Network Evolution

Building the infrastructure for the changing face of IT

kosmin - Fotolia

News Stay informed about the latest enterprise technology news and product updates.

Microsoft SDN stack to challenge Cisco, VMware

Microsoft is preparing to release a Windows Server SDN stack that could make the company a rival to Cisco and VMware in software-defined networking.

Microsoft's Azure Stack, in combination with Windows Server 2016, stands to make the software company a major player in the SDN enterprise market, alongside Cisco and VMware.

Microsoft introduced this week a technical preview of the Azure Stack, which is expected to ship this year along with Windows Server 2016. The SDN stack has the technology needed to make Microsoft a strong competitor in the space, particularly as a provider of interoperability between enterprises' private clouds and Microsoft's public cloud, Azure.

"I do expect Microsoft to become a major SDN player," said John E. Burke, an analyst at Nemertes Research. "As with [Microsoft's] Hyper-V and Azure, it will take a little time for the momentum to build and enterprise comfort levels to rise."

Microsoft has built into the Azure Stack several components that are expected to make SDN attractive to enterprises. The technologies include a network controller, load balancing and support for Virtual Extensible LAN (VXLAN), an encapsulation protocol for running an overlay over a traditional hardware-based Layer 2 and Layer 3 network, said Mark Scholman, an Azure consultant at Inovativ, a Microsoft technology specialist based in the Netherlands.

A VXLAN takes control of the network out of the hardware and places it instead in software running on a server. In Microsoft's case, it's the Azure Stack running on Windows Server 2016 or Linux.

The technologies in Azure Stack are a "big game changer," Scholman said. That's because they provide a consistent application development and deployment platform between Azure and a private cloud built with Azure Stack in an enterprise data center.

Software-defined infrastructure vendors

Microsoft's SDN stack

At a high level, Microsoft's SDN stack starts with the Azure Resource Manager, a framework that lets administrators deploy, manage, and monitor Azure and private cloud resources built with Microsoft technology, Scholman said. Underneath is a network resource provider that talks to the controller, which provides applications with network services, such as load balancing or a virtual private network.

Developers would build applications for Azure or the Azure Stack using Microsoft's Visual Studio suite and the Azure software development kit.

Microsoft is betting that lots of enterprises will want to use its SDN stack for running some workloads in Azure and others in-house. For example, the customer-facing front end of an application could run in Azure, while the collected data is processed and stored in a company's data center.

Such a scenario might be necessary to comply with a country's privacy laws. Splitting workloads between a private and public cloud can also reduce a company's IT expenses.

SDN cons

Microsoft already seen as an SDN player

Even without a fully baked SDN stack, Microsoft is already on enterprises' radar. A global survey of companies and public cloud providers found that a "significant number" identified Microsoft as an SDN vendor, said Brad Casemore, an analyst at IDC. These companies were interested in using Microsoft technology in their hybrid cloud initiatives.

"Microsoft will still need hardware partners for the network underlay, just as VMware has underlay partners for [SDN product] NSX," Casemore said. "But Microsoft will indeed be increasingly perceived as an SDN vendor within its installed base of customers."

Microsoft will still need hardware partners for the network underlay, just as VMware has underlay partners for [SDN product] NSX.
Brad Casemoreanalyst at IDC

To date, industry experts have said Cisco and VMware are in the best position to bring SDN to many enterprises. Both vendors are leveraging successful product lines to sell their SDN frameworks. In Cisco's case, it's network switches, while VMware is tapping the many companies using its data center virtualization platform.

Chances are the SDN market will be big enough to support the three vendors and more. The market -- comprised of physical network infrastructure, applications, virtualization and control software, and professional services -- will grow at a compound annual growth rate of nearly 54% to $12.5 billion in 2020, according to IDC.

Article 1 of 6

Next Steps

Virtual networking in the Internet of Things

Getting started with SDN technologies

Redefining the wide-area network with SD-WAN

Many companies likely to need VMware and Cisco SDN software

Dig Deeper on Software-defined networking

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

How would your organization use Microsoft's Azure Stack?
Microsoft is swiftly becoming a major player in the cloud space with Azure. It makes sense to have Visual Studio dev tools at your disposal along with an Azure SDK. I believe enterprise applications of the future will be written with the public and hybrid cloud in mind in addition to the enterprise data center. It would also be great if testing and monitoring in the cloud and enterprise data center were "integrated" too.
I agree. The biggest problem is managing workloads in public and private clouds, unless you stick with a single vendor's products, i.e. Microsoft Azure and Azure Stack.
Actually, the corp push to embrace op source tech & Linux in particular has led fo MSFT providing that capability today; the use of containers providing low resource micro virtualization services that can still support a Linux OS, a Integrated web app, & DevOps by virtue of each instance being a self contained RTE, w/ the JEwrapper model (just enough). Slightly larger containers be they docker, open source, or Server OS VM double abstraction layers providing encapsulated protection through total seperation allows multiple VMs to operate on the same bare metal medium within secure shells; And laptop, desktops, servers all have a hearty virtualization layer between the HW/Firmware & OS Kernels; allowing normal ops w/o Rootkit or Process infection as the OS never talks to the actual Kernel; but a hardened abstract of it which sandbox screens all requests & passss them on fo NT middleman living within but separate from the actual NT Kernel on secure lvl 1 which is separate from lvl2 which is the lvl windows OS passes its messages to, from lvl3. This is Device Guard, add Credential Guard which is the same but App layer literally rendering it impossible for anything to execute unless you have explicitly whitelist it; DP = Deny All unless Matches list of processes allowed to operate. Couple this with a shielded VM actually running workload & utilizing Microservice Fabrics for further security plus Windows ATP constantly monitoring network & systems in realtime & utilizing SDN overlay for VM networking & total segmentation virtual Vlan routing backed by physical layer 2-4 Managed switches and logical layers 4-7 This is security done right, at multiple layers From edge to core to endpoints to Logic Layers. Azure Stack along with MS AD & AzureAD provides federation allowing for complete Syncronicity; & security is achieved by utilizing physical and SDN/WAN protocols to Tunnel from on site vNET to Azure Gateway VPN & virtual net on MS end so you have End to end encryption privately tunneled back & forth load balanced on both ends & a true hybrid setup making a public cloud private & this can be extended to O365 E5 as well. There is great middleware sd-wan accelerators w/ autoVpn that are physical and SW devices creating branch- corp lvl security for "public" clouds & eliminitating comm protocol defects that double network traffic with unnecessary squawking. Anyway I am big on MS right now; especially when hardening server2016 & Enterprise to max leveraging great service & all the encryption & granular security from AzureAD & O365. As long as utilizing full osi UTM like untangle or PFsense to wall internet edge from LAN edge & monitoring behavior patterns, & utilize endpoint security plus VPN & Proxy (I use Squid & Reverse Proxy to remove context & header identifying data plus further obsfucate LAN; TIPS to contextualize all existing security data from logs, SW, VMs, UTMS, SIEMS, etc are really the central key to NG CyberSecurity; Literally leveraging your entity data & pulling from 40 top sources in cloud; everything is made known from all angles in one pane of glass.

Get More Network Evolution

Access to all of our back issues View All