Last week, Illumio participated in the semi-annual Open Networking User Group (ONUG) Conference in New York City – another great ONUG event with no shortage of like-minded people and interesting conversations about networking, security and everything in between.
One unique thing I love about ONUG is the opportunity for the user community (the customers) and the vendor community to come together, collaborate, and take on the challenges we face as an industry. The big topic of discussion at the event was how large enterprises are using private, public, and multi-cloud hybrid infrastructure to deliver digital transformation, and how security in that hybrid multi-cloud world is a huge challenge that needs to be addressed.
Here are some of my notes from the event:
PoC Presentations and the Right Stuff Innovation Award
The S-DSS (Software Defined Security Services) and M&A (Monitoring & Analytics) Working Groups identified and prioritized use cases and requirements from the user community last year. This year, the vendor community was invited to participate in the Right Stuff Innovation Awards by demonstrating how their solutions satisfy these use cases and requirements in PoC presentations. I had the opportunity to lead the PoC guidelines in the S-DSS Working Group. As part of the PoC guidelines, we came up with an example application, components of which were running on bare-metal servers, VMs, and containers in an on-prem data center and two public cloud environments. More details and judging criteria are available here.
Eric Hanselman of 451 Research, Stephen Collins of ACG Research, and Zeus Kerravala of ZK Research were judges for the PoC presentations and tasked with selecting the solutions that best aligned with the ONUG S-DSS framework. Six vendors from the S-DSS Working Group participated: Illumio, Juniper Networks, Nuage Networks, Seceon, ShieldX, and vArmour.
In the end, Illumio, Juniper Contrail Security, and Nuage Networks had the "right stuff" – each honored with the Right Stuff Innovation Award. Congratulations to the winners.
Chris Westphal and I accepting Illumio's award.
Discussions on Container Networking
The second day included a number of sessions on containers that I unfortunately missed since they overlapped with the S-DSS PoC presentations. I still had some great 1:1 conversations with people about the state of the affairs of container networking. I talk to a lot of customers about containers and I see all of them struggle with the networking piece. Currently, there are way too many options out there and no guidelines on best practices to help steer customers in the right direction.
In the spirit of making it easier for the developers, the container orchestration platforms are making it very complex for the networking and security teams. Developers typically care about making their applications work and are happy with the complexities of networking and security hidden behind the scenes. But while hidden from the developers, the networking, security, and operations folks still have to deal with the networking afterwards and having virtual switches, overlays, and NATs inside containerized hosts makes their job extremely hard.
It’s also important to remember that containers don’t live on an island. They interact with other applications and systems running on VMs and bare-metal across the infrastructure. When it comes to connecting and securing those two types of workloads, things become even more complex. I would love to see ONUG form a working group for container networking and security where the user and the vendor community can collaborate and come up with best practices that would not only be easy for the developers, but will allow the networking, security, and operations folks to deal with it easily as well.
S-DSS Working Group
I have been actively participating in the S-DSS Working Group to help come up with a framework for addressing the use cases and requirements that were prioritized by the user community. We would love to have more people join and help us move things forward. If you are interested, you can find out more about the group and sign up to participate here.
Overall, this was a great show and Illumio is looking forward to the ONUG Spring event in San Francisco next year.