of NFC testing, they’ve recognized that to deploy NFV you’ll have to make a business case, not prove a technology.  Central to all NFV business cases is efficient deployment and management.

If you look at the NFV projects that really matter, the ones that are actually trying to prove out NFV’s benefits, you see that they’re divided into two groups, one that approached the issues at the service level from the top down, and the other that approached issues at the technology level.  Oracle’s laser focus on the service lifecycle has given it a lot of curb appeal to the first group, to the point where in at least one Tier One they ended up with a compelling position with the account before any real discussions of NFV features took place.

The question is whether this kind of lead can be sustained.  It’s always dangerous to base your strategy on the presumption that your competitors will continue to give you free rein with a key buyer issue.  However, it’s fair to say that Oracle’s two arch-rivals, Alcatel-Lucent and HP, have so far done just that.

Oracle has a secret weapon, though, in database technology.  NFV operations isn’t a network problem it’s a database problem.  You can’t do NFV management effectively at scale without implementing a kind of database buffer between the resources to be managed and the management and operations elements.  Oracle has all the knowledge and technology needed to do a premier job in that space, though so far they’ve made no comments on it that I’ve been able to find.

And lurking behind all of this are the two pivotal NFV issues, which are intent models and IoT.  The former could finally expose the real issues of operationalizing NFV and so create a scramble for implementations that address those issues.  The latter could be the camel’s nose that pulls a very large vendor under a very important tent, because IoT is a major opportunity for NFV if it’s conceptualized realistically.  Oracle has experience in both these areas too, and so they’re likely to broaden their engagement as time passes.  Since Alcatel-Lucent and HP are likely to start singing operations more effectively to counter Oracle’s early positioning, this will create a three-horse race that could really focus the industry on the right questions for NFV to answer.

Does the Street have it right when they say NFV could hurt Cisco?  A Barron’s blog suggests that SDN doesn’t pose much of a threat to Cisco but NFV does, citing a financial analyst’s report.  The perspective of Wall Street on tech is sometimes helpful because it exposes the issues that could drive stock prices.  Sometimes it just exposes technical biases in the Street’s thinking.  Which is it this time?

The report suggests that enterprises are moving apps to the cloud and to high-density servers, which reduces the need for switching—particularly top-of-rack stuff.  SDN doesn’t enter into this threat because enterprises lack the software skill to implement it.  That assumption doesn’t square with what I hear from the enterprises.

I’ve not found any enterprise who says they are reducing data center switching because of cloud use or dense-core servers or hyperscale.  It may be that switching would grow more rapidly without multi-core, but of course we’ve had multi-core servers for decades.  I have to dismiss the argument that something unusual is happening here.

As far as the cloud goes, enterprises tell me that they are migrating some applications, and some pieces of others, to the cloud, but that this process has had more impact on stranded application-specific servers than on the data center.  None of them told me that they saw a reduction in data center switching arising from the use of cloud computing.

The question of whether SDN’s threat to Cisco is mitigated by lack of enterprise software skill is hard to survey because it amounts to asking someone “Are you as dumb as the Street thinks you are?”  What I have found is that it is difficult for a business to justify a shift to a white-box data center because most of their data center technology has at least three years of useful life remaining.  The biggest reason for a lack of SDN adoption is that inertia.  If SDN “saves money” or “reduces capex” then why not reduce it further by simply not buying anything?

The problem with SDN, IMHO, isn’t the software skill of the buyer it’s the positioning skill of the seller.  Capex reduction is an incredibly weak justification for modernization because it usually requires a forklift update to “modernize” and a lot of what’s getting lifted is really being tossed out while there’s still residual depreciation.  These projects have a negative ROI unless you can cover that stranded cost with some other benefit.  What that benefit might be isn’t for buyers to puzzle out, it’s for sellers to articulate and prove.

But is SDN a threat to Cisco?  As I pointed out in an earlier blog, at some point central control of forwarding and connectivity in the data center is going to happen.  My model says that even in 2018 there will be significant impact from these trends.  They don’t force white-box substitution but they do encourage buyers to think about transitioning from expensive brands (like Cisco) to cheaper formulations.  I personally think that SDN will be less an impact than virtual switching and routing, and that white-boxes with an operating system that supports legacy switching/routing will be easier to introduce.  I think Cisco will see an impact from that source as early as the end of next year.

