If you're going to compete in the software-defined networking (SDN) space, you need to have the right tools. You need to have a programmatic API of some kind. You need to have a software controller somewhere directing all the traffic to the right location. And you need to be able to integrate with commonly used programs like Chef and Puppet. That's the minimum you need to be an SDN-focused company today. To be successful, though, you're going to need a bit more. And Plexxi has the little something extra.
Plexxi, founded by David Husak, has quietly been making waves in the SDN space thanks to some impressive hardware. The company creates high-speed rings in the data center to ensure that packets get transported quickly from one end to the other. With a fast underlay, the product also offers a software layer that examines the relationships between servers and creates rules and policies based on them.
Plexxi's term for this is "affinity." Affinities may be something as simple as noticing that the Exchange server requires constant contact with the Active Directory global catalog. Or it could be something more complicated, like ensuring that the public-facing Web server never interacts with the HR database.
Affinities are a great example of how software is going to drive network operations in the future. What's needed to drive it to a higher level is additional interaction from all the information sources available to the application from the network. I've written about that before, but I think Plexxi has created a tool to do just that: the Data Services Engine (DSE).
The DSE is based on a simple idea: Your network is a collection of heterogeneous data sources and processes. Even similar data types, like MAC addresses, can be stored differently by different devices, such as xxxx.xxxx.xxxx versus xx:xx:xx:xx:xx:xx. The DSE can collect all these different sources of data and sanitize them for the different services and applications that might consume the data.
[Read how VMware's NSX might enable an app store for the data center, where a few clicks gets you firewalling and other services in "VMware's NSX End Game."]
The DSE, which runs on its own virtual machine or on a controller, works with any source data. It’s a software module that can be coded to accept the input. In short, the DSE listens to things that talk to it to gather information.
Once the DSE becomes the authoritative source for your system information, you can be sure that information is correct across all devices subscribed to the DSE. The Plexxi Control network controller can then use the DSE as a data source to easily create affinity rules and policies to control traffic flows.
In addition, those same affinities can assist in troubleshooting when an application change causes an end user to experience latency or service loss. Because the DSE knows about all the state information in the network, it can very easily provide all relevant information to those attempting to fix the problem. It can produce on-demand source IP and MAC address, destination server, recent network changes and network traffic information.
The Plexxi DSE is exciting. Other vendors have tried similar things before with identity management or security incident correlation.
Plexxi's approach isn't to replace an existing device because nothing like this exists currently. The idea is to collect all the data locked away in the network and provide a portal to do something with it. Plexxi says that the DSE becomes "the source of truth for current state." With the engineering that Plexxi has put into its SDN solution, I would wager that statement is indeed the truth.
[Don't miss the lively panel discussion of how SDN, virtual networks and automation are changing the role of the network professional in "Will SDN Make Me Homeless?" at Interop New York Sept. 30-Oct. 4.]