By: Nihad Hassan
December 1, 2021
Software Defined Networking (SDN)
By: Nihad Hassan
December 1, 2021
Digital technologies provide numerous benefits for their adopters, such as increasing efficiencies and reducing operational costs. Integrating digital technology into all business areas is known as Digital Transformation, and it has gained immense popularity.
To adopt Digital Transformation, an organization needs to foster its automation capabilities. Having a robust computer network is essential for leveraging the benefits of adopting modern computing technologies (e.g., edge computing, IoT, cloud computing).
Even today, many organizations support data and application sharing utilizing old networking architecture, such as using a hub to connect multiple computers to the data center. Such a networking model is no longer suitable to support modern technologies such as:
Accessing data and applications hosted on cloud environments (many modern organizations are now cloud-native or cloud-only organizations).
Allowing remote access to corporate resources (work from home), especially in the wake of the COVID-19 pandemic, which resulted in shifting the majority of the workforce to be remote.
Allowing employees to connect their devices to the organization network (BYOD).
Providing internet access to some computers within the network while denying access to the rest.
Facilitate connecting thousands and even millions of Internet of Things (IoT) devices to corporate networks. According to Statista, the number of IoT devices worldwide is forecast to reach more than 25.4 billion devices in 2030.
Modern computer networks should support all these functions while maintaining the highest security standards to ensure the security of data traversing through the network. This is where Software Defined Networking comes into play.
What is Software Defined technology?
To understand what benefits SDN brings into modern networks, let us first describe how legacy networks forward data. Traditional computer networks combine two functions - the control plane and data plane - in one single device (such as a router or a switch). In a networking device (e.g., switch), the control plane is responsible for forwarding data (the data plane or the actual packet) from one device to another across the network. The control plane comprises different routing networking protocols, such as Open Shortest Path First (OSPF) and Border Gateway Protocol (BGP). They are responsible for finding the best route, optimal interface, and port to forward the data packets (data plane) from one network place to another.
While the control plane protocols did well in the past –and still today - in establishing network routes (creating the routing table) to forward data between various network locations, its limitation began to appear with the rise of modern technologies, especially with the increased dependence on cloud applications. To understand the limitation of the traditional control plane applied to on-premises networks, let us explore how data is forwarded in the cloud environment.
In the cloud, the client organization has little or no control over how data is forwarded. For example, suppose you want to implement Artificial Intelligence (AI) on your customers' cloud data to get valuable trends for future sales. Before returning the results, your cloud provider may need to process the data using another application/service hosted on another cloud provider. Customers do not have control over the entire routing path of their sensitive data, so how can you ensure that an unauthorized party has not accessed processed data? What about compliance regulations? Can you ensure customer data is not processed in another country, a situation that could make an organization non-compliant with regulations such as the GDPR, HIPAA, or PCI DSS?
Now, let us move to the data plane. It includes all the networking functions and processes responsible for moving data packets from one interface to another using the routing path defined by the control plane. The data plane contains three essential functions: the routing table, the forwarding table, and the routing method. Data plane also provides other features such as encryption, quality of service, and Access Control List (ACL). Such features are configured statically on each networking device. Because we cannot change the configuration dynamically to scale according to the type of network applications running, such configuration becomes difficult to implement because we need to configure each networking device independently.
Now that we understand how traditional network architecture works let us define Software-Defined Networking (SDN) and what benefits it brings to modern computer networks to enhance their functions.
SDN is a modern technology for managing computer networks by using a software application. By using an SDN solution, network administrators can dynamically change the network topology without changing the layout of physical equipment.
A centralized component manages the entire network in a typical SDN architecture and separates the control plane from the data plane. This component is called the SDN controller and is typically implemented using the OpenFlow protocol.
What is OpenFlow?
OpenFlow is the most common protocol used in SDN networks. It is used to facilitate interactions between the SDN controller (the SDN network's brain) and the underlying data plane. OpenFlow is a free, open-source standard, first developed in 2008 by Stanford University and is now managed by the Open Networking Foundation (ONF). The first protocol defines how the control plane and data plane elements of networks can be separated and interconnected in an SDN environment using the OpenFlow protocol (see Figure 1).
By utilizing OpenFlow protocol, network administrators can gain many advantages when managing computer networks. The most noticeable ones are:
Remotely configure SDN-enabled networks that contain switches from different vendors running different proprietary software.
Allow greater flexibility and control over traffic passing through the network by applying various routing protocols, enforcing Access Controls List (ACL) and other network security policies from a central network location, without the need to configure each networking device separately.
Allows more scalability in adding different services and functions to networks.
Facilitate management of distributed networks located in distant geographical areas and have few employees. Such networks require centralized management, and SDN provides such capability most securely and efficiently.
Detect network problems (such as network congestion) early and respond automatically to increase bandwidth or processing to fix the problem.
Enhance network visibility, which leads to enhanced security by the early discovery of malicious packets.
Figure 1 - Typical Open Network Foundation (ONF) for SDN networks
Organizational networks are scaling rapidly to include all types of digital transformation technologies. Traditional WAN network architecture is no longer enough to support modern technologies and new business requirements that need to incorporate these technologies in all aspects of the business.
This article has shed light on the concept of Software Defined Networking. It has shown its importance in fostering the adoption of modern technologies imposed by the rapid increase in IoT devices and the widespread usage of cloud-computing services.