Software Defined Networks should make IT execs think about a lot of key factors before implementation.
Issues such as technology maturity, cost efficiencies, security implications, policy establishment and enforcement, interoperability and operational change weigh heavily on IT departments considering software-defined data centers. But perhaps the biggest consideration in software-defining your IT environment is, why would you do it?
[ InfoWorld presents the Bossies 2013, the best open source software for networking, data centers, clouds, and more. | Get expert networking how-to advice from InfoWorld's Networking Deep Dive PDF special report. ]
"We have to present a pretty convincing story of, why do you want to do this in the first place?" said Ron Sackman, chief network architect at Boeing, at the recent Software Defined Data Center Symposium in Santa Clara. "If it ain't broke, don't fix it. Prove to me there's a reason we should go do this, particularly if we already own all of the equipment and packets are flowing. We would need a compelling use case for it."
[WHERE IT'S ALL GOING:VMware adds networking, storage to its virtual data center stack]
And if that compelling use case is established, the next task is to get everyone onboard and comfortable with the notion of a software-defined IT environment.
"The willingness to accept abstraction is kind of a trade-off between control of people and hardware vs. control of software," says Andy Brown, Group CTO at UBS, speaking on the same SDDC Symposium panel. "Most operations people will tell you they don't trust software. So one of the things you have to do is win enough trust to get them to be able to adopt."
Trust might start with assuring the IT department and its users that a software-defined network or data center is secure, at least as secure as the environment it is replacing or founded on. Boeing is looking at SDN from a security perspective trying to determine if it's something it can objectively recommend to its internal users.
"If you look at it from a security perspective, the best security for a network environment is a good design of the network itself," Sackman says. "Things like Layer 2 and Layer 3 VPNs backstop your network security, and they have not historically been a big cyberattack surface. So my concern is, are the capex and opex savings going to justify the risk that you're taking by opening up a bigger cyberattack surface, something that hasn't been a problem to this point?"
Another concern Sackman has is in the actual software development itself, especially if a significant amount of open source is used.