Verizon looks at the emergence of software-defined networking
Tue 19 Apr 2016
Lee Field, Associate Director for Solution Architecture, Asia, at Verizon, discusses why companies should embrace software-defined networking (SDN) as an opportunity for reducing costs and improving performance…
SDN is not a new technology as such, but uses for it are. Businesses are finding novel and exciting ways to leverage SDN to improve performance, reinvent business processes and compete more effectively.
Obvious benefits coming to light for enterprises adopting SDN include reducing costs, increasing performance, faster implementation and agility.
Most interesting is how these benefits are being recognized, realized and are helping to drive enterprise-wide change. Successful proof-of-concepts are frequently moving to production quicker than planned, and it’s interesting to see why. Greater network agility and reduced cost allow you to package services differently. Packaging services differently can reduce time to market and reduce opportunity costs. That gives you greater business agility, which enables more freedom to innovate. It catalyzes a positive innovation spiral.
The often intangible benefits of improved orchestration and automation are now delivering improvements, saving costs and providing clear, demonstrable value.
Interestingly, vendors often push SDN to sell hardware. However, SDN is not a box. It is about enabling better performance and efficiency in the software layer.
SDN for optimizing cloud and virtualization
In the simplest of terms, no network means no cloud and no applications. Yet to date, cloud adoption has risen without SDN. So why is SDN so important moving forward?
If you look at network models used across most organizations they haven’t really evolved much since the 90s. Technology has changed. We’ve followed Moore’s Law moving from 10MB to 10G and beyond, but we have only just started seeing changes in architecture. As our perimeter dissolves, and more applications are being used from cloud providers and application hosting environments sitting outside the traditional internal network, a different, more optimal model is required.
Imagine an application that can detect demand and move compute instances and network load to different server farms based on where the user is located
SDN helps to fulfill this by decoupling control from the hardware plane. Rather than requiring hardware, physical equipment or significant human intervention to provision and enable expansion or contraction based on usage needs, SDN enables you to scale up and down as needed via software controls. As a result, SDN is an enabling technology that allows an organization to drive far greater efficiency and agility from their network and virtualization environments. It also allows for significantly improved management, increased visibility and better automation. No more over-provisioning!
Imagine an application that can detect demand and move compute instances and network load to different server farms based on where the user is located. The same application could change network routes based on revenue projections or data sensitivity within the application.
For example, an eCommerce application currently serving users within the U.S. market plans to expand into Europe; however, due to European data privacy laws, data must remain locally stored. Rather than running lengthy infrastructure build-outs and network implementation projects, the application could move instances to a cloud provider in Europe, provision VPNs back to HQ, and detect and encrypt personal data to meet privacy rules. With SDN and automation this could be done in just minutes – or seconds.
SDN security
As traditional network architectures change with the adoption of SDN, so too are security architectures. SDN is enabling the world to move towards the era of embedded security.
Embedded security is not a new concept. In 2010, the Jericho Forum started to evangelize the concept of open networks and de-perimiterization. This has been driven in recent years by growing cyberattack trends such as spear phishing attacks that weaken perimeter models and give attackers access to internal systems.
Software Defined Perimeter (SDP) can help provide enhanced security. SDP provides advanced access control, re-architecting the perimeter to provide application-specific access control. It is a far superior security model.
When more and more data is to be managed, full visibility and transparency are essential. Network automation and orchestration provides more data that you can then feed into an analytics layer that can deliver more valuable, timely alerts. In turn, you can perform security analytics. This is best built into the service agility layer and delivered as a managed service. In more than one quarter of all data breaches, it takes the victim organization weeks, or even months, to contain the breaches. This could be significantly reduced when utilizing SDN and SDP.
SDN implementation
SDN is happening faster than it may appear on the surface. It is all due to a confluence of factors now reaching the perfect storm; Common hypervisors allow for control and data plane segregation, common hardware allows scalability, open software with standardized APIs simplify orchestration, advanced silicon supports hypervisor technologies (the ability to integrate with orchestration tools and enable lower-cost core networking), and the mainstream adoption of containers and wide-spread usage of distributed application technology .All of these are factors are contributing to accelerated SDN adoption within the enterprise.
Explore how process and workflow can be improved, as this can often lead to a change in the support structure for operational teams
You need to clearly define your objectives. Understand and document what you want to achieve through the implementation of SDN, so that you can measure its success. For example, financial reporting of success of any implementation is important, yet IT teams may lack the skills for business benefit reporting. Don’t let the hardware/software vendors lead your discussions, as they may have vested interests. Look at open systems and tools where available and understand how these can be supported and used across the organization.
You also need to consider SDN’s impact on your support structure. Explore how process and workflow can be improved, as this can often lead to a change in the support structure for operational teams. Instead of having compute, network and application teams it is now quite common to move to an application-centric support model that would include staff with skills in server and network technologies. Tooling may need aligning to this support structure, and it’s important to identify these systems up front. A good configuration management database (CMDB) really can help to understand enterprise applications, the uses and value of applications and the critical components in their delivery.
