Managing & Securing SDN & NFV

From a business and technical perspective, SDN and NFV have now been proven: It is no longer a question of whether SDN and NFV will be deployed, but when and how.

The early adopters of these technologies have proven that the business case is sound and that the technology is viable. Google was one of the very first to deploy a global wide area network (WAN) using SDN in 2012, while Deutsche Telekom deployed SDN and NFV in its network in Croatia in 2013. (See Google: SDN Works for Us and Deutsche Telekom: A Software-Defined Operator.)

Nevertheless, there is broad agreement that the next focus area for SDN and NFV must be management. The objective of SDN and NFV is to provide agility and flexibility in introducing new services, but these services, once introduced, also need to be managed.

I intend to explore the challenges of managing and securing SDN and NFV in a series of blogs that will look at different aspects of the management and security challenges facing those operators deploying SDN and NFV. The blogs are intended to act as catalysts for open discussion on how best to move forward.

Management of telecom networks is already a challenge, with explosive traffic growth driven by OTT content consumed on highly mobile devices in an unpredictable fashion. The management solutions that are in place have been slow to adapt to this reality, which is compounded by the fact that the static management practices and systems that are in place are not well suited to the dynamic and bursty nature of Ethernet/IP networks.

These are already challenges that telecom carriers are trying to address, but when we also add the challenge of managing virtual functions that can be instantiated and moved anywhere in the network, then it is enough to make your head spin!

It is therefore clear that management of SDN and NFV networks needs to be addressed to assure successful mass deployment of these technologies. Google, amongst others, has called for industry consensus on topology models and interfaces to ensure rapid development and interoperability of management solutions. This could prove to be the most valuable contribution of SDN/NFV to the industry. Without them, it is hard to see how the vision of policy-driven, real-time management, which is a central part of current SDN and NFV concepts, can be realized. (See Google to Open Key Network Models for Industry Comment, Standardization.)

However, another important aspect of managing SDN and NFV will be understanding the fundamentals of managing Ethernet and IP networks in the face of explosive OTT traffic. This is an issue in any case but will be critical to the success of SDN and NFV deployments.

Need to know more about the management of network assets and applications in an SDN and NFV environment? Then check out the agenda for OSS in the Era of SDN & NFV: Evolution vs Revolution, November 6, at the Thistle Marble Arch Hotel, London

In forthcoming blogs I will be taking a closer look at the issues briefly outlined above. The focus will be on establishing what is needed to assure efficient management and security of SDN and NFV networks. Rather than looking at abstract topology models and interface alternatives, which I am sure will be debated by many others, I will focus on the challenges that are inherent in managing Ethernet and IP, whether in a virtualized environment or not.

One of the key challenges is performance, and the ability to assure reliable, real-time data for management and analytics. This is already a concern today and will be no less of a concern when virtualizing the network. In fact, quite the contrary!

Only by understanding these challenges and addressing them will it be possible for SDN and NFV to successfully achieve mass adoption.

In my next blog, I will take a closer look at the challenges carriers are facing in managing networks that are carrying increasing volumes of OTT traffic, and what can be done to address it.

Then I will look at how Ethernet and IP networks are managed today and how this is an issue for SDN and NFV. This will be followed by an introduction to network appliances and how they can be used in a more strategic manner to provide the real-time insight that SDN and NFV will need to operate in an OTT-dominated world.

I will then look at the performance issues being faced today, how they are being addressed and how this affects SDN and NFV.

— Dan Joe Barry, VP, Marketing, Napatech

COMMENTS Add Comment
Yulot 9/29/2014 | 9:16:14 AM
Re: More issues Very good point, Danjoe. Operators have heavily relied on interface based signalling solutions to try to analyse network quality issues or too high level application monitoring at L7. This is really the majority of mobile and fixed operators.

None of these solutions are in essence real time (because you need to post process all interfaces' results to recreate an end to end analysis, using disjointed KPIs and counters, etc). In addition, more recently network technologies have started disconnecting user plane and control plane to improve latency - not only in SDN, but in the mobile world direct tunneling in 3G has been relying on that for about 5 to 6 years already. So trying to draw parallels between signalling and user plane issues is even more hazardous of an approach. Then user plane is not always analysed and demarcated properly (most solutions look at applications, most of which in essence are out of the operators network...). Other issue is the cost of probing all interfaces, which results in only probing a few. So to cut a long story short, the analytics are close to useless.

However, even some of the biggest names in the industry still do just that due to a mix of legacy habits inherited from the voice world, silo organisation / lack of end-to-end structure (or if it is there, lack of political empowerement of those E2E departments).

No doubt SDN and traffic growth will ask for a very fast and radical change of habits, unless they want to operate blindly.
[email protected] 9/28/2014 | 9:21:26 AM
This is timely Dan, this is timely. Management will "make or break" NFV and SDN. You said you will "...focus on the challenges that are inherent in managing Ethernet and IP, whether in a virtualized environment or not." Hope you will also talk a lot about the 'head spinning' complexities introduced by SDN and NFV. 
danjoe 9/28/2014 | 7:29:19 AM
Re: More issues Thanks DHagar and sam masud for the encouraging words. OSS/BSS is a challenge that will need to be addressed as there is a considerable investment already made in solutions that might no longer be appropriate to the task. How do we make the transition from where we are to where we need to be? The answer is understanding the realities from the bottom up, understanding what needs to change to make SDN/NFV work and use this understanding to drive the changes that will be needed at the OSS/BSS level. 
DHagar 9/26/2014 | 4:49:42 PM
Re: More Issues sam masud, I fully agree with you.  Dan, this will provide meaningful information on the real issues that distinguish performance and sustainability.  The ability to manage systems effectively and provide the capability for "intelligent" systems is the real focus, in my opinion.
sam masud 9/26/2014 | 4:17:47 PM
More issues Dan,


I am looking forward to your blogs, and since you're going to be writing here about SDN/NFV managment, wonder if you'll also be talking about OSS/BSS since (to my mind) the management issue has considerable bearing on that. Or am I wrong about that?
Sign In