8/11/2019 AST-0087944_NWW_SDN_v5

http://slidepdf.com/reader/full/ast-0087944nwwsdnv5 1/23

digitalspotlıght

T H E C O N N E C T E D E N T E R P R I S E M A Y 1 3 , 2 0 1 3 S P E C I A L I S S U E

SDNThe Promise of

8/11/2019 AST-0087944_NWW_SDN_v5

http://slidepdf.com/reader/full/ast-0087944nwwsdnv5 2/23

Open Your NetworkTo A New WorldOf Possibilities.

Bringing Your Network Closer to ApplicationsLearn More:www.cisco.com/go/one

8/11/2019 AST-0087944_NWW_SDN_v5

http://slidepdf.com/reader/full/ast-0087944nwwsdnv5 3/23

digital spotlıght Software Dened Networking

network world .com May 1

inside

Software dened networking has thepromise to redene networking aswe know it by abstracting the layersand optimizing net control on a cen-tralized resource. But it is still early

and enterprise buyers are trying to make sense ofthe different vendor approaches, the architecturaloptions, the expected benets and how they canget there from here given huge investment in leg-

acy infrastructure. This Network World SpotlightDigital Issue does a deep dive on the SDN basics .

The Promise of SDN 4

SDN: The core buildingblocks 10

SDN FAQ 14

Q&A: Early User SteveWallace 17

12 tips for SDN ITbuyers 21

3

8/11/2019 AST-0087944_NWW_SDN_v5

http://slidepdf.com/reader/full/ast-0087944nwwsdnv5 4/23

network world .com May 1

digital spotlıght Software Dened Networking

B Y J O H N D I X

If you aren’t intimately famil-iar with software denednetworking , don’t fret. Onl10% of 450 IT practitioners aa recent Network World evenraised their hands when askeif they understand SDN. But i

the emerging technology lives up toits promise to redene networking awe know it, there is no time like thepresent to dig in and learn more.

Proponents argue that, among

other advances, SDN will centralizeand simplify control of the networkmake networks programmable andmore agile, and create opportuni-ties for policy-driven supervisionand more automation. In short, SDNwill help networks keep up with thespeed of change made possible bythe virtualization of other data cen-ter resources and provide the perfectcomplement to cloud computing.

But challenges remain. Many ofthe vendor cheerleaders, after all,tiny startups . While the incumbenseem to have joined in the chanting,only time will tell if they are serious

SDNThe Promise

of

4

8/11/2019 AST-0087944_NWW_SDN_v5

http://slidepdf.com/reader/full/ast-0087944nwwsdnv5 5/23

network world .com May 1

digital spotlıght Software Dened Networking

about change or simply paying lipservice while working behind thescenes to scuttle advances so they canget back to business as usual.

That said, most industry punditssay the SDN movement has momen-tum now and, even though we’re stillin the early goings, there won’t beany stopping this train. Now it is justa question of where we end up going,how long it takes to get there, andhow different the coach looks when itnally arrives.

“There is a fundamental transition

happening now because the statusquo is not sustainable,” says NickLippis, a longtime industry observerand co-founder of the Open Network-ing User Group (ONUG), an SDNuser group he formed with FidelityInvestments. “The cost to operatenetworks is too high and growing toofast and you can’t nd enough peopleto manage these things anymore. It’stime for change.”

It’s telling, for example, that theSDN movement is being led by users.The organization championing thecause is the Open Networking Foun-dation (ONF), whose board members

include Microsoft, Yahoo, Facebook,Goldman Sachs, Google, Verizon andDeutsche Telecom.

Jim Metzler, vice president of con-

sultancy Ashton Metzler & Associ-ates, notes that standards bodies aretypically staffed by vendors (usuallygrouped into three camps — thosepushing the standard, those simplywatching and those actively tryingto slow down the effort), so the factthat SDN is being pushed by buyersgreatly enhances its chance ofsuccess.

The magicBroadly speaking, SDN makeschange possible by separating thenetwork control plane from the dataplane, meaning control of the net-work is pried out of the devices thatforward the packets and is central-ized on a server called a controller.Rather than the classic approachof each network device principallyworrying about adjacent devicesand forwarding trafc based on thatknowledge, centralizing intelligencemakes it possible to see the networkend-to-end and make smarter, big

picture decisions, and when it cometime to make network changes, youcan touch the network once insteadof having to update each link in thechain.

[For more, see https://www.open-networking.org/images/stories/downloads/sdn-resources/white-papers/wp-sdn-newnorm.pdf .]

The ONF has specied the OpeFlow protocol as the open standarway controllers communicate withand control OpenFlow-compliantnetwork devices.

“OpenFlow allows, for the rst timan external control plane to abstractthe entire underlying network fabricso that fabric is universally address-able and all topology and state information is commonly managed,” say

Jason Matlof, vice president of mar-keting at Big Switch, a poster childof the SDN movement . “Today evdevice has its own control plane,manages it own state, has its ownpolicy denitions, its own conguration and has to be managed throughits own CLI. Once you have all thatinformation centrally managed in anSDN controller, it enables you to bui

5

Gauging SDNdeployment plans

Members of the Open NetworkingUser Group report on where

they stand with SDN

When those... Reviewing plan to pilot

Piloting plan to deploy

3 mos. 6 mos. 1 yr. 3 yrs.

32%

1%

12%13%14%14%

11%

18%

Reviewing Piloting LimitedDeployment

16%

28%

56%

8/11/2019 AST-0087944_NWW_SDN_v5

http://slidepdf.com/reader/full/ast-0087944nwwsdnv5 6/23

network world .com May 1

digital spotlıght Software Dened Networking

apps to program the network as auniversal element. So this eliminatesthe complexity and static nature oftraditional networks.”

Given the early stage of SDN devel-opment, there are, of course, differ-ent takes on the denition of SDN.Metzler writes in Network World :

“The denition of SDN that is cur-rently emerging focuses somewhatless on decoupling and more onproviding programmatic interfacesinto network equipment, whetheror not there is a separation of thecontrol and forwarding planes. Aminor reason for this shift in focusis because Cisco recently announcedthat as part of its SDN offerings, itwill provide APIs into multiple plat-forms they provide.” [Also see Whatis software dened networking? ]

“SDN is not equivalent to Open-Flow,” says Lee Doyle, principalanalyst at Doyle Research. “SDN ismuch broader than that. As long asyou have APIs and can program thedevices, it can be SDN, but it might beproprietary.”

Regardless of denition, sufce itto say the broad aim is the same — to

simplify networking and to catch upto the pace of change made possible bythe adoption of technologies such ascloud computing and virtual servers.

Regarding the latter, the oft-citedproblem today is you can spin up1,000 virtual machines in minutes

but it will take you two more weeks tobend the network into shape to sup-port that new environment. SDN isdesigned to remove the network as

the bottleneck in this uid new world.Which gives rise to the question

about the difference between soft-ware dened networking and virtualnetworks, terms that are used inter-changeably by some and referencedas distinct notions by others.

Matlof views virtual networks as adata center thing, a way to set up vir-tual tunnels between virtual serverelements in the data center, andviews virtual networks as just oneapplication for SDNs. In fact, he callsvirtual networks the rst killer appfor SDN , and Big Switch has rolledout a product to address the need. Butultimately he says a true SDN shouldbe able to do that as well as controlphysical devices that support theOpenFlow protocol.

Nicira, which, besides Big Switch,was one of the other SDN early birds to spring out of the Stanfordlabs where SDN was conceived, isfocused primarily on virtual net-works, what some call overlay net-

works. That made it a good t for thking of the virtual machine world,VMware, which shelled out $1.2 billion to acquire Nicira in 2012.

