My final observation from my days at the London Gartner Data Center Conference is related to SDN and ease of network management – or otherwise.  Hopefully this discussion will give you some ideas for good questions to ask at the Las Vegas conference, which is running as I write this.

Cisco UCS on show at the Gartner Data Center Conference
Cisco UCS on show at the Gartner Data Center Conference

Before I start, if you are at the conference in Las Vegas, please do take time out to visit the Cisco stand #305 to find out more onCisco solutions including Unified Computing and ACI.  Also take some time to say hello to our with new, exciting team members from our Metacloud acquisition – it’s fantastic to have such OpenStack and DevOps expertise in particular part of the Cisco team.

To catch up on my earlier questions, see my part 1 and part 2 blogs – questions you can ask at any SDN conference or of any vendor, since this blog series is not just about the Gartner conference. Now on to more SDN questions to ask ….


(6)    How exactly does SDN deliver better network management?

I spent 15 years working in network management software development and product management and at one point I believed (honestly!) that networks would one day be managed by GUI applications.  Experience makes me doubt that now, and experience also has shown me that “show me the information” type EMS/NMS GUIs that exist today are pretty useless to most experienced network operations personnel.  So apologies in advance if this is a bit of a rant 🙂

During one of the final conference sessions last week in London, a statement was made along the lines of ….

“With SDN you will no longer need to log into router after router manually and make updates to individual routers and switches.  With SDN you will have APIs and be able to set a network policy and it will be applied across the network”

This prompts a number of questions for me, including:

(1) If you implement SDN, will all your management problems disappear?  Please ask any vendor making such claims to guarantee this for you and quote you a price 🙂

(2) If you are logging in to devices individually today and making device by device updates …. Why aren’t you using some of the excellent tools available that will automate such updates?!?  You really have to ask that question!

Cisco Services today offers the Cisco Compliance Management and Configuration  Service (Cisco CMCS).  Based in part on Cisco’s acquisition of Pari networks a few years ago, Cisco CMCS helps you automate network updates, among other tasks.  This software- based service encapsulates huge amounts of Cisco best practices and helps you customize and updates policies based on strategic business needs on regulatory, commercial, and organizational levels.  We’ll help you audit configurations using published compliance standards such as PCI, HIPAA, SOX and more.  The diagram below gives you a concise summary of the capabilities, underpinned by industry leading configuration management automation tools and Cisco intellectual property born from years of designing and building global networks. Hence my assertion that there are good tools and services you should be using today to help manage your networks, without the need to spend a lot more on SDN.

Cisco Compliance Management and Configuration Service (CMCS)
Cisco Compliance Management and Configuration Service (CMCS)


Going back to the question, to be fair to SDN, SDN does help improve management capability, especially in regard to API provision.  An API onto an SDN controller will make it easier for NMS apps to interface to network and device features.  However, let’s not assume this is easy to achieve.  You still need the applications developed that deliver good management functionality, and good NMS applications are not cheap – and in many cases NMS tools are of questionable in value – NMS which simply present a graphical display of MIB values are a major reason for the preference for management by CLI.  Whether vendors will invest in building NMS on SDN, when some vendors, including more than a few of Cisco’s competitors, didn’t invest appropriately in NMS for today’s networks, remains to be seen.

I do wonder whether the “SDN has an API therefore CLI management is dead” advocates have ever programmed to an API.  When you have an API, you have to write code (say using a programming language such as Java, Python, or C++ (showing my age by mentioning the latter!), compile it, build it, and debug the resultant app until it works.  I am personally far more comfortable with C++ APIs than IOS CLI, however even I would say that it’s quicker to write a couple of (interpreted) lines of CLI to for example check if your MPLS label switch path is functioning correctly.  That’s a minute or two’s work for a proficient network engineer.  If APIs were available, trying building a program with the API to do an equivalent – even a good programmer would take 5, 10 or more times longer to accomplish the equivalent via APIs calls – because of the compile/build/test/debug/repeat cycle.  APIs are not a panacea in other words.

Also have a look at the major service providers running MPLS networks for example.  Some of these have provisioned millions of access circuits over the past 10-15 years.  Do you think they did that with manual CLI?  Of course not!  In fact some of them used a product I previously looked after in Cisco, now called Cisco Prime Provisioning.  Hence my cynicism when I hear people say you need to configure routers manually and individually today: while there are cases where you may need to do this, there are usually tools and services around to adopt on today’s network if you want them.

So … when you hear anyone saying that SDN solves the network management problem, feel free to ask them ….

(1) Do you have APIs for *every* device function?

(2) Are you delivering an NMS app that exploits *every* one of these APIs?

(3) Do such applications cover all required “FCAPS” functions of  network management required for this network?

(4) And what does it cost?

(5) Can it do it today, out of the box?

(6) And if not, who will build such an all-encompassing NMS application using your APIs?

Net-net then  – SDN does have capability to potentially improve network management, in cases in very specific areas of network management – but to suggest that SDN somehow “automatically” solves the challenges of network management does a major dis-service to those developing today’s NMS apps or troubleshooting complex networking problems.

OK rant over 🙂  With that, I’ll end my series of “SDN Questions to Ask …” for this particular Gartner conference.  Feel free of course to comment on this blog below,and let me know if you think my questions are valid. Please do get in touch with Cisco Services if you’d like to learn about the best practices for managing today’s and/or tomorrow’s network designs – we have the expertise in both today’s and tomorrow’s networking technologies to help you achieve the best from both worlds.

PS: As a final comment – please do ask at SDN conferences “How exactly does SDN deliver better network management?” !!



Stephen Speirs

SP Product Management

Cisco Customer Experience (CX)