Security a challenge - and opportunity - for NFV development, says ETSI

Sophia Antipolis, France and Düsseldorf, 19 October 2015

Dealing with security and coordinating SDO developments are the big issues for 2016, say ETSI ISG NFV Officials at Layer123 SDN Conference.

Security in the NFV/SDN environment is one of the major challenges the industry needs to address for 2016 but it should also be seen as an enormous opportunity. It will combine analytics with the network agility enabled by NFV and SDN to improve the resilience of networks to security threats. This was one of the key messages from a range of ETSI ISG NFV personalities speaking this week at the Layer 123 SDN & OpenFlow World Congress in Düsseldorf.

On this third anniversary of ETSI's announcement of the creation of the NFV ISG – at this same event – Don Clarke, Chair of the Network Operator Council of the ETSI NFV ISG, highlighted some of the achievements including rapid delivery of specifications, nearly 40 PoCs (Proof of Concepts) having either been completed or being in progress and that many of the other global Standards Development Organizations (SDOs) in the world are now building their specifications around the foundations provided by ETSI.

“It is incredible how far we have come in just three years but we are now at a critical stage. The industry is stretched and SDOs, including the NFV ISG, must focus their efforts on what is really needed to be done to foster innovation in an open ecosystem. We should not go too far in trying to anticipate what specifications might be needed in the future. SDOs should also identify how to work collaboratively with open source communities, ” he said.

“We recognized early on that security needed to be proactively addressed in an NFV world and one of our first priorities was to convene an expert group on security to identify the challenges and to recommend actions. The NFV ISG Security Working Group is the world’s leading discussion forum on this vital topic and includes security experts from government agencies as well as vendors and operators, ” he added.

For Diego Lopez, Chairman of ISG NFV Technical Steering Committee (TSC), it is not just the SDOs that need to work together – the SDN and the NFV communities are developing a mutual understanding that the integration of those two concepts is increasingly important.

“Each community has its own challenges but many of the required solutions will come out of a joint approach to addressing those problems and we are seeing an acknowledgement of this as we move forward, ” he said.

Diego Lopez pointed to the more complete than ever Proof of Concept area in Düsseldorf, where demonstrations from leading operators and vendors from across the world were showing the reality of NFV progress today. The demonstrations included a full ISO 7-layer stack fulfilment, with activation or orchestration of VNFs in carriers’ networks, a VoLTE service based on vEPC and vIMS architecture, distributed multi-domain policy management and charging control in a virtualized environment and an SDN enabled virtual EPC gateway.

"We always wanted to follow a practical approach to NFV realization from the very beginning. It was very radical at the time but it is part of the ETSI NFV DNA and we worked hard to show that it was real from day one. PoCs show that the potential for NFV is reachable and interoperability is achievable but of course we still need specifications to make it happen fully and that is where the rest of the industry comes in, ” he said.

The Layer123 event, which attracted more than 1,500 delegates this year, comes after the NFV ISG has already published 23 specifications in less than three years – a significant achievement in such a short timescale. The first release covered NFV use cases, requirements, terminology and an architectural framework and has become the key reference for the global industry. Other specifications cover management and orchestration, security and resilience, as well as performance and portability best practice.

Release 2015 is nearing completion and currently has 35 Work Items under development, all planned for publication by Q1 2016. ETSI NFV members are also looking beyond this into other important areas – the planning of the next releases (2016 and onwards), the best approach to NFV stage 3 standardization (Open Source APIs, traditional specification, others), and strengthening of relationships with other SDOs and open source communities working in the NFV and SDN areas.