But aren’t companies that arefocused primarily on virtual net-works articially constraining theiropportunity? Lippis says, “If youlook at the number of virtual ports tphysical ports, there are more virtuaports now and the number is grow-ing a lot faster than physical ports, s[VMware/Nicira] believes they’refocused on the high-growth part ofthe market.”

Ultimately, however, SDNs willneed to span the virtual and thephysical if buyers are to realize thebiggest return, and they will need tospan the data center and the WAN.

Early ONF backer Google, forexample, has already deployed anSDN WAN backbone that is payingdividends.

“The biggest advantage is beingable to get better utilization out of oexisting lines,” says Google PrincipEngineer Amin Vahdat. “The state-of-the-art in the industry is to runyour lines at 30% to 40% utilization

“What’s driving this isoperational costs, notcapital costs. In fact,some say the capitalcosts are irrelevant.”– Nick Lippis, co-founder of the OpenNetworking User Group (ONUG)

6

8/11/2019 AST-0087944_NWW_SDN_v5

http://slidepdf.com/reader/full/ast-0087944nwwsdnv5 7/23

network world .com May 1

digital spotlıght Software Dened Networking

and we’re able to run our wide arealines at close to 100% utilization, justthrough careful trafc engineeringand prioritization. In other words, we

can protect the high-priority trafc inthe case of failures with elastic trafcthat doesn’t have any strict deadlinefor delivery.” [For a full interviewwith Vahdat see “ Google’s soft-ware dened/OpenFlow backbonedrives WAN links to 100% utiliza-tion .”]

Of course few organizations havethe resources that Google does (itbuilt the devices used to control thatbackbone), so much of the focus todayis, in fact, in the data center.

Early benetsMark Leary, chief analyst at TheFirst Tracks , says one of the earliestbenets of SDN will be simplifyingnetworks. “Consolidating around acentral control structure allows forgreater automation. That’s where you

can see a lot of immediate impact.”But how do you get there from here

given the huge investments in legacygear?

“Incremental adoption is the key

for success,” Leary says. “The beautyof some SDN solutions is they arecompartmentalized. You can dropthem into some part of your network

to reduce complexity and see imme-diate benet. And then once you’veexpanded on that and nished sim-plifying the overall structure, SDNis about improving the dynamics, by,for example, allowing the network toadapt to load.”

Lippis says one benet mentionedby many early adopters at the rstever ONUG SDN users group meet-ing in Boston was network visual-ization. “What some companies aredoing is using low-cost 10 GigabitEthernet switches with OpenFlowinterfaces to connect mirror portson data devices to analytic servicenodes. That drastically lowers thecost to gather trafc and, since thecosts are lower, gives you the abilityto tap into more places so you get alarger view.”

Lippis adds, however, that a lot ofthe early vision about SDN’s role isbeing put forward by vendors thatare just guessing what people willuse it for. “It’s not until SDN is in the

hands of IT architects that real usecases will start to emerge.”

Consider early user IndianaUniversity. It didn’t want to pay

$100,000-$200,000 for a load bal-ancer that could sit on the school’s10Gbps Internet trunk and parse outrafc to multiple intrusion detectio

systems for analysis, so it gotcreative.

“We saw this was an obvious usecase for SDN and OpenFlow,” saysSteve Wallace, executive directorof InCNTRE, the Indian Center forNetwork Translational Researchand Education. He says they hireda couple of grad students to developsoftware for an OpenFlow controllethat instructs a $40,000 OpenFlow-enabled switch to handle the loadbalancing task and have been reap-ing the benets ever since. (See pag17 for a full Q&A with Wallace.)

Cost savings, in fact, is one of thepotential benets of SDN. Undoubt-edly other organizations will dis-cover more SDN niche applicationsthat deliver savings, and longer-term simplication of the network

is expected to lower opex costs, butit is less clear if SDN also results inreduced capex costs.

In an article about SDN in The Eomist (yes, The Economist , showing

“The beauty of someSDN solutions is they arecompartmentalized. Youcan drop them into somepart of your network toreduce complexity andsee immediate benet.”– Mark Leary, chief analyst at The First Tracks(www.thersttracks.com )

7

8/11/2019 AST-0087944_NWW_SDN_v5

http://slidepdf.com/reader/full/ast-0087944nwwsdnv5 8/23

how far this stuff is spreading), ChrisWeitz of Deloitte Consulting wasquoted as saying “rms using SDNcan save up to 50% on their network-

ing bills … some of the savings [com-ing] from cutting out ‘carbon middle-ware,’ as network engineers jokinglyrefer to themselves, and from buyingmore basic — and thus cheaper —hardware.”

The hardware can get cheaper, therationale goes, because with SDN thesmarts are embodied in software andshifted to the centralized controller.

But is capex the problem that needsxing?

“I think what’s driving this is oper-ational costs, not capital costs,” Lippissays. “In fact, some say the capitalcosts are irrelevant. They say, ‘Ifsomeone gave me $2 million worth ofequipment for free, I couldn’t take itbecause I can’t afford to manage it.’ Soif the equipment costs zero they’re notgoing to take it, and they won’t take it

if it’s really expensive, so the vendorsreally have to deal with the opera-tional piece of this.”

Over a three-year period, capitalcosts represent 25% of networking

total cost of ownership, Lippis says.“So it’s already a relatively small num-ber, and if it goes to 12% because SDNmakes it possible to use lower cost

equipment, is that a big deal?”Leary adds that simplication

doesn’t necessarily equate with lowcost. “Leonardo da Vinci once said,

‘Simplicity is the ultimate sophisti-cation.’ Just because something issimple doesn’t mean it’s not incred-ibly sophisticated underneath. As

the network becomes simple, thenetwork devices and controllers grothat much more sophisticated.”

What’s more, suppliers will bescrambling to differentiate them-selves regarding usability, manage-ability, performance, capacity, etc.,Leary says, so it isn’t like SDN justresults in networks built using abunch of cheap, white label boxes.

That said, the real magic may ulti-mately be in the applications that cay these SDN networks. Things liketrafc engineering, network moni-toring and even security controlsbecome apps that run on SDN con-trollers.

But the ONF hasn’t yet speciednorthbound APIs for these appswhile it should be possible to mix andmatch controllers and switches that

support the ONF’s southbound OpenFlow API, the SDN applications avaiable to you today will be dependenton the type of controller you employ.Ultimately the industry needs to stan-

network world .com May 1

digital spotlıght Software Dened Networking

8

SDN abstracts the networkIntroducing a controller between the

applications and the data handling devicessimplies operations and management

SDN Controller Platform

App App App App

vSwitch vSwitch

Switch Switch

Northbound API

Southbound API

8/11/2019 AST-0087944_NWW_SDN_v5

http://slidepdf.com/reader/full/ast-0087944nwwsdnv5 9/23

dardize the northbound connectionsto provide interoperability.

A question of timingAs far as we have come in so little

time, this is sti ll early days for SDNand the industry is still coalescing.As Metzler from Ashton Metzler &Associates points out, it took servervirtualization technology almost 10years to become mainstream, andthe SDN OpenFlow protocol was justpublished at the end of 2009.

Doyle from Doyle Research esti-mates that the SDN market will onlyadd up to $400 million in 2014. “It’spretty tiny, but we’re starting to seeadoption. Bleeding edge now. Moreearly adopters to follow.”

Lippis says the virtual side of the

SDN world — where the technologyis used to network virtual resources

— is already percolating nicely, buthe expects 2013 will see more shops

start to pilot SDN tools that controlphysical switches. Real deploymentson the physical side won’t occur until2014, he says, when new switchescome out that address performanceissues. “Most companies are notdoing full-blown physical side SDNbecause they are waiting for thenext generation of silicon to addressthe performance issue around howmany ows a switch can support,how long it takes the controller togure out the path and then populatethe network.”

