PDF version of this report
You must have Adobe Acrobat reader to view, save, or print PDF files. The
reader is available for free
download.
Software-Defined Networking
Copyright 2022, Faulkner Information Services. All
Rights Reserved.
Docid: 00018024
Publication Date: 2205
Publication Type: TUTORIAL
Preview
Software-defined networking (or SDN) is an emerging network technology
that enables network administrators “to centrally configure and manage
physical and virtual network devices such as routers, switches, and
gateways.”1 A promising innovation, SDN improves network
visibility, simplifies network management, reduces the network hardware
footprint, lowers network costs, and promises to enhance network security.
Report Contents:
- Executive Summary
- Related Reports
- SDN Architecture
- SDN Advantages and
Disadvantages - SDN Use Cases
- Web Links
Executive Summary
[return to top of this
report]
Software-defined networking (or SDN) is an emerging network technology
that enables network administrators “to centrally configure and manage
physical and virtual network devices such as routers, switches, and
gateways.”2
| Related Faulkner Reports |
| Network Management Tools Tutorial |
As detailed by analyst Andy Magnusson, software-defined networking “makes
networking easier by separating the control plane of the network from the
data plane. [The] control plane decides where to send network
traffic, and the data plane sends the traffic onward according to what the
control plane tells it. In software-defined networking (SDN), the
control plane is operated by the software (a.k.a. “software-defined”)
while the data plane remains under the operation of the hardware.
“With SDN, networking devices directly connect to applications through
application programming interfaces (APIs), making SDN programmable and
independent from the hardware infrastructure. Because the software manages
the hardware in an SDN, businesses have greater flexibility and can adapt
to new requirements by quickly making network changes or provisioning new
services. This makes SDN especially attractive in this era of agility,
cloud computing, and digital transformation.”3
About a decade old4 and still maturing and evolving,
software-defined networking is gaining in popularity for two reasons:
- First, because of a widely-held belief that anything that can be
implemented through software should be implemented through software; and - Second, and more importantly, because software-defined networking
improves network visibility, simplifies network management, reduces the
network hardware footprint, lowers network costs, and promises to
enhance network security.
Ironically, while small enterprises should rush to embrace SDN to help reduce
operational expenses (OPEX), the costs for initial setup can be high, resulting
in a lower than expected adoption rate.
Another – more surmountable – concern involves security. While SDN
makes it easier to develop and propagate security policies and protocols
throughout the network, SDN also makes it easier to propagate network
threats, posing a dilemma for enterprise officials concerned with
potential malware infections.5,6
SDN Architecture
[return to top of this
report]
Software-defined networking is defined by a relatively simple
architecture which consists of three “planes” or “layers”. (Unfortunately, SDN terminology is not yet standardized.) The three
planes – the application plane, the control plane, and the data plan –
communicate using “northbound” and “southbound” application programming
interfaces (APIs),7 as illustrated in Figure 1.
Figure 1. A Sample SDN Architecture
Source: Wikimedia Commons (License link:
https://creativecommons.org/licenses/by-sa/3.0/legalcode)
Application Plane or Application Layer
The application plane contains the typical network applications, like
firewalls, intrusion prevention systems, or load balancers. Where a
traditional network would employ special appliances to perform network
functions, an SDN utilizes special applications.8
Control Plane or Control Layer
The control plane represents the centralized SDN controller software that
functions as the SDN’s brain. The controller resides on a server,
and manages policies and traffic flows throughout the network.9
Data Plane or Infrastructure Layer
The data plane is composed of the network’s physical switches, which
forward the various elements of network traffic to their destinations.10
SDN APIs
As mentioned previously, the three SDN planes – Application, Control, and
Data – communicate using northbound and southbound APIs:
- Applications talk to the controller via its northbound interface.
- The controller and switches converse via southbound interfaces.11
SDN Variants
Software-defined networking has spawned two significant variants: SD-WAN
and, perhaps more significantly, Network as a Service (NaaS).
