The last time we touched on software defined networking (SDN), or virtual networking, the industry was just lining up behind the OpenFlow standard that now defines it. By the end of 2012, the big players had gobbled up billions of dollars worth of startups, and SDN is poised for a mainstream push in 2013.
Serious SDN benefits include cost savings, superior uptime, and ease of management. Here are some things you need to know about OpenFlow and SDN for 2013:
1. There's no reason to wait.
CIOs have never cared much about being early adopters. Reducing costs is important, but less so than maintaining availability, integrity, and security. If SDN were an either/or requiring you to swap your top-tier infrastructure for something from an unknown vendor, we'd probably tell you to wait. But it's not. SDN isn't a maybe -- it's a definite -- and nearly every major hardware and software now supports it.
There are plenty of great, smaller companies like Cyan producing applications worth a look, but now that the big guys have bought their way into the market, even the most conservative IT department can dip its toes in the water with full enterprise support from a trusted source. With switches that can toggle between traditional L2/L3 and OpenFlow modes, you can experiment with OpenFlow on an ad hoc basis. Discuss your plans with your vendor before beginning (you may even find some great discounts when you do), but get started now.
2. Security is still a concern.
Ultimately, the provisioning benefits of SDN should make networks more secure, but until that point, there are a lot of unknowns, and hackers will absolutely exploit them. As with any new technology, it will be best to start small with your SDN deployment. Begin with discrete, non-critical applications, and only move on when you're sure you have the systems in place to support it. The SDN network controller is a new component and a particularly juicy target for attacks. It's worth considerable testing. You should also start your project with the smallest possible number of vendors to minimize integration points.
Begin with your existing switch and security providers, if possible, and take their lead regarding partners. Be sure to avoid any additional, long-term contracts at this point, though, since flexibility will become more important later on. As your network and the competence of your staff grow, you can begin to integrate best-of-breed components where they make sense.
3. Get legal advice.
Sarbanes-Oxley and other regulations require certain auditing and security standards. Compliance issues will vary by enterprise and the field you're in (healthcare and finance will have particular trouble), but regulations might conflict with virtual networks. Involve the legal department in your planning stages, and enlist their help determining which data and applications are safe for experimentation. If you find your discussion is becoming too technical for the legal or IT departments to understand each other, back off and look elsewhere. It's not worth the risk when new case law will answer the question for you in a matter of months.
While the terms "compliance" and "legal department" might scare off some IT departments, SDN has too many benefits not to look into. Proceed with caution, but proceed.