NFV is (as you’d expect) more complicated.  The article suggests that the goal of NFV is to replace switches and routers with virtual appliances, but that hasn’t been the focus of NFV at all.  Dynamic deployment and optimization is most useful for customer-specific elements of the network, or for dynamic multi-component ecosystems (like IMS or CDN).  A virtual router is really a hosted router, not a VNF.

Enterprises are likely to be transitioned to virtual switching and routing as a part of an expansion in the scope of VPN/VLAN services, something that is already starting to shape vCPE to include network edge switch/router technology.  This is probably the greatest impact point for Cisco because there are a lot of edge devices in a network, and so losing even a percentage of that TAM would hurt.  But NFV isn’t really the driver here, it’s just lent its name to a notion of hosting edge functions on commodity multi-purpose devices.  I’ve pointed out in the past that you don’t need NFV for vCPE.

NFV deployment at an optimum level would actually benefit Cisco, though.  NFV could create a market for hundreds of thousands of new servers and switches.  Cisco makes both.  The NFV data center market alone could increase data center switch TAM by 25%.  Since UCS has lower margins than switching/routing today, server gains might not boost profits the way Cisco would like, but by 2018 margins on switching/routing will be lower too.  Any port in a margin storm.

I think the analysis of SDN and NFV impact on Cisco that the Barron’s article cites doesn’t hold water.  This doesn’t mean Cisco skates by on SDN and NFV impact.  The biggest problem for Cisco is actually something that I’ve blogged about all last week—intent models.

In a software-based network, where “devices” are really virtualized collections of software features, a new target of interoperability has to be defined.  You can’t look for box equivalence.  That new target, I think, will be the “black box” or intent-model feature set.  Anything that can look like an intent-router is a router.  That includes virtual equivalents, but also real ones.  If you can harmonize a virtual function set to look like a physical device, you can harmonize real device behavior to look like that same thing.  Where then is Cisco’s brand superiority going to take it?

That’s the truth of the “impact of SDN and NFV” for Cisco. Neither of these two technologies are going to prove out without strong adoption of intent models.  Intent models, not SDN or NFV technology as we know it, poses the threat to Cisco, by anonymizing the way that network features are created.  Anonymize the features, and you anonymize the vendor.

The solution to this would be for Cisco to be a feature leader, but the company is legendary for seeking a “fast follower” role.  Wait till the market develops it and then kill early players with your massive brand.  That works when brand matters, but the time when it does—at least matters in the traditional sense—may be passing.

As an industry, networking has always been very dependent on standards.  One big reason is the desire of operators (like all buyers) to avoid vendor lock-in.  Standards tend to help make boxes interchangeable, which reduces vendors’ power to control modernization and evolution.  SDN and NFV are “standards-based” technologies, so you might think they’d continue this trend.  They might in fact accelerate operator choice, but for reasons a lot more complicated.

Of the two technology revolutions in networking that we hear about today, SDN is the most “traditional” because it’s aimed specifically at creating a service behavior set and not at hosting the stuff that does that.  Packets go from Point A to Point B in SDN because they got forwarded along a path, and that pretty much describes what happens today in legacy networks.  The difference with SDN lies in how that path is decided.

Adaptive behavior, meaning dynamic discovery of topology/connectivity, is the basis for path determination today.  A router expert once told me that about 80% of router code was related to path determination, and what SDN would do is pull that logic out of devices and send it to a central control point where paths were analyzed and imposed on the network (via OpenFlow).

If path determination is the thing most impacted by SDN you’d probably think that early SDN applications focused on where it was the biggest part of the problem, but that’s not been the case.  SDN so far has deployed more in the data center where path cost differences are negligible and where failure of devices and paths is rare compared with the WAN.  SDN has really been driven by the need to explicitly control connectivity, particularly in multi-tenant applications.

