What is Network as a Service (NaaS)?

The day is coming when enterprise IT professionals will be able to order network infrastructure components from a menu of options, have them designed to fit their business needs, and have the whole thing delivered and running in perhaps hours.

The concept is called Network as a Service (NaaS), and it has been around in a number of different forms for a few years, mostly in the service provider arena.

For enterprises, the as-a-service concept took hold as companies started to embrace cloud computing and its model of consumption-based capacity. In the infrastructure space, for example, more than 75% of infrastructure in edge locations and up to 50% of data-center infrastructure will be consumed in the as-a-service model by 2024, according to research firm IDC.

According to Forrester, the evolving technology landscape is driving the need for more flexible consumption models. The pandemic, too, has accelerated adoption of as-a-service offerings, the research firm reports: “The events of 2020 meant IT plans and priorities had to change. Nearly two-thirds (64%) of IT leaders began accelerating the shift of IT spend from capex to opex and to consider flexible consumption models like as-a-Service for the future.”

Another trend driving the move toward NaaS is that licensing and software-management components of enterprise networking infrastructure are increasingly offered via a subscription, IDC reports.

What is NaaS?

The definition of NaaS is somewhat of a moving target and prone to hype at this point. But there are some solid NaaS characterizations.

“NaaS models are inclusive of integrated hardware, software, licenses and support services delivered in a flexible consumption or subscription-based offering,” wrote IDC senior research analyst Brandon Butler in a white paper.

“Instead of buying network equipment, installing it, and operating it, a Network-as-a-Service provider owns, installs and operates the equipment, and organizations pay a monthly subscription for the network services,” explains Neil Anderson, senior director, network solutions, at World Wide Technology, a technology and supply chain services provider.

There are different degrees of NaaS, according to Anderson, including:

  • Subscription hardware: Instead of outright purchase (Capex), you pay a monthly subscription (OpenX) for the hardware, but you still install/operate it.
  • Managed service: Subscription-based hardware plus a managed service to operate it.
  • True NaaS: The provider owns, installs, and operates all equipment, and you simply pay a monthly fee for the turnkey service.

Jay Gill, senior director, products & solutions, with Pluribus Networks, says that “any virtualized network construct that is abstracted from underlying network infrastructure and provided by one entity to another, even within a single company, could be considered NaaS.”

“The foundation of NaaS is network virtualization, which allows the networking constructs a user sees to be abstracted (or decoupled) from the physical network devices and equipment that support them,” Gill said.

Essentially, enterprises that end up using NaaS can more simply consume and scale products and services as they need based on what their business requires.

How is NaaS implemented?

A good recent example of how NaaS will be brought into the enterprise is Cisco’s Plus offering. While Cisco expects to roll out what will likely be myriad service options under Cisco Plus, for now it is introducing two flavors. The first, Cisco Plus Hybrid Cloud, includes the company’s data-center compute, networking, and storage portfolio in addition to third-party software and storage components all controlled by the company’s Intersight cloud management package. Using an API, customers can choose the level of services they want for planning, design and installation. Cisco Plus Hybrid Cloud, which will be available mid-year, offers pay-as-you-go with delivery of orders within 14 days, according to Cisco.

The second Cisco Plus service will bring together the company’s secure access services edge (SASE) components, such as Cisco’s SD-WAN and cloud-based Umbrella security software. 

Other NaaS services will be delivered differently. For example, many network connectivity services offered by traditional telecom network providers can be considered NaaS offerings, Gill said. 

“Metro Ethernet Services and other L2VPNs, L3VPNs including IPsec and MPLS VPNs, and, more recently, SD-WAN services all provide a virtualized connection service that abstracts the underlying physical network. Some connectivity offerings also include other virtualized functions such as vCPE, firewalls or remote access gateways,” Gill said. 

Service providers such as Megaport and PacketFabric also own network infrastructure but focus on providing a narrower range of highly flexible and cost-effective NaaS offerings sometimes referred to as software-defined interconnect services. Their primary value proposition is streamlining connectivity to public cloud providers and other service providers at major colocation and Internet exchange points, Gill said.

Newer service providers are creating SD-WAN or other NaaS offerings without owning any of the underlying infrastructure.

“As an example, Alkira can provide a completely virtualized NaaS built on the infrastructure of public cloud providers. This type of service offering may be the first thing that comes to mind today when someone says ‘NaaS,’ but it would be a mistake to define NaaS as only including such offerings,” Gill said.

Purchasing NaaS will typically involve a one-, three- or five-year term, and organizations can either pay all upfront or through annual or monthly billing, Anderson said. “Pricing is determined by factors including the number of users, number of square feet and bandwidth used, or all of the above,” Anderson said. 

NaaS use cases

Some early adopters are already utilizing NaaS. For remote access, it’s starting to go mainstream, Anderson said in an earlier Network World article.

“Networking is no longer just about connecting things within private networks, because there is a world of networking to and between clouds to account for,” Anderson said. “For example, with private WANsI typically networked my sites to my other sites like a private data center. Now, I need to network my sites to cloud services, and I may be doing so with public-internet services,” Anderson said.

