ISP Traffic Visibility and the Future of Network Services

The process of prepping for my recent interview with Light Reading’s Steve Saunders got me thinking about Arbor’s rich service provider history and how the value of traffic visibility for these large network operators – and how it is achieved – is evolving over time.  What follows is the virtual Q&A I conducted in my head…

Talbot HackTell us about Arbor’s position in the service provider market?
Arbor has been the network visibility, threat detection and DDoS mitigation vendor of choice across nearly all Tier 1/2 ISPs and large network operators around the globe for over a decade – including for the largest online and cloud infrastructure providers.  We’ve developed a reputation for helping these operators maximize the service availability of their complex networks at scale.

Sound network and threat management starts with proper traffic visibility. Arbor’s SP platform enables visibility across the entire network – both north-south and east-west from the peering edge to the backbone to the customer/access edge, into the data center and out into the Mobile Packet Core.  Customers use this traffic visibility and analytics for their traffic engineering, to manage their peering relationships, to enable faster and more efficient troubleshooting of network problems and to operationalize new services. They’re able to reduce transit and peering costs, improve link utilization and intelligently plan for future growth. While Arbor is best known today for enabling DDoS detection and mitigation, our roots and core competency are in traffic visibility – and our SP platform enables all the other use cases.

The service provider business has changed enormously during that time.  How has that impacted Arbor’s approach to visibility?
For those first few years, it was a capacity expansion story as service providers built out their networks to support the emergence of the commercial Internet. But this has quickly shifted to a service availability focus – for both consumers and for business – as network operators have expanded their capabilities to offer everything from infrastructure-as-a-service to cloud hosting, managed security services, etc. Operators need business insights – not just data – so they can keep their networks and services running at peak efficiency, identify new service opportunities and operationalize them quickly.  Arbor’s SP platform is all about providing those insights from the operations teams up to the security groups and C-level execs.

For several years SDN and NFV have seemed more about hype than reality, but does Arbor see that starting to change?
Yes, definitely.  Early on, vendor hype largely overshadowed actual network operator business case validations, trials and deployments.  But now we are seeing broader service provider engagement and investment in these technologies.  Typical of most technology cycles, this will an evolutionary rather than a revolutionary process – but one that eventually leads to widespread deployments on various scales.  Arbor anticipated this trend and fully virtualized our SP product line some time ago to fit with our customers’ evolving infrastructure needs.  Our TMS and APS product lines went fully virtual in 2015 too.  And Arbor’s SP platform excels at performing the core tenets of SDN: metering, matching and acting on traffic. Arbor is fundamentally a software-driven company and already supports much of what SDN aspires to offer from a traffic intelligence perspective: a centralized, carrier-grade management architecture providing distributed, scalable, network-wide visibility, threat detection and mitigation.

Supporting future network architectures built around SDN/NFV will require innovative adoption of new technologies, to say nothing of full interoperability with legacy network infrastructure. Arbor will continue to be a thought leader throughout the evolution of these large-scale networks. It is not enough to simply integrate with specific protocols, stacks and point products; these new network architectures and software-based tools must be reimagined to do things that could not be done before in traditional networks and they must perform robustly at carrier scale.

What is SP FLEX licensing and how does that further Arbor’s goals?
FLEX is Arbor’s cloud-based licensing model for our SP visibility platform.  FLEX enables customers to quickly and easily expand and scale their network visibility coverage as needed, and do so in a commercially flexible way that accommodates either CAPEX- or OPEX-centric business models.  Customers can deploy pure FLEX on their own virtual infrastructure or in a hybrid mode as they bridge from an appliance-based past to an all-virtual future.

What new (and old!) challenges do you see providers wrestling with – and how is Arbor helping?
First and foremost, the network is the business.  So anything that helps providers ensure network and service availability, contain/avoid costs, expand their basket of service offerings and fend off competition will remain mission-critical.  Arbor’s SP will play a key business insights role there.  Second, traffic visibility will continue to be a challenge – especially as SDN/NFV environments support new protocols and multiple underlay/overlay networks.  And third, security – and especially threat detection and mitigation via SDN-awareness, Virtual Security Functions, etc. – will continue to be important (and, unfortunately, ever more complex) in these new networks.  So it’s really the same set of challenges network operators have always faced but in new guises.