In 2003 Martìn Casado found himself with no small challenge on his hands: he needed to reinvent the technology that underpins the Internet. It had been developed decades earlier and was proving unsuited to an era of cyberwarfare.
Casado, then a researcher at Lawrence Livermore nationwide Laboratory, have been approached through a usa intelligence agency with a thorny problem. computer communitying era allowed intelligence retailers and different executive workers worldwide to stick attached to each other always. box dealers may instantly percentage information seized in a raid with professionals anyplace on this planet. but throughout so many computer communitys had been enmeshed additionally aided enemy hackers. once they gained access to 1 gadget, they may hop throughout communitys to search for different treasures. The agency (Casado won’t say which one) advised him it sought after to stay its huge network however reserve the facility to temporarily shut off portions of it for a very powerful transmissions, growing a knowledge similar of the dedicated phone hotline that used to hyperlink the White house and the Kremlin.
Casado in the end discovered that he may justn’t lend a hand. partly for the reason that internet used to be created with unreliable apparatus, its creators had wanted to make certain that it would work even though a few portions malfunctioned. thus, the communitying hardware all operated independently and with out crucial keep watch over. That’s excellent if you need information to keep flowing in dire cases, but it’s no longer so good if you need the choice of keeping apart a selected communique channel within that network so as to keep secrets mystery. For Casado to do what the intelligence agency sought after, each piece of hardware in a network may must be reconfigured in a slow and guide process. We hacked a fewthing in combination which in the end didn’t give us the properties they sought after, he says.
That humbling experience has shaped his life since. Haunted by the problem, he soon left Livermore and entered grad school at Stanford University to search for an answer. He presented one in his 2007 PhD thesis, which proposed a radical new way for computer networks to operate. Now he’s cofounded a company called Nicira, which is poised to use that idea to make the Internet more powerful than ever before. Nicira’s technology won’t just help intelligence agencies keep secrets. It should also improve the security, lower the price, and increase the power of any technology that uses the Internet, unlocking innovation that is too expensive or technically impossible to achieve today. Along the way, Nicira (the name is pronounced “Nis-ee-ra” and means “vigilant” in Sanskrit) could very well upend some of the world’s largest technology companies.
Casado is 35 and has close to-black hair with the faintest flecks of gray. He can seem excessive, even nervous, however he is eloquent, with a friendly, didactic way that presentations evidence of five years educating Stanford undergrads. He additionally has the steely decision required to run one hundred miles in not up to days, one thing he has done greater than four times as a devotee of the grueling recreation known as ultrarunning.
His determination has surely helped during years spent arguing that one of the most successful and ubiquitous technologies of all time needs to be rethought. Stanford researchers have reshaped computing before—both Google and early work on the Internet itself came out of their labs—but Casado and his PhD supervisor, Nick McKeown (also a close friend), found their ideas initially unappreciated and even derided by other computer scientists. “When we first published, they thought we were nutty,” Casado recalls. “We submitted a paper and were literally made fun of in the reviewers’ comments. They said, ‘This will never work.'”
The crux of that supposedly unworkable idea was to take away the stubborn independence of the network hardware. All those routers and switches would take orders from one central piece of software; a single command could then reconfigure every piece of a network.
Casado’s PhD thesis confirmed that it used to be conceivable. by writing device that would reprogram routers and switches, he used to be in a position to turn pc communitys into the protected channels that he were asked for again in 2003. a unique intelligence company post the cash for additional trials of the generation, and in 2007 Casado, McKeown, and Berkeley professor Scott Shenker founded Nicira. wealthy entrepreneurs and 3 of Silicon Valley’s so much prestigious project capital budget soon installed cash of their very own.
That enreadyd Casado and his engineers to push the generation a a very powerful step additional. To keep away from having to install their unique tool on community laboriousware, they used a trick identified in pc technology as virtualization, which creates a software replica of a piece of laboriousware—but the software does the task extra intelligently. In Nicira’s case, device running on server computers may simulate programmin a position routers and switches. The physical units themselves may just fade in importance totally. After 4 years of quiet hard paintings, Nicira has just introduced that software as its first product. It will have to cause a new wave of web innovation in the whole thing from cellular apps to online banking security.