What has SDN done to hardware?  Despite all the white-box talk, not as much as many thought.  The early applications have actually been more overlay-network-oriented, where we build tunnels and routes on top of traditional (usually Ethernet) connectivity.  Some SDN architectures (like the original Nicira) were designed from the first to ride on legacy connectivity not displace it.  This may change over time, though, because if connectivity management is ceded to higher layers, then the data center switches are just transport devices, harder to differentiate.  So that gives operators more choices, right?

Actually it doesn’t.  The cheaper a box is, the less differentiated it is, the harder it is to drive new player opportunities.  Nobody wants to fund a startup in a space where everything looks like everything else.  So where SDN is really driving operator choice is more in the software, a network area that’s only now emerging as important.

NFV is even more complicated.  First and foremost, NFV separates software (in the form of embedded features or “firmware” or “network operating systems”) from hardware, which allows the underlying platform to be commoditized.  Software, left on its own, is now free to innovate.  The theory has always been that virtual functions hosted on commodity hardware would lower the total cost of ownership, and broaden operator choices by preventing proprietary lock-in.

It’s hard to say that will happen.  Two virtual functions are interchangeable based on a bunch of qualifiers.  They have to run on the same thing, do the same thing, expose the same interfaces, and be managed in the same way.  If we have a service chain created to build vCPE, for example, the elements in the chain are interchangeable if all these criteria are met and any one element can be switched out for a competitive brand.  Many think this is one of the goals of NFV specifications, but it’s not.

NFV does not dictate any service data plane interface, any functionality, or any management interface.  Given that, vCPE created by chaining three functions wouldn’t predefine any set of interface standards to conform to.  It would be a happy accident if we had three or four providers of individual virtual functions (VNFs) that could be freely substituted for one another.

What this would mean is that NFV might actually promote vendor lock-in at one level and reduce it at the level below.  Software features have enough range of motion in implementation that vendors would be able to develop ecosystems of VNFs that worked well together but didn’t easily accommodate substitutions for individual functions.  They would be able to pick from commodity platforms, though, right?

Perhaps.  NFV is a new world, and the NFV specifications are not broad enough to define every piece of it.  Operators realize that all NFV implementations are not going to be equal, end-to-end, and in fact that not all will even be able to make the business case.  The NFV vendors often provide VNFs, platforms to host stuff, operations and management and orchestration.  All these work within the ecosystem the vendor offers, but we already know that you can’t be sure you could substitute one VNF for another.  You can’t substitute one MANO for another either, and it doesn’t appear you can substitute even Virtual Infrastructure Managers.  If you buy an NFV ecosystem, you’re buying a single vendor or a vendor and specific partners.

Before you take this as doom and gloom, let me say that the long-term prospects for an open and efficient NFV implementation are very good.  What we see now in NFV, and even in SDN to a degree, is a growing-pain problem.  Whether it would even have been possible to standardize NFV fully, to make every piece interchangeable, is debatable.  We certainly didn’t do it.  That means that we’re going to have a bunch of implementations out there, each presenting a unique slant on the value proposition for NFV.  The ones that get the best traction will become the focus of more partnerships, be expanded more by new product features, and will define the shape of the NFV future.  The others will die off.

You can see some of this already.  Alcatel-Lucent offers NFV in a sense as a carrier to mobile evolution.  HP offers a broad ecosystem of partners with useful VNFs, and Oracle offers an operations-slanted vision.  The differences in implementation are way more subtle than the positioning (which for some vendors is still too subtle) and the early-market drive that the vendor hopes to harness.

What will actually create an open NFV ecosystem, though, is the “service agility” driver.  In order to create agile services that can be efficiently operationalized, operators will need to assemble services from little functional blocks that can be stitched together using deployment automation tools.  As I’ve suggested in prior blogs, these blocks will each be “black boxes” or “intent models” representing features disconnected from implementation specifics.

The standards for interconnection in NFV will be shaped by the operators themselves when they build their service libraries.  It’s just that the early winners among NFV vendors will be in a better position to help do the shaping.

