understanding sdn

October 2012 $99

Report ID: R5451012

Next

reports

Understanding Software-Defined NetworksIT organizations we surveyed believe this new approach to

networking can reduce costs and improve network efficiency and

security. So why have only 4% of them implemented SDN?

Maybe because 32% cite “confusion” over vendor strategies

as a barrier to adoption. In this report, we aim to cut through the

confusion and help IT organizations develop an SDN strategy.

By Jim Metzler

reports. informationweek.com

http://reports.informationweek.com/index

Previous Next

reports

3 Author’s Bio

4 Executive Summary

5 Research Synopsis

6 What Is Software-Defined Networking?

7 A Vision of Control

7 Impact Assessment

10 Competing Visions of SDN

12 Drivers of SDN Deployment

14 SDN and Security

15 Be Clear About SDN Objectives

17 Money Matters

18 Inhibitors to SDN Deployment

20 Call to Action

22 Appendix

26 Related Reports

Figures

6 Figure 1: Familiarity With Software-Defined

Networking

8 Figure 2: Decoupling of the Control and

Forwarding Planes

9 Figure 3: Familiarity With OpenFlow

10 Figure 4: Attitude Toward OpenFlow

11 Figure 5: Dumbing Down of Switches and Routers

12 Figure 6: Willingness to Make

Architectural Changes for SDN

13 Figure 7: LAN Challenges Mitigated

by SDN

14 Figure 8: Impact of SDN on Network

Security

15 Figure 9: SDN Security Problems

16 Figure 10: SDN Security Benefits

17 Figure 11: SDN Selling Points

18 Figure 12: Expected Impact of SDN

on the Switch and Router Market

19 Figure 13: Barriers to SDN Adoption

22 Figure 14: Job Title

23 Figure 15: Industry

24 Figure 16: Revenue

25 Figure 17: Company Size

CONT

ENTS

reports.informationweek.com

TABLE OF

October 2012 2

U n d e r s t a n d i n g S o f t w a r e - D e f i n e d N e t w o r k s



October 2012 3

Previous Next

© 2012 InformationWeek, Reproduction Prohibited

reports


U n d e r s t a n d i n g S o f t w a r e - D e f i n e d N e t w o r k sTable of Contents

Jim Metzler has a broad background in the IT industry. This includes being asoftware engineer, an engineering manager for high-speed data services for amajor network service provider, a product manager for network hardware, anetwork manager at two Fortune 500 companies and the principal of a consult-ing organization. In addition, he has created software tools for designing cus-tomer networks for a major network service provider and directed and per-formed market research at a major industry analyst firm.

Each year Jim publishes two e-books, one on application and service deliveryand the other on cloud networking. He co-authored a book titled Layer 3Switching, which is part of the Prentice Hall series in computer networking anddistributed systems. He has a Ph.D. in mathematics from Boston University andis currently an independent industry analyst and consultant.

Jim MetzlerInformationWeek Reports

FollowFollowFollowFollow

Want More?

Never Miss a Report!

FollowFollowFollowFollow



https://www.facebook.com/pages/InformationWeek-Reports/149825495070501

https://twitter.com/#!/IW_Reports

October 2012 4

Previous Next

Software-defined networking has the potential to fundamentally change the network-ing industry. Given that potential and the buzz that surrounds it, you might guess thatSDN is a well-understood concept and has been deployed by a large number of IT organi-zations. The reality is that only a small percentage of IT organizations claim to be very fa-miliar with SDN. In addition, our InformationWeek 2012 Software-Defined NetworkingSurvey shows that only 4% of IT organizations have already implemented SDN and onlyanother 5% of IT organizations are testing it. At present, SDN is only for early adopters.

It will be challenging for SDN to be broadly deployed in the near term in part becauseit’s not a narrowly defined technology like TRILL or SPB. Rather, it’s an approach to net-working that focuses on centralizing control functionality and providing programmaticinterfaces into a wide range of network equipment. It also requires an extensive ecosys-tem of vendors. The breadth of what is referred to as SDN is partially a result of the vary-ing ways that it’s possible to centralize control and provide programmatic interfaces intonetwork elements.

This report aims to bring clarity to the nascent SDN market by outlining the major approaches to SDN. We dig into how these approaches are similar and where they differ,and we examine the benefits and drawbacks of each approach. The report also shares the results from the InformationWeek Software-Defined Networking Survey, which measuresIT pros’ familiarity with and attitudes toward SDN and OpenFlow, a new protocol closelyassociated with SDN. Finally, it provides guidance to help IT organizations develop a strategy for SDN.

EXECUTIVE


reports

SUM

MAR

Y




October 2012 5reports.informationweek.com

Previous Next

RESEARCH

Survey Name InformationWeek 2012 Software-Defined Networking Survey

Survey Date July 2012

Region North America

Number of Respondents 250

Purpose To gauge awareness of and adoption plans for software-defined networkingand OpenFlow technology.

Methodology InformationWeek surveyed 250 business technology decision-makers fa-miliar with software-defined networking at North American organizations. The surveywas conducted online, and respondents were recruited via an email invitation containingan embedded link to the survey. The email invitation was sent to qualified Information-Week subscribers.

reports

SYNO

PSIS


ABOUT US

InformationWeek Reports’

analysts arm business technol-

ogy decision-makers with real-

world perspective based on

qualitative and quantitative re-

search, business and technology

assessment and planning tools,

and adoption best practices

gleaned from experience.

To contact us, write to manag-

ing director Art Wittmannat [email protected],

content director

Lorna Garey at

[email protected],

editor-at-large AndrewConry-Murrayat [email protected], and

research managing editor

Heather Vallis at

[email protected].

Find all of our reports at

reports.informationweek.com.




October 2012 6

Software-defined networking is a new ap-proach to networking that aims to make datanetworks more flexible, easier to operate andmanage, and better able to respond to thechanging demands of applications and net-work conditions.

According to InformationWeek’s 2012 Soft-ware-Defined Networking Survey, IT organiza-tions believe SDN can help them overcome anumber of challenges by improving networkutilization and efficiency, increasing automa-tion of common tasks, and improving security.SDN may also lower costs.

SDN also promotes the use of software in-terfaces to allow the development of third-party applications that can improve networkservices or provide new ones, and enable or-chestration of resources across multiple de-vices, such as switches, routers, firewalls andload balancers.

While SDN has received a lot of attentionthis year, IT pros are still trying to get theirarms around the concept: Of the 250 respon-

dents to our InformationWeek Software-De-fined Networking Survey who express havingsome knowledge about SDN, 48% say they areonly somewhat familiar with this new ap-proach to networking (Figure 1).

So what is SDN? That depends on whomyou ask. One approach to SDN would over-

turn the role that switches and other networkdevices play by turning them in fast butdumb (and inexpensive) machines to forwardpackets, while network intelligence would re-side in a centralized controller. This approachthreatens dominant networking vendorssuch as Cisco Systems, which commands high

Previous Next

How familiar are you with software-defined networking, or SDN?

17%

48%

35%

Familiarity With Software-Defined Networking

Data: InformationWeek 2012 Software-Defined Networking Survey of 250 business technology professionals, July 2012 R5451012/1

1Very familiar; I understand the details

Somewhat familiar; I have a general idea of what it’s about

Familiar; I understand the basics


What Is Software-Defined Networking?

reports U n d e r s t a n d i n g S o f t w a r e - D e f i n e d N e t w o r k sTable of Contents

Figure 1



October 2012 7

prices for network gear. Cisco and others arepushing back by proposing SDN models thatallow for more automation and flexibilitywithout doing away with the switch’s promi-nent role in determining optimal networkpathways.

However, one element that all the SDN ap-proaches share is the ability to use program-matic interfaces, such as APIs. This program-matic inter face allows for much moreautomation, which can simplify network op-erations, reduce the number of administratorsrequired to manage devices and enable thecreation of applications that provide new net-work features and functions.

This report outlines three approaches toSDN, explores their similarities and differences,and weighs the benefits and drawbacks ofeach approach. It provides guidance for IT or-ganizations to develop an SDN strategy. It alsoexamines the results from the Information-Week Software-Defined Networking Survey,which measures IT pros’ familiarity with andattitudes toward SDN and OpenFlow, a newprotocol closely associated with SDN.

A Vision of ControlThere are three general approaches to SDN.

The approach that’s probably most well knownseparates the forwarding and control planesthat typically reside in a switch and moves thecontrol plane to a separate device. This device,

called a controller, calculates the best paththrough a network for particular workloadsand programs the forwarding behavior of theswitches (Figure 2). The controller can be an ap-pliance, a virtual machine or a physical server.

A core concept of this approach to SDN is

Previous Next

FAST FACT

33%of respondents to our

Software-Defined

Networking Survey say

they are familiar or very

familiar with the

OpenFlow protocol.



Impact Assessment: Software-Defined Networking

Impact to… Benefit Risk

IT Organization

Business Organization

Business Competitiveness

Bottom Line:

� � � � � SDN has the potential to make networksmore automated, which reduces management burdensand increases flexibility. Other benefits include the abilityto implement new functionality more effectively andfaster than is otherwise possible.

�� At present, SDN is characterized by immatureproducts and standards and only rudimentary interoper-ability. There is also a lack of applications that take advan-tage of SDN and gapping holes around how an SDN willbe managed.

� � � � � There is a risk that SDN will not add thepromised value. If an SDN implementation does not workwell, business projects may face IT-related delays.

�� If the implementation of SDN has technicalissues, those could negatively impact the company’s com-petitiveness. However, few IT organizations will risk run-ning a business-critical application in the short term on anembryonic set of technologies and products, so significantdisruption is unlikely.

�� If the adoption of SDN results in lower costand a more agile IT function, the business organizationwins.

� � � � � In the mid- to long term, SDN should enableIT to align network resources with business goals. It holdsthe promise of a more agile, more automated and poten-tially more cost effective IT organization.

SDN promises to replace human interfaces into network elements with automated interfaces, which should streamline management and provide granularvisibility and control. SDN also has the potential to open up networking to new applications that will further extend the value of the network infrastructure.

��



http://reports.informationweek.com/abstract/6/8351/Data-Center/strategy-inside-openflow.html?cid=iwrpdf_body_545sdn

October 2012 8

Previous Next

Previous Next

DownloadDownload

RegisterRegister

SubscribeSubscribe

Previous Next

Previous Next

that the OpenFlow protocol is used betweenthe network elements and an SDN controllerto program the forwarding behavior of theswitch. According to our survey, 33% of re-spondents say they are very familiar or familiarwith the OpenFlow protocol, and another 38%say they are somewhat familiar (Figure 3). Thecontroller also has a northbound API, which isan interface for applications that want to useOpenFlow data. A number of vendors have an-nounced their intention to ship OpenFlow-en-abled switches, including Brocade, Cisco, Ex-treme, Hewlett-Packard and Juniper.

The Open Networking Foundation, a non-profit group that oversees the developmentof the OpenFlow protocol, advocates a con-troller-based architecture using OpenFlow.ONF has more than 70 members, includingservice providers, some of the world’s largestnetwork device manufacturers and startups.

Note that there are alternatives to the use ofOpenFlow as the communications protocolbetween a controller and network devices. Inaddition to Java, C, Python and REST APIs, thisincludes the Extensible Messaging and Pres-

ence Protocol, the Network Configuration Pro-tocol and OpenStack from Rackspace andNASA. However, as our survey shows, Open-Flow is closely associated with SDN (Figure 4).