Leary says, “SDN solutions are stillrather specialized and solve certainproblems. For transition to full SDN-enabled networks, we’re probablyve, six, seven years away from that.”

That’s a long time in the high-techworld, which begs the question of

whether some shiny new tech willemerge in the meantime and renderall this moot. [Also see: “ Networkadministrators look to SDN withhope, concern ”]

“I don’t think so because what’s

driving this market is operationalcosts and bloat,” Lippis says.

“The network seems to go througha pretty dramatic change every 10years or so,” Leary agrees, “and it’s

time we focused our energy on get-

ting the network to run better. I thinSDN offers that opportunity.”

Dix is editor in chief of Network World.Contact him at jdix@nww.com.

network world .com May 1

digital spotlıght Software Dened Networking

2013 will see moreshops pilot SDNtools that control

physical switches. Realdeployments on thephysical side won’t occuruntil 2014.

9

8/11/2019 AST-0087944_NWW_SDN_v5

http://slidepdf.com/reader/full/ast-0087944nwwsdnv5 10/23

SDN: The corebuilding blocksB Y E T H A N B A N K S , O W N E R , PA C K E T P U S H E R SI N T E R A C T I V E

When getting to know software denednetworking, you’ll encounter a numberof terms that are used in conjunctionwith the technology. Some of the termsare unique to SDN, while others describetechnologies that, while not unique, arefrequently used in SDN designs.

It’s helpful to have an understanding of these terms andtheir context. We’ll take a look at three basic terminology cate-gories as they relate to SDN: controllers, switching and overlaynetworks.

ControllersOne of SDN’s big ideas isthat a device called a control-ler talks to all of the networkdevices in a domain, learns

the network topology, andprograms the network froma point of central omni-science. An SDN controllershifts the model of network

programming from distributed (network devices communicating with each otheto determine forwardingpaths) to centralized.

Central programming ofthe network is the signicavalue that a controller bringto a business. Conceptuallya controller can be used todeploy business policies tonetwork holistically and ina device-independent way.The controller acts like alayer of network middlewa

that abstracts the underly-ing physical network com-ponents such as switches,routers, rewalls and load-balancers.

digital spotlıght Software Dened Networking

network world .com May 110

8/11/2019 AST-0087944_NWW_SDN_v5

http://slidepdf.com/reader/full/ast-0087944nwwsdnv5 11/23

network world .com May 1

digital spotlıght Software Dened Networking

With an SDN controller program-ming the network, operators are nolonger in the position of having toprogram the network devices indi-

vidually through traditional means,such as the command-line interface.In addition, unique network forward-ing paradigms can be created basedon criteria such as the dollar costs orsecurity policy requirements.

A controller accomplishes this net-work programming via software,and it is in this software that SDN’spromise of exibility comes. Thecontroller is a platform on which soft-ware is run, as well as being a com-munications gateway that softwarecan communicate through. Mostcontroller architectures are modular,allowing the controller to communi-cate with different kinds of devicesusing different methods as required.

Thinking again about an SDNcontroller as middleware, there aretwo directions of communication

implied. The most discussed to dateis southbound communications.When a controller is programmingnetwork devices and receiving datafrom them, this is known as south-

bound communication. An exampleof southbound communication isthe controller programming net-work switch forwarding tables using

OpenFlow, which we’ll discuss more.The other direction is northbound.Communications between applica-tions that wish to program the net-work and a controller are describedas northbound. An example of north-bound communication is an applica-tion like VWware’s vCloud Directorrequesting network provisioningservices via a controller.

SwitchingWhen it comes to SDN, perhaps themost talked about device is the net-work switch, Ethernet switches in particular. For years, Ethernetswitches have been increasing inspeed and density, providing data cen-ters with uplinks for their hosts, bladecenters and Ethernet storage. Withthe advent of server virtualization

enabled by hypervisors, the softwareswitch has also become signicant,plumbing virtual servers to virtualnetwork interface cards, aggregatingtrafc and sending it out of the hyper-

visor to the physical network.Both the hardware and software

switch have signicant roles to playwithin SDN, as it is chiey their for-

warding tables that are being pro-grammed by a controller. Consider-ing that soft switches reside at thenetwork edge, the concept of a “smart,soft edge” has arisen.

Network designers that advocatefor a smart, soft edge feel that the soft-ware switch running on a hypervisoris a good place to install rich networkfunctionality, leaving the physicalhardware switches to run a simplerconguration. In a smart, soft edgeSDN design, controllers apply for-warding, QoS and security policiesin the network’s soft switches.

For example, the soft switch couldhave access lists, QoS parameters forrate limiting and trafc prioritization,and forwarding intelligence appliedto virtual ports. By the time networkdata has left the hypervisor, it has

already been tested for security com-pliance, rate-shaped and encapsu-lated (if required). Placing all of thesefunctions at the network edge allowscore hardware switches to focus on

rapid transport of trafc.Not all networks lend themselves

well to the smart, soft edge design,nor can all conceivable SDN use cas

be met by a soft switch. There’s stilla role for SDN to play with hardwarswitches for tasks like end-to-endbusiness policy deployment, trafcsteering and security enforcement.In addition, there’s still some amounof basic conguration to be done toa hardware switch, no matter howsmart the edge network might be.

The primary southbound protocolused by a controller to program theforwarding behavior of both hard-ware and software switches is OpenFlow. OpenFlow (OF) is a protocolwhose standard is undergoing rapiddevelopment by the Open Network-ing Foundation.

The ONF is a members-only orga-nization made up primarily of net-working vendors and service provid-ers, and they operate behind closed

doors. Their OpenFlow specicationare published when released. TheOF1.0 specication is most frequentseen in production equipment; OF1.is the likely next step for most switch

11

8/11/2019 AST-0087944_NWW_SDN_v5

http://slidepdf.com/reader/full/ast-0087944nwwsdnv5 12/23

network world .com May 1

digital spotlıght Software Dened Networking

12

vendors. OF1.4 is under developmentat the time of this writing.

Keep in mind that while OpenFlowis implemented fully in software

switches like Open vSwitch, OF hasproven challenging to translate intonetwork chips (ASIC) in hardwareswitches. While new silicon thatcan handle OF better is reportedlycoming, customers evaluating OF’susefulness when combined withtheir existing network hardwaremust do thorough testing to be surethe required OF function will scaleas much as needed to support theirapplication.

For northbound communications,controllers are frequently offeringAPIs. A REST (representational statetransfer) API is perhaps the mostcommon. REST APIs exchange dataand instructions much like HTTPservers, using familiar methods suchas GET and POST. APIs provide away for applications external to the

controller to tell the controller whatshould happen on the network.Notably, vendor-specic APIs have

arisen in the southbound directionin addition to OF. This is due in part

to OF’s limited set of commands andsometimes-difcult implementationin legacy sil icon. Despite support-ing OpenFlow, Cisco is an example

of a vendor emphasizing APIs via itsONE initiative , arguing that its APIsallow network programmers to takefull advantage of the capabilities oftheir hardware.

OverlaysAnother termthat comes upfrequently in SDNconversations isthat of overlaynetworks . Simplystated, overlaysare used to createvirtual networkcontainers that arelogically isolatedfrom one anotherwhile sharing thesame underlying

physical network.Network engineers familiar withcommonly deployed Generic RoutingEncapsulation (GRE) will grasp theoverlay concept readily. One packet

(or frame) is encapsulated inside ofanother one; the encapsulated packetis forwarded to a tunnel endpointwhere it is decapsulated. The original

packet is then delivered to its destina-tion. Overlays leverage this “packetin a packet” technique to securelyhide networks from one another and

traverse networksegments thatwould otherwisebe barriers. Layer2 extension andmulti-tenancy arepopular use-casefor overlays.