The question of how to secure SDN and NFV comes up all the time, and in my view it’s yet to be fully resolved.  I think we’re trying to achieve “security by dissection”, meaning that we look at things like VNFs or NFV Infrastructure and ask how to secure them.  Yes, you have to build a secure ecosystem from secure pieces, but ecosystem security isn’t assured that way, only preserved.  The things that connect SDN and NFV, the things that make them different, have to be addressed.

The big challenge in SDN and NFV security, speaking ecosystemically, is that there’s a significant “signaling” or “control/management” plane that’s explicit in both.  Inside this plane you can command devices, establish behaviors, and most of all admit things from the outside.  Compromise this process and your security measures are doomed no matter what you do elsewhere.

Part of the challenge, as I noted in a prior blog, is that we have to define an “architecture” for either SDN or NFV to understand just what security is needed.  If there’s a control/management plane, how is it related to the data plane of the service or of the infrastructure?  For example, is an NFV service created “inside” a private IP address space and gated to the outside world only for its external ports?  If so, and if management connections are gated in a secure way, you’ve gone a long way to creating a secure implementation.  If not, if you use public addresses for all components, then everything inside a service could in theory be attacked from the data plane.

Aside from architecture, there is another point about SDN and NFV security that can be addressed in a general sense.  Both SDN and NFV are highly dependent on control/management interactions.  In fact you could argue that what separates SDN and NFV from the older technologies is the dominance of control/management processes over adaptive processes.  That to me means that it’s likely that these control/management processes will need special attention to secure them properly.

Message authentication is like disarmament; the operative concept is “trust but verify.”  The presumption in SDN and NFV is that commands issued to devices or device systems are authentic, meaning that they emerge from a trusted entity.  Most security is focused on trust management, and most of that falls into the categories of isolation and path protection.

If all your trusted entities are collected in a single subnetwork, and if that subnetwork is made up of protected paths—encrypted or whatever—so that outsiders can’t gain access, then you can control trust conveyance by controlling who’s on the subnetwork.  This is why I think the question of subnetwork architecture and security are critical for both SDN and NFV.  It does little good to talk about security if your critical control/management interfaces are exposed to public access.

The problem with a pure trust focus is that you don’t account for a trusted entity turning on you, either deliberately or because they were hacked and someone has taken control.  Few control measures are total proof against hacking, but it’s possible to reduce risk by making sure that trusted entities are not exposed to public Internet access or subject to the introduction of malicious software.  You need a very isolated sandbox, which is not just addressing but processes.

Even that’s not always going to solve your problem.  Things creep through almost anything, and there’s also that risk of someone going rogue or simply making a major mistake.  This is where the “verification” comes in.

It should be an axiom of SDN and NFV that any control/management change made for any reason must be explicitly associated with a causal factor (both event and the agent making the change) and logged.  Further, it should be an axiom that the message itself (including the causal factor and commands) must be authenticated.

Message authentication in networking and IT has been around for a while.  The basic idea is that you generate a secure “hash code” from a message that is a form of a cryptographic key.  Anyone can send this key to an authority for validation, which means that if you derive the key of a message you receive you can validate the key and through it the authenticity of the message.

Everyone is familiar with a technology that can be useful for the verification of messages in SDN and NFV, but not in the form they’d expect.  Bitcoin uses what’s called “block chaining” or (as one word) “blockchain” to keep a tamper-proof history of something.  One could apply blockchain principles to SDN and NFV interfaces or control elements to keep a log of everything that happened there, and because the players in the process can be authenticated via a token using a public key, you can identify who did what.  One company I’ve encountered who offers this is Guardtime, who as it happens has a relationship with Ericsson.  However, I can’t find any specific reference to the two companies working on an SDN or NFV strategy together, which suggests that blockchain applications to control/management security are still novel.

The application of a bitcoin-like process to the control/management action history of a network device or management interface is pretty clear, but you can also apply the blockchain principle to automated responses.  We’re entering the “I, Robot” age of networking, where we rely on automated processes to do everything for us.  The price of economical operations is low human touch.  Absent the Three Laws of Robotics, though (see Asimov’s work if you don’t recognize the term), it’s hard to be confident that our robotic network agents aren’t throwing a flyer now and then.  Event-driven processes can also be logged through blockchains so you can track back how something happened.

