Disruptive network technologies are great—at least until they threaten to disrupt essential everyday network services and activities. That's when it's time to consider how innovations such as SDN, SD-WAN, intent-based networking (IBN) and network functions virtualization (NFV) can be transitioned into place without losing a beat.
"To be disruptive, some disruption is often involved," says John Smith, CTO and co- founder of LiveAction, a network performance software provider. "The best way to limit this is to use proven technology versus something brand new—you never want to be the test case."
Smith suggests limiting risk by following a crawl, walk and run approach. "Define the use case and solve it while initially limiting the risk exposure to a discrete set of end users for proof of concept testing," he says. "It’s always good to ensure that the business case will drive the need for the disruptive networking technology—it helps justify the action.”
"Starting with a smaller proof of concept in a non-production environment is great way to get comfortable with the tech and gain some early operational experience," advises Shannon Weyrick, vice president of architecture at DNS and traffic management technologies provider NS1. Before launching any disruptive technology, make sure everyone involved recognizes the value, understands the technology and rollout process and agrees on the goals and metrics, he adds.
Switching safely to SDNs
Software defined networking (SDN) is designed to make networks both manageable and agile. Utilizing a proven technology that’s been in the field successfully is vital to ensuring minimal disruption around SDN deployments, Smith says. "On the data center side, Cisco ACI and VMWare NSX are reliable infrastructure technologies, but it really depends what fits best with the business," he observes.
Full network visibility is essential to minimizing disruption, as an SDN installation works out its inevitable start-up kinks. "Having visibility solutions in place, such as network performance monitoring and diagnostic (NPMD) tools, can eliminate deployment errors and quickly isolate issues," Smith explains.
Kiran Chitturi, CTO architect at Sungard Availability Services, an IT protection and recovery services provider, recommends choosing an approach that embraces open standards and encourages an open ecosystem between customers, developers and partners. "Before adopting at scale, be patient in selecting specific use-cases like optimizing networks for specific workloads, accessing control limits and so on," he says.
Start with the open source and open specification projects, suggests Amy Wheelus, network cloud vice president at AT&T. For the cloud infrastructure, the go-to open source project is OpenStack, with many operators and different use cases, including at the edge. For the service orchestration layer, ONAP is the largest project in Open Source, she notes. "At AT&T we have launched our mobile 5G network using several open source software components, OpenStack, Airship and ONAP."
Weyrick recommends "canarying" traffic before relying on it in production. "Bringing up a new, unused private subnet on existing production servers alongside existing interfaces and transitioning less-critical traffic, such as operational metrics, is one method," he says. "This allows you to get experience deploying and operating the various components of the SDN, prove operational reliability and gain confidence as you increase the percentage of traffic being transited by the new stack."
It's also important to have a backup plan on hand. "Even the best-laid plans need a fallback," Weyrick says. "Make sure you have a plan for alternate transit for critical subsystems should the SDN fail." Ideally, such strategy would include automated failover. "But even a manual plan, thought out ahead of time in worst-case scenarios, may prove helpful and increase your confidence during and after transition," he adds.
The many paths to SD-WAN adoption
There are many ways to take advantage of SD-WAN, which applies SDN's benefits to wide area networks. "Customers can leverage existing infrastructure from vendors like Riverbed or Cisco," Smith says. Organizations can also opt for new features added to security appliances, like Fortinet and WatchGuard, or they can leverage virtual forms from SaaS service providers.
Regardless of the tools selected, Smith recommends piloting the technology at a handful of selected sites. "Document the lessons you learn and use that [information] to write the MOPs (methods of procedures) needed for site cutovers once full deployment begins." He notes that potential adopters also need to understand how the technology scales. "The pilot may run great, but when you scale up to the number of planned sites you may hit unforeseen issues if you haven’t planned for them," Smith says.
