Forrester analyst Andre Kindness says a lot of clients ask him how they should think about software-defined networking (SDN), which has been heralded for years as the next great thing in the industry.
SDN – which is an architecture approach, not a specific product - has traditionally been thought of as virtualizing data center networks. This typically means separating the management of the control plane of network devices from the underlying data plane that forwards network traffic. Using a software-defined system to control this disaggregation brings many benefits, including increased network management flexibility and being able to more easily implement fine-grained security policies.
But Kindness says too often network operators think about SDN with too narrow a focus. There’s been an evolution in the SDN market in recent years, driven by increased demands on the network. To meet these new challenges the underlying technology that powers SDN has been applied to other areas of networking. “The network in the data center isn’t an isolated domain,” Kindness explains. “How does it interact with public cloud, how are branch offices being connected to, what does the world of IoT mean for the network? It’s all part of this new modern network.”
SDN emerged in the early 2010s out of necessity, says IDC networking analysts Rohit Mehra and Brad Casemore. Many networks of today were designed for client-server applications running on non-virtualized infrastructure. “Virtualization, cloud, mobility, and now the Internet of Things (IoT) have exposed the limitations of traditional network architectures and operational models,” Mehra and Casemore wrote in their SDN Forecast published in 2016. “By now, SDN has advanced beyond its adolescence and early euphoria and has settled into early adulthood as something of a known commodity. It's not so much the next big thing on the networking horizon as much as it is a reality and inevitability for enterprises and service providers worldwide, even for those who've yet to embrace it.”
VMware’s 2013 purchase of Nicira was considered a seminal moment in the SDN industry and launched the virtualization giant into becoming a networking vendor. Today, VMware’s NSX SDN product is based off that technology. Cisco’s Application Centric Infrastructure is the basis for its SDN offering. Many other companies, such as Juniper and Arista have their own SDN offerings too.
IDC estimates the SDN market has grown from a $406 million industry in 2013 to more than a $6.6 billion market in 2017. IDC predicts the SDN market will continue to grow at a 25.4% compound annual growth rate to $13.8 billion by 2021. IDC estimates that SDN is emerging out of the early adopter and into the early mainstream stage of its development.
A 2017 survey by Network World of 294 networking professionals found that 49% are either considering or actively piloting an SDN implementation; 18% have an SDN installed already. IDC has identified a handful of leading use cases for SDN today.
Maximizing investments in server virtualization and private cloud - Mehra and Casemore say that too often the network prevents organizations from realizing the maximum value of an advanced server virtualization or private-cloud deployment. If an organization can automatically create, provision, migrate and decommission VMs, having a manually controlled network that needs to set up virtual local area networks (VLANS) or other network settings will become a bottleneck.
Enabling network programmability - Some forward-leaning organizations are embracing the opportunity to programmatically control network resources, which vendors are increasingly enabling in their products. Using a management platform through a command line interface (CLI) or application program interfaces (APIs) enables increased automation of network management tasks such as creating and deprovisioning of networks and coordinating security and use policies. Having centralized SDN-control software manage the network can also help with network visibility and analytics because it has a view into the entire network environment.
Security -One of the major benefits of an SDN implementation is that it allows software-based security tools to be installed and managed more easily on “east-west” server-to-server traffic within a data center. In an SDN environment, network administrators can more easily install virtual firewalls, encryption tools and network monitoring services to protect this intra-data center traffic.
Future use cases
While thus far many SDN deployments have focused on data center networks, Kindness, the Forrester analyst, says the future of SDN will be defined by how this technology is used outside of the data center.
A variety of factors that will continue to put pressure on network operators including the increased use of public cloud computing; the onslaught of network traffic created by the Internet of Things; the continued proliferation of a mobile workforce and an ever-increasing number of distributed branch locations. Kindness says SDN will play a role in shaping the next-generation of networks for each of these use cases. There’s already evidence of this in real-world usage:
SD-WAN - Software-defined Wide Are Networking (SD-WAN) is the use of a software management platform to control access to an organization’s remote or branch offices. Typically in the past customers would have a single connection to their branch offices, but SD-WAN enables companies to aggregate multiple types of network connections into a branch office and have a software management platform that enables high availability and can automatically prioritize traffic. SD-WANs can save on a customer’s capital expense of installing expensive customized WAN acceleration hardware by allowing them to run a software overlay on less-expensive commodity hardware. IDC expects SD-WAN could become a $6 billion market by 2020.
Microsegmentation - Increasingly SDN deployments are being used not just to implement software-based security products, but also to implement microsegmentation. In this use case, a customer can split up a network connection between an end user and the data center, and have different security settings on the various types of network traffic. A network could have one public-facing, low security network that does not touch any sensitive information. Another segment could have much more fine-grained access control with software-based firewall and encryption policies on it, which allow sensitive data to traverse over it. Theoretically, if a bad actor gets access to the public-facing network, there would be no way for them to access the secure segments of the network.
Internet of things management - Increasing numbers of connected devices means a deluge of network traffic. SDN proponents claim a software-based network-management overlay can help prioritize traffic and conduct analytics on the type of traffic on the network.