You can use elements of blockchain technology to authenticate agents, messages, control interfaces, devices, and more.  You can even “authenticate” the state of a service or infrastructure element, which means you could know whether you were in it or not.  In theory you could build up a model of security using these principles and then use an audit process to establish whether you were still in a state of trust, even in a state of functional optimality.

It seems to me that there’d be a lot of value in exploring what blockchain technology could do in SDN and NFV security, and even in how it could change the view of what audit trails and network state management should look like. Thus, it seems we should be thinking about the blockchain concept as part of the SDN and NFV story, and probably in other IT areas as well.

I’ve talked in the last two blogs about how intent modeling fits the way that SDN and NFV have to work, and also a bit about its relationship with OSS/BSS, TMF, and the ETSI models.  Today I’d like to close this series of blogs with a discussion of intent modeling and orchestration.  As it happens, it might be intent modeling that finally defines that notion fully, and also fully justifies the ISG.

When you read through the ETSI material as a (former) software developer and architect, you’re struck by one point.  The documents implicitly define software that processes data.  That point might seem trivial on the surface because, after all, isn’t that what software is supposed to do?  Actually, in a general modern sense, the answer is that it’s not.

Let’s review for a second what an intent-modeled service would look like.  It would be a series of connected/cascaded models/objects, with the top one representing the retail offering.  As you develop downward, you’d pass through some number of layers of “commercial models” that describe interconnection of purchasable entities, and finally cross a border into describing how intent was translated into resource commitments.  It’s the classic tree-turned-upside-down picture.

One could say that an “orchestrator” processes this mode, but the problem with that is already visible.  We have a separation of orchestration and management, and implicitly of deployment and the rest of the lifecycle processes.  The more logical way to approach this would be to say that orchestration is a data-driven activity, and that deployment is simply a stage in the service lifecycle.

If we presume that our service model is fully developed in the order entry process, then logically the way to deploy it would be to send the top object an “activate” command, which is an event.  That object would then run an orchestration process that would look at its own as-a-service subordinates and activate them in turn.  You’d see a cascade of these events down the tree, and a collection of responses coming back, focusing eventually on the top object.

This, IMHO, is the only way to visualize a deployment of an intent-modeled service.  All any layer of this structure knows about the rest is the set of services it consumes itself.  You commit the services at a given layer, and that commits the subordinate ones, and so forth.

Each layer in the intent model is our black box process, and so each layer presents only functionality and an SLA in an upward direction.  The model is responsible for the SLA so the model is responsible for remediation if something breaks, which includes horizontal scaling and replacement of a failed component.  Those are lifecycle actions, and so they belong in the model.

What separates this from the literal ETSI view are two points.  First, orchestration is a continuous and “fractal” process.  It is running all the time, but it’s running in response to events.  The second point is that the intent model structure describes the end-state of the service not a parameter set, and the model itself mediates processes to get the service into that goal-state.

In the intent-modeled service the “Orchestrator” and “VNF Manager” and even the VIM are all co-equal processes that are integrated into a given intent-model lifecycle state/event table.  Everything that happens is a response to conditions, which is the first test for a fully automated service process.  The blocks in the ETSI E2E are functionally valid but are not literally process elements.

One thing this could do is provide an actual mission for the NFV work to support.  From the first there’s been a strong correlation between what MANO was supposed to be doing and what something like OpenStack already does.  If you presume that the only goal of the NFV architecture is to deploy and connect virtual functions, you’ve reinvented Nova and Neutron, respectively.  But if you say that it’s the intent-modeled service, the event-connected lifecycle progression, that NFV defines, then you’ve stepped into the new world that NFV as a concept has promised.

This same approach also integrates management and operations.  A service lifecycle driven by service events has a natural event-handling relationship with both NMS and OSS/BSS.  If a service breaks, you launch a lifecycle process to remediate.  If it works, you tickle the NOC to get the underlying problem (like a bad server) fixed.  If remediation doesn’t work you have to do a billing credit by tickling an eTOM process in the OSS/BSS.  All of that is defined into the service lifecycle process by the intent model.

Presuming that intent modeling goes (forgive the pun) as intended, there is going to be an impact on the NFV marketplace.  Several in fact.

