November 30, 2012, 4:00 PM — Software defined networks are getting a lot of attention these days, even though the technology is still developing. Already a few new vendors have surfaced as major players, and a couple big companies have begun making the switch to SDN. Here is what you need to know about software defined networks.
What is software-defined networking?
How does software-defined networking work?
How much do software-defined networks cost?
What are the benefits of software-defined networks?
What risks are involved with software-defined networks?
Is a software-defined network right for you?
How do I get started with software-defined networking?
Are software-defined networks secure?
What is the difference between software-defined networking and cloud computing?
What are some good resources for finding out more about software-defined networking?
Neil MacDonald, "The Impact of Software-Defined Data Centers on Information Security," Gartner, October 2012
Zeus Kerravala, “SDNs provide a solution for Extreme Networks' XOS,” Network World, November 2012
Julie Bort, “The Least Stealthy Startup In The Valley Has Officially Launched,” Business Insider, February 2012
Jim Duffy, "Many Cisco carrier customers planning SDNs," NetworkWorld, July 2012
The most simple definition of software-defined networking (SDN), given by the Open Networking Foundation, is that SDN “brings direct software programmability to networks worldwide.” OpenFlow, the protocol that enables software-defined networking, is the result of a six-year collaboration between Stanford University and the University of California at Berkeley and was borne out of the desire to find a way to program switches and routers without accessing them directly. The resulting protocol separates switches and routers from their hardware, allowing them to be programmed by a controller. While OpenFlow is the most common protocol for enabling software defined networks, some companies are working to create their own initiatives to support SDN.
Software-defined networking works by essentially creating virtual networks that are independent from physical networks. It does this by inserting an additional layer of software between the traditional layer of hardware and the existing software controlling that hardware. This additional layer of software, which separates the data plane from the control plane and allows the user to control the flow of traffic on the network, makes applications think that they have the entire network to themselves, when in reality they are sharing it. As a result, more servers can use the network, which saves a company money. Additionally, separating the control plane from the network allows controllers to manipulate networks more easily and quickly. Software-defined networking does for networks what virtualization does for servers.
Software-defined networks are not yet widely used, so there is no hard data showing exactly how much they cost. However, Nicira, a software-defined networking company that was founded by the developers of OpenFlow, estimates that SDN can save large data centers at least $30 million, primarily because they will need fewer servers.
The benefits of SDN are plentiful. First, by decoupling network control from the hardware and making it software based, the time it takes to reconfigure, update and manage the network is vastly reduced, increasing network flexibility and reducing costs. Lowering costs further, the control plane can operate off of a relatively inexpensive server, and since it is separated from the physical network, the physical routers and switches used can also be both less sophisticated and expensive. Additionally, having a dedicated control plane decreases the complexity involved in running a network since SDN creates a central point of management. IT can also add features to the control plane, all using the existing hardware.
Because software-defined networks are still so new, there are some security risks involved. It is still somewhat unknown whether traditional firewalls can manage the requirements of an SDN data center. Also, data centers and network managers traditionally bought all their hardware from one vendor, but with SDN it is easier to use multiple vendors. More vendors can mean increased security risks, as can splitting up the control plane from the data plane. Additionally, SDN creates new targets for potential security attacks, such as the SDN controller and the virtual infrastructure. An enterprise moving forward with SDN has to be aware of potential risks and prepare for them.
Most likely, yes, a software-defined network will benefit your organization. But the SDN market is young. In fact, vendors are still working on developing SDN-compatible products. Even though big organizations like Google and Facebook have already begun implementing SDN protocols, most IT departments would be wise to wait a while and assess how SDN management and reliability work out. Seeing how Google has predicted that its internal WAN network, which runs on OpenFlow, will have a 99.99% reliability rate, prospects are good. In the meantime, keep up to date with SDN advancements and implement it only when you feel you are ready. If you are determined to start with SDN right away, do so slowly, starting with limited uses.
The first part of getting started with SDN is to consider whether it’s the right move for your organization. If so, the next move is to find an SDN vendor with interoperable products. Software-defined networks don’t necessitate sticking with only one vendor, so their products need to work well with those of other companies. Also, start slowly. Pick one area to concentrate on, train your IT staff, and work out all the kinks before deploying a large scale solution.
Ultimately, software-defined networks have the potential to be more secure than traditional networks since software increasing security can be quickly added from the control plane. Initially, however, software-defined networks will require some increased security measures to compensate for the new security risks they pose. For instance, since the controller has so much power in software defined networks, it has to be completely secure, including restricting access to certain personnel. Additional potential areas of vulnerability will become more evident as SDN becomes more prominent. As with any new technology, IT departments should carefully test and evaluate software-defined networks to uncover security risks to best develop plans to neutralize those risks.
Software-defined networking is the mechanism that allows the cloud to work most efficiently. The cloud is a virtual space, but software-defined networking expands that virtualization across the network where the cloud operates. Servers and storage have long been virtualized; traditional networks have acted as a bottleneck slowing down the cloud. Software-defined networks address that problem.
Software-defined networking is still in its infancy, so it can be hard to find the information you are looking for. This white paper from the Open Networking Forum contains some useful information, and this slideshow from CRN outlines the top 25 players in the SDN field. Still a little confused? Star Trek fans can check out this comparison of software-defined networking to Star Trek.