Software Defined Networking (SDN) began as a conceptual extension of data center virtualization and as such its true form has been tough to visualize. Now, as SDN use cases are being revealed on the web and in public forums, it is becoming clearer what SDN is, how it will be implemented and who will benefit or be hurt by its adoption.
SDN addresses the problem that today's applications have little or only fragmented knowledge, control of or visibility of underlying networks and resources. An essential element of SDN is that it explicitly links network control to each application's functional requirements. In many cases the linkage is dynamic so that the physical network responds in real time to an application's changing requirements.
Architecturally, a SDN solution consists of a SDN controller and a separate packet forwarding function which remains in the individual network elements (switches or routers). An orchestration layer is used to pass applications, requirements or policies to the network controller. Much of SDN's business benefit is derived from the orchestration layer's use of automated workflows, provisioning and change management processes. A virtualization layer is used to express network transport requirements in terms of each application's functional requirements, rather than in technical or hardware specific terms. This abstraction of the applications' networking requirements makes it easier to optimally configure the physical network to minimize cost while assuring fulfillment of each application's networking requirements. The use cases flesh out these concepts.
The first use case is the hyperscale data center, including those of giants such as Amazon (Nasdaq: AMZN), Google (Nasdaq: GOOG) and Facebook (Nasdaq: FB). The scale of these data centers creates extremely difficult management and operational challenges. SDN simplifies the problem by allowing VMs (Virtual Machines) to communicate with each other while being unaware of the underlying network. This significantly increases the ease with which VMs can be deployed and moved in the data center, and lowers cost by improving asset utilization and reducing operations expense.
The enterprise WAN use case extends the first use case across multiple data centers. Traffic flows are managed dynamically, subject to individual applications' requirements, to facilitate high bandwidth, low latency storage replication or VM migration among data centers. This improves data center utilization and increases service resiliency while controlling cost. Abstraction of the application requirements from the details of the physical infrastructure facilitates solution of this difficult optimization problem.
SDN is not necessarily in conflict with legacy network technology. For example, a multi-tenant data center use case provides easier manageability of individual tenant services and security using legacy network technologies. SDN is used to steer traffic to and from existing load balancers and firewalls, for example. This increases service velocity and reduces staffing costs by leveraging SDN's orchestration capabilities.
Several data center use cases might be collectively grouped into a category called virtual patch panel. A SDN enabled switch (using OpenFlow) inserts static flows into existing data center switches. This can literally take the place of patch panels in a test environment. Other applications include directing incoming traffic to network monitoring equipment or security devices. The virtual patch panel, however, is dramatically different from a physical patch panel since the SDN architecture enables dynamic reconfiguration of traffic flows linked directly to applications via SDN's orchestration layer.
SDN also has applications out of the data center. For example, SDN can greatly improve traffic engineering for network operators dealing with large amounts of video traffic. Network operators can use a SDN controller in the network operations center that redirects and distributes traffic based upon business policies.
Campus access networks can be strengthened by applying a SDN controller across wired and wireless LANs. WLAN controllers provide the precedent for this use case. They were introduced to provide security and policy controls to wireless LANs, which were viewed as inherently less secure than wired LANs. However, modern WLAN controllers now provide better security and access control to wireless LANs than is commonly found on wired LANs. A SDN controller can be used to provide uniform security and access controls across all wired and wireless access points.
This sampling of use cases shows that the benefits of SDN are not exclusive to the data center. I see the big SDN business benefits to be derived from improved service velocity and reduced technical staffing requirements to manage and provision services. Nonetheless, I don't see SDN as a threat to technical jobs. These skills will be redirected to designing and specifying the policies and concepts needed to exploit the new service opportunities made possible by SDN. Some claims have been made that this will drive down the cost of data switching hardware, and thus, hurt the big systems vendors. I agree that hardware costs are likely to be driven lower—they are being driven lower already without SDN. However, SDN opens up many new opportunities to link networks directly to applications and business strategies. The big systems vendors are well positioned to develop these SDN-based opportunities.