SDN in 2015

15 Minute Analysis

PacketPushers.net

About Me‣ Co-Host of Packet Pushers Podcast ‣ Freelance Network Architect/Engineer ‣ Blog: EtherealMind.com ‣ Newsletter

4 Types of Enterprise SDN‣ SDN Data Centre (SDN-

DC) ‣ agility/speed, virtual edge,

mobility, segmentation

‣ SD-WAN ‣ carrier & technology

independence, ‣ save money

‣ SD-Campus (SD-LAN)

‣ identity, authentication, management

‣ application performance (QOS)

‣ Wired/Wireless single access network

‣ SD-Security (SD-Sec) ‣ The “DMZ” ‣ Monitoring/OOB

3

Enterprise Market Segment‣ “high & low tech” companies ‣ Low Tech ‣ IT is a cost centre - controlled, minimised, reduced. ‣ Limited human resources ‣ Large capital spending ‣ Static, Change resistant. ‣ Reports to the “finance” function ‣ High tech ‣ IT is a profit centre ‣ competitive advantage ‣ core business focus ‣ Applies to all verticals - education, large/small enterprise,

4

High Tech IT‣ “High Tech” companies ‣ Cloud deployments in small scale ‣ not virtualization ‣ end-to-end orchestration ‣ DevOps processes - you build it, you operate it. ‣ Early stage orchestration for user-provisioned infrastructure ‣Many are building deploying Whitebox/OpenSource

solutions ‣Willing to invest in “Human Infrastructure”

5

Low Tech IT‣ Focus on operational costs ‣ insufficient head count ‣ overspending on capital purchases to “control spending” ‣ Safe is seen as expensive ‣ Low value on employee lead to low pay/salary ‣ unable to attract best skills ‣ training is a cost (what happens if we train them and they leave /

what happens if we don’t ?) ‣ Insufficient skills and time to evaluate or understand

“cloud”6

SDN-DC

7

But SDN-DC Sales Are Slow‣ The “promise” of agility

and reliability isn’t enough ‣ who believes promises ? ‣ High capital costs of

existing assets ‣ tree-based architectures ‣ VMware isn’t sharing

8

CoreCore

DistributionDistribution Distribution Distribution

AccessAccess AccessAccess AccessAccess AccessAccess

ServerServer ServerServer ServerServer Server

© Greg Ferro 2015

Core & Distribution = Wasted CapitalIn a tree-based network, the most expensive switches are not used

Wasted Investment

Useful Assets

SDN-DC Value Proposition

‣ Are enterprises SDN-proof in the DC ? ‣ ACI & NSX widely perceived as too expensive ‣ Best guess, Cisco ACI ~ 500 customers* VMware ~800. ‣ which isn’t much, when you think about it. ‣Widespread feedback/rumours/scuttlebutt suggests

that both NSX & ACI are struggling with bugs & scaling ‣ If you don’t have A LOT of time to invest, avoid SDN in

DC

9

Market Share

10

Cisco ACI

VMware NSX

OpenDaylight/“Open”

Total Addressable Enterprise Market - 100%

30-50%

30-50%

15-30% Others5-10%

SDN Startups‣ Software startups are doing just fine ‣ profits ‣ Hardware vendors are rightly nervous about

Whitebox/Whitebrand ‣ Whitebox already 25% of all switches sold by volume (but

only 7% by value) ‣ Hardware requires large amounts of capital to design,

build & stock global spares. ‣ Good solution for mid-sized Enterprise

11

SD-DC Technology‣ Overlays and Controllers are dominant ‣ Overlay/Underlay integration is here ‣ Cisco ACI in hardware, Cisco Prime using DFA, Nuage

using BGP/OSPF. NSX outlier. ‣ Protocols & Standards yet to emerge from

competition (duplication) phase ‣ VMware slow to partners in vSwitch - driving

customers to OpenStack12

SD-DC Futures‣ Platforms vs Products ‣ Avoid lock-in ‣ Whitebox/Whitebrand demand is strong.