A number ofoverlay protocolshave been releasedand promoted bystandards bodiesduring the last fewyears, driven by avirtualized datacenter’s ability to

move a host any-where at anytime. Some SDN control-lers use overlays as their transportof choice to build a bridge betweenhosts scattered across the data center;

soft switches usually serve as eitherend of the tunnel. Virtual eXtensiblLAN (VXLAN) has the broadestindustry support at this time, with

Cisco, Brocade and VMware amongothers committed to the overlay. Ter-mination of VXLAN tunnels in hardware is supported by switches fromArista and Brocade. Hardware ter-mination of VXLAN underscores thgroundswell of industry adoption, aoverlays are usually terminated bysoftware switches.

VXLAN encapsulates Layer 2frames inside of a Layer 3 UDPpacket. This allows hosts inside ofa VXLAN segment to communicatewith each other as if they were on thsame Layer 2 network, even thoughthey might be separated by one ormore Layer 3 networks.

In addition, since VXLAN pre-serves the entire Layer 2 frame,VLAN tags are preserved, allowingfor multiple Layer 3 networks to exi

inside of a VXLAN segment. Cus-tomers (also known as tenants) insidthe VXLAN segment see a networkmuch like any they are used to, whilthe underlying network only sees

8/11/2019 AST-0087944_NWW_SDN_v5

http://slidepdf.com/reader/full/ast-0087944nwwsdnv5 13/23

network world .com May 1

digital spotlıght Software Dened Networking

13

VXLAN packets identied by a seg-ment ID.

Each VXLAN network is identi-ed by a segment ID in the VXLAN

header; this ID is 24 bits long, allow-ing for 16 million tenants to share thesame network infrastructure whilestaying isolated from one another.

VXLAN has been criticized forits reliance on IP multicast to carrybroadcast, unknown unicast and mul-ticast trafc originated inside of tenantnetworks. Many physical networksdo not have multicast routing enabled,and engineers unfamiliar with mul-ticast nd it an intimidating tool todeploy due to its potential complexity.For this reason, some vendors usingVXLAN as an overlay are deploying itwith enhanced intelligence providedby an SDN controller so the need formulticast routing is obviated.

Similar to VXLAN, Network Vir-tualization with GRE (NVGRE)denes tenant networks using a

24-bit identier, found in this case inthe GRE header’s key eld. NVGREis largely a Microsoft technology, andis the overlay of choice in Hyper-V .

NVGRE differentiates itself from

VXLAN by not requiring multicastto carry broadcast, unknown unicast,and multicast between endpoints.Instead, the Windows Network

Virtualization module (a Layer 3switch) embedded in Hyper-V is pre-populated with all hosts-to-tunnelendpoint mappings by PowerShellcmdlets. This eliminates the need forooding, as there’s no such thing as anunknown endpoint in this approach.

Although VMware is rmly behindVXLAN, the overlay known as State-less Transport Tunneling (STT) alsocame under the VMware banner inVMware’s acquisition of Nicira. STTis a part of Nicira’s Network Virtu-alization Platform and is notablemostly because the encapsulationformat leverages a modern networkinterface card’s hardware capabil-ity to take large blocks of data intosmaller segments.

Called TCP segmentation ofoad,a TSO-capable NIC takes on the

burden of segmentation, freeingup a server’s CPU for other tasks.The future of STT is dubious, con-sidering that VXLAN already hasVMware’s support as well as support

from the wider industry.Aside from VXLAN, NVGRE and

STT, another developing overlayworth following is Network Virtu-

alization Overlays (NVO3). NVO3 isbeing developed by an IETF workinggroup. The NVO3 problem statementsare similar to the issues addressedby the overlays already discussed;namely, trafc isolation, tenantfreedom to use whatever address-ing scheme they choose, and plac-ing virtual machines anywhere in anetwork, without concern for Layer3 separation found in the underly-ing core. How NVO3 will developand what encapsulation will be usedremains to be seen, but it’s shaping upalong use-case lines as submitted byNVO3 working group participants.

ConclusionThe three main terminology catego-ries we’ve discussed can be broughttogether as: An omniscient cen-

tral controller discovers the net-work topology of network switches,whether they are software switchesin a hypervisor or hardware switchesfound in a data center rack.

This central controller acts asmiddleware between applications ina northbound direction and switchein a southbound direction. The

northbound applications articulatebusiness policies, network congu-ration and the like to the controller;the controller translates these poli-cies and congurations into south-bound programming directivesaimed at network switches.

The southbound protocol mostoften used is OpenFlow, but chal-lenges retrotting OpenFlow toexisting network hardware has ledvendors to promote network pro-gramming via APIs.

On this platform of network pro-grammability and physical deviceabstraction is added overlays. Over-lays allow cloud providers and enterprises that wish to support mult-itenancy to securely separate theircustomers’ trafc one from another,while at the same time allowing thei

virtual hosts to reside anywherewithin a data center.

ethan.banks@packetpushers.net |LinkedIn | @ecbanks

8/11/2019 AST-0087944_NWW_SDN_v5

http://slidepdf.com/reader/full/ast-0087944nwwsdnv5 14/23

8/11/2019 AST-0087944_NWW_SDN_v5

http://slidepdf.com/reader/full/ast-0087944nwwsdnv5 15/23

network world .com May 1

digital spotlıght Software Dened Networking

would necessarily be slower to beinclusive of all parties, use cases andconcerns that might come up.

There has been some discussion

of opening up the ONF proceedingsat some point to allow the larger net-working community to observe theOpenFlow specication discussions.

Is OpenFlow destined to becomethe new way to forward trafcthrough a network?

OpenFlow’s long-term future isuncertain at this point . Arguably,OF has proven most useful in softswitches that run at the network edgein a hypervisor, relying on server-based x86 computing power to do theneeded processing. However, whenimplemented in traditional networkhardware switches, OF’s usefulnesshas depended on the silicon in theswitch and the ability of that siliconto handle OpenFlow operations at thescale required for a given use case.

Network designers evaluatingOpenFlow hardware must care-fully evaluate vendors, as not all OFswitches are created equal. Anotherpoint against OpenFlow as a long-

term replacement for traditional for-warding is that OF doesn’t necessarilyreplicate all the hardware capabilitiescustom ASIC designers like Cisco,

Juniper and Brocade bake into theirchips. While these vendors mightsupport OF as an adjunct means ofpopulating forwarding tables andpolicies, they are also exposing theirown APIs that take full advantage oftheir hardware’s capabilities.

Some argue that OF has scalabili-ty problems because of limited owentries and the latency of puntingto the controller. Is this true?

It is true that network switches withOF capability tend to have maximumow entries under 10K. Whether thisis a limitation depends on the use caseand overall network design. Vendorspoint out that if using OF at the net-work edge (as opposed to the core),several thousand ow entries areunlikely to present a limitation, and

that a simplied core (where edge ten-ants are obscured by an overlay) canalso succeed.

It is also true that when an Open-Flow switch has no matching ow

entry for a given bit of trafc, thattrafc must be punted to the control-ler. And that introduces latency ofanywhere from dozens to hundreds

of milliseconds. In addition, an Open-Flow switch CPU can only puntso fast, typically limiting puntingoperations to 1,000 or less per second.While that sounds slow to the ear ofa network designer used to line-rateforwarding of L2 and L3 trafc atterabit scale, vendors point out that ina typical deployment, ow tables canbe pre-populated with ow entries, asendpoints are known to the controller.This minimizes the need for punting.

Isn’t an SDN controller a singlepoint of failure?

One of SDN’s big ideas is that acentralized controller knows theentire network topology, and cantherefore program the networkin ways that a distributed controlplane cannot. Vendors recognize the

mission-critical role of the controller,and typically offer the controller asa distributed application that can berun as a clustered appliance, or as avirtual machine that takes advantage

of a hypervisor’s high availability. Inaddition, it doesn’t necessarily follothat if the controller goes down, thenetwork goes down with it. While

architectures vary by vendor, it’susually a reasonable assumption thathe network will continue to forwardtrafc (at least for a while) even if thcontroller is no longer present.

