What VMware’s Acquisition of Nicira Tells Us About OpenFlow

It’s been hard to ignore all the talk around the datacenter industry since July 23rd when VMware announced their definitive agreement to acquire Nicira. Oracle followed VMware, recently announcing that it will acquire Xsigo. Overall, it seems like there are tectonic moves in the datacenter space – big vendors are stacking up. With these different acquisitions, VMware seems to be aiming at becoming the do-all virtualization software platform, and Oracle seems to be closing all the gaps in their product portfolio to offer a complete, business application optimized data center platform. Top that with the Cisco UCS idea (not new), adding Compute to their portfolio, which seems to be succeeding but still a major move in the way people buy datacenters, it truly shows how things are different than the way they used to be when HP and IBM were fighting head-to-head.

Since I have been following different start-up companies in the SDN space fairly closely, the Nicira acquisition was a very refreshing breather. Why? As with many other technologies, OpenFlow related technologies first appeared as a pure-play strategy in which potential prospects must adopt the entire solution in order to benefit from the advantages. Interestingly enough, Nicira took the road less traveled, offering overlay and hybrid SDN solutions, running atop of existing networks, as their primary pitch, without requiring any major risk taking by their customers. No doubt this is smart, it really brings the benefits of the technology to potential buyers quickly. Also interesting, Nicira’s competition has followed in their footsteps (perhaps a bit too late) and moved from offering pure OpenFlow based SDN solutions to solutions that can probably work sooner and run over and alongside existing network infrastructures.

So, what are the synergies between Nicira and VMware, why does the acquisition make sense and what does it mean for network virtualization? VMware has been a pioneer in decoupling the way we use computers from the physical computers. Or, described in a more technical way, have separated operating system instances from the compute hardware they run upon. Originally, this served as an efficiency play in which end users that have been running servers at approximately 20% utilization, can now consolidate three more of these on to the same server and run it at 80% utilization. This saves significant hardware costs and gets more out what you own. Soon after this breakthrough, while Intel continued to power the up scaling of each of these machines with beefier processors and internals, the notion of pooling multiple machines (servers) together and managing the entire pool continuously sparked some interesting use cases. The innovation shifted primarily to solving the challenge of efficiently managing these pools and building valuable “services” or “workflows” to best support business challenges, which bring us to where we are today.

VMware has obviously noticed that the network is holding them back from delivering the business agility promised by their solutions. Since implementing any comprehensive virtualization use case typically requires the involvement of the network teams, who are far less agile and way more risk averse, and not only the teams that manage the VMware infrastructure, VMware can’t control the ultimate delivery of their solution. Additionally, they don’t want to become the company that starts uprooting the networking industry by changing or taking away anyone’s job as a long established network engineer. So here we go again – why not decouple the way we use networks from the physical network equipment? Let VMware build you the virtual network your applications require without asking the network guy – and without risking his position. The network guy is there to build the rock solid foundation, and the applications will determine how they communicate among each other. Nicira does exactly this, which makes sense.

For the exact reasons VMware found value in Nicira as an acquisition target, I see huge potential in overlay networks because they truly create the effect of decoupling what the application needs from what the physical network can deliver and allow for more flexibility in designing applications.

Some of the challenges associated with overlay networks are really what happens with non x86 hypervisor based systems. How do devices that do not have a virtual switch managing all overlay communications, but are legacy appliances or server systems, integrate into such an environment? The intent is really for such devices, and network service appliances such as load balancers, and other purpose built hardware to natively support the various encapsulation and tunneling options. Due to the very long list of technologies in this space; 802.1q, vCDNI, Q-in-Q, 802.1Qbg/h, VX-LAN, NVGRE, Nicira NVP, IBM DOVE… it’s hard to pick a winning horse. However, history shows that confusion usually promotes progress with open standards – OpenFlow based overlays are my bet for network virtualization.

Lior Cohen

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program


An Online Encyclopedia Of Cyberattack and Cybersecurity Terms

What is WAF?
What is DDoS?
Bot Detection
ARP Spoofing

Get Social

Connect with experts and join the conversation about Radware technologies.

Security Research Center