An operator wants to add intrusion detection capability to their traffic flow without deploying new hardware. With NFV, they would:
AReprogram the SDN controller to inspect packet headers at the control plane
BDeploy an intrusion detection VNF on available servers and insert it into the service chain via software configuration
CModify the TCP/IP stack on all end hosts to include inspection logic
DInstall dedicated FPGA appliances at each network edge point
NFV's core value proposition is exactly this: replacing specialized hardware appliances (option D, the traditional approach) with software VNFs running on commodity servers. Option A confuses NFV with SDN — the SDN control plane handles forwarding decisions, not deep packet processing. Option C involves end hosts, not network infrastructure. With NFV, the operator spins up an IDS VNF instance and uses Service Function Chaining to route traffic through it — no hardware procurement, no physical installation.
Question 2 Multiple Choice
A network architect says 'We use SDN, so we already have NFV.' What is wrong with this statement?
ANothing — SDN and NFV are the same technology with different names
BSDN and NFV are independent concepts: SDN virtualizes the control plane (how forwarding decisions are made), while NFV virtualizes the network functions themselves (firewalls, load balancers, NAT)
CNFV is a subset of SDN that applies only to firewalls and IDS systems
DSDN is hardware-based while NFV is software-based, so they cannot coexist
This conflation is explicitly identified as a common misconception. SDN separates the control plane from the data plane — a centralized controller programs forwarding rules into network devices. NFV replaces dedicated appliances with software running on general-purpose compute. A network could use SDN without NFV (programmable switches, but traditional hardware middleboxes), or NFV without SDN (virtualized functions connected by a traditional network). They are complementary: SDN provides programmable forwarding, NFV provides virtualized services. Together, they enable a fully software-defined stack.
Question 3 True / False
NFV eliminates the need for physical compute infrastructure by running most network processing mostly in software without any hardware.
TTrue
FFalse
Answer: False
NFV virtualizes *network functions* — what processes traffic — but still requires physical infrastructure (the NFVI layer: servers, storage, networking hardware). The point is that this infrastructure is general-purpose commodity hardware rather than specialized appliances. The firewall logic runs in software, but that software still runs on CPUs, uses RAM, and transmits packets over physical network interfaces. 'Software-defined' does not mean 'hardware-free.'
Question 4 True / False
Service Function Chaining (SFC) allows the sequence of VNFs that traffic traverses to be defined and modified entirely through software, without requiring physical recabling or topology changes.
TTrue
FFalse
Answer: True
This is one of NFV's most operationally powerful features. Traditional middlebox deployments required physical wiring to force traffic through the right sequence of appliances. SFC uses encapsulation (like Network Service Header, NSH) or segment routing to steer packets through an ordered chain of VNFs purely through software configuration. The chain — firewall → DPI → load balancer, for example — can be rearranged, extended, or shortened in minutes without touching a single physical cable.
Question 5 Short Answer
Explain the key conceptual difference between NFV and SDN, and describe how they complement each other in a modern software-defined network.
Think about your answer, then reveal below.
Model answer: SDN decouples the control plane from the data plane: a centralized controller programs forwarding decisions into network devices, making routing programmable without changing hardware. NFV decouples network functions from dedicated hardware appliances: firewalls, load balancers, and NAT run as software (VNFs) on commodity servers rather than purpose-built boxes. SDN controls *how* packets are forwarded; NFV controls *what* happens to them when they reach a service. Together, SDN provides programmable steering of traffic (directing packets to the right VNFs via SFC), while NFV provides the elastic, software-based services those packets are steered through.
The combination creates a fully programmable network stack. SDN handles the forwarding fabric; NFV handles the service layer. Neither alone achieves the full vision: SDN without NFV still ties services to hardware; NFV without SDN lacks efficient programmable steering. The ETSI NFV framework and SDN controllers like ONOS or OpenDaylight are designed to work together precisely for this reason.