SlideShare a Scribd company logo

Simplifying SDN Networking Across Private and Public Clouds

Download as PPTX, PDF
5nine
5nine

The document describes the benefits of using 5nine's Unified Cloud Management and Security Platform to simplify software-defined networking (SDN) for both private and public clouds. It covers key aspects of SDN, including its advantages, challenges, best practices for configuration, and security, while emphasizing 5nine's unique offerings. Additionally, it outlines practical steps for planning, implementing, and managing SDN to optimize network resources and enhance security.

Software
1 of 64
Downloaded 14 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
www.5nine.com Tips, Tricks and Proven Methodologies to Simplify Software-Defined Networking (SDN)Across Private and Public Clouds
5nineUnified CloudManagement andSecurity Platform We simplify, centralize and secure the Microsoft Cloud – public, private and hybrid – so both enterprise IT and Service Provider customers can focus on accelerating their business. Certified for Windows Server 2016, 2012 R2, 2012, Microsoft Hyper-V, Microsoft Azure 1,000+ Customers 100+ Countries 100K+ Cloud & Virtualization Administrators 5M+ Virtual Machines Managed & Protected ReduceSDNCosts.Accelerate SDNTimelines.
Agenda Software Defined Networking (SDN) 101 • What is SDN? • Who’s Responsible for SDN? • Why Choose SDN? • Potential SDN Challenges Best Practices for SDN Configuration • Planning • Implementation SDN Management Made Easy (HINT: Monitoring) • Traditional Network Management vs. SDN • SDN Management Best Practices 3 SDN Misconfigurations You Don’t Want to Make • Common SDN Threats • Common SDN Security Mistakes • SDN Security Best Practices How 5nine Can Save You Thousands of Hours Configuring and Managing SDN • What Sets 5nine Apart for SDN • 5nine Demonstration Closing Comments and Next Steps • Q&A • Next Steps • Amazon Gift Card Giveaways
Traditional Networking Software Defined Networking Functionality implemented through a dedicated hardware appliance Decouples hardware from software (separates the control plane from the data plane)
Traditional Networking Software Defined Networking Functionality implemented through a dedicated hardware appliance Decouples hardware from software (separates the control plane from the data plane) Uses routers, switches, firewalls or application controllers Control plane determines were to send traffic and how the network is administered
Traditional Networking Software Defined Networking Functionality implemented through a dedicated hardware appliance Decouples hardware from software (separates the control plane from the data plane) Uses routers, switches, firewalls or application controllers Control plane determines were to send traffic and how the network is administered Each appliance must be manually configured or updated by an IT admin Data plane carries out decisions made in the control plane/console and forwards traffic
Traditional Networking Software Defined Networking Functionality implemented through a dedicated hardware appliance Decouples hardware from software (separates the control plane from the data plane) Uses routers, switches, firewalls or application controllers Control plane determines were to send traffic and how the network is administered Each appliance must be manually configured or updated by an IT admin Data plane carries out decisions made in the control plane/console and forwards traffic 100% Centrally Managed
Who is Responsible for Network Configuration? Virtualization Admin Hardware Defined Model
Storage Admin Who is Responsible for Network Configuration? Virtualization Admin Hardware Defined Model
Storage Admin Who is Responsible for Network Configuration? Virtualization Admin Hardware Defined Model Network Admin
Who is Responsible for Network Configuration? Virtualization Admin Software Defined Model Higher ROI
Who is Responsible for Network Configuration? Virtualization Admin Software Defined Model Knows how to bring up servers and virtual machines Higher ROI
Who is Responsible for Network Configuration? Virtualization Admin Software Defined Model Knows how to bring up servers and virtual machines Knows how to bring in storage (which is essentially on the network now) Higher ROI
Virtualization Admin Software Defined Model Knows how to bring up servers and virtual machines Knows how to bring in storage (which is essentially on the network now) Know how to interact with physical hardware Higher ROI Who is Responsible for Network Configuration?
Who is Responsible for Network Configuration? Virtualization Admin Software Defined Model Knows how to bring up servers and virtual machines Knows how to bring in storage (which is essentially on the network now) Know how to interact with physical hardware Know how to interact with open standards and protocols such as BGP Higher ROI
Who is Responsible for Network Configuration? Virtualization Admin Software Defined Model Knows how to bring up servers and virtual machines Knows how to bring in storage (which is essentially on the network now) Know how to interact with physical hardware Know how to interact with open standards and protocols such as BGP Higher ROI
Advantages of SDN  Increase operational agility and scalability • More efficiently manage network resources • Add bandwidth “on demand” • Program directly into the software layer
Advantages of SDN  Increase operational agility and scalability • More efficiently manage network resources • Add bandwidth “on demand” • Program directly into the software layer  Centralize network management • Manage entire network as a single unit • Enterprise-wide optimization and planning, including dynamic network reconfiguration • Provides a single place for apps to interact (auth, etc.) • Provides a centralized security control point where security information can be distributed evenly through business networks across multiple sites
Advantages of SDN  Increase operational agility and scalability • More efficiently manage network resources • Add bandwidth “on demand” • Program directly into the software layer  Centralize network management • Manage entire network as a single unit • Enterprise-wide optimization and planning, including dynamic network reconfiguration • Provides a single place for apps to interact (auth, etc.) • Provides a centralized security control point where security information can be distributed evenly through business networks across multiple sites  Exert external control • Enables network apps • Provides easy integration to leverage existing knowledge, experience and tools
Advantages of SDN  Vendor neutral with an open-standards base • Reduces risk of getting locked in on the technical side because of vendor-specific hardware requirements • Can interface with NetFlow’s, OpenFlow’s and others from switch manufacturers
Advantages of SDN  Vendor neutral with an open-standards base • Reduces risk of getting locked in on the technical side because of vendor-specific hardware requirements • Can interface with NetFlow’s, OpenFlow’s and others from switch manufacturers  Easier to maintain • Reduces the need for hardware refreshes and manual updates
Advantages of SDN  Vendor neutral with an open-standards base • Reduces risk of getting locked in on the technical side because of vendor-specific hardware requirements • Can interface with NetFlow’s, OpenFlow’s and others from switch manufacturers  Easier to maintain • Reduces the need for hardware refreshes and manual updates  Lowers barrier of entry • Network hardware becomes a commodity, driving down costs
Challenges of SDN  Controller reliability and stability
Challenges of SDN  Controller reliability and stability  Unexpected interactions between features
Challenges of SDN  Controller reliability and stability  Unexpected interactions between features  Controller security (runs on a general purpose computer and OS)
Challenges of SDN  Controller reliability and stability  Unexpected interactions between features  Controller security (runs on a general purpose computer and OS)  Network sprawl • SDNs virtual nature can make it tempting to create countless network segments, but each new network segment introduces its own risk and security requirements
Challenges of SDN  Controller reliability and stability  Unexpected interactions between features  Controller security (runs on a general purpose computer and OS)  Network sprawl • SDNs virtual nature can make it tempting to create countless network segments, but each new network segment introduces its own risk and security requirements  Service or application sprawl • New services can introduce security threats as programmers and network administrators may unwittingly introduce at-risk code • The introduction of new services can extend the threat network wide through a centralized or partially distributed controller
How to Plan for SDN 1 Determine if your environment will match hardware and software prerequisites
How to Plan for SDN 1 2 Determine if your environment will match hardware and software prerequisites Map out your proposed network
How to Plan for SDN 1 3 2 Determine if your environment will match hardware and software prerequisites Map out your proposed network Plan routing between networks
How to Plan for SDN 1 3 2 4 Determine if your environment will match hardware and software prerequisites Map out your proposed network Determine vland or subject access Plan routing between networks
How to Plan for SDN 1 3 5 2 4 Determine if your environment will match hardware and software prerequisites Map out your proposed network Determine vland or subject access Plan routing between networks Map out access controls (including roles)
How to Plan for SDN 1 3 5 2 4 6 Determine if your environment will match hardware and software prerequisites Map out your proposed network Determine vland or subject access Address spaces on the vnet Plan routing between networks Map out access controls (including roles)
How to Plan for SDN 1 3 5 7 2 4 6 Determine if your environment will match hardware and software prerequisites Map out your proposed network Determine vland or subject access Address spaces on the vnet Plan routing between networks Map out access controls (including roles) Determine peering
How to Plan for SDN 1 3 5 7 2 4 6 8 Determine if your environment will match hardware and software prerequisites Map out your proposed network Determine vland or subject access Address spaces on the vnet Analyze projected traffic Plan routing between networks Map out access controls (including roles) Determine peering
SDN Implementation  Build out your software-defined networks
SDN Implementation  Build out your software-defined networks  Build resource groups (applications, etc.)
SDN Implementation  Build out your software-defined networks  Build resource groups (applications, etc.)  Build out your vnet(s)
SDN Implementation  Build out your software-defined networks  Build resource groups (applications, etc.)  Build out your vnet(s)  Perform comprehensive testing • Sample methods (note: vnets lack built-in testing tools)  Build a VM for testing purposes • Put the VM on the network • Use Apache and open port 80 • Create a new VM and use it to ping the original VM • Open SSH (secure shell) and use port 22 • Use the Azure Serial Console (currently in preview), especially for Linux VMs  Compare VM to historical stats • Look at stats such as data disks, max IPS, local SSD, and load balancing
Traditional Networking Management SDN Management Set up well-known protocol parameters and track configuration changes Configure customized and ever-evolving software, setup data and control plane Management: Traditional vs. SDN
Traditional Networking Management SDN Management Set up well-known protocol parameters and track configuration changes Configure customized and ever-evolving software, setup data and control plane Set up alternate routs in case of failure Configure alternate forwarding device behavior in case of failure Management: Traditional vs. SDN
Traditional Networking Management SDN Management Set up well-known protocol parameters and track configuration changes Configure customized and ever-evolving software, setup data and control plane Set up alternate routs in case of failure Configure alternate forwarding device behavior in case of failure Assign and reserve bandwidth. Enforce quality of service configuration Monitor performance of network applications and adjust connection quality between data plane and control plane Management: Traditional vs. SDN
Traditional Networking Management SDN Management Control network access and prevent intrusion, spoofing and DoS attacks Use cloud security components, such as virtual firewalls, to grant isolation to network applications, prevent eavesdropping and capture of traffic Management: Traditional vs. SDN
SDN Monitoring Tips  Monitoring • Important metrics to monitor:  Ingress and egress of vnets
SDN Monitoring Tips  Monitoring • Important metrics to monitor:  Ingress and egress of vnets  Ingress and egress of your nics
SDN Monitoring Tips  Monitoring • Important metrics to monitor:  Ingress and egress of vnets  Ingress and egress of your nics  Load balance network w/ a load balancer (Microsoft or 3rd party) • Ensure the load matches your policy • Easy to misconfigure
SDN Monitoring Tips  Monitoring • Important metrics to monitor:  Ingress and egress of vnets  Ingress and egress of your nics  Load balance network w/ a load balancer (Microsoft or 3rd party) • Ensure the load matches your policy • Easy to misconfigure  Monitor uptime of solutions/ services • Ensure it is functioning at the application level and all the way down to the network layer
Common SDN Threats  SDN specific threats (implement general security best practices and use cloud security solutions) • Manipulation of information (data forging) • Software, firmware, and API exploits • Remote SDN app exploits • Malicious software like viruses and malware • Unauthorized access • Traffic sniffing and diversion
Common SDN Threats  SDN specific threats (implement general security best practices and use cloud security solutions) • Manipulation of information (data forging) • Software, firmware, and API exploits • Remote SDN app exploits • Malicious software like viruses and malware • Unauthorized access • Traffic sniffing and diversion  General network virtualization threats (implement general security best practices) • Virtualized host abuse • Network virtualization bypassing
Common SDN Threats  General network infrastructure threats (generally covered by cloud provider) • Physical threats • Damage/ loss • Failures/ malfunctions • Outages • Disasters • Legal
Common SDN Security Mistakes  Using public IPs in your network
Common SDN Security Mistakes  Using public IPs in your network  Opening up network rules to the world
Common SDN Security Mistakes  Using public IPs in your network  Opening up network rules to the world  Over-relying on open source packages without researching known or suspected vulnerabilities
SDN Security Best Practices  Secure your own data • By default, protect access to your VMs
SDN Security Best Practices  Secure your own data • By default, protect access to your VMs  Use network security groups in Azure • Control what objects and ports can ingress and egress • Second layer
SDN Security Best Practices  Secure your own data • By default, protect access to your VMs  Use network security groups in Azure • Control what objects and ports can ingress and egress • Second layer  Control routing behavior
SDN Security Best Practices  Secure your own data • By default, protect access to your VMs  Use network security groups in Azure • Control what objects and ports can ingress and egress • Second layer  Control routing behavior  Enable forced tunneling
SDN Security Best Practices  Deploy virtual network appliances and DMZs • Use built-in virtual firewalls or 3rd-party firewalls • Use a security solution that includes capabilities such as:  Intrusion detection  Vulnerability management  Application control  Network-based anomaly detection  Web filtering  Agentless Antivirus  Botnet protection
SDN Security Best Practices  Deploy virtual network appliances and DMZs • Use built-in virtual firewalls or 3rd-party firewalls • Use a security solution that includes capabilities such as:  Intrusion detection  Vulnerability management  Application control  Network-based anomaly detection  Web filtering  Agentless Antivirus  Botnet protection  Avoid exposure to the Internet with dedicated WAN links
SDN Security Best Practices  Deploy virtual network appliances and DMZs • Use built-in virtual firewalls or 3rd-party firewalls • Use a security solution that includes capabilities such as:  Intrusion detection  Vulnerability management  Application control  Network-based anomaly detection  Web filtering  Agentless Antivirus  Botnet protection  Avoid exposure to the Internet with dedicated WAN links  Optimize uptime and performance • Use load balancing
SDN Security Best Practices  Disable RDP access to Azure VMs
SDN Security Best Practices  Disable RDP access to Azure VMs  Manage VM security posture and consistently monitor VM performance
How 5nine Simplifies SDN Management Demo!
THANK YOU! Questions? Contact us: sales@5nine.com Learn more: https://www.5nine.com/5nine- manager-datacenter/

