Software-Defined Networking Is Being Driven by Broadband and Cloud Computing

Software-defined networking, which replaces traditional network hardware with software, is the latest technology buzz. But what potential does it have for government?

by / November 27, 2013
Bob Woolley, chief technical architect, Utah David Kidd

Hype is the norm in the technology industry. In many cases, it’s just that. But in the case of software-defined networking (SDN), the hype may be justified. Industry experts say SDN could change the network landscape as we know it.

For years, networks have relied on hardware devices like routers to direct traffic across network infrastructure. SDN removes control from individual devices and centralizes that authority in a software application called a controller. The new approach promises better network management — because the controller makes decisions based on an end-to-end view of the network — and more precise control over traffic flow because it enables prioritizing, de-prioritizing or even blocking of specific types of information packets.

SDN has had a sudden and rapid rise to the spotlight, but the idea isn’t new.

“SDN has been brewing for a while,” said Kelly Herrell, vice president and general manager of the software networking business unit of Brocade. “But in just the past year or so it’s gone from basically an idea to something networking vendors say may be their model for future enterprise network management.”

The fast growth of cloud solutions had a good deal to do with SDN’s rise. SDN is especially helpful in a multi-tenant cloud computing architecture because it allows traffic loads to be managed flexibly and efficiently. Cloud service providers were quick to jump on SDN because they needed to make frugal decisions about infrastructure in order to provide services cheaply.

“With SDN, cloud providers and others can manipulate the network infrastructure,” Herrell said. “Instead of buying an inflexible, expensive hardware device, they can use a virtual switch for a much lower cost.”

Driven by the current push to consolidate and virtualize servers, the federal government did not take long to realize the potential of SDN. A Juniper study of 250 federal IT management executives and IT professionals released in August found that 61 percent consider SDN an important factor in their future network buying decisions. Thirty-four percent of federal IT professionals said they plan to adopt SDN within two years.

“Those are high numbers given government is not known for jumping in on a high cycle as early as this one,” said Mark Belk, Juniper’s chief architect for national government. “But the interest is understandable given the potential efficiencies that can be gained. Government IT executives recognize the role SDN plays in fostering innovation and cutting operational costs.”

Herrell of Brocade praised federal agencies for being fast to virtualize services, but said that in some cases virtualization created new issues. SDN not only fits the new environment like a glove, it also solves a few challenges.

“These virtualized environments are like everyone jumping into the pool,” he said. “That’s not the way infrastructure is supposed to be designed. There should be differentiation and separation of data and applications. With SDN, you get a virtual router that allows that separation, but through the use of software instead of hardware.”

SDN essentially takes server virtualization and brings it to the network and storage levels. Once these three levels of infrastructure have been virtualized, and management and control of those resources is automated by software, the data center becomes dramatically more agile. Experts say such features present vast possibilities to IT managers, who will be able to centralize network operations, set up unified network control and continuous monitoring, and take better advantage of cloud capabilities.

SDN: A Closer Look

SDN originally evolved from work done at the University of California, Berkeley and Stanford University around 2008. Basically SDN breaks network connectivity down into two layers: one is virtual connectivity in which overlay tools allow changes to be made quickly in the network; the other is SDN within the infrastructure, which allows more efficient traffic management.

When a packet arrives at a switch in a conventional network, rules built into the switch’s proprietary firmware tell it where to forward the packet. The switch sends every packet going to the same destination along the same path. But in a software-defined network, a network administrator can shape traffic from a centralized control console without having to touch individual switches.

SDN has secured significant mind-share in the market, in large part because service providers and the enterprise alike see the possibility of achieving greater simplicity, agility and lower total cost of ownership, according to Lauren Cooney, senior director of software strategy and marketing at Cisco. ”What’s driving this is the increasing number of devices, continued bandwidth growth and the need to provision services faster,” Cooney said. ”In turn, customers are looking for SDN to enable the efficient interconnections of networks, data centers and endpoints.”

There’s strong industry support for standardizing SDN technology. The Open Networking Foundation is a user-driven organization dedicated to the promotion and adoption of SDN through open standards. As part of its quest to make SDN a commercial reality that meets customer needs, the Open Networking Foundation is developing open standards such as the OpenFlow Standard and the OpenFlow Configuration and Management Protocol Standard. The OpenFlow Standard is the first and only vendor-neutral standard communications interface defined between the control and forwarding layers of an SDN architecture.

Juniper, Cisco, Hewlett-Packard, Alcatel-Lucent, Dell, Brocade and VMware are some of the leading SDN technology providers today.

“Government demand for SDN stems from a combination of things, one of which is the need for IT to respond faster. It shouldn’t take two years to bring new IT services to market,” said Herrell. “Government is at the point where it has to do something different because the status quo is just not working.”

