We often hear that SDN and network virtualization will optimize network performance and bring advanced capabilities to network management. That will be true in the long term, but first we must get through the early stages of these technologies, when the shift in network architecture could make monitoring and visibility even more challenging.
New challenges in network monitoring
Network monitoring and visibility is getting increasingly more difficult now that IT must support network, server, and storage virtualization, as well user access to cloud-based applications and the migration of the data center to 10 GbE. IT shops need monitoring tools that can peer into both physical and virtual networks, as well as keep up with the speeds of 10 GbE and see applications as they're accessed over virtual desktop infrastructure or through mobile devices.
In SDN, network monitoring gets more complex
SDN's abstraction and separation of the network and control layer adds complexity for network monitoring and visibility tools. Virtualization means that IT must monitor not only the physical network, but also the virtual network and hypervisor traffic.
The ability to program the network via SDN means that applications will be able to "request" network resources, thus requiring the network (and its operators) to ensure this bandwidth is available and that a given request will not impact network reliability, latency or security.
What's more, integration of SDN/virtual networks with legacy physical networks will require tools to model and measure performance and latency, as well as provide comprehensive network mapping that reflects both environments.
Beyond the need to integrate virtual and physical monitoring, today's network requires monitoring capabilities that can keep up with 10 GbE (or more) traffic in real time. It must also provide deep packet inspection (DPI), and the ability to provide this information to the SDN centralized controller for rapid network re-provisioning.
Finally, these tools must also provide improved security functionality that identifies and isolates bad traffic in this new environment. That means these tools must not only capture and analyze huge traffic flows, but also identify actionable information (find the needle in the haystack), and provide either automation problem resolution or clear actionable solutions for network managers.
Where SDN network monitoring has potential
New software-driven products that run commercial off-the-shelf (COTS) servers will significantly improve network monitoring. These tools can both provide and receive information from SDN controllers, increasing the granularity of what they inspect and what kinds of information are important.
More on SDN and network management
Where SDN and DevOps intersect
Deep Packet Inspection meets SDN
SDN enables deeper policy control
SDN security challenges
In many cases, new Ethernet processors that allow for line rate capture and analysis of 10 GbE traffic are driving this improvement in technology. These tools have enhanced DPI and analytics capabilities and can identify traffic types at line rate. They also have the ability to "deduplicate" traffic for added intelligence to analyze the portion of the traffic that "matters." Finally, some new tools are able to visualize and monitor both physical and virtual networks, as well as devices, users and applications.
This new class of network monitoring and visibility products will help to make network managers' jobs much easier by providing actionable information. These products can improve network performance, reduce latency, isolate bad traffic to improve security and ensure compliance in new ways.
SDN and networking monitoring vendors to watch
Vendors are already stepping up with new tools. Monitoring and visibility companies to look out for include Gigamon, Netscout, Big Switch, Riverbed, Emulex, Ixia, VSS, Fluke Networks, Sideband, Packet Designs, cPacket and SevOne. Most offer SDN-driven tools and/or tools that specifically work in new network virtualization environments.
About the author:
Lee Doyle is a principal analyst at Doyle Research. Doyle Research delivers quantitative and qualitative analysis, forecasting and market positioning advice to network and IT industry professionals. At Doyle Research, Lee researches the evolution of intelligent networks: SDN, OPEX and COTS.
This was first published in December 2013