More Related Content

What's hot (20)

PPTX
Cloud computing
Rohith Shankar
 
PPTX
System center 2012 configurations manager
Belarmino Tomicha
 
PPTX
ETS Services Outline
Tony DeGonia (LION)
 
PPT
Security of software defined networking (sdn) and cognitive radio network (crn)
Ameer Sameer
 
PDF
VMworld 2013: VMware NSX: A Customer’s Perspective
VMworld
 
PPT
Top 5 Reasons To Consider SolarWinds IPAM Over Infoblox
SolarWinds
 
PPTX
Cloud Computing security Challenges for Defense Forces
commandersaini
 
PPT
Cross selling 5
Sen Nathan
 
PPTX
Network Troubleshooting - Part 2
SolarWinds
 
PDF
Windows Service Hardening
Digital Bond
 
PPTX
Migrating To Cloud & Security @ FOBE 2011
commandersaini
 
PDF
Telco Cloud 03 - Introduction to SDN
Vikas Shokeen
 
PDF
MT17_Building Integrated and Secure Networks with limited IT Support
Dell EMC World
 
PDF
ANS Solution Portfolio
jclauer
 
PPT
Big Events Cause Network Mayhem
PacketTrap Msp
 
PPTX
DEVNET-1114 Automated Management Using SDN/NFV
Cisco DevNet
 
PDF
Preventing The Next Data Breach Through Log Management
Novell
 
PDF
VMworld 2013: VMware Compliance Reference Architecture Framework Overview
VMworld
 
PPTX
SDN - a new security paradigm?
Sophos Benelux
 
PDF
Fore scout nac-datasheet
Khoa Nguyen Hong Nguyen
 
Cloud computing
Rohith Shankar
 
System center 2012 configurations manager
Belarmino Tomicha
 
ETS Services Outline
Tony DeGonia (LION)
 
Security of software defined networking (sdn) and cognitive radio network (crn)
Ameer Sameer
 
VMworld 2013: VMware NSX: A Customer’s Perspective
VMworld
 
Top 5 Reasons To Consider SolarWinds IPAM Over Infoblox
SolarWinds
 
Cloud Computing security Challenges for Defense Forces
commandersaini
 
Cross selling 5
Sen Nathan
 
Network Troubleshooting - Part 2
SolarWinds
 
Windows Service Hardening
Digital Bond
 
Migrating To Cloud & Security @ FOBE 2011
commandersaini
 
Telco Cloud 03 - Introduction to SDN
Vikas Shokeen
 
MT17_Building Integrated and Secure Networks with limited IT Support
Dell EMC World
 
ANS Solution Portfolio
jclauer
 
Big Events Cause Network Mayhem
PacketTrap Msp
 
DEVNET-1114 Automated Management Using SDN/NFV
Cisco DevNet
 
Preventing The Next Data Breach Through Log Management
Novell
 
VMworld 2013: VMware Compliance Reference Architecture Framework Overview
VMworld
 
SDN - a new security paradigm?
Sophos Benelux
 
Fore scout nac-datasheet
Khoa Nguyen Hong Nguyen
 

Similar to Simplifying SDN Networking Across Private and Public Clouds (20)

PPTX
Acceleration_and_Security_draft_v2
Srinivasa Addepalli
 
PPTX
Introduction to SDN and NFV
CoreStack
 
PDF
Visualizing Your Network Health - Driving Visibility in Increasingly Complex...
DellNMS
 
PPTX
M.Tech Internet of Things Unit - IV.pptx
AvinashAvuthu2
 
PPTX
Sdn
Mike Aro
 
PPTX
SDN 101: Software Defined Networking Course - Sameh Zaghloul/IBM - 2014
SAMeh Zaghloul
 
PPTX
Future Proofing your Data Center Network
InnoTech
 
PDF
VMware NSX for vSphere - Intro and use cases
Angel Villar Garea
 
PDF
Sdn primer pdf
Pooja Patel
 
PPTX
Software_Defined_Networking.pptx
AsfawGedamu
 
PDF
OVNC 2015-Software-Defined Networking: Where Are We Today?
NAIM Networks, Inc.
 