One of the implications of the ONF ap-proach is the likelihood that switches and

routers would become low-cost commodities,which could potentially cut costs for compa-nies that adopt this approach. While vendorssuch as Cisco and HP have downplayed thatnotion, companies such as IBM, Dell and NECare more supportive of it. One operation that

Strategy: Inside OpenFlow

New software-defined network-ing technologies in general andOpenFlow in particular are poisedto disrupt the way we manageload in highly virtualized datacenters. In a world where fordecades we’ve relied on Ethernetand TCP/IP standards—andwhere big vendors like Cisco andJuniper have made their fortunesbased on intelligence inswitches—that’s a big deal.

Previous Next

Previous Next

DownloadDownload

RegisterRegister

SubscribeSubscribe

Previous Next

Previous Next



Separation of the control and forwarding planes is commonly associated with a software-defined network.

Decoupling of the Control and Forwarding Planes

This is dummy text

This is dummy text

This is dummy test

This is dummy test

This is dummy test

This is dummy test

This is dummy test

This is dummy test

Data: InformationWeek Reports R5450912/1

R5450912_SDN_chart1

Application Application

Switch SwitchSwitch Switch

Application Application

SDN Controller Platform

Nort

hbou

nd A

PI

Southbound API

Figure 2



http://reports.informationweek.com/abstract/6/8351/Data-Center/strategy-inside-openflow.html?cid=iwrpdf_side_545sdn

October 2012 9

could migrate to a controller is functionalitythat negates the need for LAN switches tosupport the Spanning Tree Protocol, Dell ex-ecutives responsible for SDN said in an inter-view. They also note that any control function-ality that is related to some kind of policy andthat requires taking an action based on whatis inside the packet is also a candidate tomove to a controller.

NEC and a startup called Big Switch Net-works provide on their controllers functional-

ity that eliminates theneed for the SpanningTree Protocol. Bothcompanies have statedtheir intention to pro-vide additional networkservices on their con-trollers over time.

The disagreement on the relative role of thecontroller and the network elements betweenmembers of the same class of products is oneof the many factors driving the confusion thatsurrounds SDN. Our survey respondents weresomewhat evenly split on whether SDN

would result in a dumbing down of switchesand routers, with a third of the respondentsindicating “don’t know” (Figure 5).

When evaluating SDN, IT organizations needto take a position on this issue. Is reducing therelative value of switches and routers a desiredoutcome of implementing an SDN? An accept-able outcome? An unacceptable outcome?

The position that an IT organization takes willinfluence which vendors it should consider us-ing and which ones it should avoid.

The primary advantages of the ONF ap-proach to SDN are that it is based on indus-try-standard protocols and has significantvendor support and momentum. It may alsoreduce costs because switches would become

Previous Next

Previous Next

DownloadDownload

RegisterRegister

SubscribeSubscribe

Previous Next

Previous Next



The primary advantages of the ONF

approach to SDN are that it is based

on industry-standard protocols and

has significant vendor support.

How familiar are you with OpenFlow?

29%

10%

38%

23%

Familiarity With OpenFlow


1

23

4

5

67

89

R5451012_SDN_Chart14

Very familiar; I understand the details

Familiar; I understand the basics

Not familiar

Somewhat familiar; I have a general idea of what it's about

Figure 3



October 2012 10

single-function commodity devices. However, one of the disadvantages of this

approach is that vendors are just now in theearly stages of implementing OpenFlow,which means interoperability among vendorsisn’t assured.

Another aspect of the lack of interoperabil-ity is that the northbound interface shownin Figure 2 is not standardized. This meansthat a company or vendor that writes an ap-plication to communicate with a controllerhas to ensure that the application works withAPIs from myriad controller vendors. Notethat the Open Network Foundation has re-cently announced an initiative intended tomake it easier for application providers touse various APIs.

Other possible downsides include the factthat this approach would require companiesto rearchitect their networks to incorporatethe controller-based system. However, oursurvey shows that this may not be a signifi-cant barrier: Of those with or planning to haveSDN in production, 48% say they are moder-ately willing to make significant changes to

get SDN benefits, and another 40% are veryor completely willing (Figure 6).

Competing Visions of SDNAs mentioned, while the ONF approach is

most commonly associated with SDN, thereare two other emerging visions for software-

driven networks. The second approach alsoseparates the control and forwarding planes,but it does so by leveraging a virtual switchsuch as Cisco’s Nexus 1000V, VMware’s DVS orIBM’s DVS 5000v. In this approach, the virtualswitch functions as a forwarding engine that’sprogrammed by a device separate from the

Previous Next

Previous Next

DownloadDownload

RegisterRegister

SubscribeSubscribe

Previous Next

Previous Next

What is your attitude toward OpenFlow in regard to SDN?

32%

15%

40%

13%

Attitude Toward OpenFlow

Base: 178 respondents familiar with OpenFlowData: InformationWeek 2012 Software-Defined Networking Survey of 250 business technology professionals, July 2012

R5451012/15

1

23

4

5

67

89


OpenFlow is an integral part of SDN; you can’t have one without the other

OpenFlow is important, but not essential

You don’t need OpenFlow to build an SDN

OpenFlow goes hand in hand with SDN now, but that could change



Figure 4



October 2012 11

virtual switch. This functionality is used as partof an overlay network that rides on top of theexisting network infrastructure using proto-cols such as VXLAN or NVGRE.

This approach may appeal to existing cus-tomers of Cisco and VMware, of which thereare significant numbers. However, it is only ap-plicable for hypervisor-based virtual switches.In addition, support for functionality such asVXLAN and NVGRE is only now emerging.

