Software Defined Networks should make IT execs think about a lot of key factors before implementation.
Issues such as technology maturity, cost efficiencies, security implications, policy establishment and enforcement, interoperability and operational change weigh heavily on IT departments considering software-defined data centers. But perhaps the biggest consideration in software-defining your IT environment is, why would you do it?
"We have to present a pretty convincing story of, why do you want to do this in the first place?" said Ron Sackman, chief network architect at Boeing, at the recent Software Defined Data Center Symposium in Santa Clara. "If it ain't broke, don't fix it. Prove to me there's a reason we should go do this, particularly if we already own all of the equipment and packets are flowing. We would need a compelling use case for it."
And if that compelling use case is established, the next task is to get everyone onboard and comfortable with the notion of a software-defined IT environment.
"The willingness to accept abstraction is kind of a trade-off between control of people and hardware vs. control of software," says Andy Brown, Group CTO at UBS, speaking on the same SDDC Symposium panel. "Most operations people will tell you they don't trust software. So one of the things you have to do is win enough trust to get them to be able to adopt."
Trust might start with assuring the IT department and its users that a software-defined network or data center is secure, at least as secure as the environment it is replacing or founded on. Boeing is looking at SDN from a security perspective trying to determine if it's something it can objectively recommend to its internal users.
"If you look at it from a security perspective, the best security for a network environment is a good design of the network itself," Sackman says. "Things like Layer 2 and Layer 3 VPNs backstop your network security, and they have not historically been a big cyberattack surface. So my concern is, are the capex and opex savings going to justify the risk that you're taking by opening up a bigger cyberattack surface, something that hasn't been a problem to this point?"
Another concern Sackman has is in the actual software development itself, especially if a significant amount of open source is used.
"What sort of assurance does someone have particularly if this is open source software that the software you're integrating into your solution is going to be secure," he asks. "How do you scan that? There's a big development time security vector that doesn't really exist at this point."
Policy might be the key to ensuring security and other operational aspects in place pre-SDN/SDDC are not disrupted post implementation. Policy-based orchestration, automation and operational execution is touted as one of SDN's chief benefits.
Sign up for CIO Asia eNewsletters.