PDF
Software Defined Networks - Unit -1- class lecture notes.pdf
softwaretrainer2elys
 
PPTX
Empowering Uptime with a 24/7 Network Operations Center (NOC)
dikshanfc
 
PDF
VMworld 2013: Technical Deep Dive: Build a Collapsed DMZ Architecture for Opt...
VMworld
 
PDF
Evolve v2.3 data_sheet
Nimit Shishodia
 
PDF
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'
OpenStack Korea Community
 
PDF
Visualizing Your Network Health - Know your Network
DellNMS
 
PPTX
Government and Education Webinar: Conquering Remote Work IT Challenges
SolarWinds
 
PPTX
Rik Ferguson
CloudExpoEurope
 
PDF
WWT Software-Defined Networking Guide
Joel W. King
 
Acceleration_and_Security_draft_v2
Srinivasa Addepalli
 
Introduction to SDN and NFV
CoreStack
 
Visualizing Your Network Health - Driving Visibility in Increasingly Complex...
DellNMS
 
M.Tech Internet of Things Unit - IV.pptx
AvinashAvuthu2
 
Sdn
Mike Aro
 
SDN 101: Software Defined Networking Course - Sameh Zaghloul/IBM - 2014
SAMeh Zaghloul
 
Future Proofing your Data Center Network
InnoTech
 
VMware NSX for vSphere - Intro and use cases
Angel Villar Garea
 
Sdn primer pdf
Pooja Patel
 
Software_Defined_Networking.pptx
AsfawGedamu
 
OVNC 2015-Software-Defined Networking: Where Are We Today?
NAIM Networks, Inc.
 
Software Defined Networks - Unit -1- class lecture notes.pdf
softwaretrainer2elys
 
Empowering Uptime with a 24/7 Network Operations Center (NOC)
dikshanfc
 
VMworld 2013: Technical Deep Dive: Build a Collapsed DMZ Architecture for Opt...
VMworld
 
Evolve v2.3 data_sheet
Nimit Shishodia
 
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'
OpenStack Korea Community
 
Visualizing Your Network Health - Know your Network
DellNMS
 
Government and Education Webinar: Conquering Remote Work IT Challenges
SolarWinds
 
Rik Ferguson
CloudExpoEurope
 
WWT Software-Defined Networking Guide
Joel W. King
 
Ad

Recently uploaded (20)

PPTX
Empowering Asian Contributions: The Rise of Regional User Groups in Open Sour...
Shane Coughlan
 
PDF
Wondershare PDFelement Pro Crack for MacOS New Version Latest 2025
bashirkhan333g
 
PDF
[Solution] Why Choose the VeryPDF DRM Protector Custom-Built Solution for You...
Lingwen1998
 
PPTX
ChiSquare Procedure in IBM SPSS Statistics Version 31.pptx
Version 1 Analytics
 
PPTX
In From the Cold: Open Source as Part of Mainstream Software Asset Management
Shane Coughlan
 
PDF
Odoo CRM vs Zoho CRM: Honest Comparison 2025
Odiware Technologies Private Limited
 
PPTX
Finding Your License Details in IBM SPSS Statistics Version 31.pptx
Version 1 Analytics
 
PPTX
Coefficient of Variance in IBM SPSS Statistics Version 31.pptx
Version 1 Analytics
 
PDF
IDM Crack with Internet Download Manager 6.42 Build 43 with Patch Latest 2025
bashirkhan333g
 
PDF
Simplify React app login with asgardeo-sdk
vaibhav289687
 
PDF
Empower Your Tech Vision- Why Businesses Prefer to Hire Remote Developers fro...
logixshapers59
 
PDF
AOMEI Partition Assistant Crack 10.8.2 + WinPE Free Downlaod New Version 2025
bashirkhan333g
 
PDF
SAP Firmaya İade ABAB Kodları - ABAB ile yazılmıl hazır kod örneği
Salih Küçük
 
PDF
Download Canva Pro 2025 PC Crack Full Latest Version
bashirkhan333g
 
PPTX
Homogeneity of Variance Test Options IBM SPSS Statistics Version 31.pptx
Version 1 Analytics
 
PPTX
Change Common Properties in IBM SPSS Statistics Version 31.pptx
Version 1 Analytics
 
PDF
Dipole Tech Innovations – Global IT Solutions for Business Growth
dipoletechi3
 
PPTX
Agentic Automation Journey Series Day 2 – Prompt Engineering for UiPath Agents
klpathrudu
 
PPTX
Milwaukee Marketo User Group - Summer Road Trip: Mapping and Personalizing Yo...
bbedford2
 
PPTX
Comprehensive Risk Assessment Module for Smarter Risk Management
EHA Soft Solutions
 
Empowering Asian Contributions: The Rise of Regional User Groups in Open Sour...
Shane Coughlan
 
Wondershare PDFelement Pro Crack for MacOS New Version Latest 2025
bashirkhan333g
 
[Solution] Why Choose the VeryPDF DRM Protector Custom-Built Solution for You...
Lingwen1998
 
ChiSquare Procedure in IBM SPSS Statistics Version 31.pptx
Version 1 Analytics
 
In From the Cold: Open Source as Part of Mainstream Software Asset Management
Shane Coughlan
 
Odoo CRM vs Zoho CRM: Honest Comparison 2025
Odiware Technologies Private Limited
 
Finding Your License Details in IBM SPSS Statistics Version 31.pptx
Version 1 Analytics
 
Coefficient of Variance in IBM SPSS Statistics Version 31.pptx
Version 1 Analytics
 
IDM Crack with Internet Download Manager 6.42 Build 43 with Patch Latest 2025
bashirkhan333g
 
Simplify React app login with asgardeo-sdk
vaibhav289687
 
Empower Your Tech Vision- Why Businesses Prefer to Hire Remote Developers fro...
logixshapers59
 
AOMEI Partition Assistant Crack 10.8.2 + WinPE Free Downlaod New Version 2025
bashirkhan333g
 
SAP Firmaya İade ABAB Kodları - ABAB ile yazılmıl hazır kod örneği
Salih Küçük
 
Download Canva Pro 2025 PC Crack Full Latest Version
bashirkhan333g
 
Homogeneity of Variance Test Options IBM SPSS Statistics Version 31.pptx
Version 1 Analytics
 
Change Common Properties in IBM SPSS Statistics Version 31.pptx
Version 1 Analytics
 