The third approach uses direct program-matic interfaces via APIs into network devices,which are broadly defined to include devicesthat operate at Layers 2 through 7 of the OSIstack. In this case, the control and forwardingplanes are not separated, nor is the controlplane centralized.

Many network vendors, including Cisco, areadopting this approach. This summer, Ciscoannounced that as part of its SDN approachit will offer APIs into multiple platforms. (Parttwo of this report offers more details.) How-ever, it is not a Cisco-only approach, as othervendors including Arista, Extreme Networksand Juniper Networks provide direct access

to their platforms via APIs.One advantage of this approach is that it en-

ables very detailed access into, and controlover, network devices. It also avoids the inter-operability issues that are associated with theOpenFlow protocol. Because this approachdoes not rely on a centralized controller, it alsoavoids the availability and security issues that

can be associated with a controller-based ar-chitecture (that is, if the controller dies, sodoes the ability to move traffic through thenetwork).

On the downside, this approach is vendor-specific. In a multivendor network environ-ment, it would result in “islands of control”whereby the operator would have differing

Previous Next

Previous Next

DownloadDownload

RegisterRegister

SubscribeSubscribe

Previous Next

Previous Next

Do you believe that SDN will relegate switches and routers to being just relatively dumb forwarding engines?

34%29%

37%

‘Dumbing Down’ of Switches and Routers?


1

23

4

5

67

89


Yes

No

Don’t know



Figure 5

Like This Report?

Rate It!Something we could dobetter? Let us know.

RateRate

Previous Next



http://reports.informationweek.com/abstract/6/9044/Data-Center/research-understanding-software-defined-networks.html?cid=rpt_like_linkR5451012

October 2012 12

levels of control of the network equipmentbased on the provider of that equipment.

Drivers of SDN DeploymentOther than a few research-oriented organi-

zations, no IT department wants to imple-ment an SDN. What IT wants to do is to solveone or more problems and/or find new waysto add value to the business. If it perceivesthat SDN is the best way to resolve thoseproblems and add new value, then imple-menting SDN makes sense.

That’s the attitude of an infrastructureportfolio architect for a multinational profes-sional services organization who took part inthe survey. “There is confusion about whatSDN is and what it means to the business,”he says. “If I were to go to a business-unitmanager and say that I need $3 million toimplement OpenFlow and that will allow meto centralize the control plane of my net-work, they would kick me out of their office.”

In other words, it only makes sense to imple-ment SDN if it results in a measurable and sig-nificant improvement of the IT infrastructure

and operations. “If I go to management witha plan to implement SDN and reduce thenumber of network administrators from 20 to10 and to reduce provisioning time from twoweeks to four days, they will at least listen tome,” says the infrastructure architect.

Those anticipated improvements are re-flected in our survey. We asked respondents

with or planning to have SDN in productionto choose the top three challenges that SDNwould mitigate. At the top of the list was im-proving network utilization and efficiency,closely followed by automation of provision-ing and management (Figure 7). Improvedsecurity was third.

Overall, we believe SDN offers three basic

Previous Next

Previous Next

DownloadDownload

RegisterRegister

SubscribeSubscribe

Previous Next

Previous Next

How willing are you to make significant architectural changes to your production networks in order to achieve the promised benefits of SDN?

12% 11%

48%

29%

Willingness to Make Architectural Changes for SDN

Base: 116 respondents at organizations with, or planning to have, SDN in productionData: InformationWeek 2012 Software-Defined Networking Survey of 250 business technology professionals, July 2012

R5451012/5

1

23

4

5

67

89

R5451012_SDN_Chart5

Completely willing

Very willing

Slightly willing

Moderately willing



Figure 6



October 2012 13

value propositions for IT:1. It defines business logic that the infra-

structure responds to throughout Layers 2through 7. For example, a network serviceprovider could use SDN to align its L2 to L7devices to support a service-level agreementfor a given customer and a given application.

2. It lets the network be aware of the needsof the applications and compute resourcesand dynamically provide the required net-work resources.

3. It provides better control, managementand security of the infrastructure by automat-ing tasks such as configuration management.

These value propositions overlap somewhatand are listed in descending order fromstrategic to tactical. Value propositions 1 and2 will have traction in the near term with so-phisticated organizations such as hyperscaledata centers, public cloud providers and net-work services providers. These value proposi-tions will also have some traction in the nearterm among some enterprise IT organiza-tions, primarily enterprises such as financialinstitutions that recognize that the IT function

impacts revenue in a way that is very directand measurable. Value proposition 3 shouldappeal to all types of organizations.

In addition to reducing costs and automat-

ing management and security policy enforce-ment, other enterprise-specific applicationsthat SDN will enable, potentially better thanthey could be performed otherwise, include:

Previous Next

Previous Next

DownloadDownload

RegisterRegister

SubscribeSubscribe

Previous Next

Previous Next

Which of the following data center LAN challenges do you believe SDN can be most helpful in overcoming?