Sustainable ? Probably. ‣ Visibility/Analytics is still missing ‣ Waiting for Private Cloud Orchestration software

to show compelling value. ‣ e.g. InterCloud, Helion, OpenStack etc

13

SD-WAN

14

PacketPushers.net

Carrier Independence

‣ Reduce WAN provider costs ‣ SD-WAN enables carrier independence ‣ workable multi-carrier networks

PacketPushers.net

Technology Independence

‣ Multiple network types ‣ Choose DWDM, MPLS, TDM, Wireless, 4g/LTE

PacketPushers.net

Reduce Bandwidth

‣ improving efficiency of traffic,

‣ improve “goodput” ‣ more bandwidth ‣ better quality

1

Physical Network Rate

Retransmitted Data2

“Good-put”© Greg Ferro 2015

Over-BandwidthUnused Bandwidth

“Good-put” or ThroughputReal throughput doesn’t include retransmissions

PacketPushers.net

Operations

‣ Disable a path for router maintenance ‣ No change control for WAN path changes - risk

free ‣ Predictable, deterministic change (sanity check) ‣ Logging of all configuration in controlled

platform

PacketPushers.net

Visibility / Analytics

‣ SD-WAN (any WAN) needs visibility to operate ‣ Flow data combines with meta-data to build

analytics and algorithms

WAN as a Service

20

Service Features Service

Bandwidth Quantity, Immediate Availability Yes

Latency Non-impacting to performance Yes

Security / Integrity Data in Motion Security Yes

Cost Minimised Wise Use of Company Funds No

Availability High Reliability No

Internet Access Secure, Fast No

Fast Service Provision React to Business Need Yes-ish

SD-WAN

‣ The SDN that will ramp quickly ‣ > 30% cost reductions in year 1 ‣ Provider-independence ‣ Technology Independence

21

Defining SD WANs

‣ abstracted and independent from the physical network (evolve)

‣ many networks (segmentation) ‣ virtual/software and physical appliances (cloud) ‣ flows not packet (…….)

22

Design Integrity

‣ Today : Connectivity, Resiliency and Redundancy ‣ static, self healing, overspending ‣ Tomorrow: Predictable, Safe and Evolving ‣ trustable change ‣ safe for change and operation ‣ able to evolve by components

23

SD-LAN

24

SD-LAN

‣ Stop panicking ‣ Vendors are moving to extend SDN in the Campus ‣ Campus is more complex than the data centre ‣ variety of end points, applications ‣ SDN DC technology likely won’t be useful ‣ Wireless is hard

25

SD-LAN Technology

‣ Combine Wireless & Wired into a single overlay or flow network ‣ Security - access control, identity, authentication

and logging/monitoring ‣ New physical architectures ‣ reduce cost of cabling (mesh instead of tree) ‣ Reduce MTTI with better monitoring, analytics

26

SD-LAN & QoS

‣ Current QoS simply doesn’t work ‣ DSCP QoS is the least best technology ‣ Flow managed QoS looks like it will scale. ‣ Flow-based systems get visibility & analytics

“free”

27

Wrap Up

28

SDN in May 2015‣ SDN-DC is stalled. ‣ Not enough value for customers to replace costly legacy assets ‣ hard to change the data centre ‣ forces breakdown in ITIL/Prince2 processes ‣ 6 more years before mainstream. 4 year into a 10 year cycle ‣ SD-WAN is emerging. ‣ Strong demand, immediate cost savings ‣ no changes outside of network team ‣ no requirement to replace or upgrade existing networks. Add on.

29

SDN in May 2015‣ SD-LAN is starting ‣ Limited demand. Who cares about the campus ? ‣ printers, wireless, etc ‣ Long, slow sales cycles ‣ Genuine value. ‣ SD-SEC ‣ The Enterprise DMZ is a major pain point and cost ‣ Resistance to virtual appliances ‣ Maybe next year..

30

PacketPushers.net

About Me‣ Co-Host of Packet Pushers Podcast ‣ Freelance Network Architect/Engineer ‣ Blog: EtherealMind.com ‣ Newsletter