Dipole Tech Innovations – Global IT Solutions for Business Growth
dipoletechi3
 
Agentic Automation Journey Series Day 2 – Prompt Engineering for UiPath Agents
klpathrudu
 
Milwaukee Marketo User Group - Summer Road Trip: Mapping and Personalizing Yo...
bbedford2
 
Comprehensive Risk Assessment Module for Smarter Risk Management
EHA Soft Solutions
 
Ad

Simplifying SDN Networking Across Private and Public Clouds

  • 1. www.5nine.com Tips, Tricks and Proven Methodologies to Simplify Software-Defined Networking (SDN)Across Private and Public Clouds
  • 2. 5nineUnified CloudManagement andSecurity Platform We simplify, centralize and secure the Microsoft Cloud – public, private and hybrid – so both enterprise IT and Service Provider customers can focus on accelerating their business. Certified for Windows Server 2016, 2012 R2, 2012, Microsoft Hyper-V, Microsoft Azure 1,000+ Customers 100+ Countries 100K+ Cloud & Virtualization Administrators 5M+ Virtual Machines Managed & Protected ReduceSDNCosts.Accelerate SDNTimelines.
  • 3. Agenda Software Defined Networking (SDN) 101 • What is SDN? • Who’s Responsible for SDN? • Why Choose SDN? • Potential SDN Challenges Best Practices for SDN Configuration • Planning • Implementation SDN Management Made Easy (HINT: Monitoring) • Traditional Network Management vs. SDN • SDN Management Best Practices 3 SDN Misconfigurations You Don’t Want to Make • Common SDN Threats • Common SDN Security Mistakes • SDN Security Best Practices How 5nine Can Save You Thousands of Hours Configuring and Managing SDN • What Sets 5nine Apart for SDN • 5nine Demonstration Closing Comments and Next Steps • Q&A • Next Steps • Amazon Gift Card Giveaways
  • 4. Traditional Networking Software Defined Networking Functionality implemented through a dedicated hardware appliance Decouples hardware from software (separates the control plane from the data plane)
  • 5. Traditional Networking Software Defined Networking Functionality implemented through a dedicated hardware appliance Decouples hardware from software (separates the control plane from the data plane) Uses routers, switches, firewalls or application controllers Control plane determines were to send traffic and how the network is administered
  • 6. Traditional Networking Software Defined Networking Functionality implemented through a dedicated hardware appliance Decouples hardware from software (separates the control plane from the data plane) Uses routers, switches, firewalls or application controllers Control plane determines were to send traffic and how the network is administered Each appliance must be manually configured or updated by an IT admin Data plane carries out decisions made in the control plane/console and forwards traffic
  • 7. Traditional Networking Software Defined Networking Functionality implemented through a dedicated hardware appliance Decouples hardware from software (separates the control plane from the data plane) Uses routers, switches, firewalls or application controllers Control plane determines were to send traffic and how the network is administered Each appliance must be manually configured or updated by an IT admin Data plane carries out decisions made in the control plane/console and forwards traffic 100% Centrally Managed
  • 8. Who is Responsible for Network Configuration? Virtualization Admin Hardware Defined Model
  • 9. Storage Admin Who is Responsible for Network Configuration? Virtualization Admin Hardware Defined Model
  • 10. Storage Admin Who is Responsible for Network Configuration? Virtualization Admin Hardware Defined Model Network Admin
  • 11. Who is Responsible for Network Configuration? Virtualization Admin Software Defined Model Higher ROI
  • 12. Who is Responsible for Network Configuration? Virtualization Admin Software Defined Model Knows how to bring up servers and virtual machines Higher ROI
  • 13. Who is Responsible for Network Configuration? Virtualization Admin Software Defined Model Knows how to bring up servers and virtual machines Knows how to bring in storage (which is essentially on the network now) Higher ROI
  • 14. Virtualization Admin Software Defined Model Knows how to bring up servers and virtual machines Knows how to bring in storage (which is essentially on the network now) Know how to interact with physical hardware Higher ROI Who is Responsible for Network Configuration?
  • 15. Who is Responsible for Network Configuration? Virtualization Admin Software Defined Model Knows how to bring up servers and virtual machines Knows how to bring in storage (which is essentially on the network now) Know how to interact with physical hardware Know how to interact with open standards and protocols such as BGP Higher ROI
  • 16. Who is Responsible for Network Configuration? Virtualization Admin Software Defined Model Knows how to bring up servers and virtual machines Knows how to bring in storage (which is essentially on the network now) Know how to interact with physical hardware Know how to interact with open standards and protocols such as BGP Higher ROI
  • 17. Advantages of SDN  Increase operational agility and scalability • More efficiently manage network resources • Add bandwidth “on demand” • Program directly into the software layer
  • 18. Advantages of SDN  Increase operational agility and scalability • More efficiently manage network resources • Add bandwidth “on demand” • Program directly into the software layer  Centralize network management • Manage entire network as a single unit • Enterprise-wide optimization and planning, including dynamic network reconfiguration • Provides a single place for apps to interact (auth, etc.) • Provides a centralized security control point where security information can be distributed evenly through business networks across multiple sites
  • 19. Advantages of SDN  Increase operational agility and scalability • More efficiently manage network resources • Add bandwidth “on demand” • Program directly into the software layer  Centralize network management • Manage entire network as a single unit • Enterprise-wide optimization and planning, including dynamic network reconfiguration • Provides a single place for apps to interact (auth, etc.) • Provides a centralized security control point where security information can be distributed evenly through business networks across multiple sites  Exert external control • Enables network apps • Provides easy integration to leverage existing knowledge, experience and tools
  • 20. Advantages of SDN  Vendor neutral with an open-standards base • Reduces risk of getting locked in on the technical side because of vendor-specific hardware requirements • Can interface with NetFlow’s, OpenFlow’s and others from switch manufacturers
  • 21. Advantages of SDN  Vendor neutral with an open-standards base • Reduces risk of getting locked in on the technical side because of vendor-specific hardware requirements • Can interface with NetFlow’s, OpenFlow’s and others from switch manufacturers  Easier to maintain • Reduces the need for hardware refreshes and manual updates
  • 22. Advantages of SDN  Vendor neutral with an open-standards base • Reduces risk of getting locked in on the technical side because of vendor-specific hardware requirements • Can interface with NetFlow’s, OpenFlow’s and others from switch manufacturers  Easier to maintain • Reduces the need for hardware refreshes and manual updates  Lowers barrier of entry • Network hardware becomes a commodity, driving down costs
  • 23. Challenges of SDN  Controller reliability and stability
  • 24. Challenges of SDN  Controller reliability and stability  Unexpected interactions between features
  • 25. Challenges of SDN  Controller reliability and stability  Unexpected interactions between features  Controller security (runs on a general purpose computer and OS)
  • 26. Challenges of SDN  Controller reliability and stability  Unexpected interactions between features  Controller security (runs on a general purpose computer and OS)  Network sprawl • SDNs virtual nature can make it tempting to create countless network segments, but each new network segment introduces its own risk and security requirements
  • 27. Challenges of SDN  Controller reliability and stability  Unexpected interactions between features  Controller security (runs on a general purpose computer and OS)  Network sprawl • SDNs virtual nature can make it tempting to create countless network segments, but each new network segment introduces its own risk and security requirements  Service or application sprawl • New services can introduce security threats as programmers and network administrators may unwittingly introduce at-risk code • The introduction of new services can extend the threat network wide through a centralized or partially distributed controller