SD-WAN implies the use of a controller to manage connections between a company’s branch offices, states Andrei Lipnitski, an information communication and technology department manager at software development company ScienceSoft. "To move to SD-WAN, the company needs one controller installed in the head office, with a system administrator to manage it, and to configure SD-WAN routers, which replace outdated hardware used in branch offices," he says.
SD-WAN architectures that support passthrough network setups allow the existing network setup to be left unchanged. "Once that install is complete, the network should function identical as before," notes Jay Hakin, CEO of Mushroom Networks, an SD-WAN vendor. "A good practice is to have a period of time where this setup is left running to make sure all applications and cloud services are running uninterrupted," he adds. Once reliable operation has been confirmed, adding additional WAN resources to the SD-WAN appliance, as well as adding configurations for any additional advanced features, becomes a staged and scheduled network modification and therefore does not inherit any downtime risk, Hakin notes.
IBN's unintended consequences
Intent-based networking (IBN) technology advances SDN an additional step. While SDNs have largely automated most network management processes, a growing number of organizations now require even greater capabilities from their networks in order to manage their digital transformation and ultimately assure that their network is operating as planned.
IBN allows administrators to set specific network policies and then rely on automation to ensure that those policies are implemented. "There's a lot of hype and misinformation around IBN," Smith says. "There's still some debate about what it actually can and can’t do ... so customers need to really investigate and spend time understanding what’s real and what’s theoretical," he cautions.
Adopting IBN without risking disruption requires a great deal of patience and practice, observes Tim Parker, vice president of network strategy at data center and colocation provider Flexential. "The more difficult part that almost outweighs the benefits is moving to ACI (application centric infrastructure) or new operating systems that support [IBN]," he explains. "For example, we automated our DDOS scrubbing based on NetFlow data‑from Kentik ... and Python scripts that react when a trigger or threshold is reached," he notes. "But it's far from [reaching] the true AI of making smart decisions based on learning the impacts of the last decision."
Andrew Wertkin, CTO of BlueCat a network technology firm, believes that IBN is far more than a technology transformation. "It also affects organization skill-sets, operations, compliance/governance and existing service level agreements." He recommends that organizations assess their readiness in all of these areas. "Don’t get over your skis," Wertkin advises. "Start small and focused."
Look before leaping to NFV
Network functions virtualization (NFV) abstracts network functions, allowing them to be installed, controlled and manipulated by software running on standardized compute nodes. "NFV and SDN free networks from their dependence on underlying physical hardware," says Bill Long, vice president of interconnection services at data center and colocation provider Equinix. Instead, network orchestration and control are managed through software, without specialized equipment confined to a specific location. "Companies can safely connect their networks to applications and cloud services wherever they are and compute resources can be turned up or down as needed," Long explains. "This greatly increases scalability and simplicity."
Troubles can arise when enterprises fail to fully think through their need for NFV. "A lot of companies are jumping into NFV without first justifying a business case," Smith says. "For example, if the business needs more flexibility at its branch locations, then using NFV to spin up new network services is a great idea."
Adoption disruptions can be minimized by ensuring clear communication between IT teams. "NFV decouples network functions from the underlying server hardware, which enables greater flexibility and elasticity," says Ashish Shah a vice president at Avi Networks, a data center and clouds application platform provider. "However, since the server team is responsible for maintaining and patching x86 servers, clear understanding and communications between the server and networking teams will be important."
Centralized policy and lifecycle management of virtual network function is another important consideration for long term success. Managing each instance of an NFV will be cumbersome and can obviate the benefits of the transition to NFV, Shah warns.
Migrating existing applications will require additional care to ensure that all application dependencies, scripts and policies are accounted for. "Taking steps to document these dependencies can reduce disruptions," Shah says.
In the bigger picture, "whether focusing on SDN, SD-WAN, IBN or NFV, it’s important to remember that with each new technology comes new tools, training, support and more," Smith says. "Ensuring your teams have the proper tools and training is critical to successful deployments and minimal disruption."
Join the CIO New Zealand group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.