In that specific use case, one state agency operates different networks, like for example operating one NREN, the Healthcare Data Network and a network for the schools. These networks are separated, dedicated networks. This means that in order to be connected to one of these networks, an institution needs to have dedicated equipment (for example a router). Access to this equipment is usually regulated by a set of rules in order to guarantee the security of the network. This is particularly crucial in the case of the Healthcare Data Network, which exchanges personal medical data considered sensitive.
This use case took its starting point in the situation of some institutions, which happen to be connected to several dedicated networks operated by a state agency . This agency wanted to use OpenNaaS to emulate the current situation in a virtualized way. This means to use the same hardware – typically a router – to connect to different networks while respecting the requirements in terms of security, separation and administration.
In this situation, virtualization technologies offer the advantage of diminishing economic costs (as less hardware has to be procured and maintained). OpenNaaS presents a set of advantages compared to the virtualization functionalities usually offered by hardware vendors. The first of these advantages is that OpenNaaS is a single platform capable of managing different pieces of hardware. Although the list of supported hardware remains limited at this stage, this means that a network operator doesn’t have to deal with the evolution of the hardware or its diversity. In this perspective, the solution offered by OpenNaaS presents economies of scale, as the user configuring the connectivity for an institution doesn’t necessarily have to deal with the lower layer in terms of hardware. A third advantage compared to the virtualization functionalities offered by different vendors is the capacity of OpenNaaS to assign different roles and define different users. In this perspective, it is possible to have a situation where different users do not have access to the same resources. This was a requirement in this use case as access to the hardware managing the connection to the Healthcare Data Network is typically very controlled compared to the access to the equipment connecting to the NREN.
Multiple Networks Virtual CPE explanation