Network Management Automation: The First Step Toward SDN
Unless you live under a rock, if you work in IT, you’ve heard of software defined networking (SDN). The question, however, is are you ready for it? If your answer is anything less than yes, it’s time you start preparing.
While SDN may still be in its infancy in the grand scheme of things—most companies who have started exploring it are still testing in lab settings with almost none truly using it in production today—it is nonetheless set to become mainstream over the next several years. In fact, according to a report published by Transparency Market Research, the global SDN market will be valued at $3.52 billion by 2018.
This all begs two questions:
- Why is SDN so important?
- What is the best way to get started down the path toward SDN?
Why is SDN important?
At its core, SDN is the ability for the network to detect changes in data flow and be able to reconfigure itself. In other words, the path data takes through a network is managed by a software-based “control plane,” which communicates to all devices on the network to spontaneously change elements like best path, quality of service and permitted data types.
In addition to the obvious efficiency benefits, SDN is important because, quite frankly, the increasing speed of business won’t allow network administrators to continue managing networks with current strategies—where changes to production networks are done at least semi-manually and are fraught with risk from both mistakes and misunderstandings. The old approach simply will no longer be effective in a world where everything else, from servers to storage to the applications themselves, is virtualized.
Furthermore, many companies have implemented all manner of ways to capture and analyze their data; after all, data is one of a company’s most valuable asset. In an advanced scale computing environment such as a real-time data analytics or big data setting, SDN plays a tremendous role. SDN allows the network to regulate and reconfigure itself according to everyday activities, and with big data entwined into the network as well, IT pros will be able to focus on classifying and quantifying the volume and velocity of the data on the network to contribute to their business, instead of managing daily minutiae.
What is the best way to get started down the path toward SDN?
While there are probably countless “correct” answers to this second question depending on what the questioner really means, what I am alluding to is, how does one actually start to put SDN ideology into production today so as to prepare for full SDN implementation tomorrow? The answer, or at least one answer, is network management automation.
To explain, let’s use the specific example of configuration management automation as our first use case.
Traditionally, devices are provisioned (i.e., set up with a configuration) manually, placed on the network and that configuration is then adjusted if and only if a problem is detected. But imagine if any infrastructure device that is placed on the production network is automatically shunted to a networking no man’s land—you can do this today by leveraging VLAN0 and a basic set of rules. Then imagine that this no man’s land is scanned frequently for new arrivals. Finding one triggers an alert action that runs a script that attempts to connect to the device using default information. Failure to connect creates a ticket for a human to intervene. However, in many—perhaps even most—cases, the connection attempt will succeed and a basic configuration will be pushed to the device as well as changes to the infrastructure to allow that device on the production network. Follow up actions would then place this new device under monitoring, possibly with a higher frequency for the first week as the device “settles in.”
In this case, very little manual intervention is needed—besides racking and stacking—and correct configuration is virtually guaranteed.
Let’s move on to a second use case.
Let’s say that during the initial phase of monitoring, you leverage NetFlow and deep packet inspection to discover that the aforementioned device is being used to access cloud-based services, as well as being a connecting point for users to receive video data. A second alert trigger can push out a specific set of access control lists (ACLs) to lock down cloud destinations, and a traffic shaping template can be implemented so that video data is given a higher quality of service (QoS) rating.
Let’s now consider one final use case.
Say an unexpected change is made to the device’s configuration. This is detected by the same configuration management tool that pushed out the initial configuration in the first place. However, in this case, it can also be used to either push the “known good” configuration, or place the device in a quarantined state until an actual person can investigate.
What should be obvious in these use case examples is that overall, the goal of network management automation is to employ the smaller, more specialized tools available to gather insights about networks. The pieces of this puzzle are:
- Configuration: Back-up, compare and deliver all or part of the configuration for the device
- Availability: Visibility into the space on boxes, interfaces, disks and applications
- Bandwidth: Watch for spikes in activity
- NetFlow: View the flow and types of data from sender to receiver
- Deep packet inspection: Monitor the source and destination of “conversations” on the network, evaluating for usage (cloud, database, video, risky, etc.), as well as user experience (is it fast or slow; and is a perceived slowness due to network- or server-based causes?)
SDN implementation is likely to change radically in the future. In fact, the few choice vendors on the market today have already pivoted dramatically over the last 12-18 months. What can be said about SDN, with any level of confidence, is that while the future is quite unknown, the movement will require new on-premises hardware, new wireless controllers, routers and switches, and even new storage infrastructure. This need is particularly palpable in advanced scale computing scenarios such as real-time data analytics environments. SDN will also require new ways of thinking about networking. While the hardware doesn’t exist today, you can get a jump right now on the new thought processes required because the tools already at your disposal not only allow it, they encourage it.
In short, SDN will require an evolution of your approach, methodology, and skillsets, potentially morphing into a DevOps-like culture. Time will tell, but for now, network management automation is a good first step.
Leon Adato is a Head Geek and technical evangelist at SolarWinds, and is a Cisco® Certified Network Associate (CCNA), MCSE and SolarWinds Certified Professional.