Can I install SDN alongside myexisting network?

Yes. One common topology fordeployments in a browneld envi-ronment is an “SDN island” wherean SDN domain ows through agateway device to the legacy networAnother topology is that of hybridswitching, where a switch that canhandle both OpenFlow and tradi-tional networking splits its portsbetween the two domains. Hybridcapabilities vary by vendor.

What are overlays, and why are

there so many different kinds?An overlay is used to create vir-tual network containers that arelogically isolated from one anotherwhile sharing the same underlying

15

8/11/2019 AST-0087944_NWW_SDN_v5

http://slidepdf.com/reader/full/ast-0087944nwwsdnv5 16/23

physical network. Virtual eXtensibleLAN (VXLAN), Network Virtualiza-tion with GRE (NVGRE) and State-less Transport Tunneling (STT) all

emerged at roughly the same time,and all with different vendors lead-ing each effort. [Also see: “ Completeguide to network virtualization ”]

If you’ll allow for some gener-alization, Cisco (and others) havepushed VXLAN. Microsoft hasdriven NVGRE. Nicira (now partof VMware) has championed STT.Each overlay has similar character-istics, but differences in the detailsthat make them the darling of some,but not others. Over time, VXLANhas gained the strongest following(including VMware, interestingly),but it’s not yet clear that NVGREand STT will be deprecated, as bothhave ardent supporters. In addition,the IETF NVO3 working group hasbeen working on yet another overlay,although the encapsulation type is

likely to be one that already exists.

Why are there so many differentkinds of controllers?

Vendors early to market with SDN

technology have necessarily had tobring a controller as a part of the over-all solution. There is no such thing asan SDN controller standard at this

time; therefore, each vendor has comeup with a controller that best meetsthe needs of its target market.

Wouldn’t it be better if therewere SDN controller standardsthe industry could agree on?

With the creation of the OpenDay-light project , the industry seemsto think so. OpenDaylight is a con-sortium of vendors from across theindustry that are contributing code toan open source SDN effort. Time willtell how this translates into vendorproducts, and what this will mean forthe SDN consumer.

Will network engineers have tobecome programmers?

Network engineers with an under-standing of scripting and program-

ming will be able to leverage SDNtechnology. Will they have to? Thatremains to be seen. The scenario Isee playing out is that vendors willsupply corporations with software

that enables rich network function-ality. Some engineers will use thatsoftware interface to provision thenetwork, and will be satised as long

as the network functions as intended.Other engineers will use that ven-dor-supplied software, but will alsobecome procient in a language thatallows them to create the unique net-work applications required by theirbusiness. As these network engi-neers acquire programming skills,they will also maintain their abilityto effectively monitor and maintainthe network infrastructure.

What are the key things I shouldbe thinking about when evaluatingSDN technology?

The biggest thing to understand isthat not all SDN solutions are solvingthe same problem. In addition, differ-ent SDN technologies have differentexpectations of the end user. Whilesome solutions plan to abstract away

network and operational complex-ity by providing you with a glossysolution, other solutions are moreof a toolkit that lets you create yourown application. Therefore, under-

standing the problem you’re trying tsolve at a deep technical level is quiimportant. The better you commu-nicate your needs to your vendor, the

better it will be able to articulate howits solution meets those needs.

Does SDN introduce new secu-rity risks to my environment?

While it’s hard to say categoricallythat SDN introduces “new” risks, thefact is that exposing network devicevia programmatic interfaces is riskto be managed. That said, SNMP isroughly analogous to programmaticAPIs, but has a well dened risk mitigation strategy. In that sense, SDNpresents nothing unusually risky. YesSDN presents a risk , but it is a risthat IT as a discipline can mitigate vaccess controls, trusts, encryption,deep packet inspection, etc.

That said, SDN advocates pointout that a security benet of cen-tralized control is the reduction in

human touch required to provisionthe network. On the assumption thathuman error is the greatest securityrisk to an IT infrastructure, SDN maactually prove to be a security asset.

network world .com May 1

digital spotlıght Software Dened Networking

16

8/11/2019 AST-0087944_NWW_SDN_v5

http://slidepdf.com/reader/full/ast-0087944nwwsdnv5 17/23

The user view

It is still early days in the emer-gence of software dened net-working, so there aren’t manyusers around to share theirexperiences and expectations,but there are a few. NetworkWorld ’s editor in chief tracked

down Steve Wallace, executive direc-tor of InCNTRE , Indiana Univer-sity’s Indiana Center for NetworkTranslational Research and Educa-tion, which is already using the tech-nology in a production environment.The school is also playing a role in thetech’s evolution.

NW: How did IU get started inSDN?

WALLACE: Indiana University

supports some of the world’s mostadvanced network infrastructure,such as the Internet2 100Gbps perwave 15,000 mile ber backbone,through its Global Network Opera-

tions Center, or GlobalNOC. So it wasnatural to be involved at the earlyphases of something called GENI .GENI is an NSF-funded project tosupport research on outside-of-the-box network technologies andapproaches. IU has been successfulat applying for and receiving GENIawards that allow us to accelerate ourexploration of SDN and OpenFlow.

IU also maintains good relation-ships with vendors that cater to largecampuses and service providers, thesame vendors that began to showan early interest in SDN and Open-Flow. We added that all up and sawa need for vendors to be able to con-duct interoperability testing of SDNproducts and, with sponsorship from

some of the vendors, developed whatwe call the SDN Interoperability Lab.It’s a membership-based consortiumof companies like IBM, Cisco, HP …there are about a dozen members.

network world .com

digital spotlıght Software Dened Networking

17

8/11/2019 AST-0087944_NWW_SDN_v5

http://slidepdf.com/reader/full/ast-0087944nwwsdnv5 18/23

They pay an annual fee and we pro-vide a facility where they can testtheir products’ interoperability withother SDN products.

Indiana University is also usingSDN in its networks. For example,Internet2 recently received a $60million grant to build out a newnationwide ber optic network.They’ve leased 15,000 miles of ber,purchased state-of-the-art optron-ics to light the ber, and the Layer 2equipment that sits on top of that iscomposed of Brocade and Juniperswitches that are under the control ofOpenFlow. Indiana University devel-oped the controller software thatprovisions services over that networkusing OpenFlow.

So that’s a production network thatspans the country, and the provision-ing is done solely through the use ofan OpenFlow application that wasdeveloped at Indiana University.

How about in your campus net? Indiana University has more than10Gbps of Internet capacity. Oursecurity group needs to examinethat trafc for threats. But intrusion

detection systems typically don’t runat those speeds so they need to takethat 10 gigabits of trafc and divideit into smaller, coherent chunks and

forward them to individual IDS sys-tems. You don’t want to split a conver-sation, so you need to make sure eachchunk being directed to an individ-ual IDS is a complete conversation.

So they needed an intelligentload balancer to dynamically bal-ance trafc among the IDS systems.There are devices you can purchaseto do that, but they tend to cost in the$100,000-$200,000 price range.We saw this was an obvious use casefor SDN and OpenFlow, so we hireda couple of grad students to developsoftware for an OpenFlow controllerthat instructs a $40,000 OpenFlow-enabled switch to do the load balanc-ing. This is something we use in ourproduction network.

Will you ultimately use SDN in

your broader IU campus environ-ment?Let me outline that environment

rst. We have eight campuses, twoof which are very large. The largest

is Bloomington, which has a studentpopulation of about 30,000, 10,000of which live on campus, and we havea network that provides students,

faculty and staff high-speed accessto the Internet and resources on cam-pus. We have roughly 400 buildingsin Bloomington and our own berplant interconnecting those build-ings, and a large wireless deploymentwith close to 5,000 access points.

