MACSec Helps Pave the Way to End-to-End Data Security

As consumers and businesses put more data in the Cloud, the importance of securing that data increases.  In just the last year, we have seen advanced threats and attacks by various entities to hack into that data and hyperscalers push back with both public and private mechanisms. Securing that data goes beyond just basic encryption or securing a server, and the role of the network is critical to better protection of data.

Many cloud customers are looking at providing end-to-end security to ensure, as best they can, that data can not be compromised.  MACSec plays an important role in the future on how networks talk to each other and how the secure transmission of data between different locations.  Security is especially important with 400 Gbps, as Cloud providers adopt 400 Gbps, it is not only being used for transmission within the data center but also Data Center Interconnect (DCI).  Cloud workloads will increasingly require secure connectivity between data centers.

Looking at the Ethernet Switch and Router markets, we project the percent of ports shipping with MACSec will increase significantly over our forecast horizon.  We expect vendors will continue to offer versions with and without MACSec, but as we move forward in time and have more purpose-built offerings for the hyperscalers that some products will only ship with MACSec.

The additional features and functionality included in Ethernet switches and Routers are positive for the industry.  It not only increases features which help grow ASPs and revenues, but it also increases the amount of Ethernet ports shipped by expanding the number of use cases.  400 Gbps DCI is a great example of feature and addressable market expansion.

By Alan Weckel, Founding Analyst, 650 Group.

We attended the #OFC18 show and found the major theme to be the emergence of 400 Gbps modules.  The next most noteworthy theme, we though, was that made by a single company, Nokia, which made its PSE-3 engine announcement.  Juniper also caused a buzz with the introduction of its ACX6360 router/packet optical product announcement (paired with other announcements, too).  There were countless other announcements at the show that we will touch on in our reports, but these struck us a quite noteworthy.

400 Gbps optical modules, generally, are expected to be ready for sampling in the next couple months, and then be ready for volume shipments in 1H19.  Most every module vendor is planning to introduce DD-QSFP.  A subset of the same vendors was demonstrating OSFP modules, suggesting it was less popular at this time.  We recognized a sub-theme of the 400 Gbps theme was that vendors, including Cisco and Juniper were both demonstrating hardware designs that are capable of operating at 15 Watts, which appears to be the heat that will be generated for some of the 400 Gbps modules.  At the time of the show, module companies reported to us that the DSPs that would power 400 Gbps modules were unavailable, and the way it was represented to us on multiple occassions was that there is no clear indication which DSP maker would introduce the first working part.

Nokia made its PSE-3 chip announcement in support of its Optical Transport product line.  It was standing room only, with lots of customers involved in the presentation (not just a bunch of analysts and competitors).  We were impressed with the marketing aspect of this announcement, but also with the the statement, "we have reached the economic Shannon's limit" with the introduction of the PSE-3 engine.  The implication of economic Shannon's limit is that to achieve an even more efficient design that would asymptote even closer to the theoretical Shannon's limit would be too costly.  The company is claiming 25% improvement in capacity and reach, 70% increased network capacity, 60% reduction in power per bit.  Chungwa Telecom and Facebook were live, on stage, serving as references for Nokia's launch.  We expect full fledged PSE-3 based products will be available in about 9-12 months based on discussions at the show.

Juniper announced its ACX6360 system (as well the announcement of the ACX5448 Universal Metro Router and the PTX10002 Packet Transport Router).  The ACX6360 can operate as a packet optical device, and with a software update, can also operate as a router. The general idea behind the introduction of this product is it can serve in either the packet optical transport role or as a IP/MPLS router, thereby collapsing multiple networking layers into a single platform operating at speeds up to 200 Gbps.  For many uses cases, it could reduce the number of boxes from two (packet optical plus router) to one (ACX6360).  

The market is in a period of rapid adoption of higher speeds led by the hypserscalers.  The industry used 2016 and 2017 to adopt 25 Gbps and 100 Gbps port speeds based on 25 Gbps SERDES technology.  As we enter 2018, those same hyperscalers are about to adopt 50 Gbps, 200 Gbps, and 400 Gbps port speeds based on 50 Gbps SERDES at a record shattering pace.  In the data center alone, there are now eight unique port speeds, with countless more unique variations of form factor and pluggable distance.
 
