Your network vendor has probably already told you that network as a service or NaaS would improve your network and bottom line. They’ve probably told you that they offer a NaaS strategy. The first statement is true, and the second is fast becoming irrelevant, because the fact is that you have a better, vendor-independent, NaaS option already. It’s called the internet.
The definition for NaaS that’s recently taken hold is financial more than technical—NaaS is a strategy for expensing network technology rather than building networks from capital purchases. Some vendor NaaS is little more than the equivalent of an auto lease, which lets companies expense cars rather than make capital purchases. Others could add in management services or usage pricing. Is this really NaaS? Uber is driving-as-a-service, not auto leasing. If we want network-as-a-service, we have to look at something that’s really a service.
Enterprises have evolved their applications to use the cloud as a front-end tool to create user interfaces for customer, partner, and employee access. In more and more cases, application users access the cloud via the internet, directly or via an SD-WAN overlay to add security. Just as the cloud turns the equipment used to host applications into invisible abstractions, the Internet makes network services abstract too. The internet is the Uber of networking, the real NaaS, and starting with the presumption that the internet creates the WAN part of enterprise networks could profoundly impact costs, both operations and for network service and equipment.
You don’t have to build the internet or use your own gear, leased or purchased, to create your connectivity. Users request an application via a URL, and internet magic makes the connection. You pay for internet service and not internet devices. You expense the Internet, not capitalize it. So, doesn’t the internet provide IP connectivity as a service? Isn’t that a better definition, a technical definition, of what NaaS should be? Not only that, the internet as NaaS offers things that just expensing infrastructure hardware can’t.
Most of the cost that the vendor-NaaS approach covers is the equipment used to connect branch locations to VPNs. MPLS VPNs require a VPN and a BGP router in each location. An Internet NaaS needs only a simple hub or at most an SD-WAN edge device, which might be an appliance or just a software element running on a server or white box. Let’s compare these two approaches to see why the Internet NaaS makes sense.
The cost of NaaS
Start with price. The internet is based on shared infrastructure, justified in no small way by the enormous consumer demand for internet content. Global internet service is sitting there for you to exploit, justified by the collective demand for delivered experiences. Expensed hardware from vendors who call this NaaS is still dedicated to you, and you’re going to pay for it all, one way or the other.
Then there is the network service. Even IP VPNs, which use shared infrastructure, can’t compete with internet pricing, particularly for branch offices and even regional sites. Recent broadband reports say that 2Gb internet service is actually growing faster than 1Gb service. Price a 2Gb VPN, and you’ll see what I mean about comparative cost. And remember, an SD-WAN edge is likely a lot less expensive than a BGP edge router.
Then there’s operations. Some vendors will offer managed hardware services, but that will add to the cost. If you don’t opt for the managed service option, though, you’ll need a network support team that has BGP/MPLS smarts. That’s the skill set that network operators and equipment vendors value the most, so you can expect to pay to acquire that team, and then, in order to retain them, have to fight recruiters for every operator, vendor, and enterprise. Even if you succeed and get good people, BGP/MPLS errors tend to crop up regularly, affecting network and application availability.
An internet NaaS will require either an SD-WAN, which has to be managed, or some added security layer (maybe SASE or a combination of encryption and firewall tools) to secure the applications themselves. Enterprises that use the internet to connect with customers and partners may find it relatively easy to add employee access via the internet, using access-security tools and encryption alone. That approach should be explored, but SD-WAN is the closest to traditional VPN technology, and that makes it possible to gradually transition from a traditional VPN into an internet NaaS via SD-WAN.
You can get SD-WAN technology as a product set or as a managed service. If you really want to avoid capital purchases, the latter option is the way to go. The price of an Internet SD-WAN managed service will depend on the usual factors like number of sites and the amount of management handholding you can expect, and also on just where the sites are. There’s a lot of variation, but enterprises that have switched to an internet NaaS tell me the total cost of ownership is far, far, lower than a managed IP VPN.
There are other benefits to an internet NaaS approach. One is the ease in moves, adds, and changes of sites. You can get internet services almost everywhere a business is likely to have an office, and fairly quickly. It often takes much longer to get an MPLS VPN connection, and in some places you may not get one at all. You can increase or reduce capacity quickly, too. If you move an office, you can usually just send the equipment to the new location, and it will work.
A final benefit that may be critical for some enterprises today, and more in the future, is that the internet NaaS approach ties networking more directly to applications. The internet is really about connecting users to resources, where traditional enterprise networks connect sites. The Internet is NaaS, personalized. It delivers your experiences, and it does so within a geographic scope and population of users that aren’t approached by any other network technology.
The internet isn’t perfect. Everyone has experienced its failures and limitations in performance, but no network technology is perfect. Three companies I’ve talked with, who have replaced multiple branch-site VPN connections with internet NaaS, say that their experiences in reliability/availability are somewhat poorer, but not so bad that they’re considering going back. None said otherwise. In any event, it seems very likely that the internet will get better over time, as it’s been doing. Accepting Internet NaaS could make it better yet, and make NaaS happen faster. In fact, it would mean we’ve realized NaaS already, and that it’s time to exploit what we have.
Copyright © 2022 IDG Communications, Inc.