What a lot of people don’t realizeis that higher education has many ofthe same security and compliancerequirements as commercial orga-nizations, plus many other issuesto deal with. For examples we havea health clinic on campus so we

have information that is covered byHIPAA (Health Insurance Portabil-ity and Accountability Act). We havestudent data and there are federalregulations — predominately one

called FERPA (the Family Educa-tional Rights and Privacy Act) — threquires we provide a certain levelof protection for the student data.

And then we take credit cards at thebookstore and other places and needto support credit card industry secu-rity standards. So we have a mix ofthings that require a level of securityand accountability that would beequivalent to many commercial organizations.

On top of that we have bring youown device on a scale that few othorganizations see. For example, evesemester we have to accommodatetens of thousands of new devices.Students typically show up with aphone, a tablet or laptop, one or twogame machines, maybe a televisionset with an Ethernet jack. So it’sa huge number of bring your owndevices.

We have automated systems inplace that register new devices,

that ensure the users operatingthe devices agree to certain terms,acknowledge their responsibilitiesfor using the network, ensure theirmachines are relatively secure, and

network world .com May 1

digital spotlıght Software Dened Networking

“SDN enabled IU to usea $40,000 switch instead

of a $100,000-$200,000load balancer.”

18

8/11/2019 AST-0087944_NWW_SDN_v5

http://slidepdf.com/reader/full/ast-0087944nwwsdnv5 19/23

ensure we can provide integrity forall the data we’re responsible for.

In addition, at universities it’s com-mon for the faculty, the staff and the

students to have full system admin-istration rights to their devices. So,unlike a company which might havean IT organization that centrallymanages the desktop, universitiestypically don’t behave that way. It’stypical that a faculty member willget a research grant and part of thefunding in that grant allows themto get a particular laptop to supportthat research and they order what-ever they want and they are the sys-tem administrator on that laptop. Sothe campus has to provide a sort ofsecurity manifold that sits over thosekinds of uses while preserving theintegrity of the network.

And then, of course, there is thedata center network, where we havesystems in a virtual machine envi-ronment that provide for business

process automation, things like reg-istration and accounting, and thenon the other side there are machinesdedicated to supporting computa-tional-intensive research.

So we have all of those things andSDN can play a role in many partsof the environment. In virtualizedparts of the data center, for example,

the university provides what isessentially a multi-tenant environ-ment, so different departments mighthave VMs running applications thatare specic to that department. Sothe university has to support multi-

tenant isolation, it has to enforce theappropriate policies and it has tobe efcient. People need to be able

to grow and shrink their resourceconsumption as required, build outtheir applications, that kind of thing.So when you look at where SDN isreally taking off now, that’s a natural

sweet spot. You start to look at net-work as a service as it’s presented inOpenStack , start to get this environ-ment that makes it easy to provide

the multi-tenant isolation, provide forVM migration and do this using SDNtechnology.

How will you get from therefrom here? Will it be nding nicheapplications for SDN like the IDSexample you described?

Yes, I think we’ll do more of that.For example, another niche use caseis instructors that would like to showthe contents of their iPad on thescreen in a classroom. They do thisat home using Apple TV and theyexpect, reasonably so, they shouldbe able to do this on their high-techcampus. Well, it turns out it’s morechallenging to do this on campus. Athome the iPad and the Apple TV areon a single network, and in a campusenvironment that’s usually not the

case. We have some ways to solvethis problem using OpenFlow, and itwould require a little bit of OpenFlowin the access portion of the network.So technically it would mean putting

at least one OpenFlow switch in thebroadcast domain of the networksthat serve our classrooms. So that’sa little more incremental rollout to

solve a niche use case.We’ll continue to explore nicheproblems, and at some point in timewe would like to have a plan for anall-SDN OpenFlow campus net-work. We’ve been keeping in touchwith the folks that make controllersto understand how their feature setsare evolving and trying to help themunderstand the kind of features wesee as being required.

Most of the products that supportOpenFlow today kind of back-portethat support into existing designs,and this year we’re seeing productswhere OpenFlow was thought aboumuch earlier in the design process,and so the products are more capa-ble. You also see chip designers likeBroadcom making advances, improing support for OpenFlow and help-

ing inform the folks that work on thOpenFlow standards on how theabstraction layer can evolve in a waythat is reasonably easy for them toimplement.

network world .com May 1

digital spotlıght Software Dened Networking

“People need to be ableto grow and shrink theirresource consumption asrequired … So when youlook at where SDN isreally taking off now,that’s a natural sweetspot.”

19

8/11/2019 AST-0087944_NWW_SDN_v5

http://slidepdf.com/reader/full/ast-0087944nwwsdnv5 20/23

network world .com May 1

digital spotlıght Software Dened Networking

20

So, for example, whenOpenFlow went from 1.0to 1.1, it changed quite a bitand included support for

more than one ow tableand the notion of a packet-processing pipeline, and Ithink those enhancementsto the stack were informedby the folks that make thesilicon to forward packets,and they basically helpedthe standards folks under-stand how the abstractioncould be expanded at thesame time in a way thatthey could do this ef-ciently in silicon and thengive you an abstractionthat was actually useful forimplementing network fea-tures, so all of those thingsare happening.

It’s not crystal clear whenthe right time to make the jump to

requiring a certain level of Open-Flow support in switches will be. Forexample, we could say the next roundof equipment we’re buying has to sup-port a certain set of features in Open-

Flow, and if only one company could

meet that requirement, then it reallynarrows our options in what we pur-chase. We want to wait until there’ssome choice. That will probably bewithin a year, maybe a year and a half.

Is there any doubt inyour mind that within Xnumber of years you willreach this kind of SDN

nirvana, or might thewhole movement fall apartat some point because ofproblems that we haven’tperceived yet?

I think that in the largedata center space there’s noquestion SDN has alreadytaken off. It’s here to stay.And the notion of a central-ized controller conguringall devices as a network, notconguring them device-by-device — it is hard for me toimagine that not happening.I think OpenFlow is a reallygood start and there needto be improvements in theabstraction it provides, andthere needs to be some mar-

ket stability for people who want to

write applications. So when you lookat northbound APIs out of control-lers and you look at how controllerssupport applications, there’s a lot ofuncertainty right now.

Any closing thoughts?I recently sat down with Big Swit

and asked them what models of dif-ferent vendor switches would work

best with their controller, and theresponse was, “We’re real excitedabout the Trident II chipset fromBroadcom.” That was interesting tome because I know how our virtualmachine guys approach upgrades.When they know they’re going to bebuying new servers for the virtualserver environment, they’ll ask thehypervisor supplier what chipsetsbest support the features we’re goingto be using. And then our guys willgo look for the best packaging of thchipset architecture. And best pack-aging might include price, mightinclude support, it might includethe size of the servers, all kinds ofthings. But they’ll lead with whichchip architecture they need. AndI think it’s possible that that willbecome a more important compone

in folks’ hardware selection for net-work switching devices. There aremore questions to ask, but that maybecome a different kind of conversation and purchasing process.

8/11/2019 AST-0087944_NWW_SDN_v5

http://slidepdf.com/reader/full/ast-0087944nwwsdnv5 21/23

12 tipsfor SDNIT buyersB Y L E E D O Y L E

Software de-ned net-working(SDN) offerssignicantopportunitiesand challeng-

es for enterprise IT profes-sionals. SDN has the poten-

tial to make networks moreexible, reduce the time toprovision the network, im-prove quality of service, re-duce operational costs and

make networks more secure.The challenge for IT pro-

fessionals is to select theright SDN offering for theright technology use caseat the right time. These 12recommendations provideenterprise IT managers aframework to evaluate SDNproducts from the multitudeof SDN suppliers. [Also see:

“SDN revolution or evolu-tion: Impact on the IT man-ager ”]

1 Have a clear visionabout how SDN tech-nology will benet your

shop , including its impact on

legacy network infrastruc-ture. Plan for how SDN willimpact your overall networkarchitecture in the longerterm.