That potential is not obvious to a casual observer. The product is clunkily named Network Virtualization Platform. It’s aimed at the operators of data centers, the computer-stuffed warehouses that run Internet services and websites. Casado freely admits that it is hard to impress a layperson with his technology: “People do struggle to understand it,” he says.
But Nicira, which has received $50 million in funding and filed nearly 50 patents, is taking on a problem that limits what the Internet can offer all of us.
The problem is this: cloud computing, even though it now might be a household term, hasn’t lived up to its hype—and as things now stand, it can’t. It was supposed to turn computing power into a cheap utility, like electricity after the advent of power stations and a national grid. A relatively small number of companies would offer computing resources by running software in vast, efficient data centers and piping the results over the Internet to anyone, anywhere. That would push down the price of services that rely on computing and allow them to become more sophisticated.
Yet today, even with seemingly cost-effective cloud services available from the likes of Amazon, most companies still choose to operate their own computing resources—whether for corporate e-mail or financial trading—as if they were homeowners relying on generators for electricity. One reason they resist cloud computing, Casado says, is that network architecture is too decentralized to reconfigure easily, which leaves the cloud insecure and unreliable. Cloud computing providers tend to run entire data centers on one shared network. If, for example, Coke and Pepsi both entrusted their computer systems to one of today’s public cloud services, they might share a network connection, even though their data stores would be carefully kept separate. That could pose a security risk: a hacker who accessed one company’s data could see the other’s. It would also mean that a busy day for Coke would cause Pepsi’s data transfers to slow down.
All of that changes when Nicira’s software is installed on the servers in a data center. The software blocks the applications or programs running on the servers from interacting with the surrounding network hardware. A virtual network then takes over to do what a computer network needs to do: it provides a set of connections for the applications to route data through. Nicira’s virtual network doesn’t really exist, but it’s indistinguishable from one made up of physical routers and switches.
To describe the power this gives to cloud administrators, Casado uses a Hollywood reference. “We actually give them the Matrix,” he says. The movie’s Matrix manipulated the brains of humans floating in tanks to provide the sensation that they were walking, talking, and living in a world that didn’t exist. Nicira’s version pulls a similar trick on the programs that reside on a server inside a data center, whether they are running a website or a phone app. In practice, this means that administrators can swiftly reprogram the virtual network to offer each application a private connection to the rest of the Internet. That keeps data more secure, and Coke’s data crunch would affect Coke alone. It also lets the cloud provider set up automatic controls that compensate for events like sudden spikes in demand.
Ben Horowitz, a partner in the investment firm Andreessen-Horowitz, says he and his partner Marc Andreessen, a cofounder of Netscape, quickly realized that Nicira was delivering something long overdue in computing. “The total lack of innovation in networking compared to operating systems or storage had been bothering us for a while,” he says. “It was holding back the industry.” After meeting Casado, Horowitz invested in Nicira and joined its board. He saw in Nicira echoes of VMware, a company that helped set off the cloud computing boom and has a market capitalization of $40 billion. VMware’s software creates virtual computers inside a server, boosting the efficiency of data centers and driving down the cost of servers. Nicira’s software promises a similar instant upgrade to what a data center can do, by removing the efficiency bottleneck imposed by networks.
FREEDOM OF MOVEMENT
Nicira already has roughly a dozen customers, all of them large companies that offer services over the Internet. Several, such as Rackspace and Japan’s NTT, the world’s second-largest telecommunications provider, rent out clouds to other companies, a model known as the “public cloud.” Nicira’s biggest opportunity lies in helping such landlords fix the security and reliability problems that discourage large companies from using the public cloud, says Steve Mullaney, a veteran executive in the networking business who joined Nicira as chief executive in 2009, freeing Casado to be CTO. Mullaney left a VP position at Palo Alto Networks, a network security startup on track for a large IPO, because he saw in Nicira “the chance to do something really big.” The public cloud is now used by small and medium-sized business and new ones like the social-gaming company Zynga, says Mullaney, but getting very large enterprises to follow suit promises “the big money.” An estimated $26 billion a year is spent on the public cloud today, according to Forrester Research. Mullaney thinks the market would expand significantly if businesses, which spend $2 trillion a year worldwide on IT infrastructure, were more inclined to trust this technology.
