“You hang out with smart people, you get smart friends.”
– Rocky Balboa
Anyone who reads this blog knows why they’re reading it. They don’t need their advanced perspectives to be validated. That said…
The news broke this week that Vyatta received a significant financing round from an investment firm comprised of operating executives who know a thing or two about networking, infrastructure and technology disruptions.
This is fantastic news at a fantastic time. Things are moving so fast for Vyatta & Friends that it’s starting to blur together. In the span of 2011 alone Vyatta has substantially spread its wings, including:
+ First major clouds announcing adoption of Vyatta (Dell, Carpathia, DinCloud)
+ Continued Enterprise adoption (Boeing, EMC, Honeywell, CBS, Toyota)
+ Our one millionth download of the Vyatta Network OS
+ International distribution partners Zycko (Europe) and CTC-Itochu (Japan)
+ Playing a key part of the live network at InterOp
+ Crossing over the 1,000 customer mark
+ Winning even more industry awards
+ Advancements in multi-platform environment suport (Red Hat KVM, Amazon)
+ World-class executive additions
… and that’s just some of the high points.
2012 will be the year virtual networking explodes in adoption. The data points are all over the map. It started by looking like a jungle out there… then a dirt road emerged. Now there is nothing but highway in front of us, and Vyatta is shifting into high gear.
We continue to be awed by the power of the Vyatta Community that is at the root of our inexorable drive. Right now there are over 300,000 registered members worldwide. Vyatta Users groups continue to spring up around the world (Poland, Latin America, Japan) and the Vyatta Japan Users Group published their first book on Vyatta this year. The Vyatta Network OS has been downloaded by over 50% of the Fortune 500 and running in datacenters around the globe. It’s amazing to watch.
There’s more to do, but we’re all in the right place at the right time. Viva Vyatta!
“Only when the tide goes out do you discover who’s been swimming naked.”
Warren Buffett, famous investor
I was recently asked by a respected Silicon Valley figure, “Why is it that Vyatta’s customers know exactly what virtualized networking problem they’re solving, but when I speak to other IT people I know in the virtualization arena they say they don’t have that problem? Or they tell me the networking problem is solved by the vSwitch that every hypervisor now has? I don’t understand this dichotomy.”
I was set back for a moment. It was a strange question to hear because at Vyatta we are so deeply in tune with “the problem” that we assume everyone naturally understands it. It took a moment, then the answer hit me like a brick: It was what market researchers call response bias: He was asking the wrong people.
“Forget about virtualization for a moment,” I said. “Go back to the previous model where a member of IT staff is tasked to bring up a new application server. Within the IT team, that person is a compute professional, right? Not a network architect or manager.”
“Of course,” he said.
“Now,” I said, “walk through the steps that server pro has to take. He gets the hardware, loads an OS and the desired application, and tunes it to the required levels. Right?”
From his expression it’s clear I’m boring him. I go on.
“Once the application server is set up, he takes an ethernet cable and plugs it into a port on the server. What does he do with the other end?”
“Obviously,” he said, “he plugs it into a port on a nearby switch.”
“Who provided the switch?” I asked.
“The networking side of IT of course,” he said hesitantly.
I pressed: “What’s going on on the other side of that switch?”
He waited a moment, then said, “I’m not sure.”
“Does our server pro in question know what’s going on beyond the switch?” I asked. “Does he know that the network was architected into subnets for a reason? Does he know how it’s routed? Or where the firewalls are, and why they’re configured the way they are? Or where the VPNs are terminated?”
“Probably not.” It came out of his mouth almost like an admission.
“So by definition of his role and knowledge base, it’s not his responsibility to know what’s happening from that port on the switch out into the rest of the network, right?” Now I can see the light bulb over his head. “The networking team has already established all of that for him before the server is allowed onto the network.”
“That’s right…” His voice trailed off.
“Well, that’s what it was like before virtualization. So now,” I pushed, “what’s it like in the virtualized world? That same person is asked to bring up multiple virtual machines on a server. He knows that the cable goes from the physical switch port into the server port like before. But virtualization requires one last connection: He also has to logically assign the VMs to the vSwitch in the hypervisor to complete the connection. It’s the exact same thing he did before. He think’s he’s done.”
“So,” he began slowly, “you’re saying that if I’m talking to an IT pro about virtualization, it’s highly likely that they’re from the compute side of IT. So there’s little reason to believe they know any more about the fundamental networking requirements beyond the server-to-switch connection than they did before virtualization.”
“Bingo,” I said. “You’re getting respondent bias.”