2 It is very early daysfor SDN — the market,standards and tech-

nology will evolve. IT buyersneed to pilot SDN and evalu-ate the SDN carefully beforecommitting to a specic SDNarchitecture.

3 Evaluate the impact ofSDN on your IT organi-zation. Does SDN offer

opportunities to create cross-functional teams (e.g., server,storage and networking) to

address data center or cloudnetworking requirements?

4 Think about SDNimplementationchallenges. Many

SDN offerings today areincomplete or require exten-sive customization. Whowill help you with the SDNinstallation (e.g., channel

partners or professionalservices rms)? Do you havethe existing SDN skill set inyour IT organization or isadditional training needed

(likely)?

5 Identify a specic itial use case for SDFor example, the us

case could be reducing thetime to provision networksecurity to new (or migrat-

ing) VMs. Or, facilitatingquality of service guaranteacross your private WAN(e.g., data center to data center).

digital spotlıght Software Dened Networking

network world .com May 121

S l

8/11/2019 AST-0087944_NWW_SDN_v5

http://slidepdf.com/reader/full/ast-0087944nwwsdnv5 22/23

digital spotlıght Software Dened Networking

network world .com May 13, 2013

6 Think about the poten-tial impact of SDN on your operational costs.

Does the SDN solution under

consideration have strongmanagement tools? Howabout the ease of installationand ongoing managementcosts?

7 Support for legacy net-works. How well doesthe SDN offering sup-

port your installed base oflegacy Ethernet switches androuters? What is the migra-tion plan going forward forSDN?

8 Think about SDN inbusiness value terms. How does a specic

SDN product reduce yourcosts or benet IT opera-tions? SDN should not be just

about technology.

9 Security. Improvednetwork security isa critical potential

benet of SDN. Does the SDNoffering under considerationimprove security or does itcreate additional security

challenges (or both)?

10 Standards sup-port. Does theSDN offer sup-

port a wide range of industrystandards, for both network-ing (e.g., OpenFlow) and IT(e.g., a range of server virtu-alization products)?

11 Layer 4-7 sup-port. Your newSDN architecture

should leverage network-ing capabilities at Layer 4-7,including server load balanc-ing and WAN optimization products.

12Application eco-

system. SDN isabout creating anopen environment for newapplications that leverageSDN technologies. Ability to

leverage a broad applicationecosystem of management,security and Layer 4-7 appli-cations will be essential tothe long-term success of yourSDN deployment.

Lee Doyle is principal analyst atDoyle Research. Doyle Researchprovides targeted analysis on theEvolution of Intelligent Networks:SDN, OPEX and COTS. LeeDoyle has over 28 years experi-ence analyzing the IT, network

and telecom markets. For moreinformation please see doyle-re-search.com, email me at ldoyle@doyle-research.com, and followme on Twitter @leedoyle_dc.

■ SalesVICE PRESIDENT/PUBLISHER:

AndreaD’Amato(508)766-5455

VICE PRESIDENTDIGITALSALES:

ElisaDellaRocco(201)310-6763

Northeast/Midwest/Central

ACCOUNTDI RECTOR,IN TEGRATED SALE

TimothyKeough,(508)766-5475

Southeast/Mid-Atlantic

ACCOUNTDI RECTOR,IN TEGRATED SALE

JacquiDiBianca,(610)971-0808,FAX:(201)621

Northern California/Northwest

ACCOUNTDI RECTOR,IN TEGRATED SALE

JulieOdell,(415)267-4522Silicon Valley/Southwest/Rockies/Utah

ACCOUNTDI RECTOR,IN TEGRATED SALE

CorettaWright,(415)267-4515

Marketplace/Emerging Markets

NATIONALACCOUNTMANAGER,EMERG

EnkuGubaie,(508)766-5487

■ OnlineCentral/East

ACCOUNTDIRECTOR,DIGITALSALES:

MelissaRocco,(508)766-5491

Midwest/Northeast

ACCOUNTDIRECTOR,DIGITALSALES:

StephanieCrossland,(508)766-5369

Northern California/Northwest/Rockies/Utah:

ACCOUNTDIRECTOR,DIGITALSALES:

KatieLayng,(415)267-4518

Northern California/Southwest

ACCOUNTDIRECTOR,DIGITALSALES:

KatieAlbang,(415)267-4510

EVENTSALES

ACCOUNTDIRECTOR,EVENTSALES,EAS

MichaelMcGoldrick,(508)766-5459

ONLINE SERVICES

DIRECTOR OFAD OPERATIONS & PROJEC

MANAGEMENT: BillRigby

DIRECTOR,ONLINE ACCOUNTSERVICESDan

FINANCE

VICE PRESIDENTFINANCE: MaryFanning

MARKETING

VICE PRESIDENTMARKETING: SueYanovitch

PRODUCTION

VICE PRESIDENT PRODUCTION OPERATI

SENIOR PRODUCTION MANAGER: JamiThomp

CIRCULATION/SUBSCRIPTION

CIRCULATION MANAGER:DianaTurco,(508)82

IDG LISTRENTALSERVICES

DIRECTOR OFLIST MANAGEMENT: SteveTozesk

TOLLFREE: (800) IDG-LIST(USonly)/Direct:(5

492OldConnecticutPath,P.O.Box9002

Framingham,MA,01701-9002

MAIN PHONE: (508)766-5301

E-MAIL: rstinitial_lastname@nww.com

EDITORIAL CALENDAR: http://tinyurl.com/39sf649

EDITORIAL

EDITOR IN CHIEF: JohnDix

ONLINE EXECUTIVE EDITOR,NEWS: BobBrown

EXECUTIVE FEATURES EDITOR: NealWeinberg

COMMUNITYEDITOR: ColinNeagle

MULTIMEDIAP ROGRAMMING DIRECTOR: KeithShaw

NEWS EDITORS

ONLINE NEWS EDITOR: MichaelCooney

ONLINE NEWS EDITOR: PaulMcNamara

ONLINE ASSOCIATE NEWS EDITOR: AnnBednarz

REPORTERS

JohnCox,SeniorEditor

JimDuffy, ManagingEditor

TimGreene,SeniorEditor

CarolynDuffy Marsan,National Correspondent

EllenMessmer, SeniorEditor

BrandonBu tler,Senior Writer

JonGold,StaffWriter

PRINT LAYOUT/WEB PRODUCTION

MANAGING EDITOR: RyanFrancis

SENIOR WEB PRODUCER: MelissaAndersen

DESIGN

EXECUTIVE ARTDIRECTOR: MaryLesterWARTDIRECTOR: StephenSauer

NETWORK WORLD LAB ALLIANCE

JoelSnyder,OpusOne;JohnBass,Centennial

NetworkingLabs;BarryNance,independent

consultant;ThomasHenderson,ExtremeLabs;

DavidNewman,NetworkTest;JamesGaskin,Gaskin

ComputingServices; CraigMathias, FarPointGroup

OFFICE MANAGEMENT

EDITORIAL OPERATIONS MANAGER: Cheryl Crivello

OFFICE MANAGER,EDITORIAL: PatJosefek

SUBSCRIPTIONS

PHONE: (877)701-2228

E-MAIL: nww@omeda.com

URL: www.subscribenww.com

REPRINTS

800-290-5460,ext 100

Email:networkworld@theygsgroup.com

IDG ENTERPRISE

CEO: MikeFriedenberg

GROUP PUBLISHER: BobMelk

CHIEFCONTENTOFFICER/SVP: JohnGallant22

R

8/11/2019 AST-0087944_NWW_SDN_v5

http://slidepdf.com/reader/full/ast-0087944nwwsdnv5 23/23

Resources

network world.com May 1

Webcast: An Introduction toOpenStackLew Tucker, VP/CTO at Cisco andvice chairman of the OpenStackFoundation, provides an overviewof OpenStack and discussesits usage in multi-tenant cloudenvironments. Raj Patel, Cisco VPof Cloud Services, discusses thestrategic decision and currentresults of choosing OpenStack asthe cloud platform for WebEx.Go to Webcast