  • 28. How to Plan for SDN 1 Determine if your environment will match hardware and software prerequisites
  • 29. How to Plan for SDN 1 2 Determine if your environment will match hardware and software prerequisites Map out your proposed network
  • 30. How to Plan for SDN 1 3 2 Determine if your environment will match hardware and software prerequisites Map out your proposed network Plan routing between networks
  • 31. How to Plan for SDN 1 3 2 4 Determine if your environment will match hardware and software prerequisites Map out your proposed network Determine vland or subject access Plan routing between networks
  • 32. How to Plan for SDN 1 3 5 2 4 Determine if your environment will match hardware and software prerequisites Map out your proposed network Determine vland or subject access Plan routing between networks Map out access controls (including roles)
  • 33. How to Plan for SDN 1 3 5 2 4 6 Determine if your environment will match hardware and software prerequisites Map out your proposed network Determine vland or subject access Address spaces on the vnet Plan routing between networks Map out access controls (including roles)
  • 34. How to Plan for SDN 1 3 5 7 2 4 6 Determine if your environment will match hardware and software prerequisites Map out your proposed network Determine vland or subject access Address spaces on the vnet Plan routing between networks Map out access controls (including roles) Determine peering
  • 35. How to Plan for SDN 1 3 5 7 2 4 6 8 Determine if your environment will match hardware and software prerequisites Map out your proposed network Determine vland or subject access Address spaces on the vnet Analyze projected traffic Plan routing between networks Map out access controls (including roles) Determine peering
  • 36. SDN Implementation  Build out your software-defined networks
  • 37. SDN Implementation  Build out your software-defined networks  Build resource groups (applications, etc.)
  • 38. SDN Implementation  Build out your software-defined networks  Build resource groups (applications, etc.)  Build out your vnet(s)
  • 39. SDN Implementation  Build out your software-defined networks  Build resource groups (applications, etc.)  Build out your vnet(s)  Perform comprehensive testing • Sample methods (note: vnets lack built-in testing tools)  Build a VM for testing purposes • Put the VM on the network • Use Apache and open port 80 • Create a new VM and use it to ping the original VM • Open SSH (secure shell) and use port 22 • Use the Azure Serial Console (currently in preview), especially for Linux VMs  Compare VM to historical stats • Look at stats such as data disks, max IPS, local SSD, and load balancing
  • 40. Traditional Networking Management SDN Management Set up well-known protocol parameters and track configuration changes Configure customized and ever-evolving software, setup data and control plane Management: Traditional vs. SDN
  • 41. Traditional Networking Management SDN Management Set up well-known protocol parameters and track configuration changes Configure customized and ever-evolving software, setup data and control plane Set up alternate routs in case of failure Configure alternate forwarding device behavior in case of failure Management: Traditional vs. SDN
  • 42. Traditional Networking Management SDN Management Set up well-known protocol parameters and track configuration changes Configure customized and ever-evolving software, setup data and control plane Set up alternate routs in case of failure Configure alternate forwarding device behavior in case of failure Assign and reserve bandwidth. Enforce quality of service configuration Monitor performance of network applications and adjust connection quality between data plane and control plane Management: Traditional vs. SDN
  • 43. Traditional Networking Management SDN Management Control network access and prevent intrusion, spoofing and DoS attacks Use cloud security components, such as virtual firewalls, to grant isolation to network applications, prevent eavesdropping and capture of traffic Management: Traditional vs. SDN
  • 44. SDN Monitoring Tips  Monitoring • Important metrics to monitor:  Ingress and egress of vnets
  • 45. SDN Monitoring Tips  Monitoring • Important metrics to monitor:  Ingress and egress of vnets  Ingress and egress of your nics
  • 46. SDN Monitoring Tips  Monitoring • Important metrics to monitor:  Ingress and egress of vnets  Ingress and egress of your nics  Load balance network w/ a load balancer (Microsoft or 3rd party) • Ensure the load matches your policy • Easy to misconfigure
  • 47. SDN Monitoring Tips  Monitoring • Important metrics to monitor:  Ingress and egress of vnets  Ingress and egress of your nics  Load balance network w/ a load balancer (Microsoft or 3rd party) • Ensure the load matches your policy • Easy to misconfigure  Monitor uptime of solutions/ services • Ensure it is functioning at the application level and all the way down to the network layer
  • 48. Common SDN Threats  SDN specific threats (implement general security best practices and use cloud security solutions) • Manipulation of information (data forging) • Software, firmware, and API exploits • Remote SDN app exploits • Malicious software like viruses and malware • Unauthorized access • Traffic sniffing and diversion
  • 49. Common SDN Threats  SDN specific threats (implement general security best practices and use cloud security solutions) • Manipulation of information (data forging) • Software, firmware, and API exploits • Remote SDN app exploits • Malicious software like viruses and malware • Unauthorized access • Traffic sniffing and diversion  General network virtualization threats (implement general security best practices) • Virtualized host abuse • Network virtualization bypassing
  • 50. Common SDN Threats  General network infrastructure threats (generally covered by cloud provider) • Physical threats • Damage/ loss • Failures/ malfunctions • Outages • Disasters • Legal
  • 51. Common SDN Security Mistakes  Using public IPs in your network
  • 52. Common SDN Security Mistakes  Using public IPs in your network  Opening up network rules to the world
  • 53. Common SDN Security Mistakes  Using public IPs in your network  Opening up network rules to the world  Over-relying on open source packages without researching known or suspected vulnerabilities
  • 54. SDN Security Best Practices  Secure your own data • By default, protect access to your VMs
  • 55. SDN Security Best Practices  Secure your own data • By default, protect access to your VMs  Use network security groups in Azure • Control what objects and ports can ingress and egress • Second layer
  • 56. SDN Security Best Practices  Secure your own data • By default, protect access to your VMs  Use network security groups in Azure • Control what objects and ports can ingress and egress • Second layer  Control routing behavior
  • 57. SDN Security Best Practices  Secure your own data • By default, protect access to your VMs  Use network security groups in Azure • Control what objects and ports can ingress and egress • Second layer  Control routing behavior  Enable forced tunneling
  • 58. SDN Security Best Practices  Deploy virtual network appliances and DMZs • Use built-in virtual firewalls or 3rd-party firewalls • Use a security solution that includes capabilities such as:  Intrusion detection  Vulnerability management  Application control  Network-based anomaly detection  Web filtering  Agentless Antivirus  Botnet protection
  • 59. SDN Security Best Practices  Deploy virtual network appliances and DMZs • Use built-in virtual firewalls or 3rd-party firewalls • Use a security solution that includes capabilities such as:  Intrusion detection  Vulnerability management  Application control  Network-based anomaly detection  Web filtering  Agentless Antivirus  Botnet protection  Avoid exposure to the Internet with dedicated WAN links
  • 60. SDN Security Best Practices  Deploy virtual network appliances and DMZs • Use built-in virtual firewalls or 3rd-party firewalls • Use a security solution that includes capabilities such as:  Intrusion detection  Vulnerability management  Application control  Network-based anomaly detection  Web filtering  Agentless Antivirus  Botnet protection  Avoid exposure to the Internet with dedicated WAN links  Optimize uptime and performance • Use load balancing
  • 61. SDN Security Best Practices  Disable RDP access to Azure VMs
  • 62. SDN Security Best Practices  Disable RDP access to Azure VMs  Manage VM security posture and consistently monitor VM performance
  • 63. How 5nine Simplifies SDN Management Demo!
  • 64. THANK YOU! Questions? Contact us: [email protected] Learn more: https://www.5nine.com/5nine- manager-datacenter/

