While core functions differ, a very basic explanation of Software Defined Networking (SDN) includes the separation of network control and forwarding operations and centralisation of control to provide instructions to the switching infrastructure. This effectively decouples the network from the underlying hardware and allows the network to better integrate with and support virtualised data centres.
Network Functions Virtualisation (NFV) on the other hand, does precisely what its name implies and virtualises network functions such as ADCs (Application Delivery Controllers) and WAFs (Web Application Firewalls). The implementation of network functions in software removes the need for physical proprietary pieces of hardware and allows the network to fully benefit from virtualised data centre technology.
> See also: 5 predictions for software-defined networking
NFV makes ADC and WAF virtualised functions more accessible to the rest of the virtual infrastructure and provides the framework for service chaining multiple network services. By placing these virtual appliances in a hypervisor environment you create a centrally programmable infrastructure that reduces cost, by not having to maintain and support scores of physical appliances. It also improves reliability as misconfiguration and operator errors become a smaller issue.
So how do you determine whether or not NFV along with SDN makes sense for your business? While there is the promise of lower costs, easier management and higher reliability; as with any IT infrastructure change, there is also investment and risk that must be weighed against the potential benefits.
The lower cost part of the equation is clear when you consider that SDN and NFV reduce CAPEX and vendor lock-in compared to expensive proprietary networking infrastructures. Additionally, by reducing this infrastructure, your data centre environment becomes more centrally managed; power and cooling costs go down; and potential failure risks are minimized.
Reliability is another key driver for virtualising network functions and building the framework for a SDN. Reducing the need to configure individual physical devices means a reduction in the number of potential sources of misconfiguration as well as the overhead associated with administering individual devices.
However, something to keep in mind is that an SDN controller or orchestration plane – either providing instruction sets to switches or configuring complex service chains – does not have the capability to confirm the validity and soundness of what’s being programmed. It is still up to administrators to gather the appropriate business requirements, ensure that the correct actions are entered into the program and monitor for anomalies.
Mitigating the risk of misconfiguration comes from reducing the number of physical network devices and automating the orchestration of commands. Instead of the network manager being required to make changes to dozens or even hundreds of appliances, each one multiplying the chance of a mistake and degradation, the manager needs only to invoke a few changes to the virtualised network infrastructure.
In addition, most changes to the network functions are programmed by applications residing on, or working with, the SDN controller, with no manual access required.
This reduced need for manual intervention into the network infrastructure also means that the requirement for network management is reduced. When most changes are made to a virtualised infrastructure by the SDN controller, there’s less reason to require manual access for many routine functions.
While it's clearly not a conceptual requirement to implement SDN and NFV together, the capabilities of both technologies complement one another and work well together in supporting a Software Defined Data Centre (SDDC) model. As an example, implementing the concepts of SDN without virtualising network functions would tie the network to the world of hardware.
This conflicts with the spirit of SDN, which focuses on putting network intelligence in software. ADC-NFV integration with SDN adds significantly more intelligence to the datastream so that the SDN controller can not only make faster decisions, but far more informed decisions in terms of what pathways are optimal for the application.
With NFV you can take advantage of emerging standards such as OpenFlow, which allows separation of packet forwarding and routing decisions within the infrastructure. In the process, this opens the communications chain inside of the platform to additional functions such as load balancing, edge security or application delivery. Another benefit of the SDN-NFV combo is the ability to ’service chain’ all NFV services.
For example, load balancing to web app security or firewall to IDS is handled in a more easily programmatic and flexible way. This approach not only provides data compatible with the SDN controller but can also influence SDN decisions about the underlying network infrastructure. In each case, the NFV and SDN ecosystem can use best of breed applications for each function.
Another important factor to consider in the SDN-NFV ‘better-together’ equation is what impact you can expect to your applications. Will you see the same level of high availability and performance assurance as you do in a traditional datacentre if you implement SDN?
Even with the advent of SDN a need still exists for bridging the gap between the lower network layer information that an SDN controller has access to, with the upper layer application visibility that a middle-box has.
Since NFV services like ADCs are able to provide feedback on application health status, user access and application instance performance, they are in a prime location to inform the SDN controller about metrics that would generally be out of view – resulting in better decision making.
> See also: Paving the way for enterprise mobility with SDN
While transitioning from a traditional network to one utilising SDN and NFV technologies is no trivial task and may require a huge uplift and implementation, the flexibility that comes as a result of a SDN-NFV implementation helps to simplify operational maintenance and provides the framework for better automating the network to respond and steer traffic based on real time conditions. This also means that a migration to a fully virtualised environment with both SDN and NFV can be done incrementally.
While the cutting edge brings technological and operational benefits, the bleeding edge of new technologies can be painful. By reducing implementation risks, improving efficiency and lowering the barriers to success, using both SDN and NFV means that your data centre can be efficient, cost effective and reliable, while also providing greater flexibility to drive hyper performance at hyper speed to market.
In short, the complementary nature of SDN and NFV makes them perhaps two sides of the same valuable coin and equally critical parts of a modern, efficient virtual network.
Sourced from Jon Braunhut, Co-Founder and Chief Scientist at KEMP Technologies