First and foremost, intent modeling cements the business case to the implementation.  If you do a PoC on an intent-modeled implementation of NFV you can tie in everything needed to show capital savings, operations efficiency gains, and agility gains.  No stranded business cases required.

Second, the relationship between SDN and NFV is firmed up, and even SDN’s role outside NFV is strengthened.  The same is true for the cloud; SDN and NFV are both mechanisms to expand the scope of cloud “orchestration” and “connection”, and so are things useful for more than they’re being considered today.

Third, there’s now a logical and valid framework in which NFV claims by vendors can be examined.  For example, if Oracle announces NFV-supporting OSS/BSS elements, how do we know that they really support NFV?  Since the relationship between operations and NFV is vague at best, almost anything can be claimed to support that relationship.  If we demand intent-modeled service with event-driven lifecycle management, we can list criteria for “support” of NFV that are meaningful.

Which leads to the fourth point, which is that this approach would separate the wheat from the chaff, NFV-wise.  We could say, for example, that if VNFs have to fit into a specific framework for intent modeling and event-driven lifecycles, then VNFs have to present specific integration points with that.  Do they?  If not, then they’re not VNFs.  Similarly, somebody with OpenStack support can’t say they are an NFV implementation unless they have the broader intent-and-event orientation.

I’d love to be able to say that this is where we’re heading.  I firmly believe that some in the ETSI process see this direction pretty much as I’ve described it here.  More probably accept the broad concept but haven’t thought through all the details.  However…everyone would not fit in that happy camp of endorsers.  There’s a lot of inertia that’s developed in NFV, and right now the momentum is not in an intent-modeled, event-driven direction.  Time will be required to turn it around.

Time we may not have.  What operators want and need from NFV has to be in field trials within nine months or so, and on its way to proving a business case, or we couldn’t hope to deploy enough NFV to change the timing of the revenue/cost crossover operators expect for 2017.  If we don’t see some strong indication that there’s at least a couple vendors who can do the right thing by around November of this year, then I think time may run out for NFV.  Which means again that we’re going to have to accept vendor-driven and even proprietary visions of NFV in order to get useful ones—like intent models.

I talked in my last blog about intent modeling in NFV, and today I want to look at extending intent modeling in two directions—into SDN (which is easy) and into management (which is less than easy).  I’m not going to recap the theory of intent models beyond a sentence, so if you didn’t read yesterday’s blog I suggest you do that before reading this one.

An intent model describes a “service” in terms of the characteristics it presents to its users, not by how those characteristics are created.  Thus, it’s a good statement of an abstraction for a given service or at a given interface point.  I’ve suggested that NFV could use intent models to describe both the “input” to NFV from the higher-layer OSS/BSS (a service model) and the “output” of MANO into the Infrastructure Manager(s) that represent resources.

Since NFV has to command connections be made, and since a NaaS abstraction is the obvious way to describe these connections, an intent model is almost surely what NaaS abstractions should look like.  Since SDN is a way of creating a NaaS connection set for NFV, then an intent model can describe SDN services.  In fact, better than any other approach, particularly for OpenDaylight.

OpenDaylight, with multiple southbound control options, could create a connection service using a combination of OpenFlow/SDN and legacy technologies.  To make that work optimally you’d need a description of a connection service that’s technology-neutral.  Which means an intent model.  The ODL controller could then translate intent into commitments through the southbound APIs to the real devices or management systems.  To me this is a no-brainer, to the point where you have to wonder why it’s taken us so long to get around to recognizing the value here.

The management side, as I’ve already noted, is more complex but in the end also very logical.  An intent model of a network service would include the service connection points and the “SLA”, which would describe the connection behavior to be delivered.  IMHO, it’s not much of a stretch to say that an intent model should define SLA variables, the usual stuff like bit rate, packet loss, delay, and so forth.  We could also establish a convention that every intent model defines a “service quality gauge” that would range from green through red depending on just how good/bad the service was conforming to its SLA at a given time.

