reports.informationweek.com october 2012 $99 understanding software-defined networks research... ·...
TRANSCRIPT
October 2012 $99
Report ID: R5451012
Next
reports
Understanding Software-Defined NetworksIT organizations we surveyed believe this new approach to
networking can reduce costs and improve network efficiency and
security. So why have only 4% of them implemented SDN?
Maybe because 32% cite “confusion” over vendor strategies
as a barrier to adoption. In this report, we aim to cut through the
confusion and help IT organizations develop an SDN strategy.
By Jim Metzler
reports. informationweek.com
Previous Next
reports
3 Author’s Bio
4 Executive Summary
5 Research Synopsis
6 What Is Software-Defined Networking?
7 A Vision of Control
7 Impact Assessment
10 Competing Visions of SDN
12 Drivers of SDN Deployment
14 SDN and Security
15 Be Clear About SDN Objectives
17 Money Matters
18 Inhibitors to SDN Deployment
20 Call to Action
22 Appendix
26 Related Reports
Figures
6 Figure 1: Familiarity With Software-Defined
Networking
8 Figure 2: Decoupling of the Control and
Forwarding Planes
9 Figure 3: Familiarity With OpenFlow
10 Figure 4: Attitude Toward OpenFlow
11 Figure 5: Dumbing Down of Switches and Routers
12 Figure 6: Willingness to Make
Architectural Changes for SDN
13 Figure 7: LAN Challenges Mitigated
by SDN
14 Figure 8: Impact of SDN on Network
Security
15 Figure 9: SDN Security Problems
16 Figure 10: SDN Security Benefits
17 Figure 11: SDN Selling Points
18 Figure 12: Expected Impact of SDN
on the Switch and Router Market
19 Figure 13: Barriers to SDN Adoption
22 Figure 14: Job Title
23 Figure 15: Industry
24 Figure 16: Revenue
25 Figure 17: Company Size
CONT
ENTS
reports.informationweek.com
TABLE OF
October 2012 2
U n d e r s t a n d i n g S o f t w a r e - D e f i n e d N e t w o r k s
October 2012 3
Previous Next
© 2012 InformationWeek, Reproduction Prohibited
reports
reports.informationweek.com
U n d e r s t a n d i n g S o f t w a r e - D e f i n e d N e t w o r k sTable of Contents
Jim Metzler has a broad background in the IT industry. This includes being asoftware engineer, an engineering manager for high-speed data services for amajor network service provider, a product manager for network hardware, anetwork manager at two Fortune 500 companies and the principal of a consult-ing organization. In addition, he has created software tools for designing cus-tomer networks for a major network service provider and directed and per-formed market research at a major industry analyst firm.
Each year Jim publishes two e-books, one on application and service deliveryand the other on cloud networking. He co-authored a book titled Layer 3Switching, which is part of the Prentice Hall series in computer networking anddistributed systems. He has a Ph.D. in mathematics from Boston University andis currently an independent industry analyst and consultant.
Jim MetzlerInformationWeek Reports
FollowFollowFollowFollow
Want More?
Never Miss a Report!
FollowFollowFollowFollow
October 2012 4
Previous Next
Software-defined networking has the potential to fundamentally change the network-ing industry. Given that potential and the buzz that surrounds it, you might guess thatSDN is a well-understood concept and has been deployed by a large number of IT organi-zations. The reality is that only a small percentage of IT organizations claim to be very fa-miliar with SDN. In addition, our InformationWeek 2012 Software-Defined NetworkingSurvey shows that only 4% of IT organizations have already implemented SDN and onlyanother 5% of IT organizations are testing it. At present, SDN is only for early adopters.
It will be challenging for SDN to be broadly deployed in the near term in part becauseit’s not a narrowly defined technology like TRILL or SPB. Rather, it’s an approach to net-working that focuses on centralizing control functionality and providing programmaticinterfaces into a wide range of network equipment. It also requires an extensive ecosys-tem of vendors. The breadth of what is referred to as SDN is partially a result of the vary-ing ways that it’s possible to centralize control and provide programmatic interfaces intonetwork elements.
This report aims to bring clarity to the nascent SDN market by outlining the major approaches to SDN. We dig into how these approaches are similar and where they differ,and we examine the benefits and drawbacks of each approach. The report also shares the results from the InformationWeek Software-Defined Networking Survey, which measuresIT pros’ familiarity with and attitudes toward SDN and OpenFlow, a new protocol closelyassociated with SDN. Finally, it provides guidance to help IT organizations develop a strategy for SDN.
EXECUTIVE
reports.informationweek.com
reports
SUM
MAR
Y
U n d e r s t a n d i n g S o f t w a r e - D e f i n e d N e t w o r k sTable of Contents
October 2012 5reports.informationweek.com
Previous Next
RESEARCH
Survey Name InformationWeek 2012 Software-Defined Networking Survey
Survey Date July 2012
Region North America
Number of Respondents 250
Purpose To gauge awareness of and adoption plans for software-defined networkingand OpenFlow technology.
Methodology InformationWeek surveyed 250 business technology decision-makers fa-miliar with software-defined networking at North American organizations. The surveywas conducted online, and respondents were recruited via an email invitation containingan embedded link to the survey. The email invitation was sent to qualified Information-Week subscribers.
reports
SYNO
PSIS
U n d e r s t a n d i n g S o f t w a r e - D e f i n e d N e t w o r k sTable of Contents
ABOUT US
InformationWeek Reports’
analysts arm business technol-
ogy decision-makers with real-
world perspective based on
qualitative and quantitative re-
search, business and technology
assessment and planning tools,
and adoption best practices
gleaned from experience.
To contact us, write to manag-
ing director Art Wittmannat [email protected],
content director
Lorna Garey at
editor-at-large AndrewConry-Murrayat [email protected], and
research managing editor
Heather Vallis at
Find all of our reports at
reports.informationweek.com.
October 2012 6
Software-defined networking is a new ap-proach to networking that aims to make datanetworks more flexible, easier to operate andmanage, and better able to respond to thechanging demands of applications and net-work conditions.