The Matrix-like control that Nicira offers should also make the Internet more reliable. After the Fukushima-Daichi nuclear disaster in Japan last March, electricity rationing and scarce supplies of diesel for generators trapped some Web services offline in powerless data centers. Last August NTT showed that Nicira’s technology could have kept those systems active by moving them rapidly elsewhere. In tests, software was smoothly transferred between data centers 30 miles apart without even having to stop the programs from running. Even as NTT’s software moved to new physical hardware, Nicira’s technology maintained the illusion that nothing had changed. “We can move like liquid between data centers ahead of brownouts,” says Casado. Making such transfers without Nicira’s technology would mean laboriously reprogramming network hardware and turning off the system being protected from the brownout.
Such flexibility could also make it cost-effective for corporations to call on the cloud most effective within the instances when they need it so much. Many online retailers these days, Mullaney says, use more or less 40 % in their computing infrastructure just to handle seasonal rushes, leaving it idle for many of the year. Nicira speeds the process of moving into the rented cloud to such an extent that a company could scrap that idle hardware and turn to the cloud briefly whilst site visitors surges. that might stay it from having to shop for equipment that pulls electricity even if idle. In a more futuristic energy-saving situation, shoppers’ digital networks may just migrate from one knowledge heart to some other all over the world, temporarily settling anywhere energy and cooling price least.
And just as Keanu Reeves’s character in The Matrix tweaks the virtual world to halt enemy bullets, Nicira’s virtual networks could “change the laws of physics” for an attacker who gained access to a computer connected to one of them, Casado says. Computers’ apparent location, their apparent activities, and the type of traffic they appear to be handling could all be altered to confuse a hacker. “You have this full God-like control,” he says.
Any big change to the status quo produces losers as well as winners. But when asked who might be a victim of Nicira’s success, Casado and Mullaney, sitting in Nicira’s boardroom, exchange quick glances and are careful not to name any companies—even Cisco Systems, the world’s leading maker of routers and switches. They’re being diplomatic; Nicira has already recruited engineering and executive talent from Cisco, and Nicira’s technology poses an even bigger threat. Cisco and other big networking companies, such as Juniper, market their routers and switches on the strength of the intelligence built into the chips inside, which is difficult to modify. In Nicira’s world, however, a network’s intelligence resides in its control software, and any network hardware will do—the cheaper the better. “A few years out, if I’m buying network infrastructure I just want the price to be right,” says Casado. Recall what happened to the price of computer hardware in the personal-computing boom of the early 1980s. IBM’s PC standard separated hardware and software, making operating systems like Microsoft Windows the focus of innovation while hardware became a race-to-the-bottom commodity. Cisco and other vendors of traditional networking equipment will need to adapt, fast.
For its part, Cisco has introduced virtual versions of some data-center hardware, which offer greater flexibility than its traditional products. Yet it disputes the idea that this approach means hardware will be devalued. Guru Chahal, a director of product management in the Cisco group that works on virtualization, agrees that networks need to become more configurable. But he says that the solution will be to design hardware and software together. “At the end of the day, packets—data—are being forwarded by hardware,” Chahal says.
Nicira’s team is far from alone in seeking to overhaul the way we shuttle data around. Casado’s academic collaborators at Stanford, Berkeley, and elsewhere are rapidly ramping up new projects in a field that has become known as software-defined networking, or SDN. (The term was coined by Technology Review when Casado and McKeown’s work at Stanford was featured in the TR10 in March/April 2009.) A handful of other startups are getting funded to commercialize their own ideas, while large companies like Hewlett-Packard and IBM are creating network hardware that’s designed to be more programmable.
But Nicira is establishing itself extra quickly than different startups. along with NTT and Rackspace, its shoppers include AT&T, Deutsche Telekom, fidelity Investments, and eBay. And in Casado, Nicira has a determine widely recognized through competitors and associates alike as a fierce talent who has generated and proved some of the very ideas now gaining traction.
Internet technology has brought us a long way in 25 years, but the time has come for it to grow up, he says. “Today it needs all this midwifing and manual care and feeding. That has to change.”