Featured Interview: CA Technologies’ Tim Diep – Why Network Assurance is Vital to the Service Chain

11 April -2016:  Tim Diep is director of product management at CA Technologies, Enterprise Management Business Unit. A veteran of the cable and networking industry, he joined CA in 2014 to lead the concept development of SDN assurance. Before CA, he was with Juniper Networks, where he developed early-stage products for cable broadband, router services, and streaming video delivery. Tim holds patents in “applying differentiated services” and “granular access control management.”


SDxCentral: Driven by increased needs for business agility, organizations are turning to cloud-based development stacks to roll out scalable Web and mobile applications faster than before. Are you seeing the same trend among CA’s businesses?

Diep: Yes, absolutely. It is a natural course for cloud computing to reach this point when platform-as-a-service (PaaS) is finally compelling to enterprise companies. For the last several years, we saw our customers getting more comfortable with compute and storage services in the cloud, and now they are at the comfort and experience level to employ cloud development environments.

At CA, we feel this is a fundamental strategy to successfully compete in the application economy. Companies need to develop and deploy applications to assure their business and operations, and XaaS provides a means to do it fast and cheap. In our view, this trend will continue, propelled by mobile and new technology like Internet of Things (IoT).


Within this new application economy, what do you see as the bottleneck? And what kind of transformation is needed?

Diep: Given the early state, there are many areas that can be deemed bottlenecks. In general, anything that slows down the development, deployment, and access to quality applications is a bottleneck.

The obvious one to start looking at is the archaic IP network. Most networks today are not equipped to support the service requirements of emerging applications. The main issues stem from poor access to the cloud and the transient nature of apps.

Apps require instantaneous services (network, storage, compute) when they appear and instantaneous decommissioning when they disappear. The same can be said about the transient nature of clients accessing the apps. Software-defined networking (SDN) and network functions virtualization (NFV) enable networks to react to transient app demand and deployment, and this is why this next-generation network technology is so crucial to the application economy.


Where are you seeing SDN and NFV infrastructures being deployed today – where are the innovators and use cases? What do you think are some issues holding back the widespread adoption across service providers and enterprises alike?

Diep: Yes, most of our customers – enterprises or providers – are either designing, trialing, or deploying small-scale SDN or NFV. A lot of them see this as a logical progression of their cloud strategies. But what they are discovering is that there is a set of practical, operational issues that has yet to be addressed to support SDN and NFV.

One of these issues is assurance – monitoring performance and resolving faults. These companies are finding that SDN and NFV are just too complex to operationalize. Even something as basic as visualizing a topology can be daunting, given the disparate tools available. They are asking themselves, “Do I have to build my own solution to monitor and assure this new network?”

Customers are looking for an assurance solution that can simplify the management of SDN and NFV networks while making sure they get the most out of their next-generation network investments – for the level 1 helpdesk staff, the network engineer, and especially for the business.


What’s unique about assurance in the SDN and NFV world that’s different from the past?

Diep: Well, a lot. For one thing, you now need to monitor inventories, which was not needed in the old network. And inventories don’t just include hardware and software but also encompass abstracted objects. Interdependency is another unique area. What happens to one component affects many other components due to the tightly optimized nature of SDN and NFV. Assurance systems have to scale up relationship analytics to support these interdependencies.

The transient nature of SDN and NFV will render a lot of the legacy methods of data collection obsolete. An urgent need for innovation in the assurance space is required to support the growth and successful adoption of SDN and NFV.


What does CA’s Virtual Network Assurance solution do that’s unique? And how does it improve reliability of SDN and NFV deployments?

Diep: To start, Virtual Network Assurance is a migration tool. It lets the customers reuse existing assurance systems. This is critical because a customer’s standard operating procedures are not yet changing, and reusing existing assurance systems allows them to keep the same processes.

Second, the solution recognizes the complexities SDN/NFV technology and is able to hide the details while delivering practicable artifacts to the operational users. We also embraced the network service chaining concept and introduced a building-block view that shows all the hardware and software that hold up a unique service chain.

To sum it up, Virtual Network Assurance establishes a path to reliable SDN and NFV by delivering the simple benefit of letting helpdesk and network engineers quickly see: “This is my SDN network.” We are trying to solve everyday operational problems.


Can you explain the importance of a multilayer approach to SDN/NFV assurance and why drilling down into the underlay/overlay is important? What common problems have you seen in early SDN and NFV rollouts that lack that level of visibility?

Diep: The multilayer concept is our way to explain SDN and NFV. We see SDN and NFV as a triangular, layered model. Imagine a triangle with physical, virtual, and abstraction on each side. These sides relate to each other – and to understand the network, you need to understand these relationships. A lot of what we have seen in the market is focused on one or two sides of that triangle, and that’s not going to work.

By representing SDN and NFV in this way, we are able to apply traditional fault isolation methods and help customers quickly trace a problem in the overlay to a root cause in the underlay, or isolate a problem in the abstracted domain to the virtual or physical domain.


How does CA Virtual Network Assurance enable reliable service chaining – a key part of many SDN and NFV rollouts?

Diep: Service chaining is at the heart of SDN and NFV and key to meeting the needs of the application economy. Imagine an app being instantiated – and immediately a service chain is spawned to support the flow of traffic to the app. We recognize this and also that assurance has to relate performance to fault in the service chain context.

In CA Virtual Network Assurance, service chains are logical buckets for all the information and analytics the solution provides. By applying service chaining to assurance, now customers can correlate a problem in a service chain to particular virtual or physical components causing the problem. Customers will also be able to analyze service chain characteristics such as traffic types and active subscribers. CA believe this is a requirement for any assurance system supporting SDN and NFV.


How do organizations usually act on the information and insights provided by CA Virtual Network Assurance? Do you have any concrete examples of success?

Diep: It can range from a helpdesk person isolating a fault, to an SDN admin monitoring inventories, to a system engineer assessing the impact on compute resources. At present, usage is similar to what was done in the old network.

For example, a customer had been using our assurance systems to produce SLA reports for its managed services clients. When it transitioned to vCPE [virtual customer premises equipment] using SDN and NFV, it deployed CA Virtual Network Assurance to gather the relevant new metrics and attributes and then upgraded its SLA reports. The business process is the same, but the data is different. We help customers gradually migrate their operations to support SDN and NFV.


What characterizes an organization that would require the CA Virtual Network Assurance solution? Whose operational processes does the solution improve, and what benefits can they expect?

Diep: If a customer is even thinking about SDN and NFV, they should take a look at CA Virtual Network Assurance. When you look at assurance upfront, you save time and money earlier versus scrambling to find a solution that fits after the fact, particularly because of the variety of implementations out there. The OSS team within each company has to push this agenda or find themselves with a new network they can’t monitor and troubleshoot.

In the old days, assurance was usually planned at phase 2 or later in the project, but in the SDN and NFV world, it has to be part of the phase zero plan. The business wants to invest in SDN and NFV for the benefits of faster time to market and revenue while realizing a faster pace of innovation. This success can only be realized when assurance is at the forefront of your next-generation network plans.