Optimized Data Plane Hardware for Software-Defined Networking (SDN)
The primary goal of software-defined networking (SDN) is the separation of the data plane from the control plane and centralization of the control plane intelligence enabling holistic network routing decisions-making. The data plane is then free to pass packets in an efficient per-hop manner as directed by the control plane.
There is consensus among industry experts that SDN-optimized physical hardware performing important network forwarding plane functions at critical locations within the network enables enterprises and service providers to gain the full value of the new networking paradigm. Fortunately, Interface Masters Technologies offers a range of embedded network appliances supporting OpenFlow (the most widespread SDN southbound API) which can form an integral, cost-effective foundation of SDN deployment.
The three most frequently cited benefits of SDN are security, efficiency, and agility.
SDN can improve network security by providing layer 2 to 4 packet filtering at network ingress and throughout the network, thus reducing the amount of undesirable traffic entering and traversing the network. Similarly with the ability to dynamically modify service chains and network connectivity it is easier to insert a physical or virtual firewall/IDS/IPS into a network path or orchestrate packet captures and flow analyses. With more dynamic security policies and RBAC there will be less scope for security and resource allocation loopholes to occur.
The increased network utilization achieved using SDN is primarily due to SDN’s comprehensive view of the network and deeper understanding of inter-application requirements allowing SDN controllers to utilize data plane devices perform far smarter traffic engineering, route determination and load balancing compared to traditional QoS implementations. Using techniques such as sub-optimal routing for less time-critical traffic allows more circuitous routes to be employed to better utilize less desirable links, thus reducing congestion on faster, more expensive links for time critical traffic.
Within the datacenter SDN can massively help with automation of network reconfiguration and enhance virtualization agility. By having a complete view of the datacenter, virtual machines, virtual switches, load balancing services/appliances and the underpinning physical network infrastructure, combined with the virtual machine to service and security policy mappings, the SDN controller can reconfigure the SDN to allow seamless migration of virtual machines around the network. This ensures that security constraints are maintained, and service chains (i.e., the linkages between VMs to network services such as load balancers, firewalls, IDS, etc.) are preserved.
Embedded Network Appliances for SDN
While it is possible to implement SDN solely using existing network infrastructure and to provide SDN overlay connectivity using tunneling technologies, industry analysts concede that optimized physical hardware is needed to perform certain key network functions or at key locations within the network. The most widespread SDN southbound protocol is OpenFlow the use of which enables broad vendor choices and cost-effective deployment.
Within an SDN environment, the applications running on top of the SDN Controller provide the higher level orchestration and programmability of the network. The SDN Controller typically uses OpenFlow to program the forwarding table of the data plane “white box” switches and dictates routing connections to accomplish the appropriate tasks for the applications. Because they are so flexible, white box switches can support a range of open source management tools, including OpenStack, Puppet, and Chef which is a feature of most SDN switches.
Interface Masters Technologies embedded network appliances are OpenFlow conversant and can serve as ‘white box’ switches using off-the-shelf hardware in the forwarding plane of a software-defined network. They can represent the foundational element of the commodity networking ecosystem required to enable organizations to deploy the elements they need to realize their SDN objectives.
Interface Masters-based SDN switches come already installed with Linux allowing administrators to leverage the many open and free Linux networking tools available to integrate with the deploying organization’s Layer 2/Layer 3 topology, support a set of basic networking features and to customize the data plane devices to their needs.
Interface Masters Technologies has for over 20 years been providing off-the-shelf innovative network security solutions with customization services to OEMs, Fortune 100 and startup companies. Our headquarters are located in San Jose, California in the heart of Silicon Valley where we are proud to design and manufacture all of our products. Based on MIPS, ARM, PowerPC and x86 processors, Interface Masters appliance models enable OEMs to significantly reduce time-to-market with reliable, pre-tested and pre-integrated networking solutions that can meet the most challenging security requirements.