BACKGROUND IMAGE: iSTOCK/GETTY IMAGES
The question of whether software-defined networking is valuable only as a way to manage cloud environments or data...
centers is a valid one. SDN discussions often focus solely on details of how SDN controls a cloud, or on its benefits compared to traditional network protocols. After reading these descriptions, it's easy to believe that SDN is applicable only to clouds and large data centers.
But focusing only on details misses the basic concept of SDN. Centralizing management gives a controller visibility and control across the entire network. This design strategy is applicable across many different types of networks and various SDN application examples.
The benefits of SDN also include simplified configuration and improved security. In a traditionally managed network, devices must be configured individually. Network devices may need to be reconfigured as applications are added and data flow patterns change. As these applications place different requirements on the network and flow patterns change, SDN controller software can quickly change device configurations.
Network security is improved with SDN because a central controller can more easily recognize threats by their effect on individual network devices. Various SDN application examples now apply these benefits to network service providers, hospitals, internet of things (IoT) networks and on the factory floor. Here's a closer look at each of these categories.
Benefits of SDN for service provider networks
Both individual providers and open source projects are taking advantage of SDN benefits for service provider networks. For example, Level 3 Communications uses SDN to automate network operations that previously required time and effort to set up and manage. Customer software creates and manages network resources via an interface to the network controller. For example, a customer could allocate network resources and quality-of-service parameters to first support a video conference and later for a bulk data transfer.
Level 3's software can set up end-to-end networks linking the Level 3 network to other providers' networks, and direct creation and operation of virtual private clouds on distant public clouds. Software can quickly detect and react to problems like insufficient allocated bandwidth or excessive delay.
Open Network Operating System (ONOS), an ON.Lab project, is an open source SDN operating system for network service providers. It is supported by network providers like AT&T, NTT Communications, Comcast and Verizon, and network equipment vendors, including Cisco, Intel and Huawei. The software provides open northbound and southbound interfaces that enable applications to control the flow of data through the network and support a variety of network device types. The software can manage both packet and optical networks. ONOS also includes an interface to Central Office Re-architected as a Datacenter, commonly known as CORD.
SDN in hospital networks
Another SDN application example includes hospital networks, especially because hospitals contain hundreds of IP-connected devices, including patient monitoring and diagnostic equipment. Additionally, doctors and nurses use mobile tablets to enter and display patient information. For example, Kanazawa University Hospital in Kanazawa, Japan, replaced its traditionally managed network with SDN to reduce the complexity of dealing with multiple network protocols and a variety of vendor equipment -- each with its own management syntax.
Hospital networks must remain available, but traditional networks can take significant time to recover from a failure while spanning tree elects a new root or Open Shortest Path First detects the failure and computes new routes. Kanazawa Hospital experienced one- to two-minute delays while the network restabilized after a failure -- a dangerous length of time if a patient monitor detected a serious problem during that period. The hospital reported that its software-defined network recovers much more quickly.
Kanazawa Hospital needs to add, update and replace equipment constantly. Before the switch to SDN, a network configuration change was required for each new piece of equipment. This sometimes led to an error that could affect the entire network. With SDN, the controller incorporates the new devices without any disruption. Prior to the move to SDN, the hospital experienced problems when equipment moved. For example, patient monitors move as patients are rolled from recovery to their rooms, and simply plugging a cable into an available port sometimes created a network loop.
Data isolation and security are crucial in a hospital. With SDN, Kanazawa Hospital was able to implement four distinct virtual networks on a single physical network. In the future, the hospital expects to follow patients as they return home by extending the hospital network using wireless 3G and Long Term Evolution mobile networks.
Internet of things security needs
Connecting devices, like security cameras, DVRs and thermostats, to the internet offers both benefits and dangers. It is well-known, for example, how attackers have delivered massive denial-of-service attacks by planting software in thousands of IoT devices.
The problem is these devices often have no security software at all, or if they do, they are not regularly updated. Mandating that each manufacturer includes adequate software and implements regular updates is probably a lost cause.
SDN can provide a solution, and network equipment vendors are working with customers to develop those solutions. Controller-resident security software would offload the need for any device-resident security. With SDN, controller software could create virtual networks for each type of IoT device and add firewalls configured specifically for each device.
Network vendors are also working with industrial customers to apply SDN to the factory floor. Problems within factories are similar to those of IoT devices and hospital networks -- devices lack security software, and problems occur when a piece of equipment is rolled across the floor and plugged into an Ethernet port that was not configured for that device.
Now that the SDN concept has proven itself in data centers and the cloud, it is beginning to be applied elsewhere. A few early adopters have seen its benefits. As these SDN application examples become more widely observed, others will begin to take advantage of SDN.
Learn why one network engineer opts for VMware NSX
How to prepare for SDN deployment
SDN and IoT meet to support devices