SD-WAN
As described by analyst Keerthi Rangan, a “software-defined WAN, or
[SD-WAN], is the next evolution of enterprise WAN technology. SD-WAN
is similar to software-defined networking … in that it uses software to
manage and control network resources and services. However, SD-WAN
focuses explicitly on WANs.
“A WAN links two or more local area networks (LANs) in different
geographical areas. A WAN, for example, will connect a LAN in the
main office in New York to a LAN in a distant office in San
Francisco. The most straightforward concept of an SD-WAN is that
it’s a WAN that connects remote locations using software and
virtualization technology rather than conventional hardware such as
routers.”12
Network as a Service
Network as a Service (NaaS) takes the concept of network outsourcing to
the proverbial next level. Instead of outsourcing network services,
an enterprise client outsources the network itself, Or, as Neil
Anderson, Senior Director of Network Solutions at World Wide Technology, a
technology and supply chain services provider, explains, “Instead of [the
client] buying network equipment, installing it, and operating it, a
network-as-a-service provider owns, installs and operates the equipment,
and organizations pay a monthly subscription for the network services,”13
SDN Advantages and Disadvantages
[return to top of this
report]
Before an enterprise pursues a novel approach to network management and
maintenance, like software-defined networking, it’s prudent to weigh the
advantages and disadvantage of SDN, as summarized in Table 1.
| Advantages | Disadvantages |
|---|---|
| Simplified Operations: A network administrator can utilize a single, centralized controller (a “single pane of glass”) to distribute policies to all connected switches.14 |
Initial Costs: Deploying SDN can be expensive, with time and money required for planning, hardware purchases, software licenses, production trials, and IT training.15 |
| Reduced Footprint: SDN virtualizes services that were previously implemented through dedicated hardware.16 |
Northbound Standards: “Vendors and open source entities are creating different APIs for their SDN controllers since there’s no widely acknowledged standard for northbound APIs.”17 |
| Increased Security: A network administrator can develop and propagate security policies and protocols throughout the network.18 |
Decreased Security: Just as policies can be propagated throughout the network, so too can threats. Also, the centralized controller can present as a single point of failure.19 |
| Greater Scalability: Additional devices can be added to the network as needed.20 |
Ambiguous Definition: “Different vendors offer various approaches to SDN, ranging from hardware-centric models and virtualization platforms to hyper-converged networking designs and controllerless methods.”21 |
| Open Standards: SDN follows open standards and can be implemented with any provider’s network hardware.22 |
Market Confusion: “Some networking initiatives are often mistaken for SDN, including white box networking, network disaggregation, network automation and programmable networking.”23 |
| Lower TCO: SDN has a lower total cost of ownership since it requires less administration and improves server utilization. Also, traditional switches can be replaced with commodity devices.24 |
Slow Adoption: SDN has been around since 2011, but many enterprises, especially small enterprises, have been reluctant to invest in this still-emerging networking trend.25 |
SDN Use Cases
[return to top of this
report]
In addition to simplifying network management and lowering network costs,
software-defined networking serves a number of specific use cases.
Data Center Security
According to TechTarget, “SDN supports more targeted protection and
simplifies firewall administration. Generally, enterprises depend on
traditional perimeter firewalls to secure their data centers. However, [enterprises] can create a distributed firewall system by adding
virtual firewalls to protect the virtual machines. This extra layer of
firewall security helps prevent a breach in one virtual machine from jumping to
another. SDN centralized control and automation also
enables admins to view, modify and control network activity to reduce the
risk of a breach.”26
New or Improved Networks
Software-defined networking is ideal for:
- Creating new networks, with new applications and new end users; and
- Revitalizing old networks, refreshing current technology with upgraded
systems and services.27
Hybrid Cloud Support
Analyst Andy Magnusson reminds us, “As more [enterprises] move to a
hybrid cloud model, SDN is a good way to efficiently plan and manage
network traffic between on-premises and the cloud.”28
Amazon Virtual Private Cloud
Leveraging the principles and practices of software-defined networking,29
Amazon Web Services has developed the Amazon Virtual Private Cloud (Amazon
VPC).
