Thursday, October 19, 2017

Get ready for SDN with Network Management Automation

by Leon Adato, Head Geek, SolarWinds

If you work in IT, you would have most certainly heard of SDN – Software Defined Networking. However, whereas before many felt it was just an acronym which you needed to be somewhat aware of, it’s now much more important and something that will become mainstream within a few short years.

In the grand scheme of things, SDN is still in its infancy in terms of development and testing, despite this, the SDN market is estimated to reach a $3.52 billion by 2018. If you’re reading this with surprise and anxiety – it’s time you started preparing for its implementation.

Let’s start with the basics…


Why should I care about SDN?

Fundamentally, SDN allows the network to detect changes in data flow and reconfigure itself. The data path in the network is managed by a central software-based ‘control plane’, which communicates critical information to all devices, such as quality of service (QoS), permitted data types and best path.

At the moment these types of changes are made by the network administrators semi-manually, making it inefficient but also prone to human-error, frequent mistakes and misunderstandings.

In addition to this the pace of virtualisation in business’ today, and the fact that it isn’t set to slow down any time soon means manual network management is not a long-term solution.

This is the problem SDN is set to solve – from servers to storage to applications, Software Defined Networking will be the only way to manage virtualisation.


Get started on the path to SDN with Network Management Automation

Even though SDN is still in its early stages, it is still important to put the technology into production today in order to be prepared for its full implementation tomorrow.

The best way to do this is with network management automation or, to be more specific, through configuration management automation.

For example, normally devices are manually set up with a configuration and then placed on the network, with adjustments made to the configuration if a problem is detected.

Now imagine if any infrastructure device which is placed on the production network could be instantly moved into a networking ‘no man’s land’ – this could be done by leveraging VLAN0 and basic rules.

This ‘no man’s land’ could then be scanned frequently for new arrivals and, if one is found, an alert action is triggered to run a script which connects to the device using default information.

If that fails it sends a ticket for the network administrator to intervene.

However, in most cases this won’t be necessary as the connection attempt will successfully push a basic configuration to the device, while also making changes to the infrastructure to allow the device to join the production network.

This example shows how configuration management results in very little human intervention, allowing the IT pros’ work to stop at the racking and stacking.

Now on to the second example. Imagine that during the initial phase of monitoring, NetFlow and deep packet inspection are leveraged and it’s discovered that the devices are being used as a connecting point for users to receive video data, as well as to access cloud-based services.

In this instance if a second alert is triggered, a specific set of access control lists (ACLs) can lock down cloud destinations and video data can be given a higher quality of service (QoS) through a traffic shaping template.

Finally, let’s say the configuration management tool has identified that there has been an unexpected change made to the device’s configuration.

In this case the tool can do one of two things: push the configuration which we know is correct and works, or put the device in a quarantined state so that a human can intervene and investigate.

These examples show that the goal of network management automation is to employ the smaller and more specialised tools in order to gather insights about the network and the devices using it. The ingredients to make this up are:

  • Bandwidth: Keep an eye out for unexplained spikes in activity
  • Availability: Visibility into the space available on disks, interfaces, applications and boxes
  • Configuration: Compare, back-up and deliver all or part of the device’s configuration
  • Deep packet inspection: Monitor the course and destination of ‘conversations’ on the network, evaluating usage (database, video, cloud, etc.) and user experience (is it slow? Is this due to the network or server based causes?)
  • NetFlow: Review the flow and types of data from user to user

Start preparing for tomorrow, today

There are only a handful of SDN implementation vendors on the market today, however they have already drastically changed the market over the past few years. When it comes to SDN the future is very much unknown.

It will without a doubt require new wireless controllers, routers, switches, on-premises hardware, and storage infrastructure, to name a few.

However, most importantly, the shift towards SDN will require new ways of thinking about networking.

A solid understanding and implementation of network management automation is a good first step to ensure you’re prepared.