Webcast : An Introduction toOpenFlowDavid Ward, CTO, CiscoEngineering and SVP, providesan introduction to OpenFlow itsfunctionality and emerging usecases. During the webcast, thereis a demo of Cisco OpenFlowand SDN technologies beingdeveloped as part of Cisco’sCisco Open Network Environment(Cisco ONE).Go to Webcast

Webcast: An Introduction tothe Cisco One Platform Kit(onePK)Ayman Sayed, SVP, NetworkOperating Systems TechnologyGroup, joins industry expertsto discuss how the easy-to-use toolkit provides usersaccess to the valuable data andservices inside the networkfor development, automationand rapid service creationwith Cisco’s onePK softwaredevelopment kit (SDK).Go to Webcast

Cisco Open NetworkEnvironment: An OverviewLearn about the Cisco OpenNetwork Environment, theindustry’s broadest approach tonetwork programmability, SDNand more.Go to PDF

23

© 2 01 3 Ci sc o an d/ or i ts a ff il ia te s. A ll r ig ht s r es er ve d. T hi s d oc um en t is C is co P ub li c. P ag e 1o f 3

WhitePaper

Cisco Open Network Environment: AdaptableFramework for the Internet of Everything

Prepare service providernetworks to harness network value, increase businessagility, and achieve greateroperation efficiency.

What YouWill Learn

Service providers are being affected bya varietyof trends that are both influencing theirabilityto deliver servicesflexibly, efficiently, and cost effectively, and threatening the viability and competitiveness of theirbusinesses. Tosuccessfullyrespond and adapt to these trends, theymust innovate to find betterways to delivernewand existingservices fasterand more flexibly, efficiently, and cost effectively. Theymust meet customerdemands forbetterexperiences and delivergreater value. The approach that service providers use to address these challengesprovides the foundation theycan build on to improve the overall ROI of theirinfrastructure.

Programmable networks provide one approach to meeting some of these challenges. Virtualization of networkfunctions is anotherapproach providers are pursuing to improve flexibilityand service agilityand significantly

transform theireconomic cost models. Operations- and services-automation software capabilities are alsorequired to dynamicallyaccelerate and monetize the creation of new services. Solutions must address manydifferent use cases and opportunities, necessitating a comprehensive and holistic approach that orchestratesprogrammable networking technologies along with multiple otherpowerful solutions. That is the vision of theCisco®Open Network Environment (sometimes referred to as Cisco ONE).

This document presents current approaches to network programmabilityand provides an overview of the CiscoOpen Network Environment. It also presents several use cases employing the Cisco Open Network Environmentframework and technologies presented.

Challenge: RapidMarket Transitions andEmerging Business Opportunities DemandNewWays of Building andManaging ServiceProvider Networks

Theproliferationofconnecteddevices, newtypesofvideo offerings,dramaticchangesintraffic patterns,theincreasingdemandsformobilityamong subscribers,andotherfactors, areexhaustingthecapabilitiesof traditionalapproachestoservicedelivery. Manyofthenew businessopportunitiespresentedbythegrowingconnectivity ofpeople,data,processes,information,anddevices (theInternetofEverything)center ontheanalysis andmonetizationdatainmotion.Datain motionconsistsofreal- andnearreal-timedata generatedbymobileandfixed connectionsbetweenpeople,things,andprocesses.One oftheprimaryopportunitiesfor operatorsismonetizationofvir tualizednetworkandcloudservices whileoptimizingaccess,transport,and cloudinfrastructure.Thecharacteristicsof theseevolvingandhighlydynamic newserviceshavedramaticallychangedthe businessenvironment.

The ways that applications are developed and evolve have also changed. Some applications come and go inweeks ormonths. Smartphone application developers alone release hundreds of apps around the world each day.Profitabilityfor service providers hinges not onlyon theirability to monetize newservices, but also on theirabilityto optimize the use of theirinfrastructure at the same time byincreasing performance and reducing costs.

© 2 01 3 Ci sc o an d/ or i ts a ff il ia te s. A ll r ig ht s r es er ve d. T hi s d oc um en t is C is co P ub li c. P ag e 1o f 3

WhitePaper

Cisco Open Network Environment: AdaptableFramework for the Internet of Everything

Prepare service providernetworks to harness network value, increase businessagility, and achieve greateroperation efficiency.

What YouWill Learn

Service providers are being affected bya varietyof trends that are both influencing theirabilityto deliver servicesflexibly, efficiently, and cost effectively, and threatening the viabilityand c ompetitiveness of theirbusinesses. Tosuccessfullyrespond and adapt to these trends, theymust innovate to find betterways to delivernewand existingservices fasterand more flexibly, efficiently, and cost effectively. Theymust meet customerdemands forbetterexperiences and delivergreater value. The approach that service providers use to address these challengesprovides the foundation theycan build on to improve the overall ROI of their infrastructure.

Programmable networks provide one approach to meeting some of these challenges. Virtualization of networkfunctions is anotherapproach providers are pursuing to improve flexibilityand service agilityand significantly

transform theireconomic cost models. Operations- and services-automation software capabilities are alsorequired to dynamicallyaccelerate and monetize the creation of new services. Solutions must address manydifferent use cases and opportunities, necessitating a comprehensive and holistic approach that orchestratesprogrammable networking technologies along with multiple otherpowerful solutions. That is the vision of theCisco®Open Network Environment (sometimes referred to as Cisco ONE).

This document presents current approaches to network programmabilityand provides an overview of the CiscoOpen Network Environment. It also presents several use cases employing the Cisco Open Network Environmentframework and technologies presented.

Challenge: RapidMarket Transitions andEmerging Business Opportunities DemandNewWays of Building andManaging ServiceProvider Networks

Theproliferationofconnecteddevices, newtypesofvideo offerings,dramaticchangesintraffic patterns,theincreasingdemandsformobilityamong subscribers,andotherfactors, areexhaustingthecapabilitiesof traditionalapproachestoservicedelivery. Manyofthenew businessopportunitiespresentedbythegrowingconnectivity ofpeople,data,processes,information,anddevices (theInternetofEverything)center ontheanalysisand monetizationdatainmotion.Datain motionconsistsofreal- andnearreal-timedata generatedbymobileandfixed connectionsbetweenpeople,things,andprocesses.Oneof theprimaryopportunitiesfor operatorsismonetizationofvir tualizednetworkandcloudservices whileoptimizingaccess,transport,and cloudinfrastructure.Thecharacteristicsof theseevolvingandhighlydynamicnew serviceshavedramaticallychangedthe businessenvironment.

The ways that applications are developed and evolve have also changed. Some applications come and go inweeks ormonths. Smartphone application developers alone release hundreds of apps around the world each day.Profitabilityfor service providers hinges not onlyon theirability to monetize newservices, but also on theirabilityto optimize the use of theirinfrastructure at the same time byincreasing performance and reducing costs.

Cisco Open NetworkEnvironment: AdaptableFramework for the Internet EverythingService providers need torespond and adapt to trendsto find better ways to delivenew and existing services faand more flexibly, efficientland cost-effectively. Learnhow virtualization of netwofunctions is an approach thaservice providers are pursuito improve flexibility and seagility and significantly tran

their economic cost models.Go to PDF