Network-as-a-service (NaaS) is a cloud business model for delivering network services virtually over the Internet on a pay-per-use or monthly subscription basis.
The Network as a Service concept emerged from cloud computing, as well as from the specific support for virtual networking in OpenStack, where the Neutron (formerly called Quantum) interface describes how network connection services can be created to support connecting cloud compute and storage services.
OpenStack Neutron (formerly called Quantum): OpenStack Neutron is a cloud networking controller and a networking-as-a-service project within the OpenStack cloud computing initiative. Neutron includes a set of application program interfaces (APIs), plug-ins and authentication/authorization control software that enable interoperability and orchestration of network devices and technologies within infrastructure-as-a-service (IaaS) environments.
Neutron was introduced as a core part of OpenStack with the initiative’s Folsom release. Prior to the Folsom release, networking functionality was hard-coded in the Nova compute module of OpenStack, which required developers to modify both compute and network features of OpenStack together. With Neutron, networking is a more modular element of OpenStack that can evolve independently.
Network as a Service (NaaS) is sometimes listed as a separate Cloud provider along with Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS). This factors out networking, firewalls, related security, etc. from IaaS as is shown in the figure below.
NaaS can include flexible and extended Virtual Private Network (VPN), bandwidth on demand, custom routing, multicast protocols, security firewall, intrustions detection and prevention, Wide Area Network (WAN), content monitoring and filtering, and antivirus. There is no standard specification as to what is included in NaaS. Implementations vary.
The Network as a Service relationship to the physical network
In this context, Network as a Service is a virtual network created to support an application. This is a critical distinction from traditional networks that connect fixed locations like headquarters to branch offices, servers to servers and servers to storage, etc.
If NaaS is an application network, an important question is how it relates to network infrastructure and network services. The answer is the key point in separating “real” NaaS approaches from just wishful thinking.
If Network as a Service has its roots on the cloud, the first practical NaaS option is the virtual overlay network. Network software vendor Nicira (acquired by VMware in 2012) developed the completely software-based Nicira NVP virtual network architecture that could be controlled by cloud APIs. Virtual overlay networks are a combination of tunnels (using one of a number of suitable tunnel protocols, including GRE) and virtual switches, which create a network “on top” of physical network equipment (switches and routers).
Given that Network as a Service is implemented and controlled by software, these application networks are basically transparent additions to the actual network equipment and services that create connectivity. Virtual overlay networks subdivide connectivity produced by real services and infrastructure but don’t create connectivity or change service-contract relationships. This is the perfect approach for users who want dynamic application network control but don’t want to change how their sites are connected, how their site networks are built or how their network service contracts are written.