LAN Challenges Mitigated by SDN

Impr

ove

netw

ork

utili

zatio

n an

d ef

ficie

ncy

Auto

mat

e m

ore

prov

ision

ing

and

man

agem

ent

Impr

ove

secu

rity

Impl

emen

t net

wor

k-w

ide

polic

ies

Redu

ce co

st

Get m

ore

visib

ility

into

app

licat

ions

that

are

usin

g th

e ne

twor

k

Redu

ce co

mpl

exity

Incr

ease

scal

abili

ty

Redu

ce re

lianc

e on

pro

prie

tary

pro

toco

ls or

pro

prie

tary

ex

tens

ions

of s

tand

ards

-bas

ed p

roto

cols

Supp

ort c

reat

ion

of a

priv

ate

or h

ybrid

clou

d

Supp

ort c

reat

ion

and

dyna

mic

mov

emen

t of v

irtua

l mac

hine

s

Redu

ce re

lianc

e on

vend

or’s

prod

uct l

ife cy

cles

Supp

ort m

ore

east

-wes

t tra

ffic

Othe

r

Note: Three responses allowedBase: 116 respondents at organizations with, or planning to have, SDN in productionData: InformationWeek 2012 Software-Defined Networking Survey of 250 business technology professionals, July 2012

R5451012/6

42%

35%

32%

31%

29%

25%

23%

20%

12%

10%

8%

4%

1% 1%

R5451012_SDN_Chart6



Figure 7

Strategy: The Virtual Network: TRILL, SDN and More

Virtualization forces data centernetworks to become more flexibleand efficient. Network engineershave a bewildering number of op-tions to support highly virtualizedenvironments, from fabrics ormeshes built on protocols such asTRILL and SPB to Layer 2 exten-sions that support VM mobility between data centers to software-defined networking. This reportbreaks down standards-basedand proprietary options for build-ing next-generation, virtualiza-tion-centric networks.

Previous Next

Previous Next

DownloadDownload

RegisterRegister

SubscribeSubscribe

Previous Next

Previous Next



http://reports.informationweek.com/abstract/6/8980/Data-Center/strategy-the-virtual-network-trill-sdn-and-more.html?cid=iwrpdf_side_545sdn

October 2012 14

> Network virtualization> Load balancing> Firewalls> Distributed denial of service prevention> Traffic engineering> Disaster recovery> Application acceleration via techniques

such as SSL offload> Web optimization> Network analysis whereby management

data is filtered from network elements andsent to a central site for analysis

In the near term, SDN applications willcome primarily from current infrastructureplayers. Extreme Networks, for example, hasannounced an identity management ap -plication for SDN. Big Switch offers both anetwork virtualization and network analysisapplication. Radware has announced an anti-DOS application and an application that enables the creation of an application deliv-ery controller fabric. While infrastructureplayers will likely continue to develop SDNapplications, one of the great promises ofSDN is that developer communities will cre-

ate a wide range of applications that cantake advantage of the access to granular net-work data that it will provide.

SDN and SecuritySecurity is always a key factor for IT organi-

zations to evaluate when considering a newtechnology, and SDN is no exception. Accord-

ing to our survey, only 12% of respondentsthink implementing SDN will make networksless secure (Figure 8). However, 31% say theyjust don’t know, a result that highlights theconfusion in the market about SDN.

IT organizations do recognize that SDN hassecurity risks. Some of these challenges, likethe lack of integration with existing security

Previous Next

Previous Next

DownloadDownload

RegisterRegister

SubscribeSubscribe

Previous Next

Previous Next

What impact will SDN have on network security?

31%

10%

11%

15%

1%

32%

Impact of SDN on Network Security


1

23

4

5

67

89

R5451012_SDN_Chart9

Networks will be much more secure

Networks will be somewhat more secure

It will have no impact on network security

Don’t know

Networks will be somewhat less secure

Networks will be much less secure



Figure 8



October 2012 15

technologies, are to be expected when imple-menting any new technology (Figure 9).

Some other challenges, such as the concernsover the vulnerability of the controller, areunique to SDN. For instance, if hackers were togain access to the SDN controller, they wouldhave the power to inflict significant harm. Thecounterargument is that it’s often easier to pro-tect one central device than it is to protect hun-dreds or thousands of decentralized devices.

Survey respondents do see the potentialfor SDN to benefit network security. Themost anticipated benefit is that SDN willmake it easier to apply a unified security pol-icy (Figure 10). The bottom line is that any ITorganization that is evaluating SDN needs toaddress security issues from the outset.

Be Clear About SDN ObjectivesWhen discussing SDN, it’s common for the

trade press and industry analysts to talk aboutits ability to better support the adoption ofprivate and/or hybrid cloud computing. How-ever, as Figure 7 shows, that cap ability isn’t astrong driver of enterprise adoption of SDN.

It is common, however, to have technologyadoption driven by different factors at differ-ent points in the adoption cycle. For example,the initial driver of server virtualization wascost savings. However, once IT organizationsbegan to implement server virtualization,

most of them found the agility that virtualizedservers provide became as important as thecost savings. In similar fashion, IT organiza-tions may well implement a software-definednetwork initially for cost savings or added se-curity and later expand that implementation

Previous Next

Previous Next

DownloadDownload

RegisterRegister

SubscribeSubscribe

Previous Next

Previous Next

What security problems do you associate with SDN?

SDN Security Problems

Lack of integration with existing security technologies

The controller scares me—if an attacker owns that, it's game over

More complexity, which always means less security

Functionality leveraging controller intelligence opens new attack surfaces

Inability to inspect every packet

It will hinder performance to such a degree that public cloud/SaaS use will increase

Other

None; it will help security

Note: Multiple responses allowedData: InformationWeek 2012 Software-Defined Networking Survey of 250 business technology professionals, July 2012

R5451012/11

44%

40%

38%

38%

20%

10%

2%

9%

R5451012_SDN_Chart11reports.informationweek.com


Figure 9



because it provides other capabilities.This example demonstrates that any IT or-

ganization considering SDN needs to be clearabout the value proposition of the technol-ogy and how that value proposition mightchange over time.

IT organizations also need to identify howdeploying SDN fits in with other IT initiatives.As the infrastructure architect notes, “No CIOis going to fund an investment in SDN with-out understanding how that fits into theircloud strategy.”

In another example, many IT organizationsare in the process of flattening their datacenter LANs. As part of that activity, most areevaluating the viability of eliminating Span-ning Tree Protocol. One way to do that is toimplement a protocol such as TransparentInterconnection of Lots of Links or ShortestPath Bridging. However, as previously men-tioned, it’s also possible to eliminate STP byimplementing an SDN controller that sup-ports the appropriate functionality.

