In some IT circles, software-defined networking (SDN) is still considered a theoretical concept and largely vaporware. And while this may be true in many cases, the fact is that there are already some situations where SDN can be used now -- and you'll see it in many more cases in the near future. What once was simply another buzzword uttered by IT marketing execs has turned into practical ideas that many of us will be able to use in enterprise networks.
So who exactly can take advantage of SDN deployments today? There are several factors that play into answering to that question. For one, at least a portion of your network architecture must be capable of using software-defined technologies -- or can be updated to allow for such centralized orchestration.
The most common areas where SDN can be implemented today tend to be found either inside the data center or at the WAN edge. While it's possible for SDN to stretch out all the way to the access layer, not many networks currently have compatible hardware in access closets. But that shouldn't stop us from looking at practical uses. And once your next network refresh comes around, you'll be ready to take advantage of SDN capabilities that are baked in.
Another factor that affects the usefulness and manageability of SDN in an enterprise environment has to do with the level of infrastructure virtualization that has already taken place. Software-defined networks should be thought of as the next step in the continuing evolution of server and/or desktop virtualization. Many of the benefits of SDN, especially in the data center, require that servers and other network services be virtualized as well. This allows network administrators to tap into all infrastructure resources to create a unified and end-to-end solution that can be centrally controlled. In all likelihood, if you're investigating the practicality of SDN, you are already leveraging server virtualization to a large extent in your environment.
In this slideshow, we take a look at seven uses for SDN. While your enterprise may not be ready to implement all the ideas mentioned, that doesn't make them any less practical. In fact, your goal should be to determine how to get your network up to an SDN-capable form over the next few years. With some hardware and/or software upgrades and a solid roadmap to achieve specific SDN goals, you'll get there in no time. And once you've successfully implemented SDN, take note of how it fundamentally changes how networks operate and are managed. SDN is the future of networking and worth investigating today.
Much like a layered cake, networks can be virtually layered to create separate, independent networks while sharing the same physical hardware space. And while this can be manually accomplished without the use of SDN, it's far easier to push out end-to-end configurations with centralized SDN management.
NFV in the data center
For decades, data center networks have been crammed full of proprietary, purpose-built appliances that are used for various data center purposes including device access, segmentation, and network services such as load balancing, content caching, and DNS. The problem is, proprietary hardware is expensive to purchase and can create expansion challenges if not properly sized. Network function virtualization (NFV) is a way to virtualize all of these data center network functions and place them onto homogenized hardware. The ability to remove proprietary hardware from the data center can significantly reduce capital expenditures as well as allow for the network to stretch and grow within its much more forgiving virtual boundaries.
Automated cloud service provisioning
All of the big cloud service providers these days offer automated cloud provisioning portals -- which server administrators and developers love. But if you operate a private cloud, cloud automation is a huge problem. For those of you with large private clouds that require automated provisioning services, SDN can be used to coordinate and execute back-end provisioning processes on multiple infrastructure components, while offering end users a simplified front-end provisioning portal.
Software-defined wide area networking
Quite possibly the most popular software-defined strategy in use today is software-defined wide area networking (SD-WAN). By leveraging SD-WAN, network engineers gain more flexibility in the way they manage WAN network paths, bandwidth, and latency. Not only can paths be automated to change on the fly, but bandwidth and QoS policies can be automatically manipulated depending on the health of WAN interconnects. On a high level, think of SD-WAN as a built-in navigation system for your WAN connections that tells you which path to your destination is the least congested for a packet at any particular moment in time.
(Image: Highways Agency)
Security policy enforcement
With the proliferation of progressive BYOD and mobile device policies growing within enterprise organizations, IT security administrators are having a difficult time identifying users and devices -- and applying the proper security policies -- such as device posture assessment/patch management, authentication, and resource authorization. Network access control (NAC) has been around for a while and is largely considered to address these concerns. The problem is that a NAC solution must pull in information from various, independently operated security components in order to do the job. Yet, with the power of a fully integrated and cross-communicating SDN solution, NAC components fit together like a puzzle and allow for dynamic policy enforcement based on real-time security information that is collected and shared on the SDN control and management planes.
Centralized configuration management
Once network hardware/software gets to the point where it fully participates in the SDN data, control, and management planes, configuration suddenly becomes a great deal easier. You'll now be able to make configuration changes centrally and apply them to any number of network components along a path. For example, if you have a new application that requires adjustments to quality of service policies between your data center and end users, all changes can be made on the unified control plane, rather than having to hop from one network switch to the next in order to make changes.
Seamless public/private cloud
The ultimate goal for many of us interested in SDN is to seamlessly integrate network configurations and policies across both our public and private cloud footprints. Using a universal configuration and policy management API, policies can be pushed out and duplicated between private data centers and public cloud instances. No longer will we have to essentially manage two or more separate networks; they'll finally merge into a single unified architecture.