Software defined networking (SDN) is growing up. As we learn how to program and automate SDN systems, we can equip ourselves for the network challenges currently looming on the horizon.
When first introduced, software defined networking was little more than a way to separate the messages used to control the network from the data that it transmitted. Putting these control messages into a software-management layer allowed administrators to configure networks on demand. It meant that they no longer had to manually set rules in many different devices from different vendors across the network, using different interfaces.
Since then, our understanding of software defined networking architecture has evolved, as the industry recognizes its power both inside and outside the data centre. Administrators can extend the powerful concept of infrastructure-as-code to solve mounting pressures on the network, managing cost and complexity.
One example of this is microsegmentation. This concept helps to solve one of the biggest challenges facing data centres in 2017: data security. For years, administrators worried about the security of north-south traffic, crossing over the network perimeter. These days, the perimeter has all but disappeared thanks to mobile users and third-party system access.
Now, the focus is on east-west traffic inside the data centre. Intruders move laterally within the network, compromising resources as they go. Administrators can protect each resource, such as servers and storage systems, individually by using SDN to configure security policies at a granular level. That takes traditional network segments and grinds them into far smaller ones.
SDN isn’t just useful for shrink-wrapping individual network resources at the server level; it can also optimize networks beyond the data centre. Administrators can use it to abstract the control and configuration hardwired into routers and switches across wide area links. This enables them to rapidly reconfigure the network using software interfaces, solving a critical problem for wide-area network users: bandwidth and latency.
This wide-area approach to software defined network architecture is known as SD-WAN. By abstracting network control into software, it enables network administrators to aggregate connections of different types at a single location to provide more bandwidth for demanding applications. They can also use intelligent power control to route packets along the most appropriate links based on the application being used and the current network conditions.
SDN’s power in these areas will increase as it becomes more programmable and therefore automatable. Automating its ability to quickly provision network resources and route traffic makes it a useful tool for dynamically responding to network conditions. Automated SDN can quickly adjust network flows as application demand shifts and places different pressures on the network.
In a retail environment, an automated software defined networking architecture could dynamically prioritize network packets for point-of-sale applications. An SDN system configured to ‘heal’ network damage could dynamically respond to a low-level DDoS attack, keeping key applications up and running.
By making SDN a programmable resource that can be manipulated by developers and operators alike, companies can support a mature DevOps process. If development and operations teams know what a network will need from a new application, programmable SDN could enable them to automate router and switch configuration to support rapid, high-volume deployment. This can be particularly useful in container-based environments, where virtual machines are ephemeral and prone to appearing and disappearing quickly.
Finally, imagine the power of a programmable SDN architecture with additional automation capabilities in an Internet of Things environment. IoT networks may need to cope with high-velocity, high-volume data with volatile delivery patterns. At 3 am, when connected sensors behave unexpectedly en masse, will network operators be equipped to cope? Programmable, automated SDN could react dynamically to changes in an IoT network and save the day.
According to a Network World survey of 294 IT professionals in the US, less than one in five (18%) had deployed SDN in their organizations. However, almost half (49%) were either considering or actively piloting it. This tells us we are still getting to grips with this relatively new and rapidly evolving technology.
We are still early in our journey towards programmable, automated SDN deployments, but they are coming. Along with similar developments in its close cousin, network function virtualization (NFV), this will give us a new generation of network in the data centre and beyond. Those that embrace this challenge will be at the far end of the maturity spectrum and will enjoy significant business benefits as a result.
Danny Bradbury has been a technology journalist since 1989. He writes for titles including the Guardian newspaper, and Canada’s National Post. Danny specialises in areas including cybersecurity, and also cryptocurrency. He authors the About Bitcoin website, and also writes a regular blog on technology for children called Kids Tech News. You can follow Danny on Twitter® at @DannyBradbury
© 2018 SolarWinds MSP UK Ltd. All rights reserved.