1 ESG Brief IBM and NEC Bring SDN/OpenFlow to Enterprise Data Center Networks Date: January, 2012 Author: Jon Oltsik, Senior Principal Analyst, and Bob Laliberte, Senior Analyst Abstract: Enterprise data center networks are rapidly reaching a breaking point. Why? Data center network scale and complexity is testing the limits of legacy networking equipment and IT operations. ESG calls this phenomenon data center networking discontinuity. While networking vendors are desperately adding new features to their equipment, a radically new model called Software-Defined Networks (SDN) is emerging through the efforts of the Open Networking Foundation (ONF) and the OpenFlow protocols. Ultimately, SDN/OpenFlow could use software to virtualize networks just as hypervisors enable server virtualization. This vision is becoming reality in real-time as IBM and NEC co-market their integrated SDN/OpenFlow products and services. Modern Data Centers: Massive Scale and Complexity There is little doubt that today s data centers (and the supporting data center networking infrastructure) are experiencing a period of rapid and massive change. For example, ESG research reveals that enterprise organizations are pursuing: Aggressive data center consolidation. According to ESG research, 63% of enterprise (i.e., more than 1,000 employees) are actively consolidating data centers or have already done so. 1 By virtue of these projects, large organizations typically reduce their data center population by 25% to 50%. Additionally, nearly half of organizations will consolidate data centers belonging to independent business units into multi-tenant facilities. This means that data centers will undergo massive scale as they house more devices, applications, and network traffic. Increasing use of server virtualization technologies. The ESG data indicates that nearly all large organizations are using server virtualization technologies from Citrix, Microsoft, VMware and others. While many enterprises have 250 or fewer VMs running in production data centers today, they also have ongoing server virtualization initiatives in place that will double VM deployment over the next few years. As this happens, an increasing number of virtual servers (and the virtual access networks they connect to) will need to be tightly integrated into the physical data center infrastructure. Wide and growing deployment of web applications. One quarter of large organizations have deployed SOA or web-based applications extensively, while another 60% have done so to some extent. These web applications are based on numerous x86 server tiers and horizontal scaling, leading to a significant increase in server-to-server communication. Continued web application growth will push data center networks to accommodate massive amounts of internal traffic. It is also worth noting that about 40% of organizations are already extending applications to run across geographicallydistributed data centers. ESG believes that this is a harbinger of future cloud computing architecture where workloads and application elements are moved from data center to data center based upon capacity, performance, and operational demands. As cloud computing gains momentum, data center infrastructure must provide for easy integration with internal and external cloud services. Data Center Networking Discontinuity As ESG data indicates, today s data centers can house thousands of physical devices, virtual servers, and business applications, all connected via Ethernet networks and IP packets. Unfortunately, this is creating a state of data center 1 Source: ESG Research Report, Data Center Networking Trends. All ESG research references in this brief come from this report, scheduled to be published January 2012.
2 ESG Brief: IBM/NEC Partnership Brings SDN/OpenFlow to Enterprise Data Centers 2 networking discontinuity where dynamic data center scaling requirements are supported by static proprietary networking devices -- an IT mismatch if there ever was one. To date, IT networking teams have done their best to bridge the data center networking discontinuity gap, but it appears that the flood waters are about to overrun tactical network sandbags. Driven by massive data center scale, ESG research points to a plethora of increasingly difficult network operations challenges such as (see Figure 1): Network segmentation and security. Today s data center network segmentation is based upon a complex mix of Layer 2 VLANs, Layer 3 IP subnets, device-based ACLs and packet filtering, and firewall rules. Many segmentation policies are actually enforced by a patchwork of firewall and ACL rules written and maintained for years. These hard-wired network segmentation and security controls are no match for today s data centers populated by mobile VM-based workloads designed to traverse data centers and cloud computing platforms. Traffic engineering. ESG research indicates that 44% of large organizations suffer from network performance challenges. Why? Network traffic tends to follow a fixed path with multiple hops. Any traffic congestion or device-based hardware problem has a waterfall effect impacting the performance and latency of all other traffic over the same devices. Network performance is further complicated by virtual server sprawl and mobility in the data center where VMs can be provisioned or moved at a moment s notice. Finally, web applications can also create bottlenecks of server-to-server traffic. Network provisioning and configuration. While virtual servers can be provisioned through virtualization or cloud orchestration tools, data center networking equipment and control path policies must be set up on a device-by-device or even a network flow-by-flow basis. Yes, network management software can help but it is really just an improvement over CLIs in that it provides a GUI for central management of individual devices and control planes. Network configuration changes remain a tedious link-level slog while heterogeneous networks must be managed through multiple network management systems. It is also worth noting that ESG research points to data center networking discontinuity issues within the IT organization itself. Many organizations point to problems such as skills deficiencies, lack of coordination/cooperation between the networking team and other functional IT groups, and their inability to recruit new networking professionals with the right skill sets. Figure 1. Data Center Networking Challenges What are the biggest challenges facing your networking team with regards to data center networking? (Percent of respondents, N=280, multiple responses accepted) Network security 51% Network performance 44% Network management 37% Recruiting new employees with the right skill sets Lack of coordination/cooperation with other IT functional teams Lack of knowledge about emerging networking technology innovation Lack of knowledge about new technologies like server virtualization and web-based applications 29% 26% 21% 19% 0% 10% 20% 30% 40% 50% 60% Source: Enterprise Strategy Group, 2012.
