In the last few years the terms Software-Defined Network (SDN) and Network-Function Virtualization (NFV) have become quite the buzzwords, similar to cloud computing. But because the market is filled with all sorts of offers and because of at times substandard knowledge of some users in the field of networking, there’s much confusion in this area. Many cannot even tell apart basic concepts or technologies—OpenFlow, OpenStack, OpenDaylight, NETCONF, Floodlight, OVSDB, white‑label‑switch, Yang, overlay, VXLAN, and many other similar terms and terms cannot be simply lumped together.
So, it’s high time to break some myths.
Myth: SDN and NFV—solutions to all your network problems
Discussions with CTO’s and/or IT administrators often end with the same conclusion. Everyone wants network programmability and automation, even though they might not even need them given their existing IT environment and how they plan on developing it in the future. So, when is the right time to introduce “programming” into your network? I would say when you are dealing with truly many changes in your network and routine tasks. Otherwise, you might not see a return on your investment. Sometimes we simply need to be honest with ourselves. For example, would you manufacture your own pneumatic hammer just to hammer in five nails? Or would you rather rent one, or even go for a classic hammer?
Network automation and advanced configuration/change deployment are convenient solutions when implementing so-called micro-segmentation. But why would you want to break down your network into smaller segments and add complexity by doing so? Well, micro-segmentation doesn’t really add complexity, but rather opens ups new possibilities for tackling IT and data center challenges. Network micro-segmentation enables network administrators an efficient and flexible adaptation of the company’s network to a variety of business applications. You need to ensure the most appropriate working conditions so that the applications will function seamlessly. In such case, you need to consider the application as a tenant (in this case leasing network resources). Software‑defined networks and network-function virtualization are more than justified investments with multitenant data centers. Now, this is true if you use these solutions/technologies for solving real challenges, not just because it sound nice to have.
Myth: universal solutions exist
Several network equipment manufacturers and even more network solutions are present on the market today. You would think that would simplify the process of finding the right solutions which would suit most companies. Unfortunately, no such universal solutions exists (yet). Perhaps you will find it in a brochure, but in real life, you'll have no luck. Every network which has been growing and expanding over the years or isn’t a trivial network (you know, the “I need 4 interfaces” type of network) is a real challenge with no out-of-the-box solution.
This is why IT departments have network experts who understand how networks function on different levels. If not sooner, companies become aware of their vulnerabilities when things go south. That’s when you’re in need of an expert who will locate the issues and rectify them. You’ll be facing a similar scenario if you implement SDN and/or NFV—a network expert knows the demands and peculiarities, which comes in handy when you’re planning and implementing these solutions.
Because there’s no such thing as a universal solution, you need to consult with a network expert prior to purchasing your network equipment/technology. Firstly, because the expert can clarify at least the basic concepts of how things work; and secondly, because of the expert’s experience. An expert has tested various solutions and knows the conditions in which individual solutions work best compared to others. There’s really no need for you to waste precious time and resources to find out how to set up a balance between your old and new network equipment, solutions and applications as well. A person that deals with network issues on a daily basis will perform this task better, faster, and also with a smaller invasion into your budget.
Myth: everything can be virtualized
Virtualization software manufacturers (including SDN and NFV software) tend to brag how in IT everything can be virtualized, even networks. This couldn’t be further from the truth. Every IT environment and network comprises hardware and software equipment and services, and as such it needs to be considered as a complete environment. Of course, “playing” with virtualized resources can mean considerable time and other savings, but it can also place the virtualized network into greater risk in case of hardware or software issues. Additionally, some applications (better still, some application manufacturers) sometimes even strictly demand a physical server.
Myth: our equipment simply works
Let’s be frank—infinite reliability doesn’t exist (just like there’s no all-powerful hardware, or even infinite bandwidth). Roughly speaking, we could say that networks are a more reliable part of IT equipment, but still, there’s only so much they can do. Switches, routers, firewalls, and other network components can fail. Even software can go through a tough day (or even days). In today’s economic conditions, when you’re trying to control how you spend every nickel and penny, even network administrators have it tough. Financial departments, especially those that are restricted by strict tender specifications, are striving to buy equipment at the lowest price (“low price” can be quite a broad term). And this is a frequent and repeated “original sin”. No matter what IT solution you are purchasing, you always have to consider the total cost of owning (TCO) hardware and software equipment and services (!) over a longer period—e.g., at least within a period of 5 years, or even longer.
The key guide when looking for savings should be on saving time (which will decrease the overall price of the solution measured within its entire life cycle), and not on getting the lowest equipment price. Compared to the prices of switches and routers, the rates of network experts are significantly higher.
Myth: we want to avoid manufacturer lock-in
Many CTO’s are deciding to implement software-defined networks because they don’t want to be tied down to a single equipment or service provider (i.e. lock-in). Yeah, right. Like with other situation in the IT world (just consider data bases, virtualized platforms, documents formats, etc.), in networking, you cannot be completely independent of other actors. To guarantee a high level of network services you cannot choose just any equipment. If quality is what you’re striving for, you need to implement advanced switches and other equipment with appropriate functionalities, which only a handful of top-notch manufacturers really offer. White-label switches can cause you a lot of gray hair. Less known providers do give guarantees of support, but there’s no use when in practice the support they offer is substandard.
Their exaggerated desire to be completely free of any ties to providers makes companies do the exact opposite—they additionally tighten the ties to one or several providers, depending on the solution. At this moment, software-defined networks are still not fully standardized. Have this in mind when assessing your network renovation/upgrade and estimating the end investment.
So this is the bottom line—being tied to a manufacturer/technology/solution is inevitable. What’s important is that the solution answers all of your application requirements.
Myth: network resources must be easy to handle, even by an 8-year-old
The beauty of SDN and NFV solutions lies in the fact that they truly simplify things. But this happens only when the network is properly set up and also when we have the know-how to properly manage it. If we lack these skills, we simply won’t be able to tackle any challenges facing us sooner or later. Managing virtualized network resources and functions might at first glance appear as a simple task, but when you dig deeper into troubleshooting hardware and/or software issues, you come across difficulties. Without the right network solutions and technologies we quickly become stranded.
Myth: to setup and to forget
I demonstrated with one of the previous myths that there’s no such thing as a universal solution. I also pointed out the weaknesses of out-of-the-box solutions. In networks, you won’t get away with simply setting everything up and forgetting about it. Networks demand constant care, checking, and maintenance, especially in times when companies are being targeted by a number of attackers who use various network vulnerabilities to breach into your network. This is why you need to approach the implementation of network solutions thoughtfully, and most of all consider it as a wholesome process. As you know, what’s the point in having intrusion doors, when the attacker can sneak in by opening the window with a screw driver?