According to InformationWeek’s 2012 Soft-ware-Defined Networking Survey, IT organiza-tions believe SDN can help them overcome anumber of challenges by improving networkutilization and efficiency, increasing automa-tion of common tasks, and improving security.SDN may also lower costs.
SDN also promotes the use of software in-terfaces to allow the development of third-party applications that can improve networkservices or provide new ones, and enable or-chestration of resources across multiple de-vices, such as switches, routers, firewalls andload balancers.
While SDN has received a lot of attentionthis year, IT pros are still trying to get theirarms around the concept: Of the 250 respon-
dents to our InformationWeek Software-De-fined Networking Survey who express havingsome knowledge about SDN, 48% say they areonly somewhat familiar with this new ap-proach to networking (Figure 1).
So what is SDN? That depends on whomyou ask. One approach to SDN would over-
turn the role that switches and other networkdevices play by turning them in fast butdumb (and inexpensive) machines to forwardpackets, while network intelligence would re-side in a centralized controller. This approachthreatens dominant networking vendorssuch as Cisco Systems, which commands high
Previous Next
How familiar are you with software-defined networking, or SDN?
17%
48%
35%
Familiarity With Software-Defined Networking
Data: InformationWeek 2012 Software-Defined Networking Survey of 250 business technology professionals, July 2012 R5451012/1
1Very familiar; I understand the details
Somewhat familiar; I have a general idea of what it’s about
Familiar; I understand the basics
reports.informationweek.com
What Is Software-Defined Networking?
reports U n d e r s t a n d i n g S o f t w a r e - D e f i n e d N e t w o r k sTable of Contents
Figure 1
October 2012 7
prices for network gear. Cisco and others arepushing back by proposing SDN models thatallow for more automation and flexibilitywithout doing away with the switch’s promi-nent role in determining optimal networkpathways.
However, one element that all the SDN ap-proaches share is the ability to use program-matic interfaces, such as APIs. This program-matic inter face allows for much moreautomation, which can simplify network op-erations, reduce the number of administratorsrequired to manage devices and enable thecreation of applications that provide new net-work features and functions.
This report outlines three approaches toSDN, explores their similarities and differences,and weighs the benefits and drawbacks ofeach approach. It provides guidance for IT or-ganizations to develop an SDN strategy. It alsoexamines the results from the Information-Week Software-Defined Networking Survey,which measures IT pros’ familiarity with andattitudes toward SDN and OpenFlow, a newprotocol closely associated with SDN.
A Vision of ControlThere are three general approaches to SDN.
The approach that’s probably most well knownseparates the forwarding and control planesthat typically reside in a switch and moves thecontrol plane to a separate device. This device,
called a controller, calculates the best paththrough a network for particular workloadsand programs the forwarding behavior of theswitches (Figure 2). The controller can be an ap-pliance, a virtual machine or a physical server.
A core concept of this approach to SDN is
Previous Next
FAST FACT
33%of respondents to our
Software-Defined
Networking Survey say
they are familiar or very
familiar with the
OpenFlow protocol.
reports.informationweek.com
reports U n d e r s t a n d i n g S o f t w a r e - D e f i n e d N e t w o r k sTable of Contents
Impact Assessment: Software-Defined Networking
Impact to… Benefit Risk
IT Organization
Business Organization
Business Competitiveness
Bottom Line:
� � � � � SDN has the potential to make networksmore automated, which reduces management burdensand increases flexibility. Other benefits include the abilityto implement new functionality more effectively andfaster than is otherwise possible.
�� � � �At present, SDN is characterized by immatureproducts and standards and only rudimentary interoper-ability. There is also a lack of applications that take advan-tage of SDN and gapping holes around how an SDN willbe managed.
� � � � � There is a risk that SDN will not add thepromised value. If an SDN implementation does not workwell, business projects may face IT-related delays.
�� � � � If the implementation of SDN has technicalissues, those could negatively impact the company’s com-petitiveness. However, few IT organizations will risk run-ning a business-critical application in the short term on anembryonic set of technologies and products, so significantdisruption is unlikely.
�� � � � If the adoption of SDN results in lower costand a more agile IT function, the business organizationwins.
� � � � � In the mid- to long term, SDN should enableIT to align network resources with business goals. It holdsthe promise of a more agile, more automated and poten-tially more cost effective IT organization.
SDN promises to replace human interfaces into network elements with automated interfaces, which should streamline management and provide granularvisibility and control. SDN also has the potential to open up networking to new applications that will further extend the value of the network infrastructure.
�� � � � �� � � �
October 2012 8
Previous Next
Previous Next
DownloadDownload
RegisterRegister
SubscribeSubscribe
Previous Next
Previous Next
that the OpenFlow protocol is used betweenthe network elements and an SDN controllerto program the forwarding behavior of theswitch. According to our survey, 33% of re-spondents say they are very familiar or familiarwith the OpenFlow protocol, and another 38%say they are somewhat familiar (Figure 3). Thecontroller also has a northbound API, which isan interface for applications that want to useOpenFlow data. A number of vendors have an-nounced their intention to ship OpenFlow-en-abled switches, including Brocade, Cisco, Ex-treme, Hewlett-Packard and Juniper.
The Open Networking Foundation, a non-profit group that oversees the developmentof the OpenFlow protocol, advocates a con-troller-based architecture using OpenFlow.ONF has more than 70 members, includingservice providers, some of the world’s largestnetwork device manufacturers and startups.
Note that there are alternatives to the use ofOpenFlow as the communications protocolbetween a controller and network devices. Inaddition to Java, C, Python and REST APIs, thisincludes the Extensible Messaging and Pres-
ence Protocol, the Network Configuration Pro-tocol and OpenStack from Rackspace andNASA. However, as our survey shows, Open-Flow is closely associated with SDN (Figure 4).