There are several NaaS use cases, such as a complete branch office or store-as-a-service that includes network, WAN circuits, wireless, etc. all for a single monthly fee, Anderson said. With a turnkey network-as-a-utility, the provider designs capacity for a building, purchases, installs and operates all equipment for a single monthly subscription fee. These could include other services like security and collaboration all bundled together as-a-service for a single bill or subscription, Anderson said. 

In general, IDC’s Butler said that organizations that adopt NaaS models experience faster deployments because they are taking advantage of the expertise of partners and vendor specialists to expediate the planning process.

NaaS also allows access to new technology, including infrastructure like Wi-Fi 6 and 100GbE, with access to equipment refresh and upcycle opportunities to ensure that the network is operating at peak performance levels and can scale up or down to meet demand requirements, Butler stated. 

NaaS also improves refresh cycles because upgrades happen seamlessly when there is less scheduled downtime and improves performance due to newer equipment and enhanced service levels. Finally, NaaS reduces the amount of outdated, inadequate infrastructure within the environment due to constant monitoring of performance metrics for all IT assets within the environment, Butler stated. 

The best fits for adoption now are greenfield sites, temporary locations, and small branch offices, experts say. NaaS offerings could also be attractive to network remote, home and mobile workers who need secure, reliable application performance.

NaaS challenges

Moving forward, one of the key challenges facing any NaaS implementation will be its support of a solid, integrated security system.

Many organizations like to control their own destiny on security and compliance, Anderson said. With NaaS, a certain amount of security control will lie with the NaaS provider, which can be a big issue, Anderson said. “How will the customer still be able to do traffic inspection, or be able to feed security analytics tools with NetFlow, etc.? And who is liable for a breach and how will it be remediated?”

There are other concerns, experts say, such as the ability to customize the service to very specific needs. 

“Like any managed service, there may be a tendency to install the cheapest equipment possible and use it for as long as possible,” Anderson said. 

That means service-level agreements become critical and need to address important metrics including:

  • What are the key metrics of success and requirements? (i.e. bandwidth per user, up time, app performance, etc.).
  • What’s the guaranteed service level or up time?
  • How often will equipment be updated and refreshed with the latest technology?
  • What tools will the NaaS provider use to proactively measure and manage capacity and performance?
  • What are add/change costs and policies? For example, if the customer reconfigures its building and needs to add more employees, how is additional equipment/capacity handled? Similarly, how it this handled for staff reductions?

Other experts have written in Network World that for medium to large organizations with significant investments in existing remote, branch, campus and data-center networking network-security infrastructure, migrating to NaaS will be difficult and time consuming. Multi-vendor environments will further complicate the matter. Because NaaS is enabled by fast, low-latency, internet services, any interruption in WAN connectivity may seriously degrade or disable enterprise network operations. Because the service is relatively new, NaaS pricing is still uncertain, so business leaders may find that per-year operational costs may be more than they budgeted for.

The future of NaaS

It’s clear that enterprise customers’ move to cloud services is the primary driver for NaaS. And while the networking industry is only now sorting out how the cloud world will be effectively networked, NaaS could play a big role in the future.

Networking must be virtualized and automated to enable operations at cloud speed, Pluribus’s Gill said. “The big question is what services and business models will prevail. With most applications staying in private cloud environments, private cloud NaaS may be the most important.”

Another key market opportunity will come from NaaS offerings that simplify use of multiple public clouds, so users do not have to be experts in each cloud’s native networking stack to operate a multi-cloud environment, Gil said.

“With more and more applications moving to Cloud/SaaS, traffic profiles are shifting dramatically,” Anderson said. 

“We used to build campus networks with tremendous aggregation back to a core network – then to our private data center where our app workloads ran. In the future, if most traffic is headed to Cloud/SaaS, are core networks needed anymore? Or do organizations just need each of its buildings to be a very reliable ‘hot spot’ with high-speed internet access? I think we will see organizations rethinking their architecture, and it will make it easier to adopt a NaaS approach,” Anderson said. 

Security will be the sticking point in the future, Anderson said.

“There’s a great deal of security integrated into and relying upon the network today. If an organization turns its network over to a NaaS provider, they must consider whether they lose visibility and how to continue to provide data to their SecOps team,” Anderson said.

“Because of this, I think we will see combined NaaS/Security-aaS offers in the future. Secure Access Service Edge (SASE) is headed in that direction, for example. But trusting a provider with security will be a major sticking point, especially for large organizations and those with regulatory requirements like HIPAA, PCI, NERC/FERC, etc.,” Anderson said.

In the end, transparency, simplicity, and improved lifecycle services lead to better cost metrics and help ensure network usage aligns with business goals, IDC’s Butler said. 

“This leads to overall benefits of increasing agility, reducing network complexity, and enabling organizations to have an optimized network that supports growing and dynamic environments. IDC believes that enterprise use of NaaS models will increase significantly in the coming years as more organizations realize these benefits.”

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

READ MORE HERE