Who is selling NaaS, and what do you get?
Vendors of all stripes—network hardware vendors, telcos, hyperscalers, and a new generation of cloud-based upstarts—are jumping on the network-as-a-service (NaaS) bandwagon, so it can be confusing to sort out who is offering what.
Even the definition of NaaS is somewhat fluid. Is NaaS simply procuring networking gear on a pay-as-you go, subscription basis rather than buying it? Is NaaS just a different way of describing a managed service?
Or is NaaS something fundamentally different that addresses a growing challenge for network execs: how to provide network connectivity, resiliency, security, and scalability in a multicloud world?
According to IDC analyst Brandon Butler, “NaaS is a cloud-enabled, usage-based consumption model that allows users to acquire and orchestrate network capabilities without owning, building, or maintaining their own infrastructure. NaaS can provide an alternative consumption model for a broad range of network elements, including wired and wireless LANs, WANs, and VPNs, as well as branch, data-center, edge, multicloud, and hybrid-cloud environments. It can be used to deliver new network models such as secure access service edge (SASE). NaaS can allow IT teams to more easily scale up or down, rapidly deploy new services, and optimize the balance between CapEx and OpEx.
Will Townsend, an analyst at Moor Insights, adds, “A complete NaaS offering includes several key elements. For one, it requires a highly scalable cloud-native architecture. Additionally, it should incorporate a high degree of automation, artificial intelligence (AI) and machine learning (ML) capabilities to facilitate self-healing, observability, and assurance. This architectural approach also allows businesses to tailor performance optimization to specific workloads. Additional potential benefits include a guaranteed quality of service, improved IT agility and resource management for line-of-business support. Last, but not least, of course, is the ability to treat infrastructure as an operational expense on the balance sheet.”
The vendor landscape for NaaS can be broken down into five categories: networking equipment players, telecommunication providers, cloud service providers, WAN transport vendors, and multi-cloud networking vendors. Here’s a sampling of the types of services enterprises can order from vendors in each category.
1. Networking vendors
HPE-Aruba: Diving into GreenLake
HPE-Aruba has been a leader in the NaaS movement since its launch of GreenLake NaaS in 2017, and the announcement in 2019 that it planned to offer its entire portfolio as a service. Most recently, HPE has made NaaS easier for customers to consume by creating pre-configured service packs for wireless and wired networking, SD-Branch, SD-WAN, network policy, and user experience. Each service pack includes Aruba hardware, software, and service components.
GreenLake NaaS for Aruba is a subscription-based, monthly payment model that gives customers the option to scale up or down as business needs change, a customer experience management dashboard, automatic hardware refreshes, software updates, as well as recycling of end-of-life equipment. There’s also an option for remote management and monitoring provided by Aruba.
One NaaS option is GreenLake for Microsoft Azure Stack HCI which enables customers to run Windows and Linux VMs across hybrid clouds, on-prem, and edge environments. This offering is built on Lighthouse, physical infrastructure that incorporates compute, storage, and networking, and is delivered to customer sites.
HPE also has a storage-based NaaS called GreenLake Cloud Data Services, which enables customers to self-provision storage infrastructure as-a-service. It also has a high-performance computing option that includes advanced Nvidia GPUs.
Juniper Networks: Visibility through Mist
Juniper Networks is leaning hard into NaaS. The company is not only offering networking functionality as a service, it is also providing a clear deployment path through managed service providers (MSP) and re-sellers. And Juniper is even offering flexible financing options through Juniper Financial Services.
Juniper NaaS leverages its cloud-based AIOps platform (based on technology from Mist Systems) that enables management of wired networks, wireless deployments and SD-WAN from a single portal. Customers have the option of going through an MSP who would use APIs to integrate with the customer’s internal systems. Or they can go through re-sellers and manage the system themselves, while taking advantage of subscription-based financing.
The benefits of Juniper NaaS include insights and automation across the networking stack, as well as customizable service levels with visibility down to the client, application and session layer to assure the best user experience. The service enables customers to easily scale up cloud services and manage/monitor network usage. In addition, Juniper integrates security with the networking fabric by extending visibility, threat intelligence, and policy enforcement to every connection point.
On the financial side, Juniper is offering flexible payment options for managed services and predictable monthly payments for subscription services.
Dell: Reaching for the APEX
In 2019, CEO Michael Dell announced that Dell planned to move aggressively into NaaS, and the company has followed through, offering a broad portfolio of storage, data security and compute resources in a subscription-based, as-a-service format.
The Dell APEX NaaS includes block, file and object storage, backup and disaster recovery, virtual machines, containers, application development and high-performance computing. By giving companies control over all of their data no matter where it is located through the Dell APEX Console, companies can better protect against cyberattacks, meet data privacy and other regulatory requirements, and improve incident response.
At a more strategic level, Dell says APEX will help enterprises achieve consistent operations across multicloud environments, bridge the gap between public cloud agility and private cloud control, and streamline operations for better business outcomes.
Dell is offering its own professional services to help companies plan and implement their transition to NaaS. There is also a managed services option for customers who want to run Dell infrastructure in Equinix data centers.
Cisco: Cisco Plus adds SASE
CEO Chuck Robbins has said the company plans to eventually offer its entire portfolio through the NaaS model, but the company is taking a decidedly incremental approach.
