Visibility and SDN: You Can't Manage What You Can't See
With SDN rollouts set to kick into high gear in the coming months, a key question remains: how are admins going to maintain control over a highly dynamic network architecture that can span multiple regions, providers and platforms?
The old adage "You can't control what you can't see" presents a particularly prickly problem for software defined networks. Not only do you have to embed network visibility functions on the software layer, but they need to be able to match the speed and dynamism that characterize highly fluid traffic flows and virtual network architectures.
SDN cannot happen without visibility, so the race is on among top platform providers to deploy effective solutions before enterprise users start embracing the new networking paradigm in earnest.
Brocade, for example, recently acquired Vistapointe Networks, a developer of network intelligence software specializing in protocol management and business analytics for wired and wireless networks. The company's Vistapointe Network Intelligence platform, which includes the Intelligent Protocol Engine (VIPE), the Analysis and Correlation Engine (VACE) and the Visualization and Insight Dashboard (ViVID), will likely find its way into the MLX platform's IP telemetry suite, where it will smooth out some of the rough edges surrounding the integration of software-based networking and intelligent switching. It has the added advantage of providing a ready-made link between software-defined networks and expanding enterprise wireless capabilities.
If anyone has expertise in network security and integrity, it is the U.S. military. And according to trade publication C2ISR & Networks, the Navy is building out advanced visibility capabilities across its entire communications infrastructure. This includes not only traditional ATM and TDM monitoring tools for tactical network operations, but SONET, Ethernet and pure IP capabilities as well, not to mention infrastructure built around multiprotocol label switching. And since this is national security, the visibility must extend from deep within central command out to every laptop, cell phone, switch and router in the network.
In most cases, visibility is bundled into the overriding SDN platform, or, specifically, within the network hypervisor. Pluribus Networks recently demonstrated the latest iteration of its Netvisor solution at the Intel Developer Forum. The system features new mapping and intelligence capabilities that are embedded directly onto the Xeon processors in the Intel FM6000 Ethernet switch. This is intended to provide a high degree of visibility for the application layer, allowing the navigation of dynamic, disparate networks with little or no centralized management oversight. Look for the system to be deployed in Supermicro's forthcoming MicroBlade, where it will enable in-rack switching and advanced rack-scale fabric architectures.
It is important not to overlook the network edge when it comes to extending broad visibility into software defined networks, says Meru Networks' Ajay Malik. With more and more enterprise traffic generated by mobile devices, the challenge of ensuring consistent, high-quality communications is considerable. By deploying SDN on the WLAN, the enterprise will be better able to provide a unified view of both wired and wireless networks and deliver higher quality of service to the plethora of end points that are clamoring for network resources.
A visible network, then, is a manageable network, and once pathways, traffic flows and architectures are subject to the vagaries of software, it will take a highly sophisticated and informed management stack to keep the lid on things.
Visibility alone will not provide the functionality that network administrators will need to govern SDNs, but you can't build effective management without it.
Photo courtesy of Shutterstock.