The upshot is that an IT organization mustset realistic expectations with management

Previous Next

Previous Next

DownloadDownload

RegisterRegister

SubscribeSubscribe

Previous Next

Previous Next

What are the security benefits of SDN?

SDN Security Benefits

Ability to apply a unified security policy

Data security via transport encryption

Integrated and more granular access control

Additional points where security controls can be placed to address software/application security issues

Intra-hypervisor (VM-VM) packet inspection and firewall

Malware filtering

More situation- or application-aware security event logging details

Improved security appliance performance/throughput

DoS mitigation

Other

None; it will hurt security

Note: Multiple responses allowedData: InformationWeek 2012 Software-Defined Networking Survey of 250 business technology professionals, July 2012

R5451012/10

44%

32%

29%

28%

22%

22%

22%

17%

17%

4%

12%


FAST FACT

12%of respondents think

implementing SDN will

make networks less

secure; 31% say they just

don’t know.



Figure 10

October 2012 16



October 2012 17

about the benefits of SDN, how those bene-fits might evolve over time, and how SDNwill complement or support other major ITprojects and goals.

Money MattersGiven that IT believes the primary benefits

of SDN relative to the data center are reduc-ing cost and automating management andsecurity policy enforcement, it’s not surprisingthat those tend to be the selling points usedby IT organizations that have implementedSDN or intend to implement it (Figure 11).

However, it’s not clear that the expected costsavings anticipated with a controller-basedSDN model will appear. IT anticipates thosesavings in large part because dumbed-downswitches will be cheaper than conventionalswitches. But given the current state of themarket, the deployment of SDN won’t result inany dumbing down of switches and routersfor at least the next two years. That follows inpart because it will take a new generation ofmerchant silicon to build fully functional,highly scalable OpenFlow-enabled devices.

And even if fully functional OpenFlow de-vices were available, the vast majority of ITorganizations would adopt them over timeand most likely would implement them onlyin part of their infrastructure. That’s becauseIT organizations seldom swap out one infra-structure for another in a single move, par-

ticularly with a new technology.It’s also possible that the cost savings of

commodity switches will be eaten up by thecosts of centralized controllers. In fact, whenwe asked survey respondents to anticipatethe impact of SDN on switch and router mar-kets in 2015, the second-highest response, at

Previous Next

Previous Next

DownloadDownload

RegisterRegister

SubscribeSubscribe

Previous Next

Previous Next

What benefits did or will you use to “sell” SDN to the business?

SDN Selling Points

A more efficient and flexible network that speeds service delivery

Cost savings on hardware

Ability to apply QoS via traffic awareness

Ability to test new routing protocols

Other

We won’t even try; benefits are on the networking side

Note: Multiple responses allowedBase: 116 respondents at organizations with, or planning to have, SDN in productionData: InformationWeek 2012 Software-Defined Networking Survey of 250 business technology professionals, July 2012

R5451012/7

66%

36%

17%

50%

3%

4%

R5451012_SDN_Chart7



Figure 11



October 2012 18

18%, was that costs would simply shift to con-trollers and software (Figure 12).

In addition, some IT organizations are likelyto adopt SDN in a hybrid model, in whichsome control plane functionality is centralizedand the remaining functionality remains dis-tributed within switches. Depending on howmuch control functionality is centralized, thisscenario may not result in switches with sig-nificantly less functionality; in fact, this sce-nario may result in switches that require ad-ditional functionality.

The bottom line is that any cost savings thatmight result from adopting low-cost Open-Flow-enabled devices will take place over anumber of years, if at all.

Inhibitors to SDN DeploymentIT organizations that are evaluating SDN

need to understand the availability and scal-ability characteristics of the particular designsthey are evaluating.

One of the concerns with a controller-basedapproach to SDN is availability—that is, whathappens if the central controller goes down?

Another is scalability—how many packets, callsetups, processes or flows can one controllersupport? To respond to those concerns, manyvendors, including Big Switch, NEC and Vello,support a clustering of their controllers. Whilethat approach can mitigate availability andscalability concerns, it still leaves open what

happens if the network elements somehowlose their ability to communicate with thecentralized controller cluster. One network de-sign option that addresses this concern is toimplement a redundant link between thecontroller and each switch.

Another factor that limits the deployment

Previous Next

Previous Next

DownloadDownload

RegisterRegister

SubscribeSubscribe

Previous Next

Previous Next

Which of the following best describes your expectation of SDN’s effect on the switch and router market by 2015?

Expected Impact of SDN on the Switch and Router Market

Somewhat lower prices, less hardware differentiation, but same main players

The cost will just shift to controllers and software

Fewer proprietary features, emphasis on standards

Will reshuffle market leadership

Switches and routers will be a commodity; pricing landscape will be totally different

Switches and routers will be a commodity; vendor landscape will be totally different

Other

No impact; Cisco will figure out how to maintain its margins


22%

18%

16%

11%

7%

7%

1%

18%

R5451012_SDN_Chart13reports.informationweek.com


Figure 12



October 2012 19

of SDN is that there is no widely agreed-uponmodel for how SDN and OpenFlow-enablednetworks will interface with existing networkmanagement platforms and troubleshootingtools. IT organizations that are evaluating SDNneed to have a solid plan for how they’ll man-age and troubleshoot those networks.

We asked our survey respondents to indi-cate the primary inhibitors to their companyadopting SDN in the next two years. Their topthree responses reflect one of the centralthemes of this report: As is typical of any early-adopter market, the development and imple-mentation of SDN is characterized by imma-turity and confusion. The top response, at41%, was the immaturity of current products(Figure 13). However, the second-highest re-sponse, at 32%, was “confusion and lack ofdefinition in terms of vendor strategies.”Given that there are several technological ap-proaches that can claim to be software-de-fined networking despite significant differ-ences among the approaches, such confusionis understandable.