One of the implications of the ONF ap-proach is the likelihood that switches and
routers would become low-cost commodities,which could potentially cut costs for compa-nies that adopt this approach. While vendorssuch as Cisco and HP have downplayed thatnotion, companies such as IBM, Dell and NECare more supportive of it. One operation that
Strategy: Inside OpenFlow
New software-defined network-ing technologies in general andOpenFlow in particular are poisedto disrupt the way we manageload in highly virtualized datacenters. In a world where fordecades we’ve relied on Ethernetand TCP/IP standards—andwhere big vendors like Cisco andJuniper have made their fortunesbased on intelligence inswitches—that’s a big deal.
Previous Next
Previous Next
DownloadDownload
RegisterRegister
SubscribeSubscribe
Previous Next
Previous Next
reports.informationweek.com
reports U n d e r s t a n d i n g S o f t w a r e - D e f i n e d N e t w o r k sTable of Contents
Separation of the control and forwarding planes is commonly associated with a software-defined network.
Decoupling of the Control and Forwarding Planes
This is dummy text
This is dummy text
This is dummy test
This is dummy test
This is dummy test
This is dummy test
This is dummy test
This is dummy test
Data: InformationWeek Reports R5450912/1
R5450912_SDN_chart1
Application Application
Switch SwitchSwitch Switch
Application Application
SDN Controller Platform
Nort
hbou
nd A
PI
Southbound API
Figure 2
October 2012 9
could migrate to a controller is functionalitythat negates the need for LAN switches tosupport the Spanning Tree Protocol, Dell ex-ecutives responsible for SDN said in an inter-view. They also note that any control function-ality that is related to some kind of policy andthat requires taking an action based on whatis inside the packet is also a candidate tomove to a controller.
NEC and a startup called Big Switch Net-works provide on their controllers functional-
ity that eliminates theneed for the SpanningTree Protocol. Bothcompanies have statedtheir intention to pro-vide additional networkservices on their con-trollers over time.
The disagreement on the relative role of thecontroller and the network elements betweenmembers of the same class of products is oneof the many factors driving the confusion thatsurrounds SDN. Our survey respondents weresomewhat evenly split on whether SDN
would result in a dumbing down of switchesand routers, with a third of the respondentsindicating “don’t know” (Figure 5).
When evaluating SDN, IT organizations needto take a position on this issue. Is reducing therelative value of switches and routers a desiredoutcome of implementing an SDN? An accept-able outcome? An unacceptable outcome?
The position that an IT organization takes willinfluence which vendors it should consider us-ing and which ones it should avoid.
The primary advantages of the ONF ap-proach to SDN are that it is based on indus-try-standard protocols and has significantvendor support and momentum. It may alsoreduce costs because switches would become
Previous Next
Previous Next
DownloadDownload
RegisterRegister
SubscribeSubscribe
Previous Next
Previous Next
reports.informationweek.com
reports U n d e r s t a n d i n g S o f t w a r e - D e f i n e d N e t w o r k sTable of Contents
The primary advantages of the ONF
approach to SDN are that it is based
on industry-standard protocols and
has significant vendor support.
How familiar are you with OpenFlow?
29%
10%
38%
23%
Familiarity With OpenFlow
Data: InformationWeek 2012 Software-Defined Networking Survey of 250 business technology professionals, July 2012 R5451012/14
1
23
4
5
67
89
R5451012_SDN_Chart14
Very familiar; I understand the details
Familiar; I understand the basics
Not familiar
Somewhat familiar; I have a general idea of what it's about
Figure 3
October 2012 10
single-function commodity devices. However, one of the disadvantages of this
approach is that vendors are just now in theearly stages of implementing OpenFlow,which means interoperability among vendorsisn’t assured.
Another aspect of the lack of interoperabil-ity is that the northbound interface shownin Figure 2 is not standardized. This meansthat a company or vendor that writes an ap-plication to communicate with a controllerhas to ensure that the application works withAPIs from myriad controller vendors. Notethat the Open Network Foundation has re-cently announced an initiative intended tomake it easier for application providers touse various APIs.
Other possible downsides include the factthat this approach would require companiesto rearchitect their networks to incorporatethe controller-based system. However, oursurvey shows that this may not be a signifi-cant barrier: Of those with or planning to haveSDN in production, 48% say they are moder-ately willing to make significant changes to
get SDN benefits, and another 40% are veryor completely willing (Figure 6).
Competing Visions of SDNAs mentioned, while the ONF approach is
most commonly associated with SDN, thereare two other emerging visions for software-
driven networks. The second approach alsoseparates the control and forwarding planes,but it does so by leveraging a virtual switchsuch as Cisco’s Nexus 1000V, VMware’s DVS orIBM’s DVS 5000v. In this approach, the virtualswitch functions as a forwarding engine that’sprogrammed by a device separate from the
Previous Next
Previous Next
DownloadDownload
RegisterRegister
SubscribeSubscribe
Previous Next
Previous Next
What is your attitude toward OpenFlow in regard to SDN?
32%
15%
40%
13%
Attitude Toward OpenFlow
Base: 178 respondents familiar with OpenFlowData: InformationWeek 2012 Software-Defined Networking Survey of 250 business technology professionals, July 2012
R5451012/15
1
23
4
5
67
89
R5451012_SDN_Chart15
OpenFlow is an integral part of SDN; you can’t have one without the other
OpenFlow is important, but not essential
You don’t need OpenFlow to build an SDN
OpenFlow goes hand in hand with SDN now, but that could change
reports.informationweek.com
reports U n d e r s t a n d i n g S o f t w a r e - D e f i n e d N e t w o r k sTable of Contents
Figure 4
October 2012 11
virtual switch. This functionality is used as partof an overlay network that rides on top of theexisting network infrastructure using proto-cols such as VXLAN or NVGRE.
This approach may appeal to existing cus-tomers of Cisco and VMware, of which thereare significant numbers. However, it is only ap-plicable for hypervisor-based virtual switches.In addition, support for functionality such asVXLAN and NVGRE is only now emerging.
The third approach uses direct program-matic interfaces via APIs into network devices,which are broadly defined to include devicesthat operate at Layers 2 through 7 of the OSIstack. In this case, the control and forwardingplanes are not separated, nor is the controlplane centralized.
