We would like to keep you up to date with the latest news from Digitalisation World by sending you push notifications.
Digital Newsletter
Each week our editor Phil Alsop rounds up the most popular articles, videos and expert opinions. We compile this into a Digital Newsletter and send it straight to your inbox every week.
Digital Magazines
We'll let you know each time a new edition of Digitalisation World is released so that you're always kept up-to-date with the latest and greatest news and press releases.
Video Magazines
The Digitalisation World Video magazine contains the latest Zoom interviews with experts in the industry.
IN THE MIDST OF ALL OF THESE CHANGES, the way networking has been implemented has remained fundamentally unchanged, even though network speeds have increased and the protocols that are used to keep the network operational have evolved. The network today is still run as a set of interconnected devices – each of which operate as individual entities having their own local control plane and forwarding (or data) plane. The control plane determines where traffic is to be sent, and the data plane takes care of forwarding the traffic at very high speeds and progressively lower latency.
Both the control plane and the data plane are co-resident on each networking device, making the large network a complex distributed computing problem that has to respond and react to dynamic changes at very high speeds and with large traffic volumes. To compound the challenge further, each networking component or attached device has only a partial view of what is going on in the network and piecing together the whole picture becomes a complex exercise.
Managing networks in an SDN World
Software-defined networking (SDN) breaks apart the traditional network switch/router/appliance by abstracting the control plane and centralising it at a controller, while leaving the data or forwarding plane on the individual network switches. This brings operational simplicity by not having to manage every switch/router individually, but rather use the controller as the central point of management and control. However, it brings about a new set of challenges that will need to be addressed through increased traffic based monitoring solutions.
In a large SDN deployment, ensuring all devices in the deployment stay synchronised with the controller can be a challenge. The state information associated with a large number of devices and centrally maintained at the controller may get out of synchronisation. This can be due to a variety of factors such as latency issues between the controller and the devices and packet loss in the network. In order to rapidly detect and correct such situations, it will be necessary to monitor traffic from the network switches and ensure that the network is performing as expected and within the bounds of what is considered normal.
Further, being able to correlate network traffic activity to what the controller expects the network switches to be doing is going to be a critical aspect of ensuring the success of SDN deployments without which it will become exceedingly difficult to troubleshoot and root cause problems in SDN deployments. In fact, being able to provide a closed loop solution where a set of “always-on” network traffic based monitoring solutions are constantly monitoring and auditing for anomalies may be necessary, both for optimal performance as well as rapid troubleshooting. In other words traffic based visibility will need to become an integral part of the SDN deployment in order to ensure its success.
The adoption of new technologies like VXLAN and network virtualisation also makes it challenging for packet based analysis tools for a few reasons. They add additional packet header information which tools are unable to recognise easily and, in many cases, network virtualisation technologies like VXLAN tend to be hypervisor oriented technologies i.e. the tunnel encapsulation/origination and termination may occur within the hypervisor making the physical network completely unaware of when tunnels and virtual overlays are being created and torn down.
These types of issues require new types of traffic analysis tools that enable correlation and troubleshooting of issues in both the physical underlay, as well as the virtual overlay networks. Serving up the traffic to the tools in a form that the tools can understand will become an important piece of the monitoring solution. This type of functionality can readily be done in a visibility fabric which can serve up traffic to the tools from both the logical overlay and the physical underlay, along with normalising the traffic to what the tools can decipher. (A visibility fabric is a solution that delivers traffic from the production network, to the tools that are used to monitor and manage the network, and along the way perform traffic optimisation functions such as stateful de-dupliction, or flow record generation, to help offload tools).
Monitoring the dynamic IT infrastructure enabled By SDN
In environments driven by user or application mobility, even though SDN may dynamically reconfigure and adapt the network, for example using VXLAN, the actual performance of the application will depend on various conditions such as network congestion, server performance and storage latencies. In a more traditional static network environment, one could more easily engineer and predict the performance based on application requirements and network speeds at that location.
Additionally, tools could be inserted at very specific tap points in the network to monitor traffic related to specific applications. However with applications moving dynamically from server to server, and the network getting dynamically reconfigured through SDN, it becomes very hard to engineer and predict performance and user experience since the dynamic instantiation of overlays fundamentally changes the effective topology and connectivity of applications, compute and storage. Having traffic based monitoring tools becomes critical in these environments to constantly – and in real time – evaluate how the applications are performing.
Unlike the traditional model, tapping at specific locations to insert monitoring tools no longer works, as the traffic for that application may no longer be visible at that tap point if the application has moved. As such, the need to tap and deliver traffic to analysis tools almost becomes ubiquitous across the SDN deployment. In such environments a visibility fabric that can ubiquitously and pervasively deliver traffic from across the network to a set of centralised tools that rely on traffic based analysis becomes an effective approach and indeed almost a requirement to enabling instrumentation.
Securing the dynamic world enabled by SDN
Security is a challenge in the dynamic environments that SDN enables. With users, devices and applications moving almost at will, and the network being dynamically reconfigured through SDN, addressing security, compliance and auditing becomes a challenge.
Pinpointing the source of security threats in such a highly mobile environment requires not only rapid detection, but also location awareness of traffic and traffic sources, along with a comprehensive network-wide view of who is accessing the network, what is the user, device or application doing on the network, where is the network being accessed from, along with knowledge of when the network is being accessed. This will require enhanced traffic based analysis (both flow and packet based) and once again with almost ubiquitous coverage across the network.
As the applications of SDN take on broader deployment use cases and scenarios, one thing is clear; the fundamental nature of how networks are architected and deployed will change, enabling dynamic on-demand networking, greater policy based control, and an increased interaction across departmental silos.
The need for traffic based visibility solutions in such environments, along with increased correlation of traffic with controller policies and state will become an integral part of any successful SDN solution.
