NetworkWorld

Zeus Kerravala

SDNs and NFV are complementary and core components of modernized networks

The terms software defined networking (SDN) and network functions virtualization (NFV) are often used interchangeably, which is incorrect. In a sense, the two are tied together as companies start using NFV as part of their SDN plans, but that doesn’t have to be the case.

Enterprises could maintain their current network architecture and shift to NFV or they could roll out an SDN and never leverage the benefits of NFV, so it’s important to understand what each is and the benefits of both.

What is software-defined Networking

SDNs are a fundamentally different way to think about networks. Technically, SDNs can be defined as the separation of the management, control and data-forwarding planes of networks. Many people, including technical individuals, read that definition and say, “So what?”, but the separation of these planes has a profound impact on networks and enables things that have never been done before.

Historically, management, control and data forwarding were tightly coupled together. This meant each network device such as a router or a switch needed to be configured independently, typically through a cryptic command line interface (CLI), which makes operating a network challenging. 

Any time a change needed to be made to the network, even a small one, each network device had to be reconfigured independently. For small networks, this is an annoyance. For medium and large networks, the manual nature of the work could bring things to a crawl. In fact, ZK Research conducted a study in 2017 and found that in large enterprises it took an average of four months to implement a change network-wide.

This might have been fine a decade ago when businesses weren’t as dependent on their networks as they are today and network changes were only made infrequently. In today’s digital era, companies compete on speed, and four months is far too slow for the network to keep up with the business. 

SDNs decouple control, management and data forwarding

By extracting the control and management planes from the underlying hardware, they can be abstracted into a software layer that is independent of the hardware and centralized via a controller. The controller can be a physical device, virtualized or deployed in the cloud. This model enables network engineers to make a change in a GUI – instead of using CLI – and then propagating it across the entire network with a single click of the mouse. Network changes can be done at the speed the business requires.

SDNs improve security

In addition to speed and agility, another benefit of SDNs is improved security using micro-segmentation. Traditional networks use virtual LANs (VLANs) and access control lists (ACLs) for coarse-grained segmentation. SDNs enable the network to be partitioned at a much more granular or fine-grained level. Also, because the segmentation operates in an overlay network, devices can be assigned to segments by policy. If the device moves, the policy follows automatically.

SDN enables programmable networks

Another benefit of SDNs is the network becomes programmable. SDN controllers expose northbound APIs that application developers can use to interface with the network so applications can dynamically configure it to reserve bandwidth, apply security or whatever else the apps may require. The programmability also enables networks to be orchestrateable through the use of common orchestration tools like Chef, Puppet and Ansible. This means networks can be better aligned with DevOps initiatives.

SDNs work with most hardware

Also, with SDNs the network becomes hardware-agnostic, where the overlay controllers can work with a wide range of hardware, include white-box switches. Most customers choose a turnkey solution that includes hardware and software from the same vendor, but SDNs do present the opportunity to move away from that model, if a business chooses.

One of the more underappreciated benefits of SDN is that it increases network uptime. ZK Research has found that the largest cause of downtime, 35%, is from configuration errors related to human errors. This happens because of the manual nature of a CLI and the fact that tasks have to be repeated over and over. SDNs automate the configuration, which can eliminate self-inflicted downtime. Offloading these tasks also lets network engineers focus on more strategic initiatives instead of spending most of their day “keeping the lights on.”

What is network functions virtualization (NFV)?

An SDN is a critical step on the path to a modernized network, but many services, such as routing, WAN optimization and security are still tied to the underlying hardware. As the name suggests, network functions virtualization solves this problem by decoupling the network function from the hardware, virtualizing it allowing it to be run in a virtual machine on any compute platform a business chooses.

NFV is similar but different from server virtualization

NFV is similar to the transition that the server industry experienced when server virtualization went mainstream. With server virtualization, applications ran as virtual workloads in software, which lowered cost and increased hardware utilization. With NFV, these benefits can be applied to the network as network services running as virtual workloads.

To date, the majority of NFV deployments have been carried out by service providers, but recently NFV has become a priority for digital companies. A 2017 study by ZK Research found that 61% of respondents are researching (29%), testing (13%), planning to deploy (10%) or have deployed (9%) NFV; NFV is coming quickly.

While there are similarities between server virtualization and NFV, there is a major difference. The primary use case for server virtualization has been to consolidate servers in a data center. NFV can be used in a data center, but its sweet spot is bringing network services to other points in the network including the branch and the cloud where there are no local engineers. 

NFV increases service agility

For example, a business that wants to take advantage of local internet breakout where branch workers can access internet services – such as accessing SaaS apps directly instead of going through a central hub – could leverage NFV to secure the traffic. Typically, this would require a physical firewall (or a pair of them for redundancy) to be deployed in every branch office with local internet breakout. This can be a very expensive undertaking given the cost of next-generation firewalls. Also, it could take months to purchase the firewalls and have an engineer travel to the branch and deploy them. With NFV, the firewall functionality can be virtualized and “spun up” almost instantly, making them fast and easy to deploy.

Today, competitive advantage is based on a company’s ability to be agile, adapt to changes and make rapid transitions to capture new business opportunities. Virtualization and containers have increased compute and application agility but the network has remained relatively static. The long lead times to deploy, change and optimize the network should be considered the hidden killer of companies as that can hold companies back from implementing digital initiatives. 

Software defined networks increase the agility of the network, ensuring it is in alignment with the rest of the business. Network functions virtualization is a complimentary technology that makes network services agile. The two together are core building blocks to modernize corporate networks.

 

This article was written by Zeus Kerravala from NetworkWorld and was legally licensed through the NewsCred publisher network. Please direct all licensing questions to legal@newscred.com.