Many network vendors, including Cisco, areadopting this approach. This summer, Ciscoannounced that as part of its SDN approachit will offer APIs into multiple platforms. (Parttwo of this report offers more details.) How-ever, it is not a Cisco-only approach, as othervendors including Arista, Extreme Networksand Juniper Networks provide direct access
to their platforms via APIs.One advantage of this approach is that it en-
ables very detailed access into, and controlover, network devices. It also avoids the inter-operability issues that are associated with theOpenFlow protocol. Because this approachdoes not rely on a centralized controller, it alsoavoids the availability and security issues that
can be associated with a controller-based ar-chitecture (that is, if the controller dies, sodoes the ability to move traffic through thenetwork).
On the downside, this approach is vendor-specific. In a multivendor network environ-ment, it would result in “islands of control”whereby the operator would have differing
Previous Next
Previous Next
DownloadDownload
RegisterRegister
SubscribeSubscribe
Previous Next
Previous Next
Do you believe that SDN will relegate switches and routers to being just relatively dumb forwarding engines?
34%29%
37%
‘Dumbing Down’ of Switches and Routers?
Data: InformationWeek 2012 Software-Defined Networking Survey of 250 business technology professionals, July 2012 R5451012/12
1
23
4
5
67
89
R5451012_SDN_Chart12
Yes
No
Don’t know
reports.informationweek.com
reports U n d e r s t a n d i n g S o f t w a r e - D e f i n e d N e t w o r k sTable of Contents
Figure 5
Like This Report?
Rate It!Something we could dobetter? Let us know.
RateRate
Previous Next
October 2012 12
levels of control of the network equipmentbased on the provider of that equipment.
Drivers of SDN DeploymentOther than a few research-oriented organi-
zations, no IT department wants to imple-ment an SDN. What IT wants to do is to solveone or more problems and/or find new waysto add value to the business. If it perceivesthat SDN is the best way to resolve thoseproblems and add new value, then imple-menting SDN makes sense.
That’s the attitude of an infrastructureportfolio architect for a multinational profes-sional services organization who took part inthe survey. “There is confusion about whatSDN is and what it means to the business,”he says. “If I were to go to a business-unitmanager and say that I need $3 million toimplement OpenFlow and that will allow meto centralize the control plane of my net-work, they would kick me out of their office.”
In other words, it only makes sense to imple-ment SDN if it results in a measurable and sig-nificant improvement of the IT infrastructure
and operations. “If I go to management witha plan to implement SDN and reduce thenumber of network administrators from 20 to10 and to reduce provisioning time from twoweeks to four days, they will at least listen tome,” says the infrastructure architect.
Those anticipated improvements are re-flected in our survey. We asked respondents
with or planning to have SDN in productionto choose the top three challenges that SDNwould mitigate. At the top of the list was im-proving network utilization and efficiency,closely followed by automation of provision-ing and management (Figure 7). Improvedsecurity was third.
Overall, we believe SDN offers three basic
Previous Next
Previous Next
DownloadDownload
RegisterRegister
SubscribeSubscribe
Previous Next
Previous Next
How willing are you to make significant architectural changes to your production networks in order to achieve the promised benefits of SDN?
12% 11%
48%
29%
Willingness to Make Architectural Changes for SDN
Base: 116 respondents at organizations with, or planning to have, SDN in productionData: InformationWeek 2012 Software-Defined Networking Survey of 250 business technology professionals, July 2012
R5451012/5
1
23
4
5
67
89
R5451012_SDN_Chart5
Completely willing
Very willing
Slightly willing
Moderately willing
reports.informationweek.com
reports U n d e r s t a n d i n g S o f t w a r e - D e f i n e d N e t w o r k sTable of Contents
Figure 6
October 2012 13
value propositions for IT:1. It defines business logic that the infra-
structure responds to throughout Layers 2through 7. For example, a network serviceprovider could use SDN to align its L2 to L7devices to support a service-level agreementfor a given customer and a given application.
2. It lets the network be aware of the needsof the applications and compute resourcesand dynamically provide the required net-work resources.
3. It provides better control, managementand security of the infrastructure by automat-ing tasks such as configuration management.
These value propositions overlap somewhatand are listed in descending order fromstrategic to tactical. Value propositions 1 and2 will have traction in the near term with so-phisticated organizations such as hyperscaledata centers, public cloud providers and net-work services providers. These value proposi-tions will also have some traction in the nearterm among some enterprise IT organiza-tions, primarily enterprises such as financialinstitutions that recognize that the IT function
impacts revenue in a way that is very directand measurable. Value proposition 3 shouldappeal to all types of organizations.
In addition to reducing costs and automat-
ing management and security policy enforce-ment, other enterprise-specific applicationsthat SDN will enable, potentially better thanthey could be performed otherwise, include:
Previous Next
Previous Next
DownloadDownload
RegisterRegister
SubscribeSubscribe
Previous Next
Previous Next
Which of the following data center LAN challenges do you believe SDN can be most helpful in overcoming?
