At a recent trade show, someone referred to me as a software-defined networking veteran. This struck me as odd, because I’ve only been talking about SDN for five years, but also as being true — because I’ve been studying it for five years. I started speaking about this technology because it was so clear to me that within the next 10 years, we were going to be provisioning and managing networks through SDN.
Logical networks were going to be just as important as physical networks. It was going to be a slow-moving train, but once it picked up speed, there would be no stopping it. Some recent innovations have led me to believe that we are on the cusp of the next big jump to mass adoption of SDN.
SDN’s Early Draw: Microsegmentation
In my work with CDW’s Technical Innovation Group, we discovered that our early adopters are looking to SDN for security. We analyzed our existing SDN customers who have adopted it and discovered that more than half come from the retail, manufacturing, healthcare or finance verticals. If you look at those verticals and what they all have in common, it’s the need for compliance. Due to their additional security needs, they adopted SDN through the use of Cisco ACI or VMware NSX, and sometimes both. These verticals are all typically risk-averse, which means that they were early adopters because of the need for additional security and microsegmentation.
Microsegmentation is just one use case — the other is automation. Servers and storage have been automated via virtualization for years; SDN automates the network. Then you overlay orchestration and you have a true self-service private cloud. You can combine that with your public cloud, using Cloud Center or other technologies or ACI Anywhere, then you have the utopia, which we’re all trying to get to — a true hybrid cloud, with a mix of public cloud, private cloud and portability.
SDN Phase 2: Orchestration and Automation
Now we’re moving into that second phase of SDN adoption, where more customers are purchasing ACI or NSX. They are wanting the application dependency mapping (ADM) that SDN delivers through white list microsegmentation. ADM is required to understand how applications communicate with each other. Our customers are using Tetration or vRNI to get insight into their application dependencies.
The two main providers in the SDN space, VMware and Cisco, are always innovating. The use case for Cisco’s Tetration goes way beyond ADM. I think Tetration is one of the best products to come out in a long time as far as security and the data center are concerned.
Tetration’s Big Value
The original product was a 39RU cluster with sensors placed on network devices and endpoints to provide visibility. The network is the only part of your entire IT Infrastructure to have visibility into every single packet. The sensors on the network collect information from the header of the packets; they can reconstruct which applications are talking to which other applications, and they can do that in near real-time.
That’s the big differentiator — the cluster does near real-time analytics. As soon as you have that set up, the first reaction when the customer looks at the chords, which show how applications are communicating with whichever other application, is “oh dear.” This is the first time they are seeing that they have outliers, they have all kinds of traffic that could be indicating breaches or threats that were completely invisible before. Regardless of the SDN platform, that information can then be used for application dependency mapping, and that is incredibly powerful.
Tetration can keep your information for up to a year, so you can rewind and look at what took place on the network. If you want to enforce policy, you can model the policy without enforcing it initially to determine what impact that new policy will have.
You can model moving an application to a public cloud. Tetration will show what traffic would travel back to your data center due to ADM, and you can decide whether that is a smart move or not.
It’s just incredibly powerful. Today there are five form factors for Tetration. The newest, Tetration Software as a Service, is very popular. The sensors are installed onsite and via the subscription; the analysis is done in near real-time on the cluster at Cisco.
SDN is a technology on the rise. As we get more advances in the technology, we will start to see a clear difference in the operations of networks that run on SDN and those that don’t. The sooner your organization can make this jump, the quicker you’ll be able to take advantage of all the benefits SDN offers.
This blog post brought to you by: