Pair SDN with cloud for more efficient network management

Software-defined networks (SDNs) remove the limitations associated with network hardware so you can build useful, responsive network infrastructures. While the potential benefits of SDNs for on-premises systems are well established, you can gain a huge advantage by deploying these in the cloud as well.

Using a hybrid SDN and cloud design approach can provide a savvy IT manager with the cost-effective agility needed to be responsive to the organization's infrastructure needs while also providing them with the ability to proactively address key security issues. This article looks at how to pair SDNs with public cloud deployments and whether your organization is ready for that step.

Ovum Decision Matrix for Multicloud and Hybrid Cloud Management 2018-19

SDN: What is it?

Think of SDN as the “software-ization” of infrastructure and a key part of a software-defined data center. In an SDN, you detach the network hardware from the networking software and replace complex, physical hardware devices with changeable layers of software. SDNs decouple the software control panel from the forwarding hardware of nodes—such as routers and switches—and executes the control software either in a local server or in the cloud. The value of SDN is that the network can dynamically reconfigure in response to the needs of specific applications.

By extending SDN to the public cloud, software-defined network operators could, for example, upload and execute networks and services on public cloud platforms anywhere in the world.

This might represent a disruptive evolution of the business toward operational, expense-centric models, which are typical of the cloud, and could push public cloud services so that they assume functions that used to exist on traditional data center hardware. Ultimately, the more your network dynamically changes, the more value you’ll extract from using SDN in the cloud.

The distinction between the network and the cloud is likely to disappear, as increasingly more functions will be performed either in the network or in the cloud. The location used will depend upon the network's performance requirements and cost efficiencies; cloud leads the way in both.

Users will make their choice based on the orchestration capabilities of SDN. Indeed, orchestration is the key factor for success when dealing with the complexity of an infrastructure that executes millions of software transactions and thus has the ability to link SDN directly with applications. The coupling of the SDN to the application is also likely to be a key benefit and driver for users to adopt both SDN and SDN in the cloud.

SDN: What's in it for you?

Key values associated with deploying SDN include cost efficiency and application optimization. Networking operations have considerable capital expenses as well as operational expenses. SDN lets you avoid some CapEx expenses and shift to a more OpEx-centric model.

With traditional network architectures, enterprises must buy new network devices every few years. But with SDN, organizations can transform many of the services provided by hardware into software-delivered services. Adopting SDN addresses these seemingly bottomless capital expenses by removing networking functions from dependence on any single physical device and offers users the opportunity to move the SDN into the cloud to save even more money and increase overall network efficiency.

Using software to define the network gives users the ability to make the network more dynamic. This includes adding auto-configuration services that can dynamically adjust to each application. In an SDN, control is programmable, which gives administrators more power than is possible with static routing. Static routing is not application-dependent and can be nearly impossible to change on the fly in response to the needs of the application. Let's say you have a data-intensive application that uses a large amount of network bandwidth. The SDN can reconfigure itself on the fly based on the changing needs of this particular application. It can reconfigure itself yet again to best accommodate the needs of other applications, some of which may have different network requirements.

SDNs also equip users with the ability to provide better and more dynamic security and governance. As security threats are detected, the SDN can dynamically update itself to protect against those threats: Security administrators no longer need to install patch after patch. Many recent security breaches, such as the recent Home Depot incident, cost companies millions of dollars to remediate, as well as damaging the brand. Most breaches can be traced back to bad practices in updating network switches and hubs to protect against new, but known, vulnerabilities.

The cloud can play a key role in hardening network security, because public clouds are centrally managed by an operations staff who are typically more aware of security issues than are other types of IT professionals.

Network security professionals can update SDNs running in the cloud to expressly eliminate potential threats and vulnerabilities. 

This eliminates the need for an enterprise network security administrator to attend to these types of issues that would typically require the constant stopping and updating of the network.

Governance is also much easier, since an SDN allows administrators to place policies dynamically on network functions. Network governance can be integrated with other governance layers, such as services and/or APIs and data, and governance systems can then work together with tight integration between security, data, application, services, and the network to ensure that network users and network services are authorized and all proper limitations set by policies have been imposed. This might include the ability to set limitations by way of policies concerning the time of day when a specific API can be invoked and by whom the policy can be triggered.

SDNs also provide elastic capacity. Although this is a great feature when an SDN runs on owned hardware, the larger benefit occurs when you operate SDNs in public clouds. Because public clouds provide auto- and self-scaling capabilities, an SDN can automatically allocate more logical servers to support increasing network loads. Users need never worry about network scalability as long as the SDN services run on a public cloud platform.

Creating your SDN and cloud strategy

Placing an SDN in the cloud requires a lot of initial planning, and you should undertake it with the understanding that the infrastructure you build needs to change dynamically. This is not a static network that you will update infrequently or change only when it’s non-operational; frequent updates and changes in the midst of operations are commonplace on an SDN.

For planning an SDN that will exist in the cloud, you need to:

  • Research public cloud providers that can accommodate an SDN delivered from their cloud. For the most part, you’ll do the migration and own those SDNs in a third-party cloud service. You can use some public cloud services directly, such as Amazon's EC2 and S3. By adopting this approach you'll make network and security services—such as firewalls, load balancing, and content delivery network (CDN) services—available on top of the infrastructure. You can create these services to run on EC2 virtual machines on a per-tenant basis to accommodate self-service, service selection, and insertion. SDN will likely eventually be a common cloud service offered by most public cloud providers.
  • Understand the needs of your applications, including how networking services will be required and how much networking services will be required. The value of SDN and SDN in the cloud is that the network can dynamically reconfigure to accommodate specific applications' needs. If you don't understanding those needs, it will be difficult or impossible to correctly define the SDN for auto-configuration. This includes defining the network for other programmatic services used to alter the network for performance, security, response time, and other application needs. The more the network dynamically changes, the more value you’ll extract from provisioning SDN in the cloud.
  • Define your approach. You have choices in how to deploy an SDN: public, private, or hybrid. Private means the SDN runs entirely on your hardware residing within your data centers. Because you’re running a traditional SDN, you don’t have the benefits associated with using a public cloud platform, such as scalability and cost efficiency. In some instances, specific system requirements make SDNs running privately the best choice. Public means that the entire SDN sits within a public cloud, with the benefits previously mentioned. In hybrid settings, the SDN resides partially on the public cloud and partially in the private data center. Sometimes this is the best approach to take. Organizations such as startups, for example, may want to conserve capital but also need the services of an SDN. This allows you to place the applications closest to the network that's needed, providing better performance in some cases. This approach works well with “chatty” applications that require more bandwidth and faster response times, such as those that are constantly pushing and pulling information from a remote database.
  • Define your migration plan, including testing and operations. Your plan to migrate current network services to an SDN in the cloud will be the most complex part of this process. You'll need to define how the applications will leverage network services in the cloud and how those services will be tested in terms of performance, functionality, security, and so on. And you'll need a detailed operations plan that defines how your team will manage the SDN over time, including staff roles and responsibilities.

Are you ready for SDN + cloud?

SDN is still a relatively new option for updating and modernizing your on-premises network. It enables users to leverage the public cloud, making the SDN more responsive and less expensive to operate. This both revolutionizes the way that we do networking and makes networking solutions application-aware.

The dynamic linking of applications within the SDN network comes with so many benefits that it’s impossible to ignore the value. Unlike other new software-defined innovations that come with varying degrees of returns on investments, deploying SDN in the cloud is a solid "win" for any enterprise. However, for successful implementation, you'll need to have a deep understanding of your network and engage in some thoughtful planning before starting the process.

Hybrid Cloud: New Challenge For Monitoring Solutions