alphaspirit - Fotolia
When it comes to open source network software, emotions run high. The topic has caused a fair amount of hand-wringing and any number of gut-wrenching conversations in recent months, as well as excited commentary from analysts and venture capitalists predicting imminent industrywide disruption.
The stakes are also high, with thousands of jobs and millions of dollars up for grabs, and industry giants like Cisco are feeling the heat. The vendor recently experienced steep layoffs, and according to a 2016 poll by JPMorgan Chase & Co., its standing as a key network infrastructure supplier to enterprises has slipped. Peter Levine, a partner at venture capital firm Andreessen Horowitz, said the slide came partly from the rise of open source startups delivering network services via the cloud.
"I am a believer that we can disrupt the networking industry through open source," he told TechTarget at the time.
Nobody wants to be on the wrong side of the technology curve, the way BlackBerry and Nokia were in the cellphone business. Now, Cisco, Juniper and the other networking giants seem to be scrambling to figure out how open source fits into their respective strategies.
Champions of open source network software argue it accelerates innovation, cuts costs, decreases vendor lock-in and increases flexibility and efficiency. For Jason Forrester, founder and CEO of SnapRoute and former head of networking at Apple, his motivation for creating an open source startup was simple: He wanted a full night's sleep.
Andrew Lernerresearch vice president, Gartner
"I was spending so many nights doing mundane management tasks that I just started thinking there had to be a better way," he said.
Forrester wanted to create an open software standard for basic switches and routers -- streamlining those management tasks that used to keep him awake into the wee hours.
Andrew Lerner, a Gartner research vice president who covers the networking industry, added that the networking field is one of the last branches of technology to embrace open source.
"When you think about it, the server and storage side have gone through this with Linux for servers and Hadoop for storage and big data," Lerner said. "So today, it's not a matter of if your networking organization will leverage open source; it's merely a matter of how it will leverage open source."
Lerner said companies offering open source network software -- such as SnapRoute, which focuses on enterprise networks, and NGINX, which sells software-based load balancers -- opted to begin with specific applications because each only had the resources to focus on one aspect of the open source puzzle. They also had to find ways to commercialize their open source products.
"Just because a product is open source doesn't mean there won't be a certain level of lock-in," Lerner said. "All of the open source companies require a licensing agreement; they have to so they can sustain themselves."
By network managers, for network managers
Like other open source networking startups, SnapRoute claims to provide several key features that solve specific technical issues enterprise network managers face using traditional offerings:
1. Customized switching. SnapRoute's Forrester said switches from the incumbents include numerous bonus features that many companies don't need or even use. Sometimes features that lie dormant can get corrupted, slowing down performance or even taking down the network. So with SnapRoute, Forrester said if network managers want a switch to run just the Border Gateway Protocol and the Spanning Tree Protocol, they can build that operating system on inexpensive white-box switches. SnapRoute's goal is to let network managers build switches from scratch the way power users would build PCs or servers.
2. Automated task management. In the world of proprietary switches, Forrester said network managers spend several hours inserting firewall rules and writing access control lists. A Methods of Procedure manual could be up to 40 pages of rules and commands. Most networks deploy multiple switches, so each vendor has its own way of automating tasks, a situation that has added to the complexity. With SnapRoute, once the network manager installs the firmware, many of these tasks are automated. Network managers can automate tasks according to one method and do it on any piece of hardware.
3. Visibility into the source code. Forrester maintained that incumbent vendors don't allow access into their source code, so network managers can never really know how packets are traversing a switch. Using open source networking, however, managers can see precisely what's going on in their networks and fix problems that in the past would have taken hours or days to figure out.
4. Ability to do risk assessment. By offering visibility into the source code, SnapRoute found that its customers can run vulnerability scans, allowing them to do a risk assessment and catch security bugs. For example, by running a scan, one customer found a memory management vulnerability that they wouldn't have normally discovered as easily.
Similarly, Owen Garrett, head of products for NGINX, said, in the past, proprietary load balancer vendors had full control over the ecosystem. Network managers had to work with the products as they were shipped out of the factory, were limited to deploying them in-house and often had to wait for several weeks or months for upgrades and patches.
Now, with an open source networking product like NGINX, network managers have the flexibility to run NGINX on a server, over a cloud service such as Amazon Web Services or Microsoft Azure, or on a container or virtual machine. And upgrades and patches are routinely developed and made readily available by the open source community.
"The flexibility doesn't force the network manager into any one deployment model," Garrett explained. "Plus, companies can take advantage of the open source community; it can build services more quickly."
Network managers can get started by accessing the open source version of NGINX and then pay for tech support or other professional services.
Open source network software: Incumbents respond
Incumbents like Cisco and Juniper also have various open source projects underway. Juniper's Open Contrail offers a way for network managers to spin up virtual networks in cloud environments, something similar to how Aviatrix operates.
And Cisco has any number of open source network software projects in the works.
Ed Warnicke, distinguished consulting engineer, said Cisco has been involved for many years with the OpenDaylight Project. OpenDaylight is an open source controller that gives network managers visibility into the network, for example, an ability to set global network policies or build a service function chain. Cisco also works with PaNDA for analytics, Open Platform for network functions virtualization for network integration and testing, and Fido for forwarding packets across an enterprise network.
Neela Jacques, executive director of the OpenDaylight Project, said open source will become prevalent in all aspects of computing and networking. He said the same way technology people found value in open source Linux and Hadoop, they will create communities that build more efficient networking applications.
"In some ways I understand it, the incumbents are caught between a rock and a hard place," Jacques said. "They know that the days of proprietary networking are passing, but they don't know how they can neatly make the transition."
Jacques pointed out that switches leveraging open source operating systems like SnapRoute are gaining share, but still represent a relatively small, albeit fast-growing, segment of the networking equipment market.
That may be true. But Forrester's quest to make life easier for network managers at SnapRoute rings true. Again, it's unclear how all of this will flush out. SnapRoute may get bolted on to all the incumbents' switches. Or maybe SnapRoute will get scooped up; we just don't know yet.
But for small organizations, large enterprises, and carrier-class and major provider networks, expect open source network software to play a growing role. The incumbents had a good run for about three decades, but it seems a new era has dawned.
Carriers say they're "all in" on open source SDN
How cloud, open source and disaggregation could change network engineering jobs
Meaning of "open networks" has evolved
- 7 Reasons to Switch from Open-Source Bro to Corelight Sensor –CoreLight
- How You Can Make Incident Response Faster and More Efficient –CoreLight
- Universities, Network Security, and Bro: A Roundtable Discussion –CoreLight
- A Technical Introduction to Bro: Network Security's Best Kept Secret –CoreLight