What is SDN?
Software-defined technology refers to using software to control elements of a system. One of the earlier—and simpler—iterations of software-defined technology is an engine control application for improving a car’s performance. Before people started using software to control things like the turbo boost, fuel efficiency, and traction control, when you bought a car, you just got in and drove, hoping it would serve your needs.
Software-defined networking (SDN) and software-defined wide-area networking (SD-WAN) give users the ability to “tune” or manipulate how the network behaves, creating virtually unlimited possibilities for enhanced performance and customization.
Software-defined networking is an approach to network architecture that gives users the power to intelligently control the network using software. Operators can both centrally control the network and customize its performance to suit the organization’s unique needs. To program the network, users employ application programming interfaces (APIs) instead of relying on controls physically located on individual pieces of hardware.
The Origins of SDN
Using software to control technology has its roots in the control of telephone networks. Rather than relying on a switch operator to pull and plug complicated combinations of patch cables, engineers began using preprogrammed controls to manage phone calls.
Fast-forwarding to the 21st century, Stanford University’s computer sciences department launched the Ethane project, which spawned OpenFlow. This was an early iteration of an SDN that employed a clear split between the tech being controlled and the software-powered interface used to manage it.
Typical SDN Use Cases
Because SDN enables users to customize the behavior of any given technology, its potential applications are seemingly endless. Here are some of the more common uses:
- Scaling data center operations: Amazon and Google have used SDN to form scalable data centers, meaning engineers can engage more or fewer resources to efficiently manage the storage and use of data.
- Deploying applications: Managers can use SDN to release and manage applications across a network—all from a centralized location.
- Securing Internet-of-Things (IoT) architecture: While IoT devices offer convenience and introduce possibilities, they also open multiple access points for hackers and other data thieves. With SDN, IoT engineers can provide a centrally located, customizable layer of protection to help make the process more secure.
- Easing the burden on edge components: A properly programmed SDN can sense an overload condition in each of its connected components and, in the case of a network that incorporates edge computing, route traffic away from the edge devices and prevent potentially harmful latency. It can also reduce latency by giving the edge device a boost in bandwidth or processing power.
- Enabling intent-based networking (IBN): With IBN, a network administrator has the ability to tell the network what to do in line with the organization’s specific objectives. In the past, an administrator would have to hope the devices chosen fit into the larger business plan. An administrator empowered with SDN can custom design the operation of different components in a way that syncs with big-picture objectives.
Implementing SDN opens the door for enhanced connectivity because it allows more resources to be controlled and made available. Because each device is programmable and can be used to interact with others administrators have nearly unlimited possibilities at their fingertips. Devices can be programmed to work with each other, serving as extensions of existing network structures or even supporting each other's operation. In this way, multiple devices can work together like team members to accomplish important organizational objectives.
A user also has the option to supplement the function of one network element with another to create a previously impossible offering to clients. For example, an SDN-powered architecture can be used to give an organization or application access to multiple cloud computing environments at the same time. Like simultaneously increasing a car’s turbo boost and adjusting the fuel map, this kind of access to hybrid cloud environments enables organizations to leverage the capabilities of multiple elements to improve application performance.
Typical Features of SDN
SDN presents several opportunities that would be otherwise unattainable:
- Programmable network behavior: Everything from when and how a network is used to provisioning resources and bandwidth can be controlled using programming.
- Convenient, centralized control: Network engineers can manage several elements of the network without leaving their desks. There is no need to travel to hardware-based interfaces again and again to tweak the performance of network equipment.
- Virtualization: Not only does virtualization make it possible to configure and control different elements of the network, it also opens the way for creative possibilities. Given the option to control a variety of network devices and their parameters, engineers can easily conceive creative solutions and quickly troubleshoot a range of issues.
What Do SDN and SD-WAN Have in Common?
Both of these technologies stem from the same central concept: controlling a network using software. Therefore, they have several things in common:
- The data plane and control plane are separated: In a traditional network, the data plane dictates where your data goes. The control plane is inside a router or switch, which makes it inconvenient for administrators to control the flow of data. Both solutions solve this problem by putting the control plane in a software environment. After an administrator connects a device, they can manage the flow of traffic across the network from a centralized location.
- Compatibility with commodity x86 hardware: Commodity computing helps administrators take advantage of a series of lower-cost computers in a parallel computing structure, and AMD’s x86 hardware provides one of the leading commodity computing solutions. Both solutions are compatible with x86, making them easier to implement in a parallel computing setup.
- Virtualization: Virtualization is the fulcrum of both technologies, creating an abstraction of the physical network. With both solutions, the user can manage the network in this virtual environment, which puts previously separated controls at their fingertips.
- Possibility for virtual network function (VNF): Virtual network functions manage particular network functions such as load balancing and firewalls. They can be strung together or combined to produce a fully virtual environment. Both solutions allow for the integration of VNF, which may add another convenient layer of control for an administrator.
What is the Difference Between SDN and SD-WAN?
The primary difference between these technologies is SD-WAN delivers a wide-area network (WAN) that connects multiple sites with each other, making it, in some ways, an SDN in the WAN. On the other hand, SDN can be used to form networks that can be quickly changed according to what an organization needs, operating on a local-area network (LAN), SD-WAN is built to support WANs that are spread out over a sizable geographical area.
Another crucial difference is that SD-WAN is run by the vendor that provides it rather than by internal resources. Meaning, SD-WAN may take less work from a network administrator because the vendor is providing the service. These improve the usability of both solutions.
SD-WAN can also integrate with a virtual private network (VPN). An organization with a VPN connecting several locations can, therefore, use SD-WAN to underpin their existing VPN.
- Focuses inward on the LAN or service provider network
- Programmable and customizable
- Enabled by NFV
- Designed by the user
- Focuses on geographically distributed locations
- Preprogrammed and less complex
- Routing can run virtually or via an SD-WAN device
- Configured by the vendor
How Fortinet Can Help
Regardless of the solution you choose, it’s critical to ensure adequate network security. Flexibility can be a two-edged sword. While the ability to make quick, comprehensive changes may make core network administration easier, it can also result in security gaps. It’s important to have a security framework built specifically for your solution, incorporating security in the data plane, control plane, and management plane.
Fortinet, named a Leader in Gartner's 2022 Magic Quadrant report for SD-WAN, offers a complete SD-WAN solution that can connect a central location with a branch office and teleworkers while utilizing multiple distributed clouds. An SD-WAN available in virtual versions can also be set up to empower an organization to implement Software-as-a-Service (SaaS) options for new or existing clients.