Software Defined Networks and Network Function Virtualization
Networks are the new frontier in virtualization and they are getting crowded with new technology and buzzwords that are scrambling to gain an edge over the competition or displace legacy technology. So, analogous to how servers virtualization created a bigger division between the physical layer and the abstracted compute function, are Software Defined Networks (SDN)-simply ripping out intelligence from network links and devices, and abstracting other media layers functions up the stack through transport and applications? Similarly, Network functions virtualization (NFV, an initiative to virtualize network functions previously carried out by proprietary, dedicated hardware) appears simply to be the logical next step in the computer-storage-network virtualization triad.
I think something larger is at play here, and SDN and NFV are both a pre-requisite and a consequence of technology developments that have created a multiplier effect: mobile (by 2020 80 percent of adults on earth will have a smartphone), Internet-of-Things (from 10 billion connected devices in 2014 to estimated 100 billion in 2050) and Cloud (10-fold market-size growth from 2010 to 2020) could not scale or support the bandwidth growth rate that they command unless network technology evolves to allow the control plane to operate and adapt quickly while optimizing and managing the data plane for the traffic volume and patterns that flows through it. Conversely, knowing that the value of a network increases proportionately to the square of the number of users (Metcalfe’s law), the billions of sensors and edge nodes expected to swarm our planet will require more intelligent, flexible and optimized networks that can’t be architected by specialized, purpose-built network devices and hardware.
There are two sets of capabilities that SDN needs to address: one set pertains to the scale, flexibility and costs issues of end-points explosion, another set pertains to performance, security and analytics requirements as network abstraction occurs. The first set of capabilities can be achieved through a combination of SDN controllers–software-based solutions that allows network resources to create and orchestrate tunnels across an existing physical network infrastructure–and northbound and southbound (Control-Data- Plane) interfaces using standard protocols like OpenFlow. Through programmability, end-to-end control, automation of changes and multi-vendor interoperability the deployment of SDN capabilities can yield savings in managing and operating networks and greatly increase service agility.
The second set of capabilities require SDN applications that can consume an abstracted view of the network as well as events and statistics that in turn are used to adapt and direct desired network behavior or implement network virtualization, WAN traffic engineering or service chaining. These features of SDN result in not only more sophisticated ways to implement network policies or improve network resources utilization, but it can also benefit quality of service or other layer 4-7 services like security or WAN optimization.
The major trends that have created the need for the SDN network paradigm come with challenges that should be considered when embarking on an SDN deployment:
• Performance/diagnostics: today’s mega datasets, any-to-any connectivity and applications that access geographically distributed servers through public and private clouds, impose flexibility and bandwidth-on-demand requirements that SDN can help solve. But SDN tunnels make the diagnosing of problems also more difficult as they mask the individual traffic flows from the underlying physical network. Virtualized infrastructures further compound this issue as their I/O demands on the network are not necessarily inferable from CPU and memory requirements of each application. Packet-based monitoring in such cases can provide greater visibility into SDN overlay tunnels.
• Security: the Internet of Things results in new connected devices like jet engines or oil refineries generating terabytes of data daily, but also introducing new network vulnerabilities from new interfaces, new protocols and new communication patterns. For Communication Service Providers (CSPs) the mobile boom leading to an estimated 1 billion LTE connections by 2017 is an appealing business opportunity, but it creates an equally sizable headache as the growth creates a larger ingress and egress surface area for malicious attacks and introduces potential access points for unmanaged devices. Visibility into traffic patterns, accessing methods to Operations Support Systems (OSS), provided by the likes of Session Border Controllers (SBC) can prepare CSPs and Cloud providers alike to mitigate SDN security challenges.
Having confirmed that SDN and NFV is real and here to stay, here’s a paradox to consider: the flood of small, cheap, low-powered, high-performance chips is enabling new categories like wearables, connected cars, drones and other IoT sensors that reinstate hardware dominance— how important are virtualization or software therefore? The answer: exponentially more important since the connectivity and data needs that the hardware explosion is creating cannot be matched by more hardware-based network intelligence, rather by abstracting layers to adapt at the speed and volume of growth. An example of the magnitude of the growth is illustrated by the below charts, showing monthly IP traffic volume as well as traffic share by wired vs. wireless into 2018. Similar to the growth that transportation traffic has experienced since the end of WWII (10-fold increase in Vehicle Miles Traveled in the US public roads from 1945-2015), only adding more roads and freeways (hardware) has not been sufficient to deal with the challenges of congestion or changing driver behavior. Instead, abstractions of transportation traffic in the form of interactive real-time transit maps, software-based services for on-demand transportation (Uber, Lyft) and increasing volumes of intelligence from connected transportation “devices” have emerged to deal with such scale and complexity.
For enterprises, Cloud Service Providers and Telco’s the possibilities are virtually endless as network traffic scale drive needs for Cloud bursting, inter-enterprise connectivity and on-demand network services that are much more achievable with SDN and NFV.
In conclusion, although in enterprise and in many organizations the SDN promise may not have materialized yet, CIO’s and CTO’s have an opportunity to proactively address the benefits and challenges that SDN will certainly bring. As the SDN model evolves from its infancy, additional capabilities will emerge over time, like east and westbound APIs that enable multi-controller federation, or Software Defined Security (SDSec). Riding the wave of the connectivity growth also creates new business models and markets that can arm SDN adopters with more actionable insights to monetize network services through BigData analytics.