Cisco's ONE Controller Debuts; Targets SDN

Cisco today announced details about its Open Network Environment (ONE) Controller, a keystone in Cisco's software-defined networking (SDN) architecture. The ONE Controller is a software platform that serves as an interface between network hardware in one direction (southbound) and third-party applications (northbound).

Cisco says its controller will support both the OpenFlow protocol and a set of proprietary APIs, a package it calls the One Platform Kit (onePK), which contains hundreds of APIs to expose existing features and capabilities within Cisco's switches and routers. Cisco says the new controller will ship in the first half of 2013.

Cisco has been slower to market with an SDN controller than traditional competitors such as IBM and NEC, both of which have released controller products. HP and Juniper have also announced, but not shipped, their own controllers.

There are several reasons for Cisco's slow pace. The simple fact is that while the SDN movement has generated a significant amount of discussion, it has yet to generate any significant customer demand. For another, Cisco has dominated the market for decade with autonomous networking, so it's easy to assume the company is assuring current profits by resisting change.

Cisco also announced three applications for the controller. If you have been following the OpenFlow/SDN discussion, you won't be surprised by the applications that Cisco offers, which are similar to those offered or announced by other vendors such as HP and Big Switch Networks.

1. Network Slicing: This application uses dynamic network provisioning to "carve" new pathways out of existing networks; it's most commonly associated with multitenant networks.

2. Network Tapping: This application uses flow-based network matching to duplicate traffic for external monitoring, and is similar to Big Switch's Big Tap product.

3. Custom Forwarding: As with Network Slicing, Custom Forwarding applies specific modifications to selected traffic, such as setting dynamic QoS policies or manual path selections.

Cisco says these applications are in use today by customers building proof-of-concept networks, suggesting that Cisco wants us to know these are real applications, not just announcements.

Controller support within the Cisco hardware product range is very limited. Only the ASR 1000 and ISR G2 routers and the Nexus 3000 will get onePK support in the first half of this year. OpenFlow support will be limited to the Catalyst 3000 (that is, not Cisco silicon). However, software devices such as the CSR1000V and Nexus 1000V get early support.

Northbound APIs

Much of the value in a centralized controller-based SDN architecture comes from a controller's northbound APIs, which allow applications to communicate with the controller and request network services. Cisco has announced REST and Java-based northbound APIs for its controller.

Previously, Cisco stated its intention to "meet developers wherever they are" and offer APIs once standards and market consensus had been reached. However, developers are also looking to Cisco to commit to a platform before the developers put resources to development projects. The announcement of northbound APIs from Cisco may be the commitment developers need. Cisco claims that its ONE Controller is the "industry's most extensible controller architecture," indicating APIs will certainly change and Cisco plans to be ready for those changes.

Today there are no standards for northbound APIs, though there has been talk of efforts. Recently, I received a tip that HP, IBM and Cisco may be setting up a consortium to build consensus and direction for northbound APIs. That the Open Networking Foundation, which oversees OpenFlow standards, hasn't been able to get organized is disappointing. That said, standards can be built in many ways, and a joint effort among vendors with transparent and open processes could work equally well for customers.

Next Page: Controller Commitment IssuesCisco also made several other announcements today, including the Nexus 1000V InterCloud, which expands the Nexus 1000V virtual switch portfolio. InterCloud aims to make it easier for enterprises to connect a private cloud to a public cloud, for services such as cloud bursting that let an enterprise take advantage of extra capacity from a public cloud provider. Cisco says the 1000V InterCloud gives IT full visibility into virtual containers as they move from a private cloud to a public cloud. Cisco also says InterCloud will preserve a virtual machine's profile and security policy when it moves to the public cloud.

Cisco says it is targeting Amazon Web Services out of the gate, and will add other providers over time. InterCloud is expected to be available in the first half of 2013. Cisco did not release pricing details.

Cisco also announced that its Network Analysis Module (NAM) will be available on the Nexus 7000. The NAM provides a variety of services including performance analysis of voice and video traffic. As with Cisco's other announcements, NAM for the Nexus 7000 will be available in the first half of this year.

Finally, Cisco released the Nexus 6000, a new chassis-based Ethernet switch series. I covered that release in detail (and engaged in a bit of debate with Cisco representatives) in the post Cisco Nexus 6000: First Impressions.

Controller Commitment?

Although Cisco has announced its network controller, it seems there is limited buy-in from many business units within Cisco. It's not uncommon for Cisco's business units to have competing strategies, roadmaps and revenue streams. This can lead to the failure of "big picture" technologies unless Cisco executives mandate company-wide commitment.

It's been two years since controller-based networking arrived on the scene; the limited product support of the ONE Controller might be a marker that the mandate is missing. If so, Cisco's commitment to onePK and the controller may be limited to the Service Provider and Data Center business units. This is not what a customer or developer wants to hear.

The other elephant in this room is the highly public spinout of Insieme last year to develop new technology for the data center. Rumors continue to swirl about its purpose, but the strongest rumors suggest Insieme is building a controller. This further confounds Cisco's long-term strategy and undermines confidence.

The good news is that Cisco has been busy. Even though its controller is late to the market, it is on target. It also has market dominance on its side, and the company likely hopes this dominance will make the ONE Controller a focal point for application development for customers and ISVs. Now we have to see if customers and ISVs will play along.