As the vendor explains, Amazon VPC “lets you provision a logically
isolated section of the AWS Cloud where you can launch AWS resources in a
virtual network that you define. You have complete control over your
virtual networking environment, including selection of your own IP address
range, creation of subnets, and configuration of route tables and network
gateways. You can use both IPv4 and IPv6 in your VPC for secure and
easy access to resources and applications.
“You can easily customize the network configuration for your VPC. For example, you can create a public facing subnet for your web servers
that has access to the Internet, and place your backend systems, such as
databases or application servers, in a private-facing subnet with no
Internet access.
“Additionally, you can create a hardware virtual private network (VPN)
connection between your corporate data center and your VPC and [utilize]
the AWS Cloud as an extension of your corporate data center.”30
Web Links
[return to top of this
report]
-
Amazon Web Services: http://aws.amazon.com/
Continuity Central: http://www.continuitycentral.com/
SANS Institute: http://www.sans.org/
US National Institute of Standards and Technology: http://www.nist.gov/
References
1-2 “SDN in Windows Server Overview.” Microsoft. July 29,
2021.
3 Andy Magnusson. “Understanding Software-Defined Networking
(SDN).” strongDM. March 10, 2022.
4 Linda Rosencrance, Jennifer English, and John Burke.
“Software-Defined Networking (SDN).” TechTarget. September 2021.
5 Andy Magnusson. “Understanding Software-Defined Networking
(SDN).” strongDM. March 10, 2022. – A3, A4, A5, A6, D1, D3
6-11 Linda Rosencrance, Jennifer English, and John Burke.
“Software-Defined Networking (SDN).” TechTarget. September 2021.
12 Keerthi Rangan. “What Is SD-WAN? Why It’s the Future of
Enterprise WAN.” G2.com, Inc. May 6, 2021.
13 Michael Cooney. “What Is Network as a Service (NaaS)?”
Network World | IDG Communications, Inc. July 16, 2021.
14 Linda Rosencrance, Jennifer English, and John Burke.
“Software-Defined Networking (SDN).” TechTarget. September 2021.
15 Andy Magnusson. “Understanding Software-Defined Networking
(SDN).” strongDM. March 10, 2022.
16 Linda Rosencrance, Jennifer English, and John Burke.
“Software-Defined Networking (SDN).” TechTarget. September 2021.
17 Keerthi Rangan. “A Complete Guide to Software-Defined
Networking.” G2.com, Inc. September 17, 2021.
18-20 Andy Magnusson. “Understanding Software-Defined
Networking (SDN).” strongDM. March 10, 2022.
21 Linda Rosencrance, Jennifer English, and John Burke.
“Software-Defined Networking (SDN).” TechTarget. September 2021.
22 Andy Magnusson. “Understanding Software-Defined Networking
(SDN).” strongDM. March 10, 2022.
23 Linda Rosencrance, Jennifer English, and John Burke.
“Software-Defined Networking (SDN).” TechTarget. September 2021.
24 Andy Magnusson. “Understanding Software-Defined Networking
(SDN).” strongDM. March 10, 2022.
25-26 Linda Rosencrance, Jennifer English, and John Burke.
“Software-Defined Networking (SDN).” TechTarget. September 2021.
27-28 Andy Magnusson. “Understanding Software-Defined
Networking (SDN).” strongDM. March 10, 2022.
29 Luc van Donkersgoed. “Amazon VPC: The Picasso of Software
Defined Networking.” Sentia. April 6, 2020.
30 “Overview of Amazon Web Services” Amazon Web Services, Inc.
August 5, 2021:61.
About the Author
[return to top of this
report]
James G. Barr is a leading business continuity analyst
and business writer with more than 40 years’ IT experience. A member of
“Who’s Who in Finance and Industry,” Mr. Barr has designed, developed, and
deployed business continuity plans for a number of Fortune 500 firms. He
is the author of several books, including How to Succeed in Business
BY Really Trying, a member of Faulkner’s Advisory Panel, and a
senior editor for Faulkner’s Security Management Practices.
Mr. Barr can be reached via e-mail at jgbarr@faulkner.com.
[return to top of this
report]