That confusion is echoed in IT organizations.

For instance, the infrastructure architect saysthe lack of education is a major barrier to theadoption of SDN. “We don’t know a lot aboutSDN and what its benefits are.”

Interoperability is also a concern. He says he

would like to see some form of certification sothat if he were to acquire an SDN controller,he would know what switches, and what codeversions, it worked with.

At present, any IT organization that tries to

Previous Next

Previous Next

DownloadDownload

RegisterRegister

SubscribeSubscribe

Previous Next

Previous Next

24%

Imm

atur

ity o

f cur

rent

pro

duct

s

Conf

usio

n an

d la

ck o

f def

initi

on in

term

s of v

endo

rs’ s

trat

egie

s

Imm

atur

ity o

f ena

blin

g te

chno

logi

es

Othe

r tec

hnol

ogy o

r bus

ines

s prio

ritie

s

Lack

of r

esou

rces

to e

valu

ate

SDN

Conc

ern

that

the

tech

nolo

gy w

ill n

ot sc

ale

to su

ppor

t en

terp

rise-

class

net

wor

ks

Wor

ry th

at co

st to

impl

emen

t will

exc

eed

ROI

We

don‘

t see

a co

mpe

lling

valu

e pr

opos

ition

Lack

of a

criti

cal m

ass o

f org

aniza

tions

that

hav

e de

ploy

ed SD

N

Conc

ern

that

maj

or n

etw

orki

ng ve

ndor

s will

der

ail S

DN b

y ad

ding

pro

prie

tary

feat

ures

Not s

ched

uled

to h

ave

a ne

twor

k te

chno

logy

refre

sh

in th

at ti

me

fram

e

Othe

r

No in

hibi

tors

to im

plem

entin

g SD

N

We’

ve a

lread

y im

plem

ente

d SD

N

Which of the following are the top inhibitors to your company adopting SDN in the next two years?

Barriers to SDN Adoption

Note: Three responses allowedData: InformationWeek 2012 Software-Defined Networking Survey of 250 business technology professionals, July 2012

R5451012/8

41%

32%

25%

23%

22%

18%

18%

14%

13%

11%

2%

4%

2%

R5451012_SDN_Chart8



Figure 13

FollowFollow

Follow

TweetTweet

LikeLike

Follow

ShareShare

Next

FollowFollow

Follow

TweetTweet

LikeLike

Follow

ShareShare

Tweet

Next

FollowFollow

Follow

TweetTweet

LikeLike

Follow

ShareShare

Next

Like This Report?

Share it!



http://www.linkedin.com/shareArticle?title=Understanding+Software-Defined+Networks&mini=true&url=http://reports.informationweek.com/abstract/6/9044/Data-Center/research-understanding-software-defined-networks.html

http://twitter.com/home/?status=Understanding+Software-Defined+Networks+http://twb.io/SsBVzR @IW_Reports

http://www.facebook.com/sharer/sharer.php?u=http://reports.informationweek.com/abstract/6/9044/Data-Center/research-understanding-software-defined-networks.html&t=Understanding+Software-Defined+Networks+SDN&src=sp

October 2012 20

take an SDN controller and connect it to threeor four vendors’ OpenFlow switches would ei-ther fail or would, at a minimum, spend a lotof time and resources working with the ven-dors to make those devices work together be-cause the OpenFlow protocol is still so new.

Call to ActionThere are relatively few players in the IT in-

dustry making the argument that SDN isready for broad deployment in production

networks. As such, SDNis not encumbered bytoo much hyperbole.However, given themarket research pre-sented in this report, itis clear that SDN isshrouded in confusion.

IT organizations need to disperse this confu-sion to better understand SDN and to establisha strategy—even if that strategy is to do noth-ing relative to SDN for the foreseeable future.We offer a set of considerations to help guideyou in creating that strategy.

> Start with a firm definition of whatSDN means to the organization. This in-cludes taking a position relative to whetheror not they want to implement an SDN thatfeatures:

>> Direct programmability of switches androuters, which in most cases will be ac-complished by leveraging software cre-ated by a third party

>> Separation of the control and forwardingplanes using OpenFlow for communica-tions between them

>> Separation of the control and forwardingplanes using something other than Open-Flow for communications between them

>> An overlay network>> Other approaches and technologies> Define the use cases that justify deploy-

ing SDN, whether to solve problems or addvalue. Analyze alternative ways to solve thoseproblems or add that value and recognizethat the use cases may change over time.> Keep an eye on SDN adoption in the

market and SDN’s technological maturation.This includes analyzing the items mentioned

in the preceding section (e.g., the stability ofOpenFlow and of the northbound APIs).> Identify how extensive the implemen-

tation of SDN will be, both initially and overthe first couple of years. For example, will theimplementation just include top-of-rackswitches or will it include core switches? Willit include L4 to L7 functionality, such as loadbalancing or protection against DOS attacks?> Decide whether any of the control

functions that have historically been done inswitches and routers will be done in SDNcontrollers.> Analyze how the deployment of SDN

fits in with your existing infrastructure as wellas with other IT initiatives in progress. > Review vendors’ SDN strategies and of-

ferings and identify one or more viable SDNdesign. This includes understanding the risksand rewards of acquiring pieces of SDN fromdisparate vendors vs. trying to acquire all ormost of the system from a single vendor.> Determine whether the IT organization

will write applications itself to take advan-tage of SDN. If so, what has to happen within

Previous Next

Previous Next

DownloadDownload

RegisterRegister

SubscribeSubscribe

Previous Next

Previous Next



As is typical of any early-adopter

market, the development and

implementation of SDN is marked

by immaturity and confusion.