Its first NaaS offering, Cisco Plus Hybrid Cloud, included consumption-based options for virtual desktop infrastructure (Cisco HyperFlex hyperconverged infrastructure with third-party VDI software) edge compute, virtualization and bare metal compute (on Cisco UCS servers), and data-center networking (with Cisco Nexus and MDS switches).
More recently, Cisco introduced a turnkey SASE subscription service called Cisco+ Secure Connect Now. The service integrates functionality that Cisco has acquired over the years, including SD-WAN from Meraki, Zero Trust Network Access from Duo, and observability from ThousandEyes.
2. Telcos
Verizon: NaaS as an onramp to digital transformation
Verizon is leveraging its vast global network, managed-service expertise, and deep ties to enterprise customers to offer NaaS that includes managed SD-WAN, VoIP, and security services in a modular, scalable, pay-per usage format.
Verizon says its NaaS runs on a programmable, modernized network that delivers services in a more agile, resilient and cloud-centric way than traditional network infrastructures. On a more strategic level, Verizon says its NaaS can support new business models and help transform operations.
Benefits include improved levels of performance, efficiency and agility, lower capex costs, and the elimination of hardware upgrades. The NaaS platform provides visibility and automated control of network functions, enables organizations to gain visibility and insights into network and application performance, and simplify network management with automation and centralized tools.
Verizon also recognizes that there is a transition involved in switching to NaaS, so the company offers its own professional services team as well as an ecosystem of partners to help enterprises create a transition strategy and implement it.
Lumen Technologies: Pay by the hour
Lumen Technologies (formerly CenturyLink) is taking NaaS to the next level by offering self-service provisioning of secure WAN connectivity over its private network that customers can pay for by the hour. Of course, they offer monthly rates as well for more stable workloads.
Lumen’s pitch to customers is: Why go to all the trouble of implementing an SD-WAN overlay and then running traffic over the unsecure internet, when you can gain all the benefits of flexible, optimized, secure connections on its global private network.
Lumen’s Dynamic Connections service helps companies quickly boost WAN capacity to meet seasonal spikes in demand, and it can help companies dynamically manage the performance of WAN traffic and workloads.
Lumen says its current offering is an early example of where NaaS is headed. “In the future, instead of spinning up connections yourself, you can expect APIs to flex your underlying networking fabric automatically based on your preferences and real-time reporting from your applications,” the company says.
3. Hyperscalers
Google: Virtual private cloud
Google offers a range of networking services built on top of its global infrastructure that leverage automation, AI, and programmability.
Google’s Virtual Private Cloud (VPC) service enables customers to define fine-grained networking policies, including IP address ranges, firewalls, cloud VPNs and cloud routers. Other available services include DNS, load balancing, content delivery network, IDS, NAT, DDoS protection and web-application firewall.
Through the Google Network Connectivity Center, customers can connect on-prem, Google Cloud, and other cloud networks and manage them through a centralized hub.
Google offers network service tiers, so customers can choose the right tier for the appropriate workload. This enables customers to improve performance for high-priority apps and better control network costs.
Microsoft: NaaS on the Azure backbone
Azure Virtual WAN is hub-and-spoke based architecture that provides NaaS for connectivity, security, and routing on the Azure global backbone. Customers can take advantage of the subscription service to gain the benefits of scalability, ease of deployment, reduced IT costs, low latency, high performance, and advanced routing.
The service has three options: Connectivity for branch offices and remote users, including SD-WAN links and VPN gateways; security services such as Azure firewall; and virtual routing, either site-to-site or point-to-point.
Microsoft is also partnering with other vendors to improve ease-of-use and integration between third-party products and the Azure environment. For example, the Fortinet FortiGate SD-WAN/Network Virtual Appliance is now natively integrated with Azure Virtual WAN. The Versa SASE service is also integrated with Azure Virtual WAN enabling customers to deploy the Versa service and use the Azure hub as a central connectivity point.
4.WAN transport
Graphiant: Network edge as-a-service
Startup Graphiant has launched a service that provides network-edge connectivity over its own private network. Graphiant makes the case that MPLS is private and secure, but too inflexible and costly for today’s networking needs. SD-WAN adds edge-to-cloud connectivity over consumer broadband, but that can introduce performance issues associated with the public internet. And SD-WAN can be difficult to manage and maintain.
With the Graphiant service, customers connect their locations to the Graphiant edge, and all routing is performed by a multi-tenant stateless core that allows for any-to-any connectivity among locations. Graphiant provides its own custom hardware, which it says can be easily configured and programmed by the customer via a cloud-based management portal, so customers can create service level agreements (SLAs) for applications.
Last-mile connectivity can be done over any type of network, including the public Internet. Traffic is encrypted from point to point and never decrypted in transit.
Graphiant says the advantages of its service are faster time to deploy and scale network resources, accelerated and simplified adoption of cloud resources, improved security through end-to-end encryption, predictable application performance, and lower costs.
The underlying technology is Vector Packet Processing (VPP), an open-source framework for speeding the movement of encrypted network traffic. With VPP, the platform attaches metadata labels to packets, which gives the network information on what route a packet should take to reach its destination. VPP also packages multiple packets together, so that processing is done in bulk, which improves performance.
Megaport: Middleman to the cloud
Megaport is a NaaS vendor that partners with hyperscalers, colo providers, and SD-WAN/SASE vendors like Cisco to deliver a multi-cloud overlay called a software-defined cloud interconnect (SDCI).