“But wait,” he said, “all of that other network infrastructure is already in place! The routers, subnets, firewalls and VPNs… they were there before virtualization and they’re still there under your example!”
“Yes they are,” I said. “But external networking gear can’t effectively or efficiently manage the traffic at the VM level because the hypervisor blinds them. All of those other networking functions need to be performed inside the server. That’s what Vyatta’s customers know. They’ve learned to meld compute and networking disciplines into a single architectural vision.”
While he thought about that, I mentioned Integral Networks, one of Vyatta’s customers recently in the press. “Their CEO said their goal was to get to a 100% virtualized environment but they couldn’t with their existing networking gear. He said, ‘We were happy with the security we were getting from our firewall and VPN infrastructure, but we couldn’t deploy those vendors as a virtual machine.’ Now, using Vyatta, Integral is delivering granular control and complete isolation of VM resources, as well as secure remote access for managing cloud-hosted data externally.”
“I’m getting it now,” my colleague said.
I concluded, “At a high level, it’s simple: It’s all about applications. They’re virtualizing, so therefore your network needs to have the same agility as the virtualized applications. That’s a networking VM.”
InfoWorld Magazine’s test center honored Vyatta with our fourth BOSSIE award this year for our unique ability to solve the networking and security needs of the Cloud & Virtual Datacenter.
It’s an honor to be recognized as a leader in this space and to be among great company (Xen, Eucalyptus, Gluster). There is something extra special about winning awards when nominations are sent in by readers and users. Thank you to the huge (500,000+) Vyatta community for recognizing our accomplishments, advancing our product, and spreading the word about Vyatta’s ability to connect and secure virtual datacenters and clouds.
As the industry’s only software networking solution we’ve come a long way in the past five years and we’re thrilled that IDG has continuously recognized our ability to evolve our solutions to meet the changing needs of the enterprise network.
Summary of Vyatta BOSSIE awards:
2008: Vyatta – Best Networking Software
”Logging in to a Vyatta router can closely resemble the console of a Cisco or Juniper router…”
2009: Vyatta – Best Networking Software
”The amazingly useful Vyatta Core distribution…”
2010: Vyatta – Best Networking Software
…”an open source David to Cisco’s Goliath…”
2011: Vyatta – Best Cloud and Datacenter Software
”For all of the talk about the wonderful advances of computing, many savvy enterprise managers are scraping their heads and wondering about security. How can they lock down their machines if they don’t know where they are? One solution is Vyatta..”
Vyatta will keep the hits coming… watch this space!
“That’s how things change: slowly at first, then all at once.”
We’re back from VMWorld in Las Vegas, where the industry started viewing their virtualized environments with the same kind of wary eye they cast on a blackjack dealer with shifty eyes.
After all, you wouldn’t take your money out of an ATM leave it out in the open on a public table… so why would you take your mission-critical applications, which are safely wrapped in a carefully-constructed network, and put them in a virtualized environment that is wide open with no network controls?
Vyatta has been out in front of the industry demonstrating solutions to these issues for a while, and we have the leading customer implementations to prove it. This week, for the first time, other vendors are beginning to highlight this very important problem statement: Virtualization breaks networks! Until that problem is solved the deployment of virtualized apps will be limited to those that can afford the network exposure. Forget about virtualizing apps that have compliance needs, such as PCI or HIPAA. Don’t go into a multi-tenant environment until you can lock your own doors. Don’t pull the cord until you know what you’re going to get.
One wag put this way: “It’s virtualization stall.” At a minimum, it is a problem that limits virtualization’s true growth potential.
This is articulated perfectly in a recent editorial from SearchNetworking’s Rivka Gerwitz Little where she agrees that businesses shouldn’t pull the cord on leveraging the cloud until they have a clear plan for securing virtual environments. ”Ultimately, we’ve learned that every network security strategy must be extended into the virtual environment. That means learning how to connect the virtual environment to the DMZ network, as well as implementing virtualization firewall strategies, and moving away from physical separation.”
Network virtual machines are a clear answer to these issues, but not in the limited capacity and vendor lock models being introduced at VMWorld. An ideal network security solution for virtual and cloud environments needs to be available for all hypervisors, capable of automation through any orchestration or management layer via an open API and must offer a single system that enables complete replication of the enterprise network edge (L2-L7). As Cisco announces a second attempt at virtual firewalling (virtual ASA to be available late 2012) and VMware, Cisco and others propose new standards (VXLAN) to extend L2 networks, Vyatta customers have been benefiting from a full featured virtual network OS to connect and secure their virtual environments for years.