The benefit of this is that a given intent model would then be defining variables that it was the responsibility of the lower-level structure (which could be a hierarchy of models or an element that commits resources) to populate.  Since an intent model would have to offer what would look like a downward policy flow to populate lower-level deployment/connection processes with SLA variables from above, there’s nothing wrong with having the flow be bidirectional.

There are implications to this approach beyond simple management variable derivations.  A “service” is now a set of linked intent models, each of which is asserting an as-a-service property set to the stuff above it.  Because every model is a service with policies, properties, and SLAs every model can be managed.

This addresses an important point in service-building, which is how you organize complex services.  Say you have a VPN with two sites, so you have three “services” in NaaS terms—two access services and one interior VPN service.  You can define this as a tree with the retail service on top and the three subordinate elements below.  The “orchestration” of this combination can be visualized easily as the instantiation of the three individual subordinate services followed by the interconnection of the three.  The former step is defined by the intent model for each subordinate, and the final step by the intent model for the top (retail) layer.

The end game here is simple.  A service is modeled and created through a series of abstractions—“objects” in modern software terms.  Each object is an intent model in its upward-facing direction and each object decomposes the fulfillment of the intent it advertises by drawing on services/intents from below.

In most cases, I think, one of these objects will have two primary service/connectivity missions.  One is to activate the services below, and the other is to “connect” them into a structure that fulfills that object’s own intent model.  Overall, this is a modeled, data-driven, approach to NFV.

And more.  If each of these models/objects has a state/event process that describes how it responds to conditions during the service lifecycle, including how it is impacted by and impacts the state of subordinate and superior models/objects, then you can describe remediation of faults and operations/management integration simply by linking processes into that model.

To me, this could overcome what could be a serious implementation flaw in NFV, which is the use of specific logic to address service lifecycle processes.  Yes, you can establish a parameter in a descriptor file to indicate whether a given VNF needs a DNS or DHCP server or a load balancer, as long as you recognize when the software is built that the parameter will be needed.  It’s hard to address new requirements without changing software.  But if you have a model-and-table-based approach with structured service objects, you can change things by simply changing the data model to invoke a different process.

I said yesterday that the introduction of intent modeling into NFV could be a major asset, a major revolution.  Like all revolutions, it could cause significant disorder.  My perception of the ISG process is that it’s proceeding in two directions at once.  One direction is augmenting the original E2E model of NFV, which I believe is not suitable as an implementation guide, and the other is trying to develop functional requirements that, if accepted, would suggest a completely different approach should have been taken.

NFV is going to have to get through this at the political level and not at the technical level.  Somebody, somewhere high up in the organization, is going to have to sit down with a small number of like-minded people and get this right, and then work out how to develop support for the change.  That support might involve some fancy footwork to paper over the fact that a lot of detail introduced so far was introduced based on the wrong approach.  It’s not necessarily going to be an easy task to change, but I think it’s essential if NFV is to be deployed optimally, and I think some operators (and even a few vendors) are seeing the light.

A piece of good news on the NFV front is that the ETSI ISG is moving toward consideration of intent modeling as the basis for a number of important interfaces.  I’ve been advocating intent modeling for several years now, so obviously I’m pleased with the move.  You should be too, and everyone else in both the SDN and NFV spaces, because the decision if implemented could have significant short- and long-term benefits.

In some prior blogs, I’ve suggested that both SDN and NFV must be framed around the concept of “network as a service” or NaaS.  NaaS is an abstraction of a connection service, such that it can be realized using any suitable technology or combination of technologies.  A VLAN or VPN should be a NaaS abstraction.

The reason for this is that operations evolution has to lead technology/infrastructure evolution.  You can’t have customers or customer service agents looking at a service order to decide what technology will have to be used to fulfill it.  Services have to be ordered in terms of what they deliver, and that must then be translated into how it gets delivered.  An abstract VLAN can be ordered as a VLAN and built using any combination of legacy, SDN, and NFV.

The key to making this work is the abstraction itself, the representation of NaaS.  The abstraction of a connection service has to describe the connection in terms of endpoint behaviors and service-level agreements (SLAs).  Think of it as a “description” of the service (the logical topology, which in the case of a VLAN is a “multipoint” service, and its QoS attributes, for example) and a list of endpoints.

