Despite the steady onslaught of new challenges -- most recently, the advent of network function virtualization (NFV), software-defined networking (SDN) and virtual networks -- the dream of the single pane
IT should not abandon the goal of unified management.
Unified management is more important as enterprises continue to virtualize infrastructure, create in-house private clouds and expand use of external cloud resources to deliver enterprise services. Application architectures are getting more complex because application components continue to spread across servers and data centers and services come to incorporate both internal and external components. Put together, these trends drive the need for more flexible and agile networks: virtualized networks whose components, virtual and physical, are programmable. In other words, SDN. The goal of SDN is to decouple the behavior of the network -- the decisions about what packets go where -- from the physical components of the network, to allow a network connection to be repurposed as a CPU or a hard disk, its behavior fully under software control.
Both virtualization and SDN make the network more flexible and better able to meet the needs of a more dynamic IT environment. This is accomplished by adding layers of abstraction to the network (e.g., VXLANs) and by decoupling decisions about where traffic can go (via the control layer) from the process of actually moving the packets (via the forwarding layer).
Cloud management stacks should oversee physical and virtual worlds
Network virtualization and SDN represent the future of the network, in and out of the data center, as they offer the chance for IT to unify -- end to end -- management of traffic flows, performance and security. And, because SDN exposes all network functionality via application programming interfaces, the behaviors of each physical and virtual component, across all layers, can be coordinated with other aspects of service delivery and data center resource management. What's more, they can be handled in accordance with actual service priorities. In the long term, cloud management stacks should facilitate management of both the physical and virtual networks in conjunction with management of the servers and storage.
However, introducing new abstraction layers and new protocols such as OpenFlow (for communication between control and forwarding layers) makes it harder than ever to get that "single pane of glass" view of the network that IT has yearned for (and rarely achieved).
The evolution of network control
Myths versus reality in network oversight
Improving control in a cloud-based world
Boosting app visibility
That said, IT should not abandon the goal of unified management. The industry still needs a single console management platform that makes the network visible, in all its complexity, for two big reasons:
- Effective troubleshooting. As new layers and entities come into being -- virtual switches, virtual network appliances and multiple virtual networks overlaid on the same physical infrastructure -- IT will either need to update existing tools so they are fully able to understand the interplay of these new elements, or replace them with tools that do. Systems admins faced a similar problem as virtual servers became common: Early on, their management tools couldn't help them diagnose a hardware problem as the root cause of performance issues affecting multiple virtual machines. Therefore, for effective troubleshooting, all layers have to be visible to network engineers. Additionally, fewer tools and fewer screens translate into faster MTTI (mean time to identify) and MTTR (mean time to resolve). Nemertes found in past research that having a single manager-of-managers console for the NOC reduced average MTTI and MTTR by an order of magnitude. A single view across the network can also help reduce the other key mean time measure: MTTA (mean time to accountability). By reducing finger pointing and buck passing, the single pane of glass helps ensure the right folks are working on the problem as soon as possible.
- Proactive management. The best way to anticipate how one layer may be affected by changes in another layer is to have a tool that lets you see all the layers. The only way to have a proactive sense of whether systems are in trouble is to watch them over time and build a baseline understanding of what normal looks like. To do that in a virtualized and software-driven network, performance monitoring must look up and down the stack -- from hardware to virtual networks to application traffic flows. Only with a reasonable picture of network behavior during periods of normal service delivery can tools then properly accomplish the job of alerting staff to anomalies. Without the baseline, it is difficult to avoid false-positive warnings that waste staff time responding to non-problems. Equally troubling are false-negative silences that let performance problems fester and affect users when IT could have remedied them.
As the network charges headlong into a new world of greater control, agility, flexibility and complexity, IT must continue to drive toward a goal that's anchored by a single-pane-of-glass view of network performance. Failing to do so will make networks less manageable and more prone than ever to avoidable downtime, thus undercutting the benefits of both SDN and network virtualization.
This was first published in December 2013