In all, this VMWorld was a great show for Vyatta. Networks are changing, and it’s starting to happen fast. I’ll sum up with another great statement from Rivka Gerwitz Little: “If networking professionals don’t stay abreast of these issues – and push their way into the virtual conversation – they’ll find themselves backtracking to solve problems that have literally been architected into their networks without them even realizing it was happening.”
“Every cloud has a silver lining, but it is sometimes difficult to get it to the mint.”
– Don Marquis
For enterprise-focused clouds to truly prosper, they need network virtual machines. With our release 6.3 Vyatta has extended our hard-earned leadership in this exciting arena.
Of all the advancements in version 6.3, the most exciting ones are cloud-related. From a feature perspective, our continued enhancements focus on security and connectivity of cloud architectures. But one of the most unique benefits of Vyatta is that we continue to make it work in practically all cloud environments.
With new support for the Red Hat KVM hypervisor as well as an Amazon AMI image, Vyatta continues to be the only virtualized networking solution that doesn’t dictate what hardware or software you have to use. Do you want to run it on VMWare, Xen or KVM? Or do you, like 60% of all other organizations, have a multi-hypervisor environment? Vyatta gives you the freedom to span those platforms. Do you want to do your POCs or test & dev in Amazon first? With Vyatta, you can.
Vyatta was founded on openness. (A few of you might even know that “Vyatta” is Sanskrit for “open”.) Enabling cloud networking, regardless of the platforms you use, is a perfect example of the benefits of being open.
Be sure to follow the continued press releases of our cloud customers as they talk openly about how Vyatta lets them get their cloud into the prosperity zone 😉
“I told my doctor I wanted a second opinion. He said, ‘Okay, you’re ugly too.'”
As applications continue to shift into cloud-based systems, the importance of architecting the proper supporting infrastructure is paramount.
Nowhere is this more evident than in healthcare. To assure high levels of compliance such as those demanded by HIPAA, network security is a crucial part of an acceptable solution. For a great case study in how to do it right, look no further than cloud provider Thrasys.
Thrasys offers “on demand” cloud services for managing Electronic Health Records. This placed two key challenges on the network architecture:
1) Rapid & flexible deployment
2) Government-approved levels of security
To satisfy their needs, Thrasys announced it had turned to Vyatta virtual machines to connect and secure their cloud-based service. To quote their CTO, “Our Vyatta virtual firewall allows us to offer providers, patients and service centers easy access to on-demand applications – from anywhere, at any time.”
Take a moment to think how virtualization changes the requirements for network solutions. IT architectures can’t lose what they use to have — they still need network segmentation and security. The difference is that now they have to achieve it inside the server, betwixt and between virtualized applications. It could be driven by something like HIPAA, or it could be for other multi-tenancy reasons. Regardless, it has to happen and Vyatta has the industry’s most complete solution for easily meeting these rigorous networking requirements.
Last year we predicted 2011 was the year virtualized networking went mainstream, and we were right. Today production solutions around the world are running on Vyatta virtual machines. Enterprises, clouds, and even the federal government run Vyatta VMs to meet their needs. Do yourself a favor and test out the broad capabilities of the Vyatta solution… like Thrasys, you’ll discover it’s a key part of an incredibly effective and efficient IT architecture.
“What we need are legitimate virtual lab products supported by companies like Cisco and Juniper offered directly to individuals.”
– Jeremy Stretch, Network Engineer
A recent article described how Cisco and Juniper can’t meet the needs of network engineers when it comes to accessing infrastructure for test & development outside of production environments.
The problem stems from the hardware-bound nature of the vendors’ business models. They can’t let the software escape into the wild; otherwise how will they make money? Genies that have escaped the bottle are difficult to put back in.
This is one of the beauties of Vyatta. We’re a software company. We radically encourage network engineers to download our software for test & dev, experimentation, even learning. We also have world-class documentation and online training courses.
Vyatta provides freedom that no other networking vendor can offer. Build your virtualized network model in your own lab, not in some temporary shared space in a vendor’s datacenter. Do it at your own pace, not based on time-outs enforced by the vendor’s lab. Do it for free, not for some usage-based fee model that the vendor so happily offers.
As I write this we’re nearing our millionth-download mark. We have Fortune500 customers now creating commercial relationships with Vyatta because the next-gen architectures they designed – in the freedom of their own environments – are ready to go operational now.
Our fundamental philosophy remains unchanged: People are smart. We just need to give them the tools and the freedom. Better solutions are the result.