LAN Challenges Mitigated by SDN
Impr
ove
netw
ork
utili
zatio
n an
d ef
ficie
ncy
Auto
mat
e m
ore
prov
ision
ing
and
man
agem
ent
Impr
ove
secu
rity
Impl
emen
t net
wor
k-w
ide
polic
ies
Redu
ce co
st
Get m
ore
visib
ility
into
app
licat
ions
that
are
usin
g th
e ne
twor
k
Redu
ce co
mpl
exity
Incr
ease
scal
abili
ty
Redu
ce re
lianc
e on
pro
prie
tary
pro
toco
ls or
pro
prie
tary
ex
tens
ions
of s
tand
ards
-bas
ed p
roto
cols
Supp
ort c
reat
ion
of a
priv
ate
or h
ybrid
clou
d
Supp
ort c
reat
ion
and
dyna
mic
mov
emen
t of v
irtua
l mac
hine
s
Redu
ce re
lianc
e on
vend
or’s
prod
uct l
ife cy
cles
Supp
ort m
ore
east
-wes
t tra
ffic
Othe
r
Note: Three responses allowedBase: 116 respondents at organizations with, or planning to have, SDN in productionData: InformationWeek 2012 Software-Defined Networking Survey of 250 business technology professionals, July 2012
R5451012/6
42%
35%
32%
31%
29%
25%
23%
20%
12%
10%
8%
4%
1% 1%
R5451012_SDN_Chart6
reports.informationweek.com
reports U n d e r s t a n d i n g S o f t w a r e - D e f i n e d N e t w o r k sTable of Contents
Figure 7
Strategy: The Virtual Network: TRILL, SDN and More
Virtualization forces data centernetworks to become more flexibleand efficient. Network engineershave a bewildering number of op-tions to support highly virtualizedenvironments, from fabrics ormeshes built on protocols such asTRILL and SPB to Layer 2 exten-sions that support VM mobility between data centers to software-defined networking. This reportbreaks down standards-basedand proprietary options for build-ing next-generation, virtualiza-tion-centric networks.
Previous Next
Previous Next
DownloadDownload
RegisterRegister
SubscribeSubscribe
Previous Next
Previous Next
October 2012 14
> Network virtualization> Load balancing> Firewalls> Distributed denial of service prevention> Traffic engineering> Disaster recovery> Application acceleration via techniques
such as SSL offload> Web optimization> Network analysis whereby management
data is filtered from network elements andsent to a central site for analysis
In the near term, SDN applications willcome primarily from current infrastructureplayers. Extreme Networks, for example, hasannounced an identity management ap -plication for SDN. Big Switch offers both anetwork virtualization and network analysisapplication. Radware has announced an anti-DOS application and an application that enables the creation of an application deliv-ery controller fabric. While infrastructureplayers will likely continue to develop SDNapplications, one of the great promises ofSDN is that developer communities will cre-
ate a wide range of applications that cantake advantage of the access to granular net-work data that it will provide.
SDN and SecuritySecurity is always a key factor for IT organi-
zations to evaluate when considering a newtechnology, and SDN is no exception. Accord-
ing to our survey, only 12% of respondentsthink implementing SDN will make networksless secure (Figure 8). However, 31% say theyjust don’t know, a result that highlights theconfusion in the market about SDN.
IT organizations do recognize that SDN hassecurity risks. Some of these challenges, likethe lack of integration with existing security
Previous Next
Previous Next
DownloadDownload
RegisterRegister
SubscribeSubscribe
Previous Next
Previous Next
What impact will SDN have on network security?
31%
10%
11%
15%
1%
32%
Impact of SDN on Network Security
Data: InformationWeek 2012 Software-Defined Networking Survey of 250 business technology professionals, July 2012 R5451012/9
1
23
4
5
67
89
R5451012_SDN_Chart9
Networks will be much more secure
Networks will be somewhat more secure
It will have no impact on network security
Don’t know
Networks will be somewhat less secure
Networks will be much less secure
reports.informationweek.com
reports U n d e r s t a n d i n g S o f t w a r e - D e f i n e d N e t w o r k sTable of Contents
Figure 8
October 2012 15
technologies, are to be expected when imple-menting any new technology (Figure 9).
Some other challenges, such as the concernsover the vulnerability of the controller, areunique to SDN. For instance, if hackers were togain access to the SDN controller, they wouldhave the power to inflict significant harm. Thecounterargument is that it’s often easier to pro-tect one central device than it is to protect hun-dreds or thousands of decentralized devices.
Survey respondents do see the potentialfor SDN to benefit network security. Themost anticipated benefit is that SDN willmake it easier to apply a unified security pol-icy (Figure 10). The bottom line is that any ITorganization that is evaluating SDN needs toaddress security issues from the outset.
Be Clear About SDN ObjectivesWhen discussing SDN, it’s common for the
trade press and industry analysts to talk aboutits ability to better support the adoption ofprivate and/or hybrid cloud computing. How-ever, as Figure 7 shows, that cap ability isn’t astrong driver of enterprise adoption of SDN.
It is common, however, to have technologyadoption driven by different factors at differ-ent points in the adoption cycle. For example,the initial driver of server virtualization wascost savings. However, once IT organizationsbegan to implement server virtualization,
most of them found the agility that virtualizedservers provide became as important as thecost savings. In similar fashion, IT organiza-tions may well implement a software-definednetwork initially for cost savings or added se-curity and later expand that implementation
Previous Next
Previous Next
DownloadDownload
RegisterRegister
SubscribeSubscribe
Previous Next
Previous Next
What security problems do you associate with SDN?
SDN Security Problems
Lack of integration with existing security technologies
The controller scares me—if an attacker owns that, it's game over
More complexity, which always means less security
Functionality leveraging controller intelligence opens new attack surfaces
Inability to inspect every packet
It will hinder performance to such a degree that public cloud/SaaS use will increase
Other
None; it will help security
Note: Multiple responses allowedData: InformationWeek 2012 Software-Defined Networking Survey of 250 business technology professionals, July 2012
R5451012/11
44%
40%
38%
38%
20%
10%
2%
9%
R5451012_SDN_Chart11reports.informationweek.com
reports U n d e r s t a n d i n g S o f t w a r e - D e f i n e d N e t w o r k sTable of Contents
Figure 9
because it provides other capabilities.This example demonstrates that any IT or-
ganization considering SDN needs to be clearabout the value proposition of the technol-ogy and how that value proposition mightchange over time.
IT organizations also need to identify howdeploying SDN fits in with other IT initiatives.As the infrastructure architect notes, “No CIOis going to fund an investment in SDN with-out understanding how that fits into theircloud strategy.”
In another example, many IT organizationsare in the process of flattening their datacenter LANs. As part of that activity, most areevaluating the viability of eliminating Span-ning Tree Protocol. One way to do that is toimplement a protocol such as TransparentInterconnection of Lots of Links or ShortestPath Bridging. However, as previously men-tioned, it’s also possible to eliminate STP byimplementing an SDN controller that sup-ports the appropriate functionality.