The market will need additional bandwidth beyond what is currently available today.  Several of these technologies were highlighted at the OIF Forum conference.  100 Gbps SERDES will help drive the industry towards that goal.  Looking forward, 100 Gbps SERDES will help drive wave two of 400 Gbps, which will help enable Ethernet to extend its reach well outside of short reach data center distances.  At the same time, it will also have a long life, with use cases ranging from enterprise to service provider.
 
The big question often asked is why after so many years for the market to adopt 10 Gbps, will we suddenly see a more rapid pace of adoption going forward?
 
There are many reason why, but we should look at a few things are different this time.  First, the hyperscalers are a new type of customer.  Hyperscalers truly bring a new scale to networking and compute in a way that makes the traditional SPs look small.  Second, SDN, the hyperscalers have done something unique here that often gets overlooked that is occurring right now, in the second half of this decade.  Hyperscalers are increasing the utilization rate of their compute and networking resources.  For compute, this is approaching 100% utilization so the industry is in a period where hyperscalers, using SDN are able to grow network bandwidth at a pace faster than what the CPU is scaling.
 
This more rapid pace will not continue forever, but is one of the reasons why innovation over the next several years will occur more rapidly than historic norms and why it will be important for the industry to think about how to invest across speeds and technologies in order to better leverage existing investments.  If not, the pace of innovation will simply be too much to recoup investment in the compresses timelines we are currently in.

Broadcom joined both Innovium and Nephos by publicly announcing 12.8 Tbps fabrics with its Tomahawk 3 product line.  We love new data center silicon from all vendors, it is something we track closely and we see these as a disruptive technologies to the networking ecosystem and an enabler of next generation cloud architectures.  There will be many more such announcements in 2018.  Here are some of our takeaways as we enter 2018.
 
More rapid innovation cycle – Even noted in the Broadcom's Tomahawk 3 press release, we see the demand requirements of the hyperscalers as driving a more rapid cycle of silicon over the next couple generations.  Tomahawk 3 is being introduced less than the typical 24 months we see separating prior between generations of data center fabric semiconductors.  This will put significant pressure on parts of the supply chain, especially on optics vendors.  Optics vendors are still ramping for 100 Gbps and now must support both OSFP and DD-QSFP for 400 Gbps, essentially doubling their product diversity needs.  Not only are there more form factors, but there are also different variations of distance and specifications that increase the complexity.
 
What next – We see two waves of 400 Gbps, the first being based on 56 Gbps SERDES, the second coming in the 2020 timeframe based on 112 Gbps SERDES.  We believe 800 Gbps is not that far off in the horizon as hyperscalers like Amazon and Google continue to grow.  We note that the hyperscalers are about to be 3-4 generations ahead of the enterprise.  This type of lead and technology expertise really changes the conversation around Cloud.  We saw this at Amazon re:Invent with their Annapurna NIC, the Cloud is doing things that just aren’t possible in the enterprise, especially around AI, machine learning, and other new applications that take advantage of the hyperscalers size. 
 
2018, the Year of 200 Gbps and 400 Gbps – In 2018 we will see commercial shipments of both 200 Gbps and 400 Gbps switch ports.  We see significant vendor share changes because of this.  Simply put the Cloud, especially the hyperscalers will be that much bigger by the end of 2018 and they buy a different class of equipment then everyone else.  This will continue to cause the vendor landscape to evolve.

Today Nokia announced its new FP4 ASIC and 7750 SR Router.  Playing the leapfrogging game on speeds, we saw 36  400 Gbs ports in a 2RU box that looks awfully similar to a spine switch and the further blurring of what a next gen router and switch really look like, especially in the Cloud.  

We heard continued confusion over winning Cloud scale accounts.  We note that a customer like Apple buys from multiple vendors and for multiple reasons.  What Apple builds for their own consumption is not what they will deploy in a telco provider or peering location.  

The debate between merchant silicon and custom ASICs continues to come up.  While we are slightly in favor of merchant silicon, we note that the Cloud providers do not fear custom ASICs, they merely want to have standard APIs to control that equipment.

We note the Nokia ports are DDQSFP and not OSFP so we do not have a clear answer on form factor either.  We now wait for the next product announcement with the only clear answer that we are in a phase of rapid innovation in order to keep up with the network traffic demands of the Cloud.