Editor's Notes

  • #5: Traditional Networking Functionality implemented through a dedicated hardware appliance Involves routers, switches, firewalls or application controllers Each appliance must be manually configured or updated by an IT admin Software-Defined Networking Decouples hardware from software (separates the control plane from the data plane) Control plane: Administration of the network, including setting up packet processing rules, which determines where to send traffic Data plane: Carries out decisions made in the control plane/console and forwards traffic (packet processing) SDN enables hardware to be controlled and managed from a centralized software application
  • #6: Traditional Networking Functionality implemented through a dedicated hardware appliance Involves routers, switches, firewalls or application controllers Each appliance must be manually configured or updated by an IT admin Software-Defined Networking Decouples hardware from software (separates the control plane from the data plane) Control plane: Administration of the network, including setting up packet processing rules, which determines where to send traffic Data plane: Carries out decisions made in the control plane/console and forwards traffic (packet processing) SDN enables hardware to be controlled and managed from a centralized software application
  • #7: Traditional Networking Functionality implemented through a dedicated hardware appliance Involves routers, switches, firewalls or application controllers Each appliance must be manually configured or updated by an IT admin Software-Defined Networking Decouples hardware from software (separates the control plane from the data plane) Control plane: Administration of the network, including setting up packet processing rules, which determines where to send traffic Data plane: Carries out decisions made in the control plane/console and forwards traffic (packet processing) SDN enables hardware to be controlled and managed from a centralized software application
  • #8: Traditional Networking Functionality implemented through a dedicated hardware appliance Involves routers, switches, firewalls or application controllers Each appliance must be manually configured or updated by an IT admin Software-Defined Networking Decouples hardware from software (separates the control plane from the data plane) Control plane: Administration of the network, including setting up packet processing rules, which determines where to send traffic Data plane: Carries out decisions made in the control plane/console and forwards traffic (packet processing) SDN enables hardware to be controlled and managed from a centralized software application
  • #29: Determine if your environment will match hardware and software prerequisites Physical network Ensure you have access to your physical network devices to configure VLANs, Routing, BGP, Data Center Bridging (ETS) if using an RDMA technology, and Data Center Bridging (PFC) if using a RoCE based RDMA technology Physical compute hosts Review your Network Interface Cards (NICs) and switches to make sure they support certain capabilities, IETF standards and tagging protocol Ensure you have Windows Server 2016 installed, Hyper-V enabled, and an external Hyper-V virtual switch created with at least one physical adapter connected to the Management logical network Map out your proposed network How many subnets will you create? Will you use shield subnets, end user subnets, product subnets, or others? Plan routing between networks Map out connections between networks Determine vland or subject access Always ask yourself the who, what, when and where of access Map out access controls (including roles) Address spaces on the vnet Determine peering Will your network be vnet to vnet? Will you use other networks for peering? Analyze projected traffic Will any traffic or data ingress or egress from the internet? Will I be using only VPN access to Azure?
  • #30: Determine if your environment will match hardware and software prerequisites Physical network Ensure you have access to your physical network devices to configure VLANs, Routing, BGP, Data Center Bridging (ETS) if using an RDMA technology, and Data Center Bridging (PFC) if using a RoCE based RDMA technology Physical compute hosts Review your Network Interface Cards (NICs) and switches to make sure they support certain capabilities, IETF standards and tagging protocol Ensure you have Windows Server 2016 installed, Hyper-V enabled, and an external Hyper-V virtual switch created with at least one physical adapter connected to the Management logical network Map out your proposed network How many subnets will you create? Will you use shield subnets, end user subnets, product subnets, or others? Plan routing between networks Map out connections between networks Determine vland or subject access Always ask yourself the who, what, when and where of access Map out access controls (including roles) Address spaces on the vnet Determine peering Will your network be vnet to vnet? Will you use other networks for peering? Analyze projected traffic Will any traffic or data ingress or egress from the internet? Will I be using only VPN access to Azure?
  • #31: Determine if your environment will match hardware and software prerequisites Physical network Ensure you have access to your physical network devices to configure VLANs, Routing, BGP, Data Center Bridging (ETS) if using an RDMA technology, and Data Center Bridging (PFC) if using a RoCE based RDMA technology Physical compute hosts Review your Network Interface Cards (NICs) and switches to make sure they support certain capabilities, IETF standards and tagging protocol Ensure you have Windows Server 2016 installed, Hyper-V enabled, and an external Hyper-V virtual switch created with at least one physical adapter connected to the Management logical network Map out your proposed network How many subnets will you create? Will you use shield subnets, end user subnets, product subnets, or others? Plan routing between networks Map out connections between networks Determine vland or subject access Always ask yourself the who, what, when and where of access Map out access controls (including roles) Address spaces on the vnet Determine peering Will your network be vnet to vnet? Will you use other networks for peering? Analyze projected traffic Will any traffic or data ingress or egress from the internet? Will I be using only VPN access to Azure?