This sort of model has been known in the industry for some time (I’ve referenced it in a blog or two earlier).  It’s called an intent model because it models not how something is done but what the “something” looks like to its consumer.  There have even been papers describing the application of intent modeling to virtual networks.  However, intent modeling was not a part of the original ETSI conception of NFV, though it was the foundation of both my CloudNFV and ExperiaSphere work.

It’s fair to ask where exactly intent modeling might fit inside the ISG’s end-to-end model, and there are a number of places.  Let’s start at the top.

A “service” is first and foremost an intent model, as my example here illustrates.  Buyers don’t expect a blueprint and a heap of parts, they want a car.  Service models should be viewed at the top as perhaps a cascade of intent models, each representing a commercial chunk of the service, presented by features and not by implementation.  This could be modeled as the TMF’s “Customer-Facing Services” or CFSs.

The challenge of intent models is that you eventually have to deliver on the intent, which means that you have to be able to decompose the “intent” into realization at the resource level.  The easiest way to visualize this is to think about a point in your service cascade where the structure below ceases to be intent-based and becomes resource-based.  In the TMF world this could be described as the boundary between Customer-Facing and “Resource-Facing Services” or RFSs.

It’s difficult to say with confidence where this boundary point is in the ETSI ISG world because they’ve put operations out of scope.  Instead, let’s shift focus for a moment and look at the ETSI structure to see where intent models might fit.

One obvious place is the top.  A request for VNF deployment should never be expressed in the form of resource-specific recipes because you don’t know where a given service would optimally locate its components (likely dependent on service locations, for example).  So the input to NFV MANO from the OSS/BSS (the Os/Ma Interface in the E2E model) should be an intent model, perhaps what we could call a “deployment order” to distinguish it from what’s above.

In fact, all of the interfaces that ETSI draws “inside” the MANO block of the E2E model should likely be visualized as intent models because in all of them you have an abstraction of behaviors on one side and realizations of the behaviors on the other.  However, the most important place for intent modeling besides the input to MANO is the VNFM-to-VIM connection (the Vi-Vnfm Interface if you’re keeping score).  This is where the service model’s realization has to be converted into specific hosting and connection processes, which means that network connectivity and NaaS are “below” the VIM (which you’ll recall I tend to generalize as Infrastructure Manager to reflect the fact that some of the infrastructure in a real service isn’t virtual at all).

In a general case, then, NFV could be considered to be a description of the boundary between CFSs and RFSs in TMF terms.  The input to NFV is a CFS representing an intent model decomposed from the original retail service (it might be that service if there are no commercial components, or it might be a commercial chunk thereof).  The VIM’s output has to be resource-specific, which says it’s a part of the “cascade” of resource models.

This raises what’s likely the critical intent-model-related question in NFV today, which is just where inside NFV the CSF-RFS boundary occurs.  If I feed CFS models into the top and get resource controls out the bottom, then we can infer that “orchestration” in general is the boundary function between the two.  But what does the border-crossing?  It’s either a MANO function or a (V)IM function.

I think it depends on how resource choices are made.  IMHO, a “service” can set policies within its intent model that would guide resource selection, meaning that a service could require things that preference one implementation over another.  It should never make selections itself because that would mean you’d have to retroject resource knowledge into service models.  If a (V)IM is a representative of, an abstraction of, resources, then unless you want there to be one logical VIM, you have to assume that RFS modeling takes place above it, with the VIM at the bottom of the tree where models turn into actual resource commitments.

I think this same approach is the way that federation of multiple providers or even SDN domains should be handled.  Each “domain” is associated with a resource model that can commit the infrastructure within.  This part of the model is (V)IM-related.  Above the (V)IM is a model that describes how services are decomposed by domain.  You could then visualize a (V)IM not as a piece of logic but rather as a set of models, which says that pretty much the whole of NFV can be visualized as an intent model and the decomposition of that model.

Which is where I think NFV should go ASAP.  Accepting some approach like this would help focus the ISG on the specific things required to make NFV work as part of a service process, and that’s the way it has to work if it’s going to deliver service management efficiency or service agility.