28 Nov Secure, Adaptable IT in an Unpredictable World – the Rise of Software Defined
Secure, Adaptable IT in an Unpredictable World – the Rise of Software Defined
The world is changing. Along with an unpredictable political landscape, the business world faces GDPR compliance, multi-generational workforces, new business models, security challenges and even state sponsored cyber-attacks.
IT has always had to adapt to changes. Flexibility was introduced 10-15 years ago through virtualisation – itself not a new concept. The introduction and mainstream adoption of cloud services allowed businesses to adapt to the changing business models, flexing capacity where required. However, the constant that didn’t change was the network, both inside the Data Centre, at the edge and the WAN.
This is now also changing with a shift to Software Defined Networking (SDN). The physical network is being abstracted from the logical – policies control how the network is configured based on the particular requirements at that point in time, not based on a fixed ruleset that was entered into a switch at the point of installation.
Going software defined presents a number of advantages to an organisation.
This new form of network is:
Programmable – Allowing the network to be programmed via API, applications can reconfigure the network automatically based on requirements.
When a developer needs a new software stack in an organisation’s cloud environment, typically it would require a change request to the networking team to configure VLANs, open ports on firewalls etc. In a Software Defined Networking environment, the orchestration tools or the application will tell the network what needs to be done, removing the human input and speeding up the delivery time.
Adaptable – The network can review what is using capacity and change how it operates, which is useful in a number of scenarios.
In the Data Centre, the network will identify the type of server (physical or virtual) being connected and the application deployed. Pre-configured policies will automatically control how and with what the server communicates. This removes the need for firewalls between layers within the Data Centre, and more importantly, the need for manual intervention to reconfigure switch ports and firewall rulesets.
Software Defined WAN enables organisations to be flexible in the carriers they utilise. Traffic can be routed over the best link dependent on the traffic type. Highly sensitive traffic can be sent over the high cost MPLS or point to point link, while less critical or less sensitive traffic is sent over Internet based connections. Sites can be added quickly and efficiently, with policies being consistently applied both in the LAN and out onto the WAN.
Simple – Once the SDN has been implemented, the complexities of traditional networks with long configurations, rulesets, VLANs etc. are removed. Network reconfigurations and manual intervention are only required when something totally new is introduced, and that again would be configured once and then propagated across the organisation. In a traditional environment, each switch may need configuration changes, and each firewall a ruleset change.
Secure – Humans are the weakest link – we make mistakes. Removing as much human interaction as possible with the day to day changes of the network removes the ability for mistakes to be introduced. Old unused firewall rules that allowed inbound open ports to a particular IP address will not exist, as rules will only be in place when the service is there that needs it. When a new server is added to the network with a reused IP address, a security hole will not be introduced. In the same manner, connectivity between two servers or a client’s server will only exist while those devices are on the network.
Assured – Because the networks are now API driven and APIs are often two way, more information is readily available on how the environments are performing. It is now possible to prove the network is delivering as intended, and where problems do exist it is quick and easy to identify what and where those problems are and remediate.
Cloud Ready – Extending the software defined environment into both the private and public clouds ensures that an organisation can truly operate in a multi cloud world, defining policies that will apply in their own private cloud or data centre as they will in a public cloud such as Azure, AWS or Google.
Software Defined Networking is not only a suitable platform for large enterprises. A true software defined architecture provides flexibility, control and simplicity, which makes it a valuable and beneficial solution for any organisation ready to embrace change.