There’s a very rapidly emerging class of smaller cloud service providers whose business model is to lease cloud services to a handful of customers. Imagine a small-town CSP that provides infrastructure to local banks and businesses, and who’s close enough to its customer to shake hands. These smaller CSPs are leasing cloud services from larger, upstream providers and reselling them to their nucleus of customers. With a cloud service model – presumably – these new businesses only pay for the quantity of service they’ve already sold.
That’s an intriguing business model, and one you might even be considering for yourself. But if the cloud were made up entirely of compute power and storage, it would indeed be just that easy. There are network availability services to think about as well, and up until very recently these services could only be provided through appliances. This morning, an early-stage, Santa Clara-based startup called Embrane announced immediate availability of cloud-based, virtual network appliances: specifically, virtual firewalls and load balancers to which CSPs may subscribe without purchase.
These virtual appliances are being marketed under the brand name “Heleos” (which Embrane writes with a small “h,” and which is not to be confused with a Microsoft Research project named “Helios”).
“Embrane’s distributed virtual appliance architecture redefines the way network services can be delivered by cloud providers,” reads a white paper published by Embrane this morning. “By decoupling network services from the underlying server and VM infrastructure, DVAs enable greater agility and higher scalability. Conceptually, one can think of a DVA as a virtual chassis that is instantiated across Compute Units. The DVA mimics the design principles of a physical appliance, yet has no actual physical dependencies. To the outside world, the DVA behaves like a physical device with distinctly-addressable network interfaces, management interfaces and application programming interfaces. Administrators can dynamically expand or reduce DVA capacity in minutes and in a transparent fashion, without reconfiguring hosts or VMs, re-hosting customers, or impacting management systems.”
This diagram above, which depicts the components that make up a Heleos DVA, makes more sense if you can imagine that it does not depict devices that are physically connected to one another, but instead – like other classes of devices in the cloud – virtual services running on commercial, off-the-shelf (COTS) hardware whose links are made feasible through IP addresses. The two busses are separate IP routes within this dynamically defined network. The “in-band” bus handles user traffic, while “out-of-band” is reserved for management and control data. The little “CU” cubes here are all compute units, which are provisioned inside Embrane’s cloud and scaled according to variable customer demand.
Data Planes Dispatchers (DSPs, in the lower corners) advertise their IP addresses to outside services, and steer data flow into and out of the virtual appliances, over the data plane units (DPs). The Data Planes Manager (DPM, up top) distributes policy and configuration data for the other CUs in the appliance. What you’re seeing here is a kind of firewall or load balancer that can be constructed on-the-fly with these “virtual Legos,” if you will – these virtual machines that can reside on any physical server and run under any hypervisor.
So is this the blueprint for a future set of Embrane services? As an Embrane spokesperson told RWW this morning… not exactly. The two services that Embrane currently offers – virtual firewall for site-to-site IPsec VPNs and applications-optimized load balancers – were created to meet current customer demands, the spokesperson said. “A DVA is really a container, and Embrane services could be inside it, or third-party services could be inside it.”
However, Embrane does envision Heleos being utilized by CSPs to deliver more sophisticated and specialized services under their own branding.
“Embrane’s goal is to be a network services platform company, not a network services company,” the spokesperson added. Then this was thrown in: “However, if the demand is for Embrane to continue to build services, then they will.”