For Facebook, the benefits of software-defined networking (SDN) are clear. It provides the company with the agility to quickly add functionality, build monitoring capabilities, manage traffic and remediate problems through code, Najam Ahmad, director of network engineering at the social media giant, said at Interop New York Thursday.
The days of managing networks through protocols and command-line interfaces are long gone, he said. "We feel it's [SDN] the way to build networks. ... CLI is dead, it's over," he said. "We want robots running the network and people building the robots."
Ahmad noted that when it comes to functionality, the ability to roll out new features is cumbersome: “You have to go a standards body, or go to your vendor and wait for a new feature to get added.” With SDN, however, “Now we can go to software,” he said.
Ahmad spoke at a panel that addressed the benefits, promises and challenges of SDN and featured speakers from NEC, HP and the Cisco venture Insieme Networks.
SDN has the opportunity to change the status quo of the network so it can be a business enabler," said Dave Larson, VP and CTO of HP Networking. HP customers have a lot of things they hope to do with SDN, he said.
"There's no going back," he said. "Software-defined networking is real."
Kevin Hooper, senior VP of NEC, said SDN is an architecture, not a set of products. "This is a game changer that will change the way we architect and talk about networks," he said.
The business drivers for SDN come down to issues such as time to deployment and IP proliferation, Hooper said. By getting the server and storage teams to talk to the network teams, SDN "forces collaboration and drives business value."
However, SDN still has to mature in order to provide the performance and visibility enterprises need, said Frank D'Agostino, senior director of marketing and solutions at Insieme Networks. All endpoints of the stack aren't currently part of the SDN model, he said.
He also took aim at VMware's SDN strategy of network virtualization. VMware's NSX platform uses a network overlay approach. D’Agostino claimed overlays such as NSX make SDN more expensive and less scalable. Later, he said the automation that's at the heart of the promise of SDN can't be done in "an abstracted overlay."
HP's Larson agreed: "This is not just about overlays."
[Read more about network overlays in "SDN, Overlays and Interior Decorating."]
The panel also discussed SDN security, with Larson noting that it's easier to scale security via a central controller. An audience member asked about securing the controller, noting that if an attacker compromised it, he or she could do tremendous damage.
"No one will move to this unless it's secure ... We will have to protect the controller and see how to provide audit and logging capabilities," D'Agostino said. These capabilities will vary depending on the SDN vendor, he added.
Facebook's Ahmad said that in regard to security, one benefit of SDN is that centralization provides more powerful audit capabilities.