SDN in 2015 15 Minute Analysis About Me ‣ ‣ ‣ ‣ Co-Host of Packet Pushers Podcast Freelance Network Architect/Engineer Blog: EtherealMind.com Newsletter PacketPushers.net 4 Types of Enterprise SDN ‣ SDN Data Centre (SDNDC) ‣ identity, authentication, management ‣ application performance (QOS) ‣ Wired/Wireless single access network ‣ agility/speed, virtual edge, mobility, segmentation ‣ SD-WAN ‣ carrier & technology independence, ‣ save money ‣ SD-Security (SD-Sec) ‣ The “DMZ” ‣ Monitoring/OOB ‣ SD-Campus (SD-LAN) 3 Enterprise Market Segment ‣ “high & low tech” companies ‣ Low Tech ‣ ‣ ‣ ‣ ‣ IT is a cost centre - controlled, minimised, reduced. Limited human resources Large capital spending Static, Change resistant. Reports to the “finance” function ‣ High tech ‣ IT is a profit centre ‣ competitive advantage ‣ core business focus ‣ Applies to all verticals - education, large/small enterprise, 4 High Tech IT ‣ “High Tech” companies ‣ Cloud deployments in small scale ‣ not virtualization ‣ end-to-end orchestration ‣ DevOps processes - you build it, you operate it. ‣ Early stage orchestration for user-provisioned infrastructure ‣ Many are building deploying Whitebox/OpenSource solutions ‣ Willing to invest in “Human Infrastructure” 5 Low Tech IT ‣ Focus on operational costs ‣ insufficient head count ‣ overspending on capital purchases to “control spending” ‣ Safe is seen as expensive ‣ Low value on employee lead to low pay/salary ‣ unable to attract best skills ‣ training is a cost (what happens if we train them and they leave / what happens if we don’t ?) ‣ Insufficient skills and time to evaluate or understand “cloud” 6 SDN-DC 7 But SDN-DC Sales Are Slow Core & Distribution = Wasted Capital In a tree-based network, the most expensive switches are not used Core Core © Greg Ferro 2015 Distribution Access Access Server Distribution Distribution Access Access Access Server Server Server Distribution Access Server Wasted Investment Access Access Server Server Useful Assets ‣ The “promise” of agility and reliability isn’t enough ‣ who believes promises ? ‣ High capital costs of existing assets ‣ tree-based architectures ‣ VMware isn’t sharing 8 SDN-DC Value Proposition ‣ Are enterprises SDN-proof in the DC ? ‣ ACI & NSX widely perceived as too expensive ‣ Best guess, Cisco ACI ~ 500 customers* VMware ~800. ‣ which isn’t much, when you think about it. ‣ Widespread feedback/rumours/scuttlebutt suggests that both NSX & ACI are struggling with bugs & scaling ‣ If you don’t have A LOT of time to invest, avoid SDN in DC 9 Market Share Cisco ACI 30-50 % VMware NSX 30-50% OpenDaylight/“Open” 15-30% Others 5-10% Total Addressable Enterprise Market - 100% 10 SDN Startups ‣ Software startups are doing just fine ‣ profits ‣ Hardware vendors are rightly nervous about Whitebox/Whitebrand ‣ Whitebox already 25% of all switches sold by volume (but only 7% by value) ‣ Hardware requires large amounts of capital to design, build & stock global spares. ‣ Good solution for mid-sized Enterprise 11 SD-DC Technology ‣ Overlays and Controllers are dominant ‣ Overlay/Underlay integration is here ‣ Cisco ACI in hardware, Cisco Prime using DFA, Nuage using BGP/OSPF. NSX outlier. ‣ Protocols & Standards yet to emerge from competition (duplication) phase ‣ VMware slow to partners in vSwitch - driving customers to OpenStack 12 SD-DC Futures ‣ Platforms vs Products ‣ Avoid lock-in ‣ Whitebox/Whitebrand demand is strong. Sustainable ? Probably. ‣ Visibility/Analytics is still missing ‣ Waiting for Private Cloud Orchestration software to show compelling value. ‣ e.g. InterCloud, Helion, OpenStack etc 13 SD-WAN 14 Carrier Independence ‣ Reduce WAN provider costs ‣ SD-WAN enables carrier independence ‣ workable multi-carrier networks PacketPushers.net Technology Independence ‣ Multiple network types ‣ Choose DWDM, MPLS, TDM, Wireless, 4g/LTE PacketPushers.net Reduce Bandwidth ‣ improving efficiency of traffic, ‣ improve “goodput” ‣ more bandwidth ‣ better quality “Good-put” or Throughput Real throughput doesn’t include retransmissions Over-Bandwidth Unused Bandwidth Physical Network Rate PacketPushers.net 1 Retransmitted Data 2 “Good-put” © Greg Ferro 2015 Operations ‣ Disable a path for router maintenance ‣ No change control for WAN path changes - risk free ‣ Predictable, deterministic change (sanity check) ‣ Logging of all configuration in controlled platform PacketPushers.net Visibility / Analytics ‣ SD-WAN (any WAN) needs visibility to operate ‣ Flow data combines with meta-data to build analytics and algorithms PacketPushers.net WAN as a Service Service Features Service Bandwidth Quantity, Immediate Availability Yes Latency Non-impacting to performance Yes Security / Integrity Data in Motion Security Yes Cost Minimised Wise Use of Company Funds No Availability High Reliability No Internet Access Secure, Fast No Fast Service Provision React to Business Need Yes-ish 20 SD-WAN ‣ The SDN that will ramp quickly ‣ > 30% cost reductions in year 1 ‣ Provider-independence ‣ Technology Independence 21 Defining SD WANs ‣ abstracted and independent from the physical network (evolve) ‣ many networks (segmentation) ‣ virtual/software and physical appliances (cloud) ‣ flows not packet (…….) 22 Design Integrity ‣ Today : Connectivity, Resiliency and Redundancy ‣ static, self healing, overspending ‣ Tomorrow: Predictable, Safe and Evolving ‣ trustable change ‣ safe for change and operation ‣ able to evolve by components 23 SD-LAN 24 SD-LAN ‣ Stop panicking ‣ Vendors are moving to extend SDN in the Campus ‣ Campus is more complex than the data centre ‣ variety of end points, applications ‣ SDN DC technology likely won’t be useful ‣ Wireless is hard 25 SD-LAN Technology ‣ Combine Wireless & Wired into a single overlay or flow network ‣ Security - access control, identity, authentication and logging/monitoring ‣ New physical architectures ‣ reduce cost of cabling (mesh instead of tree) ‣ Reduce MTTI with better monitoring, analytics 26 SD-LAN & QoS ‣ Current QoS simply doesn’t work ‣ DSCP QoS is the least best technology ‣ Flow managed QoS looks like it will scale. ‣ Flow-based systems get visibility & analytics “free” 27 Wrap Up 28 SDN in May 2015 ‣ SDN-DC is stalled. ‣ ‣ ‣ ‣ Not enough value for customers to replace costly legacy assets hard to change the data centre forces breakdown in ITIL/Prince2 processes 6 more years before mainstream. 4 year into a 10 year cycle ‣ SD-WAN is emerging. ‣ Strong demand, immediate cost savings ‣ no changes outside of network team ‣ no requirement to replace or upgrade existing networks. Add on. 29 SDN in May 2015 ‣ SD-LAN is starting ‣ Limited demand. Who cares about the campus ? ‣ printers, wireless, etc ‣ Long, slow sales cycles ‣ Genuine value. ‣ SD-SEC ‣ The Enterprise DMZ is a major pain point and cost ‣ Resistance to virtual appliances ‣ Maybe next year.. 30 About Me ‣ ‣ ‣ ‣ Co-Host of Packet Pushers Podcast Freelance Network Architect/Engineer Blog: EtherealMind.com Newsletter PacketPushers.net