Enterprise SDN: Moving from box boundaries to software boundaries

November 1, 2012 - 1 Comment

Enterprise trends driving SDN and Network Programmability are becoming clearer.  The skyrocketing number of virtual/cloud devices is making human configuration infeasible.  A natural result will be that networks will move from being integrated based on physical box boundaries to being integrated based on software boundaries.  Put another way, traditional box based network integration will be overwhelmed by device proliferation.  Therefore businesses must adopt new approaches to device configuration and control.  This will include a new layer of network software which will instantiate, orchestrate, and dismantle virtual networks.

But what does this really mean?  What network software will be integrated?  This blog entry will touch on a number of industry trends in this space, as well as highlight the interplay between these trends.  Future blog entries will dive into specific details for certain trends.

Networking devices have long tried to balance the opposing imperatives of operational simplicity and customization via nerd knobs.  Considering that different providers often use different knobs, the sum of knobs can be quite daunting for an operator.

With growth of virtual devices, we need to jettison much human touch involved with network operations.  Simplicity is mandatory to achieve scale.  One way to achieve that simplicity is to abstract away the network so individual virtual devices are invisible for day-to-day operations.  The primary interface which is used by operators transitions to one which services the full network domain.

Simplicity achieved via network wide abstractions will enable operators to administer their business intents into a network domain without having to understand the capabilities or topology of the underlying devices.  As an example of such network wide intent, consider whether you would want the simplicity of issuing high level edicts to your entire network such as “access to this VPN is only allowed from secure locations” or “video to and from the CEO should be lossless”.   Such simple high level commands can be serviced through a layer of resource orchestration logic which in turn provides directions the various devices within a network domain.  It is this control logic which will configure various device interfaces and turn the right nerd knobs.

A layer of software based resource orchestration logic is the only realistic option to bridge the gap between simplicity and granular device control.  Software is the only option to deal with the skyrocketing number of devices resulting from virtualization.  But what is this software?

There are many parts to this software, but today I would like to highlight one of particular relevance.  The software must interpret intent as provided by an operator and turn this intent into specific transactions for both the resource orchestration layer and the network devices.

Key here is to remember that the business problems faced by our customers are often quite different.  Therefore we should not be looking for one controller to deliver for all market segments and for all business problems without customization.  The network intents desired by different businesses varies too greatly.  It is this need for customization where software boundary based network integration will flourish.

The key to success for software based network integration will be to establish an environment for the customization which minimizes the incremental work necessary for the operator.  And thus the fastest path to market by vendors will be by providing a set of tools and network device APIs (such as onePK) which minimize the amount of incremental logic which needs to be embodied within the customized part of the resource orchestration layer.

Subsets of Cisco’s customers and partners are just beginning to cultivate the skills necessary for integrating based on such software boundaries.  To get the full benefits of device virtualization, customers and partners will find they need to extend their systems integration expertise beyond boxes and protocols into unfamiliar areas.  At times it will be an uncomfortable transition.

The advent of an intent based network orchestration layer will not be the final step of the coming network software evolution.  In turn this layer will be integrated into new areas. Solutions based on interfacing this layer to customer databases, off-premise locations, or 3rd party stacks will appear quickly.  And business needs which could not be met which previously will become achievable.

In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.


  1. Eric Very good content. is difficult to find relevant content on the web since a copy or another …