3 ESG Brief: IBM/NEC Partnership Brings SDN/OpenFlow to Enterprise Data Centers 3 ESG believes that data center networking discontinuity may pose a threat to business operations. Networking issues could ultimately lead to service level degradation, delay business initiatives, and skyrocket IT operations cost. Clearly, something has to give and soon. Software to the Rescue? Data center networking discontinuity is nothing new. Networking vendors have seen this fracture building over the past few years and have introduced a number of innovations like fabric architectures, network convergence (i.e., common data and storage network transport) and amalgamated computing/network hardware in response. Yes, this improved upon the existing rigid data center network model but these new products remain proprietary, limiting their effectiveness in large heterogeneous networks. Many networking vendors have also tried to emulate the flexibility of server virtualization by integrating with server virtualization management platforms like VMware vcenter. This enables automated provisioning and policy management but doesn t help when enterprises adopt additional server virtualization technology like Microsoft Hyper-V or experiment with cloud platforms like OpenStack. While many new data center innovations are limited, there is a promising alternative called Software-Defined Networking (SDN) gaining momentum. SDN was first conceived at Stanford University in an effort to segment production networks so that researchers could test new network technologies and protocols in a quasi real-world environment. More recently, SDN has gained broad interest in the networking community and led to the formation of the Open Networking Foundation (ONF), a nonprofit organization composed of leading networking, telecommunications, software, and cloud computing organizations. How does SDN work? While a detailed explanation of SDN is beyond the scope of this ESG Brief, SDN creates a new paradigm for data center networking because it: Centralizes the brains of the network. In today s legacy networks, each device has dedicated processing capacity and programmed instructions for controlling how network packets should be moved from the device and through the network. Since networks are composed of multiple devices, this means that: 1) The control plane of each device must be configured independently which complicates network operations, and 2) Each time packets traverse a new device, they have to receive distributed control instructions in order to proceed to their final destination. This can impact network performance and latency. Rather than a devicecentric distributed control plane, SDN is based upon a centralized controller which manages data flows throughout the entire network. By centralizing the control plane, SDN-based networks can streamline network operations while transforming disparate networking devices into an integrated data center fabric. Replaces hard-wired instructions with open software. Legacy networking devices are configured using CLIs or vendor-provided network management tools. This limitation means that network flexibility depends upon each vendor s network management software features and development schedules. Alternatively, SDN is based upon open standards and controller-based software running on a standard x86 server. With a foundation of open standards, software developers can then program an SDN network to accommodate a multitude of use cases. The ONF has proposed an SDN model based on protocols and APIs called OpenFlow. OpenFlow provides a standardsbased method for: 1) SDN controller to networking device communication, and 2) Software-based access to the flow tables that instruct networking devices on directing traffic flows. SDN/OpenFlow Benefits Why is the industry so excited about SDN/OpenFlow? Because it has the potential to directly address the issues created by data center discontinuity described previously. By centralizing flow tables, opening APIs, and using software to program the network, SDN/OpenFlow can virtualize the network just as hypervisors introduced virtualization to physical servers. This can allow large organizations to program their networks, creating virtual network segments that could be used for different purposes. In this way, SDN/OpenFlow can facilitate dynamic IT requirements, and flexible implementation options while streamlining network operations. In this way, SDN/OpenFlow networks can overcome the imitations and operational challenges posed by today s legacy networking equipment (see Table 1):
4 ESG Brief: IBM/NEC Partnership Brings SDN/OpenFlow to Enterprise Data Centers 4 Table 1. Comparison Between Legacy Networks and SDN/OpenFlow Networking Requirement Secure network segmentation Traffic engineering Legacy Network Requires complex mix of VLANs, IP subnets, ACLs, and firewall rules that are configured on a device-bydevice and/or flow-by-flow basis. Very difficult over distance. Network must be configured for QoS. Limited options for multipathing. Manual configuration changes may be required to address traffic congestion. SDN/OpenFlow-based Network Virtual network segments can be configured centrally and enforced throughout the network and over distance. Can also simplify network security architecture by directing flows to security policy enforcement services like network firewalls, application firewalls, and IDS/IPS. Virtual end-to-end path can be programmed into the network. Central control plane turns aggregation/core devices into a high speed transport backplane. In the future, SDN/OpenFlow networks will be able to make network flow decisions based upon real-time analysis of network utilization statistics. Network