The upshot is that an IT organization mustset realistic expectations with management
Previous Next
Previous Next
DownloadDownload
RegisterRegister
SubscribeSubscribe
Previous Next
Previous Next
What are the security benefits of SDN?
SDN Security Benefits
Ability to apply a unified security policy
Data security via transport encryption
Integrated and more granular access control
Additional points where security controls can be placed to address software/application security issues
Intra-hypervisor (VM-VM) packet inspection and firewall
Malware filtering
More situation- or application-aware security event logging details
Improved security appliance performance/throughput
DoS mitigation
Other
None; it will hurt security
Note: Multiple responses allowedData: InformationWeek 2012 Software-Defined Networking Survey of 250 business technology professionals, July 2012
R5451012/10
44%
32%
29%
28%
22%
22%
22%
17%
17%
4%
12%
R5451012_SDN_Chart10
FAST FACT
12%of respondents think
implementing SDN will
make networks less
secure; 31% say they just
don’t know.
reports.informationweek.com
reports U n d e r s t a n d i n g S o f t w a r e - D e f i n e d N e t w o r k sTable of Contents
Figure 10
October 2012 16
October 2012 17
about the benefits of SDN, how those bene-fits might evolve over time, and how SDNwill complement or support other major ITprojects and goals.
Money MattersGiven that IT believes the primary benefits
of SDN relative to the data center are reduc-ing cost and automating management andsecurity policy enforcement, it’s not surprisingthat those tend to be the selling points usedby IT organizations that have implementedSDN or intend to implement it (Figure 11).
However, it’s not clear that the expected costsavings anticipated with a controller-basedSDN model will appear. IT anticipates thosesavings in large part because dumbed-downswitches will be cheaper than conventionalswitches. But given the current state of themarket, the deployment of SDN won’t result inany dumbing down of switches and routersfor at least the next two years. That follows inpart because it will take a new generation ofmerchant silicon to build fully functional,highly scalable OpenFlow-enabled devices.
And even if fully functional OpenFlow de-vices were available, the vast majority of ITorganizations would adopt them over timeand most likely would implement them onlyin part of their infrastructure. That’s becauseIT organizations seldom swap out one infra-structure for another in a single move, par-
ticularly with a new technology.It’s also possible that the cost savings of
commodity switches will be eaten up by thecosts of centralized controllers. In fact, whenwe asked survey respondents to anticipatethe impact of SDN on switch and router mar-kets in 2015, the second-highest response, at
Previous Next
Previous Next
DownloadDownload
RegisterRegister
SubscribeSubscribe
Previous Next
Previous Next
What benefits did or will you use to “sell” SDN to the business?
SDN Selling Points
A more efficient and flexible network that speeds service delivery
Cost savings on hardware
Ability to apply QoS via traffic awareness
Ability to test new routing protocols
Other
We won’t even try; benefits are on the networking side
Note: Multiple responses allowedBase: 116 respondents at organizations with, or planning to have, SDN in productionData: InformationWeek 2012 Software-Defined Networking Survey of 250 business technology professionals, July 2012
R5451012/7
66%
36%
17%
50%
3%
4%
R5451012_SDN_Chart7
reports.informationweek.com
reports U n d e r s t a n d i n g S o f t w a r e - D e f i n e d N e t w o r k sTable of Contents
Figure 11
October 2012 18
18%, was that costs would simply shift to con-trollers and software (Figure 12).
In addition, some IT organizations are likelyto adopt SDN in a hybrid model, in whichsome control plane functionality is centralizedand the remaining functionality remains dis-tributed within switches. Depending on howmuch control functionality is centralized, thisscenario may not result in switches with sig-nificantly less functionality; in fact, this sce-nario may result in switches that require ad-ditional functionality.
The bottom line is that any cost savings thatmight result from adopting low-cost Open-Flow-enabled devices will take place over anumber of years, if at all.
Inhibitors to SDN DeploymentIT organizations that are evaluating SDN
need to understand the availability and scal-ability characteristics of the particular designsthey are evaluating.
One of the concerns with a controller-basedapproach to SDN is availability—that is, whathappens if the central controller goes down?
Another is scalability—how many packets, callsetups, processes or flows can one controllersupport? To respond to those concerns, manyvendors, including Big Switch, NEC and Vello,support a clustering of their controllers. Whilethat approach can mitigate availability andscalability concerns, it still leaves open what
happens if the network elements somehowlose their ability to communicate with thecentralized controller cluster. One network de-sign option that addresses this concern is toimplement a redundant link between thecontroller and each switch.
Another factor that limits the deployment
Previous Next
Previous Next
DownloadDownload
RegisterRegister
SubscribeSubscribe
Previous Next
Previous Next
Which of the following best describes your expectation of SDN’s effect on the switch and router market by 2015?
Expected Impact of SDN on the Switch and Router Market
Somewhat lower prices, less hardware differentiation, but same main players
The cost will just shift to controllers and software
Fewer proprietary features, emphasis on standards
Will reshuffle market leadership
Switches and routers will be a commodity; pricing landscape will be totally different
Switches and routers will be a commodity; vendor landscape will be totally different
Other
No impact; Cisco will figure out how to maintain its margins
Data: InformationWeek 2012 Software-Defined Networking Survey of 250 business technology professionals, July 2012 R5451012/13
22%
18%
16%
11%
7%
7%
1%
18%
R5451012_SDN_Chart13reports.informationweek.com
reports U n d e r s t a n d i n g S o f t w a r e - D e f i n e d N e t w o r k sTable of Contents
Figure 12
October 2012 19
of SDN is that there is no widely agreed-uponmodel for how SDN and OpenFlow-enablednetworks will interface with existing networkmanagement platforms and troubleshootingtools. IT organizations that are evaluating SDNneed to have a solid plan for how they’ll man-age and troubleshoot those networks.
