Why SDN matters: The case for reducing complexity
- By Mike Younkers
- Aug 24, 2015
Software-defined networking is a major trend in the IT industry, as big as cloud computing and data analytics. And as with many of these mega-trends, there exists a fair amount of confusion and rhetoric on the topic, which is dangerous for IT decision makers both inside and outside of government. That said, SDN is already helping improve operations in federal agencies. To understand its potential, it is important to have some context on the origins of this approach, how it is used in network deployment today and where SDN is going in the future.
What is the purpose of SDN?
Every new technology product or approach starts with the need to overcome some challenge. The impetus for SDN was the incredible complexity that exists in designing, deploying and maintaining modern-day networks. Networks do two things: they set up connections based on a set of criteria to identify the shortest, quickest or most secure path (the control plane) and then they move data across those connections (the data plane). The fundamental premise of SDN is to separate the decision making happening in the control plane from the execution of those decisions in the data plane.
When the network frameworks were originally established, there was a considerable effort put into building layers into the data plane. These layers make it simple, fast and efficient to make change within one layer without affecting any other layers in the same plane. For example, when a faster physical technology comes along – think switching from copper to fiber – an upgrade can be done without affecting the higher layers.
Unfortunately, there is no similar layering within the control plane of networks. Instead, there are numerous protocols that decide how to set up connections. Over the years, more and more protocols have been added, creating ever more complexity. By splitting the control plane from the data plane, the complexity of the control plane can be addressed without disturbing what already works well in the data plane.
Once the split occurs, we can apply good computer science principles within the control plane, solving similar problems once and then reusing that solution to reduce complexity. That’s what defines SDN: its fundamental purpose is to simplify the design, deployment and operation of networks by bringing rigor and structure to the control plane.
Why does SDN matter for government?
SDN solutions can help government CIOs address key challenges they are facing today. It can help improve user experience, increase agility, reduce IT complexity and lower operational costs amid declining budgets. These new models offer the flexibility and scalability agencies need to innovate and enhance service offerings for citizens.
These features are attractive for agencies seeking to improve their network operations. For instance, the Defense Information Systems Agency issued a request for information on SDN earlier this year to gain a better understanding of how experts in the network and cloud industries are innovating and leveraging these new capabilities. The smartest thing DISA did was openly pose three use-case challenges their IT department faces and ask how industry would solve each with SDN. This is the right approach because it focused on solving real problems with SDN capabilities rather than looking at specific technology first.
Security is another reason the Defense Department and other agencies should be looking at SDN. Typically, we think of the SDN controller pushing policy and control messages “down” to the network elements. However, the ability for the SDN controller to leverage two-way communications between controller/application and network elements can play a huge role in security. Agencies can improve threat detection with the SDN controller automatically altering the network to suspicious events and directing further action to investigate.
The hype around SDN is growing within government, prompting many CIOs and CTOs to educate themselves on the key concepts and benefits they can bring. It is important that agencies understand SDN technology capabilities and the options available to them before diving into the pool headfirst. By leveraging SDN solutions that integrate with existing installed-base of hardware and open standard distributed routing protocols, agencies can ease SDN elements into their infrastructure and operations teams.
SDN is no easy concept. It can leave even the smartest minds in government IT confused and searching for answers. But there is no doubt that SDN can offer tremendous value for federal agencies as they look to simplify and improve network operations moving forward.
Mike Younkers is senior director, systems engineering, US Federal, Cisco.