provisioning Network must be provisioned and OpenFlow controller can discover new devices which can configured on a device-by-device basis then inherit configuration policies as they come online using CLIs or proprietary network management GUI IBM and NEC Join Forces on SDN/OpenFlow While the OSF efforts are extremely promising, few SDN/OpenFlow products are actually available for use. This situation is changing however as leading vendors embrace SDN/OpenFlow, add SDN/OpenFlow support to products, and work collectively to drive SDN/OpenFlow adoption with their customers. This is exactly what IBM and NEC are doing with their recent OpenFlow switch and controller co-marketing announcement. The two companies were founding members of the ONF. IBM and NEC are now combining their unique value with a leading SDN/OpenFlow offering based upon: IBM RackSwitches. Demonstrating its commitment to SDN/OpenFlow, IBM System Networking announced the IBM OpenFlow-enabled RackSwitch G8264 in October The IBM RackSwitch G8264 is a 10 and 40 Gigabit Ethernet (GbE) switch specifically designed for the data center, providing speed, intelligence and interoperability on a proven platform offering 10/40gbE ports. The IBM OpenFlow-enabled RackSwitch G8264 fully supports the current version of the OpenFlow standard. NEC ProgrammableFlow controller. NEC provides the software brains with the first OpenFlow controller available in the market. NEC s pflow controller can discover the network and its topology (in this case, IBM OpenFlow switches), gather network statistics, and act as a central control plane for traffic/network management. Both companies demonstrated production-ready SDN/OpenFlow products at Interop Less than a year later, the two companies are combining their efforts to offer the first high performance end-to-end data center fabric architecture based upon SDN/OpenFlow. IBM and NEC already share joint customers. For example, Stanford University, the originators of the OpenFlow protocol, will deploy IBM and NEC s solution in parallel to their production network to test functionality and application in the Stanford environment. Tervela, provider of a market-leading, distributed data fabric, has validated that this solution delivers a breakthrough in dynamic networking to ensure predictable performance of Big Data for complex and demanding business environments, such as global trading, risk analysis, and e-commerce. Selerity,
5 ESG Brief: IBM/NEC Partnership Brings SDN/OpenFlow to Enterprise Data Centers 5 provider of ultra-low latency event data, will employ IBM and NEC s OpenFlow solution to accelerate real-time decisionmaking for global financial markets. The Bigger Truth For many years, the networking industry has been predicting that legacy data center networking technology would not be capable of supporting massive network traffic, chatty web applications, and dynamic server virtualization. ESG research clearly indicates that the future is now we ve reached a point of data center networking discontinuity. Incremental innovations like switch clustering, ultra low latency switches, optical cabling, and 40/100 GbE will help but the time-honored practice of managing networks on a device-by-device basis has reached a point of obsolescence. ESG believes that there is a simple answer to the data center networking discontinuity quagmire software. Just as hypervisors turned under-utilized x86 servers into virtual server farms, data center networks need software to transform connected devices into virtual networks and an end-to-end fabric architecture. This is exactly what SDN/OpenFlow is designed to do. ESG believes that industry cooperation and openness of SDN/OpenFlow has the potential to lead to a new wave of networking innovation as an army of global developers embrace and extend the standard in creative ways. IBM and NEC have been active participants with SDN/OpenFlow from its infancy and are now poised to feast on the fruits of their labors with their combined data center solution. Yes, this is good for each company s revenue prospects, but ESG believes that the IBM/NEC announcement also marks a milestone SDN/OpenFlow is no longer a science project for academics with IBM and NEC leading the way, it is now ready for enterprise production data centers. All trademark names are property of their respective companies. Information contained in this publication has been obtained by sources The Enterprise Strategy Group (ESG) considers to be reliable but is not warranted by ESG. This publication may contain opinions of ESG, which are subject to change from time to time. This publication is copyrighted by The Enterprise Strategy Group, Inc. Any reproduction or redistribution of this publication, in whole or in part, whether in hard-copy format, electronically, or otherwise to persons not authorized to receive it, without the express consent of the Enterprise Strategy Group, Inc., is in violation of U.S. copyright law and will be subject to an action for civil damages and, if applicable, criminal prosecution. Should you have any questions, please contact ESG Client Relations at
White Paper Building a Private Cloud Cisco and Microsoft Optimized Infrastructure Strategies By Mark Bowker, Senior Analyst April 2014 This ESG White Paper was commissioned by Cisco and Microsoft and is
White Paper Integrated Network Security Architecture: Threat-focused Nextgeneration Firewall By Jon Oltsik, Senior Principal Analyst September 2014 This ESG White Paper was commissioned by Cisco Systems
White Paper Information Security, Virtualization, and the Journey to the Cloud By Jon Oltsik August, 2010 This ESG White Paper was commissioned by Trend Micro and is distributed under license from ESG.