October 2012 21

the organization to enable that capability?> Identify and analyze commercially avail-

able applications that take advantage of SDN.> Evaluate the availability and scalability

characteristics of the particular SDN designsthat are under consideration. > Understand how your IT organization

can provide a sufficient level of security forthe controllers.> Assuming that your IT organization is

interested in OpenFlow, decide whether toimplement OpenFlow-only switches or hybridswitches that support OpenFlow and tradi-tional networking.> Understand how the IT organization

will manage and troubleshoot its SDN deployment.> Evaluate publicly available reports on

interoperability testing.> Test the SDN designs and use cases that

are under consideration.> Analyze how the intended imple -

mentation of SDNwould impact the currentnetworks.> Draft a plan for how your IT organiza-

tion will minimize and mitigate the risks as-sociated with implementing SDN.> Develop a program to get manage-

ment buy-in. This includes getting fundingas well as the buy-in from any other organi-zation that will be directly impacted by thedeployment of SDN.

Previous Next

Previous Next

DownloadDownload

RegisterRegister

SubscribeSubscribe

Previous Next

Previous Next





October 2012 22

Previous Next

Previous Next

DownloadDownload

RegisterRegister

SubscribeSubscribe

Previous Next

Previous Next


reports U n d e r s t a n d i n g S o f t w a r e - D e f i n e d N e t w o r k s

APPE

NDIX Which of the following best describes your job title?

5%7%

8%

33%

7%

32%

8%

Job Title


1

23

4

5

67

89


Executive IT management (C-level/VP)

IT director/manager

Other

Consultant

Line-of-business management

Non-IT executive management (C-level/VP)

IT/IS staff

Table of Contents

Figure 14



October 2012 23

Previous Next

Previous Next

DownloadDownload

RegisterRegister

SubscribeSubscribe

Previous Next

Previous Next

What is your organization’s primary industry?

Industry

Construction/engineering

Consulting and business services

Education

Electronics

Financial services

Government

Healthcare/medical

IT vendors

Manufacturing/industrial, noncomputer

Media/entertainment

Retail/e-commerce

Telecommunications/ISPs

Utilities

Other


2%

11%

7%

2%

9%

12%

10%

10%

10%

2%

4%

8%

2%

11%




Figure 15



October 2012 24

Previous Next

Previous Next

DownloadDownload

RegisterRegister

SubscribeSubscribe

Previous Next

Previous Next

Which of the following dollar ranges includes the annual revenue of your entire organization?

8%

14% 10%

17%

7%

11%8%

13%

12%

Revenue


1

23

4

5

67

89


Less than $6 million

$6 million to $49.9 million




Don’t know/decline to say

Government/nonprofit

$1 billion to $4.9 billion

$5 billion or more



Figure 16



October 2012 25

Previous Next

Previous Next

DownloadDownload

RegisterRegister

SubscribeSubscribe

Previous Next

Previous Next

Approximately how many employees are in your organization?

20%8%

8%

20%

8%22%

14%

Company Size


1

23

4

5

67

89


Fewer than 50

50-99

100-499

500-999

10,000 or more

1,000-4,999

5,000-9,999



Figure 17



SubscribeSubscribe

Newsletter

Want to stay current on all newInformationWeek Reports? Subscribe to our weeklynewsletter and never miss a beat.

October 2012 26

Previous


reports U n d e r s t a n d i n g S o f t w a r e - D e f i n e d N e t w o r k s

MOR

ELIKE THIS

Want More Like This?InformationWeek creates more than 150 reports like this each year, and they’re all free toregistered users. We’ll help you sort through vendor claims, justify IT projects and implementnew systems by providing analysis and advice from IT professionals. Right now on our siteyou’ll find:

Strategy: OpenFlow vs. Traditional Networks:We look at the pros and cons of OpenFlowand SDN and how they stack up with existing options to simplify networking.

IT Pro Ranking: Data Center Management: Three hundred fifty-seven IT pros weighed into rank 10 data center management products. EMC’s Unified Infrastructure Manager earnedthe highest score for both overall performance and data center management features.VMware and Cisco both tied for the second spot in overall performance. On the featuresfront, Cisco, VMware and IBM all earned scores of 77%, just two points behind EMC. Othervendors evaluated include HP, Microsoft, Oracle and Symantec.

Fundamentals: Understanding Flat Networks: A flat network or fabric provides morepaths through the network and can maximize bandwidth and better support a highly virtu-alized data center. We’ll look at standards-based approaches to designing a flat network, in-cluding TRILL and SPB, as well as proprietary vendor implementations. We’ll also discuss theimplications of moving to a flat network, and provide guidance to help you decide whetherthis approach is the right one for your data center.

PLUS: Find signature reports, such as the InformationWeek Salary Survey, InformationWeek500 and the annual State of Security report; full issues; and much more.

Table of Contents



http://reports.informationweek.com/abstract/6/8638/Data-Center/strategy-openflow-vs-traditional-networks.html?cid=iwrpdf_rltd_545sdn

http://reports.informationweek.com/abstract/6/8994/Data-Center/it-pro-ranking-data-center-management*.html?cid=iwrpdf_rltd_545sdn

http://reports.informationweek.com/abstract/6/8687/Data-Center/fundamentals-understanding-flat-networks.html?cid=iwrpdf_rltd_545sdn

http://links.techwebnewsletters.com/servlet/SignUpForm?f=491839


http://reports.informationweek.com/profile/registration.html

understanding sdn

Documents

sdn adoption22 figure

sdn13 figure

openflow10 figure

industry24 figure

points18 figure

planes9 figure

revenue25 figure

sdn14 figure