Netgate Blog

Cloudy with a Chance of Premises

When we released TNSR 18.05 in June, I talked about the “behemoth router” and a few use cases that support its disruptive potential. Today, our second release, TNSR 18.08 is live on AWS.

If you’re new to this, TNSR is an open-source based high-speed packet processing platform built upon The Linux Foundation Projects’ FD.io that delivers compelling secure networking performance, manageability, and services flexibility at a fraction of the cost of big brand solutions. FD.io (Fast Data – Input/Output) is a collection of projects and libraries including Vector Packet Processing (VPP) and Data Plane Development Kit (DPDK). You can find out more about TNSR here.

During the past three months, we’ve learned a lot from customer trials. As is to be expected with any new product, a number of management and stabilization improvements have been added to TNSR so customers can more easily exploit the power of VPP and DPDK. But a key addition in this release is the ability to run TNSR outside of the cloud. Let’s talk about that.

First, the pundits know that in the end - all secure networking (which is essentially packet processing driven by a set of data inspections and decision enforcements) will be an open source software-based utility for pennies per hour on Amazon and Azure driven by AI and big data. Why? The vast majority of workloads will eventually be cloud-based. To wit, Goldman Sachs says “…while just 6% of workloads were in the public cloud at the end of 2015, we expect this to grow to 19% by the end of 2019 and 50% over the next decade.”1 While that’s perhaps a bit dogmatic, the direction is clear. Cloud computing is irresistible. It enables businesses to use and provide applications and data over high-speed internet connections - without the need to own computer software and hardware - which slashes information technology capital and operating expenses, and affords utility-like scalability.

Given this overall market direction, why would customers ask for TNSR on premises appliances? Because the world never flash cuts to anything. Ever. It takes time.

Let’s consider three simple scenarios:

Scenario 1: Born in the cloud

“My company has, from day one, run its entire IT infrastructure on a public CSP. We use only iPhones and MacBook Pros to access all applications and data.”

Congratulations, unlike me, you’re not a boomer. You are probably working at a startup created in the last decade. That said, I’d bet your company is still using a traditional Internet connection or VPN for cloud access - and that must be managed, orchestrated and secured.

Even if you’ve reached cloud nirvana, you’ll still have virtual private cloud networking needs and security concerns circa inter- and intra-cloud connectivity. TNSR has a strong hand there.

Scenario 2: I wasn’t born in Texas the cloud, but I got here as fast as I could

“My company’s CFO has recognized he can slash IT capital expenditures by turning them into OpEx, rather than owning the infrastructure. But for reasons involving compliance, complexity, control, or an abundance of caution, I haven’t, can’t, or won’t move all IT workloads to the cloud. So something must still enable high-speed secure access to applications and data that live in my building downtown.”

Or maybe you have moved everything to the cloud, but you still want a security guard at the front door to prevent your employees from pining away their day on Facebook. You’ll need a firewall for that. An edge box. And, so that your employees don’t complain about performance when the traffic through that box tends toward small packets that are encrypted, it needs to be fast. We know the hardware will be built from really fast processors (or expensive task-specific ASICS), loads of memory and Interstate highway-sized network connections, but is the packet processing software able to keep up without breaking the bank? With TNSR, yes.

Scenario 3: Those clouds up there sure are pretty. But the view from here is just fine.

“Look, we like our IT just the way it is. It works. It’s in our control. The regulators are happy. Yeah, it costs a little more to run it locally ourselves, but we’ll deal with it. At least for the time being. But for God’s sake, why is our network connection so slow? We bought this shiny new box with these 10 Gbps ports, and our internet connection is robust. But, the box’s router and firewall software is holding us back to 3 Gbps. The features work great, and it’s really easy to manage. But, as Captain Kirk would say, “Scotty, I need more power!”

Bad news: You’re probably a boomer. Good news: Your appliance is fine, and you can upgrade it with higher performance software that frees the engine to redline. TNSR to the rescue.

Initially, we’ll enable TNSR on new appliances leaving the factory. Once there, it’s a short hop to enabling field upgrades to Netgate appliances. And yes, we plan to enable non-Netgate appliances to be turbo-charged as well. It’s best to talk to sales about your specific needs. TNSR is powerful, and depending on the applications you are running, it may be a simple drop-in. You will, however, need to manage it via a RESTCONF API. Fortunately, we’ve had great compliments on TNSR’s ease of installation, configuration, and operation - owing to solid documentation and ready to use code snippets.

The cloud is compelling, but transition there at your chosen pace. We’ve extended TNSR’s power and ease of management for your premises needs until you’re ready for the ‘ascent’.

  1. The Future of Public Cloud, Volume 4; The Goldman Sachs Group, Inc.; November 16, 2016.