I was recently talking to an IT professional in a mid-size enterprise about some of the issues she faces with today’s tools. Like most IT teams, she and her colleagues are extremely challenged to deliver the expected level of service across multiple sites using minimal budget and staff. The company’s approach is to require uniformity across user equipment, network equipment and software. The policy is written, and enforcement is achieved by a mix of automatic and manual processes. There is enough staff to run and support the infrastructure, but not much more.
"SDN is a new way of approaching the enterprise network"
This is a common approach, for the obvious reason that it simplifies the IT environment and processes, and makes the most of the available staff. In contrast, heterogeneity complicates, adds, moves, changes and upgrades.
While a policy of uniformity has the apparent benefits of stretching financial and staff resources as well as minimizing problems, it does complicate and slow down network change and innovation.
The Only Constant Is Change
Today’s IT systems are pretty good when it comes to supporting changes in users, including adding new users, removing those who leave and altering access as roles change. They are also good at supporting changes in the operation of the network elements themselves, such as access control lists, antivirus rules and control of personal devices.
Where they fall short is in supporting change in the network itself. Altering how the network and its IP addressing are partitioned becomes a major undertaking. At the very least it requires reconfiguration of each router and its subnets, and may also require manual tweaks to blocks of servers. Changing the actual connectivity is even worse. Finally, if you want to see an IT leader cringe, talk about adding new locations. We need network programmability to support change.
Innovate or Die!
Today’s IT automation is optimized to manage what is happening today. It has limited ability to support tomorrow’s technologies. That’s a problem, because the networking world is moving rapidly. In particular, Network Functions Virtualization (NFV) promises to drastically change how we deliver network services.
NFV promises many benefits such as lower cost and support of innovative services. However, NFV relies on the ability to provide automated orchestration and control to the network elements. Manual configuration of servers and software does not support the NFV model of virtualized services.
To fully realize the benefits of new technologies such as NFV, we need open APIs and software control.
What Does SDN Mean for Enterprises? Can It Help?
IT leaders need assistance in managing their networks and software-defined networking (SDN) can help.
The typical definition of SDN includes these characteristics:
• Separation of the forwarding plane from the control plane
• Implementation of a programmable forwarding plane
• Use of a protocol (typically OpenFlow) to connect the forwarding and control planes
These characteristics are very narrowly tailored to the data center, where SDN got its start. They don’t speak directly to the needs of enterprise customers.
Many people are now adopting a broader definition of software-defined networking (SDN) that more directly applies to enterprise applications and which matches our desire to support change and innovation. The following are essential characteristics of the enterprise view of SDN.
Focus on Automation for Provisioning, Activation and Verification - Automation is the means to support making network changes, and then verifying those changes, all without an increase in cost. Moving from manual tasks to automated systems allows changes to the network to be completed faster and more accurately. The desire to automate is not new, so what has changed with SDN to expand its applicability?
Update of Network Elements With Modern Programmatic Interfaces - One of the biggest enablers is the transition of control of network elements (switches, routers, firewalls, WAN optimizers) from legacy interfaces (such as CLI or SNMP) to modern interfaces such as NETCONF/ YANG and REST. These new interfaces are supported by extensive software libraries and adapters, which simplify programmatic control. In addition, YANG facilitates a model-driven approach that enables rapid incorporation of new network elements. These changes combine to simplify programmatic control of network elements.
Implementation of Modern Tools and Development Methods - Controllable network elements are improvements only if we can effectively program them. Fortunately, software development is easier these days. Now we have frameworks and libraries as starting points. We can use agile development to increase the speed and accuracy of developing applications, and tie those applications directly to user requirements. Finally, using DevOps reduces the time to deploy and support new applications. Together, these tools and methods enable the move from a static IT environment to one that is dynamic and programmatically controlled.
Use of Policy to Simplify Control of the Network - So, all we have to do now is program each network element and application, right? Yes, but that’s a lot of detailed configuration work. Granted, most of the configuration is cookie-cutter, with a few personalizations based on location or user. How can we simplify that process? The answer to that is, with policy.
IT shops are already using policy to simplify tasks such as controlling access to network resources and provisioning of firewalls. With SDN they can use policy-centric approaches to take advantage of an intelligent and programmatic network to abstract away the complexity of device configuration and move to a more business-centric approach.
SDN Fits the Bill for Enterprise - Enterprise SDN is about more than OpenFlow and separation of control and data. As described previously, SDN is a new way of approaching the enterprise network. By using automation to enable rapid development and accurate deployment based on policy, SDN helps IT leaders meet demanding goals – and keep their customers happy. That’s a result with real business value.