CIO's Evaluation of Implementing Software Management of the Network Layer

Shreyas Shah, SVP-IT & CIO, Lumentum
357
583
117

Shreyas Shah, SVP-IT & CIO, Lumentum

As CIOs begin planning for future budget cycles, they must analyze their existing networks (capacity, depreciation, maintenance) against purchasing new physical equipment, as well as cloud-based virtual environments. Recent studies suggest other considerations.  

“Gone are days of proprietary hardware and software; industry trends are rapidly moving to open source”

According to Gartner’s global 2015 CIO survey findings, CIOs around the world are facing high levels of uncertainty as 2015 gets underway.  “The only certainty for CIOs seems to be the unstoppable advancement of digitalization,” said Dave Aron, Vice President and Gartner Fellow. “Government, companies, and our personal lives are being more deeply penetrated by digital capabilities, opportunities, and threats.” Aron continued: Digitalization represents both a massive opportunity and new and heightened levels of threat for all countries and companies, and CIOs are facing new, more challenging and more exciting circumstances as digital moves to center stage.

So, what is a CIO to do?  

Networks are the critical plumbing to digitization, more than ever before, is a combination of the network and software layer.

Gone are days of proprietary hardware and software; industry trends are rapidly moving to open source. The drivers of virtualization and private/public/hybrid cloud infrastructure are agility, costs, and flexibility. To understand this open source environment better, let us look at the two trending approaches: SDN and NFV

First, we need to understand the software layer: what it is, and is not. Define terms. Moreover, start from a common understanding of how, when, and what is a good approach.  

Networks today have a large and increasing variety of proprietary hardware appliances. As new generations of technology are developed, older systems are retired. Instant data access for internal clients is still a necessity even as information is transitioning to new platform/hardware. Network Function Virtualization (NFV) puts network services on a generic hardware or virtualized platforms.  Software-Defined Networking (SDN) does many things well. Essentially, it separates (virtualizes) functions of a network switch:

•Data plane: moving packets of data from points A to B, remains a hardware function.  

• Control and management planes: responsible for identifying, prioritizing and defining actions and managing all aspects of the data, come out of the network equipment and run on standard servers.

By virtue of this separation, NFV and SDN enables network deployments to become less dependent on proprietary systems, allows IT departments to adapt and change with a higher degree of flexibility.   

SDN usage today exists mainly with service providers. Each customer wants the same basic things: processing and storage capability, network security, and isolation from peers. SDN provides that platform per tenant within a single physical environment. Enterprises recognize SDN as inevitability.

Using a combination of both SDN and NFV can accelerate implementation of new capabilities, yet seamlessly for internal clients: especially, those groups with business critical operations (sales, finance, operations).  

Now that we understand, how does the CIO get started?

CIOs when considering SDN or NFV, must immediately evaluate open source programming. New companies with off-the-shelf solutions are born almost every week. They make it easy to start a turnkey program, but is that the best tactic? Open source, unlike proprietary approaches—prevalent for physical hardware systems—gives IT staff great flexibility and opens the door to a new generation of APIs. Despite the power of open source, CIOs need to ensure they are choosing the right path.  Here are some considerations worth further review:

Security

There are many security considerations with open platforms/turnkey solutions, let us explore several important ones.  

When dealing with multiple and heavy integrated SDN components, will each component manage their own access controls or will it be controlled by a common access layer, and can this control layer be bypassed. Moreover, solutions may use untested alpha/beta code. You have to be comfortable with this.  

Also, understanding tool and package dependencies will be very important. When dealing with complex dependencies and interoperability with software and hardware, be cautious of covert channels (like temp read/write storage, etc.) that are accessible by other aspects of the system.

Open source does not necessarily mean it’s less safer or less secure, always exercise diligence and best practices for secure coding and secure architecture design. The best-written software can be defeated if it was implemented incorrectly.  Also, remember to provide secure coding training to your staff if they are building the packages.   

Lastly, ask yourself—is open source too big a security risk?  

Infrastructure/Hardware

There are many considerations at the hardware level too. Will the services and infrastructure be interoperable regardless of virtual or hardware platform? Are turnkey SDN solution fully supported by vendor vs. toolkits used by IT team for development? Is your current hardware even capable of integrating into SDN?  

Training/Skills—Organizational Readiness

If you have decided to go ahead with implementation, does your staff already have the knowledge necessary, or does training need to begin even before you kick-off the project?  

If they get the training what are the sacrifices you might encounter.  Will SDN become a deterrent to the development of innovative ideas for other IT projects?

Why should a CIO consider SDN?

The benefits of a SDN implementation are many.  SDN gives you tremendous flexibility with the ability to create multiple virtual networks on the same physical network.  There is no need to rip and replace; phase in next generation capabilities while interoperating with existing hardware investment.  No more long lead times for provisioning hardware, you have the ability to “spin-up” virtual capacity during peak usage periods. Utilizing this approach could reduce implementation lead times and provide more functionality. Such agility to respond dynamically to business needs is most enticing.

With current pressures on IT budgets, CIOs can leverage SDN to manage capex and costs while still being able to upgrade and strengthen their networks.

Now, how does a CIO make it happen?

To bring SDN in successfully, CIOs need to identify use cases, build a roadmap, and create a phased implementation plan.  Start with a review of the topography of your network environment along with application and data requirements. A typical organization will have multiple sites with applications and data residing on combination of on premise, and private and public clouds.

Firewalls and load balancers may be good candidates to start with.  I would recommend setting up a test environment first; even perhaps, running proof of concepts with several vendors.  Use this environment not only for testing but also for training your IT staff.  Here you could simulate real world conditions, set expectations for the team and even invoke some delays or power failures. For example, look at core applications during quarter end, or the customary service spikes for product shipments. Examine these results before isolating a part of the network to kick-off the project. Maybe contrast the test with a similar hardware failure. How do they compare? It’s important to identify your criteria and use the tests to confirm the benefits of SDN.

SDN is here to say. SDN will co-exist with hardware for a long time, but as APIs get more robust and implementation processes improve, virtual networks will be more and more the industry standard.

Read Also

A New Architecture for a New Age

David Easthope, SVP, Celent Securities & Investment Group

Microsoft Solutions: Driving Efficiency and Productivity Gains

Kevin Haskew, SVP & CIO, ON Semiconductor