'Job Security' Biggest SDN Security Challenge
Network virtualization requires deep cultural shifts for carriers, changes that executives, managers, and staff may find it difficult to keep up with, said Dan Pitt, executive director of the Open Networking Foundation, at a panel at Light Reading's Next-Generation Network Components events in Santa Clara, Calif., last week.
Network rules are changing, but carriers often don't keep up. For example, network operators are still obsessed with achieving five nines of reliability for their equipment, when the important thing is five nines for the service. That's what hypercloud providers like Google (Nasdaq: GOOG) and Facebook do -- they expect individual components to fail regularly, and build in redundancy so the whole service remains up and accessible, Pitt said.
Network operators unable to make the shift to the new way of doing things will find their jobs at risk, Pitt said.
"The biggest security challenge in SDN and NFV is job security," he said.
Pitt's message isn't new, but it's important and bears repeating. I discussed it with him a bit after the panel. Traditional network management means managing hardware, rolling trucks and installing equipment on-site. Virtual networks requires configuring software -- more precisely, managing the code that manages the networks. Managing that code requires familiarity with IT tools such as NETCONF and Yang, while traditional network management software relied on command-line interfaces.
That's a big change for network operators. The Open Networking Foundation , an SDN advocacy group, is looking to ease the transition with a skills certification program. (See ONF to Announce SDN Skills Certification Program.)
SDN and NFV face other challenges. Building ecosystems will prove challenging, said Dan Nilsson, director of pre-sales and business development at Tieto Corp. These ecosystems need to include to deliver service level agreements, testing and management layers.
Scaling out compute elements and making sure packets get delivered where they should to the right virtual machine will be another challenge, said Peter Marek, senior director of x86 solutions at Advantech Co. Ltd. "That's more than generic switching silicon can do," he said. A single 100Gbit/s pipe might contain a million flows.
"The need for speed is unbroken," Marek said. Network speed will double and triple over the next several years.
Maintaining industry momentum will be another challenge, added Charlene Marini, vice president, embedded segments, ARM Ltd. . The previous 18 months to two years has seen an explosion of proofs-of-concept and discussion, and they'll need to keep moving.
A year ago, operators thought commercial deployment was six months away. Now it's still not there. Full-scale deployments will take time, Nilsson said.
Going up the hype curve happens fast, but getting real products out there is slower, added Pitt. Traditional vendors will move as slowly as possible to preserve their investments.
Previously: ONF Expands OpenFlow Compliance Testing.