We asked our survey respondents to indi-cate the primary inhibitors to their companyadopting SDN in the next two years. Their topthree responses reflect one of the centralthemes of this report: As is typical of any early-adopter market, the development and imple-mentation of SDN is characterized by imma-turity and confusion. The top response, at41%, was the immaturity of current products(Figure 13). However, the second-highest re-sponse, at 32%, was “confusion and lack ofdefinition in terms of vendor strategies.”Given that there are several technological ap-proaches that can claim to be software-de-fined networking despite significant differ-ences among the approaches, such confusionis understandable.
That confusion is echoed in IT organizations.
For instance, the infrastructure architect saysthe lack of education is a major barrier to theadoption of SDN. “We don’t know a lot aboutSDN and what its benefits are.”
Interoperability is also a concern. He says he
would like to see some form of certification sothat if he were to acquire an SDN controller,he would know what switches, and what codeversions, it worked with.
At present, any IT organization that tries to
Previous Next
Previous Next
DownloadDownload
RegisterRegister
SubscribeSubscribe
Previous Next
Previous Next
24%
Imm
atur
ity o
f cur
rent
pro
duct
s
Conf
usio
n an
d la
ck o
f def
initi
on in
term
s of v
endo
rs’ s
trat
egie
s
Imm
atur
ity o
f ena
blin
g te
chno
logi
es
Othe
r tec
hnol
ogy o
r bus
ines
s prio
ritie
s
Lack
of r
esou
rces
to e
valu
ate
SDN
Conc
ern
that
the
tech
nolo
gy w
ill n
ot sc
ale
to su
ppor
t en
terp
rise-
class
net
wor
ks
Wor
ry th
at co
st to
impl
emen
t will
exc
eed
ROI
We
don‘
t see
a co
mpe
lling
valu
e pr
opos
ition
Lack
of a
criti
cal m
ass o
f org
aniza
tions
that
hav
e de
ploy
ed SD
N
Conc
ern
that
maj
or n
etw
orki
ng ve
ndor
s will
der
ail S
DN b
y ad
ding
pro
prie
tary
feat
ures
Not s
ched
uled
to h
ave
a ne
twor
k te
chno
logy
refre
sh
in th
at ti
me
fram
e
Othe
r
No in
hibi
tors
to im
plem
entin
g SD
N
We’
ve a
lread
y im
plem
ente
d SD
N
Which of the following are the top inhibitors to your company adopting SDN in the next two years?
Barriers to SDN Adoption
Note: Three responses allowedData: InformationWeek 2012 Software-Defined Networking Survey of 250 business technology professionals, July 2012
R5451012/8
41%
32%
25%
23%
22%
18%
18%
14%
13%
11%
2%
4%
2%
R5451012_SDN_Chart8
reports.informationweek.com
reports U n d e r s t a n d i n g S o f t w a r e - D e f i n e d N e t w o r k sTable of Contents
Figure 13
FollowFollow
Follow
TweetTweet
LikeLike
Follow
ShareShare
Next
FollowFollow
Follow
TweetTweet
LikeLike
Follow
ShareShare
Tweet
Next
FollowFollow
Follow
TweetTweet
LikeLike
Follow
ShareShare
Next
Like This Report?
Share it!
October 2012 20
take an SDN controller and connect it to threeor four vendors’ OpenFlow switches would ei-ther fail or would, at a minimum, spend a lotof time and resources working with the ven-dors to make those devices work together be-cause the OpenFlow protocol is still so new.
Call to ActionThere are relatively few players in the IT in-
dustry making the argument that SDN isready for broad deployment in production
networks. As such, SDNis not encumbered bytoo much hyperbole.However, given themarket research pre-sented in this report, itis clear that SDN isshrouded in confusion.
IT organizations need to disperse this confu-sion to better understand SDN and to establisha strategy—even if that strategy is to do noth-ing relative to SDN for the foreseeable future.We offer a set of considerations to help guideyou in creating that strategy.
> Start with a firm definition of whatSDN means to the organization. This in-cludes taking a position relative to whetheror not they want to implement an SDN thatfeatures:
>> Direct programmability of switches androuters, which in most cases will be ac-complished by leveraging software cre-ated by a third party
>> Separation of the control and forwardingplanes using OpenFlow for communica-tions between them
>> Separation of the control and forwardingplanes using something other than Open-Flow for communications between them
>> An overlay network>> Other approaches and technologies> Define the use cases that justify deploy-
ing SDN, whether to solve problems or addvalue. Analyze alternative ways to solve thoseproblems or add that value and recognizethat the use cases may change over time.> Keep an eye on SDN adoption in the
market and SDN’s technological maturation.This includes analyzing the items mentioned
in the preceding section (e.g., the stability ofOpenFlow and of the northbound APIs).> Identify how extensive the implemen-
tation of SDN will be, both initially and overthe first couple of years. For example, will theimplementation just include top-of-rackswitches or will it include core switches? Willit include L4 to L7 functionality, such as loadbalancing or protection against DOS attacks?> Decide whether any of the control
functions that have historically been done inswitches and routers will be done in SDNcontrollers.> Analyze how the deployment of SDN
fits in with your existing infrastructure as wellas with other IT initiatives in progress. > Review vendors’ SDN strategies and of-
ferings and identify one or more viable SDNdesign. This includes understanding the risksand rewards of acquiring pieces of SDN fromdisparate vendors vs. trying to acquire all ormost of the system from a single vendor.> Determine whether the IT organization
will write applications itself to take advan-tage of SDN. If so, what has to happen within
Previous Next
Previous Next
DownloadDownload
RegisterRegister
SubscribeSubscribe
Previous Next
Previous Next
reports.informationweek.com
reports U n d e r s t a n d i n g S o f t w a r e - D e f i n e d N e t w o r k sTable of Contents
As is typical of any early-adopter
market, the development and
implementation of SDN is marked
by immaturity and confusion.