SDN’s business drivers include agility, simplicity and lower total cost of ownership, said Lauren Cooney, senior director of software strategy and marketing at Cisco. “With SDN, an agency can deploy a new application in two hours instead of two weeks.”

According to a MeriTalk report released in July, more than half of the 152 federal IT managers surveyed say their agency can’t acquire IT resources in a timely manner. In addition, respondents report spending more than 79 percent of their IT budgets, or $62 billion annually, updating and maintaining legacy environments, and 73 percent of their time performing routine tasks like provisioning equipment and services to end users, loading patch updates, and backing up and restoring files. These tasks, which SDN can automate, cost an estimated $4.7 billion each year in productivity, according to the study.

“SDN is going to have a strong position with federal government because it makes the infrastructure more flexible and efficient,” Herrell said.  “And it’s not just a 10 percent improvement; we are talking 90 percent improvement.”

SDN also allows an agency’s data to be used for more proactive management and monitoring and to create a better user experience. Many federal agencies deal with some type of seasonal IT infrastructure ebb and flow. Things like the start of flu season or a natural disaster can cause a sudden spike in demand and require more infrastructure capacity. Agencies typically have two options for dealing with these situations: They can spend a bundle to build an infrastructure that’s prepared for the few times they need 90 percent capacity, or they could do nothing and be caught flat-footed. SDN lets network administrators accommodate traffic spikes by allowing them to quickly change network rules or make other modifications.

“A network needs to be able to adjust to run applications in the best environment at any given time,” Cooney said. “SDN is about enabling that environment.”

The federal government is reacting quickly to SDN, but adoption in state and local government may take longer. Because states and localities were much quicker to implement IT consolidation, they may now lag on implementing SDN.

“The feds may get there first because they have a lot of consolidation going on and network switching is certainly a big issue for them,” said Bob Woolley, chief technical architect of Utah. “A lot of states have already virtualized their data centers and normalized their switching infrastructure, so SDN doesn’t have as much appeal there.”

Where SDN may hold value for state and local government is in application optimization — a challenge facing many agencies, Woolley said.

“It’s theoretically possible with a software switching fabric to easily move information from one point to the next on the most efficient path and to do it all using software,” he said. “That’s kind of cool and could be very effective. It could allow us to have applications running at disparate points, in our own data center or in a cloud data center somewhere else, and then coming back across a common switching fabric that gives us optimal performance. I think that’s really where this is going.”

Woolley saw evidence of SDN’s appeal when Utah released an RFP earlier this year that had significant potential for the application of SDN technology. “All the states I talked to were interested in this one,” he said. “That told me this is an important category, and it also told me where the future is going.”

But before CIOs make the move to SDN, they should have a clear understanding of what SDN can and cannot do for them.

According to the Juniper study, 58 percent of the IT managers surveyed that were familiar with SDN had two or more misconceptions about its implementation. For instance, Belk said, 11 percent thought SDN could only be applied at data centers, and 15 percent thought it required manual configuration.

SDN also raises concerns from a security perspective, particularly around the controller, which allows the control panel from each system to be centrally managed. Once the “brains” have been taken out of the routers or switches and replaced with the new controller, the security of the controller becomes paramount.

“Knowing who has access to the controller and where it resides on the network is a big security concern,” Belk said. “Access to the controller could potentially give complete control to an attacker, so it’s vital that it is secured.”

Without those safeguards, the network becomes vulnerable to malicious attacks or accidental changes. “Organizations need to ensure that security is a primary consideration in the design, deployment and management of SDNs,” Belk said.

Experts say a transition by government to the software-defined enterprise could take three years or more. But once it takes off, SDN may also provide benefits in terms of the consolidation of resources. “IT services could be consolidated for a state or even between states to give them a bigger bang for their buck,” said Belk. “Or a large city could help support smaller communities in the state that can’t afford sophisticated IT infrastructure on their own.”

Wide adoption of SDN may have implications for procurement as well. Belk said SDN breaks network connectivity down into two layers: one is virtual connectivity in which overlay tools allow changes to be made quickly in the network; the other is SDN within the infrastructure, which allows more efficient traffic management. As agencies virtualize overlay services, the procurement model for some of those services may change. Belk said Juniper has already had to change its licensing structure as a result.

“You’ll see some of the networking functions become more like software components in how they are licensed,” he said. “That also means the enterprise CIO can begin to discuss enterprise-level contracts, which give him or her the ability to add services under an existing contract without having to go through an entirely new procurement. Potentially, the CIO gains agility in that manner as well.”

Justine Brown Contributing Writer