This blog post is an excerpt from GovLoop’s recent resource, Leveraging the Benefits of SDN to Improve Agency Networking. Download the full resource here.
SDN is about using software to change the behavior of the network.
“In some ways, SDN is not a new concept,” Ingram said. “We have been using software to modify the behavior of the network for many years. Today, the term SDN primarily applies to a new approach to provisioning virtual network overlays.”
Virtual overlays allow agencies to create multiple virtual networks out of one physical network. The purpose of the virtual network is to enable multiple end users to share the network while maintaining proper traffic separation and security.
What the new overlays promise is a more effective way of creating virtual networks within the data center, which is a big deal. In the past, we have used virtual local area networks (VLANs) to virtualize the data center network. However, VLANs have two shortcomings: We are limited to 4,000 VLANs in a single network, and the endpoint of a VLAN is a network device rather than being connected directly to the application. Thus, establishing the VLAN was generally a separate task from the provisioning of the application, adding time and complexity.
With the new SDN overlays, there is no practical limit to the number of virtual networks, and the endpoint of the virtual tunnel is now connected directly to the virtual machine containing the application. Thus, the virtual network is automatically manifested when the application is deployed. Further, services like security, load balancing, and network stitching can be predefined and automatically deployed with the application.
In the end, SDN can eliminate many of the time-consuming manual configuration tasks required to deploy or update an application, reducing errors and time to deployment. Thus, it becomes easier to create cloud environments and share resources and services internally and externally, Ingram explained.
What SDN promises for most agencies is an improvement in orchestration, or the ability to deploy applications. In the orchestration process, the goal is to get the various parts of the infrastructure — servers, storage, networking, firewalls, security tools — properly configured and ready to support applications.
“In the past, when an agency wanted to deploy a new application and host it on a physical server, it would take about two months to order the server, receive it, install it, and test it,” Ingram said.
Spinning up a virtual server used to take months, but now it takes only a few minutes. Increasingly, virtual servers are replacing physical servers. Yet, IT departments that rely heavily on manual processes still must orchestrate various parts of the data center and network to ensure existing and new applications run properly.
Among the required changes are:
- Setting up the virtual network for each new application
- Establishing security and network services, and
- Implementing load balancers to distribute application traffic.
Completing these tasks may consume weeks of network management time when multiple systems are involved and much of the work is accomplished manually.
“The promise of SDN in the network is to shorten that time period from weeks to minutes,” Ingram said. SDN allows agencies to configure the servers, storage, network, security, and load balancing in an automated fashion, eliminating the tedious and time-consuming manual approach.
The focus is on automating the simple, repetitive tasks, Ingram said. As networks and their complexity continue to grow, SDN delivers automation options that can save agencies time and costs associated with routine network operations.