White Paper The Internet of Things: A CISO and Network Security Perspective By Jon Oltsik, Senior Principal Analyst October 2014 This ESG White Paper was commissioned by Cisco Systems and is distributed
White Paper How to Build a Better Cloud: Leveraging Unified, Virtualized Storage and Data Center Fabrics By Bob Laliberte, Senior Analyst, and Kerry Dolan, Research Analyst September 2012 This ESG White
Software-Defined Networking: The New Norm for Networks ONF White Paper April 13, 2012 Table of Contents 2 Executive Summary 3 The Need for a New Network Architecture 4 Limitations of Current Networking
Solution Brief Check Point Capsule for Mobile Computing Security, Operations Efficiency, and Business Enablement Date: October 2014 Author: Jon Oltsik, Senior Principal Analyst; Kyle Prigmore, Research
Introduction Mobility, cloud, and consumerization of IT are all major themes playing out in the IT industry today all of which are fundamentally changing the way we think about managing IT infrastructure.
Research Brief 2012 Networking Spending Trends Date: March 2012 Author: Jon Oltsik, Senior Principal Analyst; Bob Laliberte, Senior Analyst; and Bill Lundell, Senior Research Analyst Abstract: According
Product Brief NetScout Expands ngenius Monitoring Switch Portfolio Date: January 2013 Author: Bob Laliberte, Senior Analyst and Perry Laberis, Senior Research Associate Abstract: NetScout has announced
White Paper Converged Infrastructure and Data Protection Should Be One Conversation, and Hitachi Is Delivering It By Jason Buffington, Senior Analyst; and Monya Keane, Research Analyst May 2014 This ESG
White Paper The Network Application Security Architecture Requirement By Jon Oltsik March, 2011 This ESG White Paper was commissioned by Juniper Networks and is distributed under license from ESG. 2011,
The 2015 Guide to SDN and NFV By Dr. Jim Metzler, Ashton Metzler & Associates Distinguished Research Fellow and Co-Founder Webtorials Analyst Division Sponsored in part by: Produced by: TABLE OF CONTENTS
WHITE PAPER: Integrated Infrastructure and Performance Management for Virtualized Environments Integrated Infrastructure and Performance Management for Virtualized Environments APRIL 2009 Table of Contents
Network Monitoring with Software Defined Networking Towards OpenFlow network monitoring Vassil Nikolaev Gourov Master of Science Thesis Network Architectures and Services Faculty of Electrical Engineering,
The Road to Cloud Computing How to Evolve Your Data Center LAN to Support Virtualization and Cloud Introduction Cloud computing is one of the most important topics in IT. The reason for that importance
White Paper Hybrid Cloud Storage Defining and Explaining Microsoft s Solution Deployment of StorSimple and Windows Azure By Mark Peters, Senior Analyst November 2013 This ESG White Paper was commissioned
Network Monitoring Fabrics Are Key to Scaling IT September 2014 Prepared by: Zeus Kerravala Network Monitoring Fabrics Are Key to Scaling IT by Zeus Kerravala September 2014 º º º º º º º º º º º º º º
SDN Security Considerations in the Data Center ONF Solution Brief October 8, 2013 Table of Contents 2 Executive Summary 3 SDN Overview 4 Network Security Challenges 6 The Implications of SDN on Network
Microsoft System Center 2012 R2 Why Microsoft? For Virtualizing & Managing SharePoint July 2014 v1.0 2014 Microsoft Corporation. All rights reserved. This document is provided as-is. Information and views
Microsoft Private Cloud A comparative look at Functionality, Benefits, and Economics Published: July 2012 Copyright Information 2012 Microsoft Corporation. All rights reserved. This document is provided
Enabling Solutions in Cloud Infrastructure and for Network Functions Virtualization Gateway Use Cases for Virtual Networks with MX Series Routers 1 Table of Contents Executive Summary... 3 Introduction...4
Research Report Abstract: Trends in Private Cloud Infrastructure By Mark Bowker, Senior Analyst and Bill Lundell, Senior Research Analyst With Jennifer Gahm, Senior Project Manager April 2014 Introduction
WHITE PAPER Introduction... 2 Reduce Tool and Process Sprawl... 2 Control Virtual Server Sprawl... 3 Effectively Manage Network Stress... 4 Reliably Deliver Application Services... 5 Comprehensively Manage
SAP Statement of Direction Business Intelligence Solutions Business Intelligence Solutions from SAP: Statement of Direction Table of Contents 3 Quick Facts 4 Driving Business Innovation Through Radical