What is NFV (Network Functions Virtualization) & VNF (Virtualized Network Functions)?

Among network engineers, VNF and NFV are discussed frequently but not without some confusion.

In simple term, VNF stands for virtualized network function, and commonly refers to the software form of network appliances such as a router, firewall, load-balancer etc. VNFs are mostly deployed as virtual machines (VMs) on Linux KVM or VMware vSphere hypervisors on commercial off-the-shelf hardware (COTS). In contrast to VNF, physical network function (PNF) refers to the legacy network appliances on proprietary hardware. And cloud-native network function (CNF) refers to the containerized VNF and may be the container networking and service mesh among microservices.

On the other hand, NFV stands for network function virtualization. It refers to the operation framework for orchestrating and automating VNF software appliances on virtualized infrastructure on COTS hardware, and then managing VNF appliances through their end-to-end lifecycle. NFV relies on software defined networking (SDN) principles that separate networking operations into user plane, control plane and management-and-orchestration (MANO) planes.

Both European Telecommunications Standards Institute (ETSI) and Linux Foundation (LF) are actively developing and nurturing the reference architecture and standards for the NFV framework. ETSI Open Source MANO (OSM) and Linux Foundation Open Network Automation Platform (ONAP) are the most important open source NFV projects supported by service operators and network vendors. In ETSI NFV Framework, NFV MANO provides the core operation functionality and is made up by the NFV Orchestrator, VNF Manager, Virtualized Infrastructure Manager (VI Manager), and the interwork among these functional blocks along with other operational systems. In Linux Foundation NFV Framework, ONAP includes all the MANO layer functionality specified by the ETSI NFV Framework, and additionally provides a network service design framework and fault, configuration, accounting, performance and security functionality (FCAPS).

Following ETSI NFV Framework provides a great illustration of the relationship between VNF and NFV.

Within this ETSI NFV Framework, NFV Orchestrator, VNF Manager(s) and VI Manager(s) deliver the primary NFV MANO functionality. NFV MANO is responsible for (a) interacting with operations and business support systems (OSS/BSS) to deliver business benefits to service providers, such as rapid service innovation, flexible network function deployment, improved resource usage, and reduced CapEx and OpEx costs; (b) orchestrating VNFs into network services (NS), deploying and operating the VNF and NS instances on the virtualize resources, and managing the lifecycle of VNF and NS instances to fulfill the business benefits for service providers; (c) interacting with element management (EM) to manage the logical function and assure service levels of the VNFs spanning across the management of VNF fault, configuration, accounting, performance and security (FCAPS); (d) interacting with network function virtualization infrastructure (NFVI) to allocate, manage and orchestrate the virtualized resources including compute, storage and network, where VNFs are deployed.

At present, NFV framework is undergoing rapid development because of 5G business opportunities, and its ecosystem is growing with strong support from service operators and all varieties of solution providers. A10 Networks is an active member in the NFV ecosystem and is committed to the success of NFV in 5G infrastructures. By following the ETSI NFV Framework, A10 Networks delivers its market-proven application availability and security solutions in a consolidated vThunder VNF and has validated its end-to-end interoperability with leading NFV MANO and VI solutions in ETSI NFV Plugtests events. The vThunder VNF features converged firewall, site-to-site IPsec VPN, Gi/SGi firewall and secure web gateway functions for service providers and enterprise customers alike. A10 Networks continues to work with individual NFV MANO partners and 5G service operators on solution demos and proofs-of-concept to further develop 5G-centric use cases and to ensure the success of 5G service delivery.


January 29, 2019

About Rex Chang

Rex is a seasoned technical solution leader with over 15 years of experience in cloud and networking security areas, focusing on driving solution readiness with product managers and supporting solution sales with account executives. Rex currently serves as a Sr. Technical Marketing Engineer for cloud security and DDoS solutions at A10 Networks. READ MORE