October 2012 21
the organization to enable that capability?> Identify and analyze commercially avail-
able applications that take advantage of SDN.> Evaluate the availability and scalability
characteristics of the particular SDN designsthat are under consideration. > Understand how your IT organization
can provide a sufficient level of security forthe controllers.> Assuming that your IT organization is
interested in OpenFlow, decide whether toimplement OpenFlow-only switches or hybridswitches that support OpenFlow and tradi-tional networking.> Understand how the IT organization
will manage and troubleshoot its SDN deployment.> Evaluate publicly available reports on
interoperability testing.> Test the SDN designs and use cases that
are under consideration.> Analyze how the intended imple -
mentation of SDNwould impact the currentnetworks.> Draft a plan for how your IT organiza-
tion will minimize and mitigate the risks as-sociated with implementing SDN.> Develop a program to get manage-
ment buy-in. This includes getting fundingas well as the buy-in from any other organi-zation that will be directly impacted by thedeployment of SDN.
Previous Next
Previous Next
DownloadDownload
RegisterRegister
SubscribeSubscribe
Previous Next
Previous Next
reports.informationweek.com
reports U n d e r s t a n d i n g S o f t w a r e - D e f i n e d N e t w o r k sTable of Contents
October 2012 22
Previous Next
Previous Next
DownloadDownload
RegisterRegister
SubscribeSubscribe
Previous Next
Previous Next
reports.informationweek.com
reports U n d e r s t a n d i n g S o f t w a r e - D e f i n e d N e t w o r k s
APPE
NDIX Which of the following best describes your job title?
5%7%
8%
33%
7%
32%
8%
Job Title
Data: InformationWeek 2012 Software-Defined Networking Survey of 250 business technology professionals, July 2012 R5451012/24
1
23
4
5
67
89
R5451012_SDN_Chart24
Executive IT management (C-level/VP)
IT director/manager
Other
Consultant
Line-of-business management
Non-IT executive management (C-level/VP)
IT/IS staff
Table of Contents
Figure 14
October 2012 23
Previous Next
Previous Next
DownloadDownload
RegisterRegister
SubscribeSubscribe
Previous Next
Previous Next
What is your organization’s primary industry?
Industry
Construction/engineering
Consulting and business services
Education
Electronics
Financial services
Government
Healthcare/medical
IT vendors
Manufacturing/industrial, noncomputer
Media/entertainment
Retail/e-commerce
Telecommunications/ISPs
Utilities
Other
Data: InformationWeek 2012 Software-Defined Networking Survey of 250 business technology professionals, July 2012 R5451012/25
2%
11%
7%
2%
9%
12%
10%
10%
10%
2%
4%
8%
2%
11%
R5451012_SDN_Chart25
reports.informationweek.com
reports U n d e r s t a n d i n g S o f t w a r e - D e f i n e d N e t w o r k sTable of Contents
Figure 15
October 2012 24
Previous Next
Previous Next
DownloadDownload
RegisterRegister
SubscribeSubscribe
Previous Next
Previous Next
Which of the following dollar ranges includes the annual revenue of your entire organization?
8%
14% 10%
17%
7%
11%8%
13%
12%
Revenue
Data: InformationWeek 2012 Software-Defined Networking Survey of 250 business technology professionals, July 2012 R5451012/26
1
23
4
5
67
89
R5451012_SDN_Chart26
Less than $6 million
$6 million to $49.9 million
$50 million to $99.9 million
$100 million to $499.9 million
$500 million to $999.9 million
Don’t know/decline to say
Government/nonprofit
$1 billion to $4.9 billion
$5 billion or more
reports.informationweek.com
reports U n d e r s t a n d i n g S o f t w a r e - D e f i n e d N e t w o r k sTable of Contents
Figure 16
October 2012 25
Previous Next
Previous Next
DownloadDownload
RegisterRegister
SubscribeSubscribe
Previous Next
Previous Next
Approximately how many employees are in your organization?
20%8%
8%
20%
8%22%
14%
Company Size
Data: InformationWeek 2012 Software-Defined Networking Survey of 250 business technology professionals, July 2012 R5451012/27
1
23
4
5
67
89
R5451012_SDN_Chart27
Fewer than 50
50-99
100-499
500-999
10,000 or more
1,000-4,999
5,000-9,999
reports.informationweek.com
reports U n d e r s t a n d i n g S o f t w a r e - D e f i n e d N e t w o r k sTable of Contents
Figure 17
October 2012 26
Previous
reports.informationweek.com
reports U n d e r s t a n d i n g S o f t w a r e - D e f i n e d N e t w o r k s
MOR
ELIKE THIS
Want More Like This?InformationWeek creates more than 150 reports like this each year, and they’re all free toregistered users. We’ll help you sort through vendor claims, justify IT projects and implementnew systems by providing analysis and advice from IT professionals. Right now on our siteyou’ll find:
Strategy: OpenFlow vs. Traditional Networks: We look at the pros and cons of OpenFlowand SDN and how they stack up with existing options to simplify networking.
IT Pro Ranking: Data Center Management: Three hundred fifty-seven IT pros weighed into rank 10 data center management products. EMC’s Unified Infrastructure Manager earnedthe highest score for both overall performance and data center management features.
serutaef eht nO .ecnamrofrep llarevo ni tops dnoces eht rof deit htob ocsiC dna erawMVfront, Cisco, VMware and IBM all earned scores of 77%, just two points behind EMC. Othervendors evaluated include HP, Microsoft, Oracle and Symantec.
Fundamentals: Understanding Flat Networks: A flat network or fabric provides morepaths through the network and can maximize bandwidth and better support a highly virtu-alized data center. We’ll look at standards-based approaches to designing a flat network, in-cluding TRILL and SPB, as well as proprietary vendor implementations. We’ll also discuss theimplications of moving to a flat network, and provide guidance to help you decide whetherthis approach is the right one for your data center.
PLUS: Find signature reports, such as the InformationWeek Salary Survey, InformationWeek500 and the annual State of Security report; full issues; and much more.
Table of Contents
For more information about Software Defined Networking and OpenFlow technologies, contact NEC: NEC Corporation of [email protected]/PFlow/