  • #32: Determine if your environment will match hardware and software prerequisites Physical network Ensure you have access to your physical network devices to configure VLANs, Routing, BGP, Data Center Bridging (ETS) if using an RDMA technology, and Data Center Bridging (PFC) if using a RoCE based RDMA technology Physical compute hosts Review your Network Interface Cards (NICs) and switches to make sure they support certain capabilities, IETF standards and tagging protocol Ensure you have Windows Server 2016 installed, Hyper-V enabled, and an external Hyper-V virtual switch created with at least one physical adapter connected to the Management logical network Map out your proposed network How many subnets will you create? Will you use shield subnets, end user subnets, product subnets, or others? Plan routing between networks Map out connections between networks Determine vland or subject access Always ask yourself the who, what, when and where of access Map out access controls (including roles) Address spaces on the vnet Determine peering Will your network be vnet to vnet? Will you use other networks for peering? Analyze projected traffic Will any traffic or data ingress or egress from the internet? Will I be using only VPN access to Azure?
  • #33: Determine if your environment will match hardware and software prerequisites Physical network Ensure you have access to your physical network devices to configure VLANs, Routing, BGP, Data Center Bridging (ETS) if using an RDMA technology, and Data Center Bridging (PFC) if using a RoCE based RDMA technology Physical compute hosts Review your Network Interface Cards (NICs) and switches to make sure they support certain capabilities, IETF standards and tagging protocol Ensure you have Windows Server 2016 installed, Hyper-V enabled, and an external Hyper-V virtual switch created with at least one physical adapter connected to the Management logical network Map out your proposed network How many subnets will you create? Will you use shield subnets, end user subnets, product subnets, or others? Plan routing between networks Map out connections between networks Determine vland or subject access Always ask yourself the who, what, when and where of access Map out access controls (including roles) Address spaces on the vnet Determine peering Will your network be vnet to vnet? Will you use other networks for peering? Analyze projected traffic Will any traffic or data ingress or egress from the internet? Will I be using only VPN access to Azure?
  • #34: Determine if your environment will match hardware and software prerequisites Physical network Ensure you have access to your physical network devices to configure VLANs, Routing, BGP, Data Center Bridging (ETS) if using an RDMA technology, and Data Center Bridging (PFC) if using a RoCE based RDMA technology Physical compute hosts Review your Network Interface Cards (NICs) and switches to make sure they support certain capabilities, IETF standards and tagging protocol Ensure you have Windows Server 2016 installed, Hyper-V enabled, and an external Hyper-V virtual switch created with at least one physical adapter connected to the Management logical network Map out your proposed network How many subnets will you create? Will you use shield subnets, end user subnets, product subnets, or others? Plan routing between networks Map out connections between networks Determine vland or subject access Always ask yourself the who, what, when and where of access Map out access controls (including roles) Address spaces on the vnet Determine peering Will your network be vnet to vnet? Will you use other networks for peering? Analyze projected traffic Will any traffic or data ingress or egress from the internet? Will I be using only VPN access to Azure?
  • #35: Determine if your environment will match hardware and software prerequisites Physical network Ensure you have access to your physical network devices to configure VLANs, Routing, BGP, Data Center Bridging (ETS) if using an RDMA technology, and Data Center Bridging (PFC) if using a RoCE based RDMA technology Physical compute hosts Review your Network Interface Cards (NICs) and switches to make sure they support certain capabilities, IETF standards and tagging protocol Ensure you have Windows Server 2016 installed, Hyper-V enabled, and an external Hyper-V virtual switch created with at least one physical adapter connected to the Management logical network Map out your proposed network How many subnets will you create? Will you use shield subnets, end user subnets, product subnets, or others? Plan routing between networks Map out connections between networks Determine vland or subject access Always ask yourself the who, what, when and where of access Map out access controls (including roles) Address spaces on the vnet Determine peering Will your network be vnet to vnet? Will you use other networks for peering? Analyze projected traffic Will any traffic or data ingress or egress from the internet? Will I be using only VPN access to Azure?
  • #36: Determine if your environment will match hardware and software prerequisites Physical network Ensure you have access to your physical network devices to configure VLANs, Routing, BGP, Data Center Bridging (ETS) if using an RDMA technology, and Data Center Bridging (PFC) if using a RoCE based RDMA technology Physical compute hosts Review your Network Interface Cards (NICs) and switches to make sure they support certain capabilities, IETF standards and tagging protocol Ensure you have Windows Server 2016 installed, Hyper-V enabled, and an external Hyper-V virtual switch created with at least one physical adapter connected to the Management logical network Map out your proposed network How many subnets will you create? Will you use shield subnets, end user subnets, product subnets, or others? Plan routing between networks Map out connections between networks Determine vland or subject access Always ask yourself the who, what, when and where of access Map out access controls (including roles) Address spaces on the vnet Determine peering Will your network be vnet to vnet? Will you use other networks for peering? Analyze projected traffic Will any traffic or data ingress or egress from the internet? Will I be using only VPN access to Azure?
  • #41: Configuration Traditional: Set up well-known protocol parameters and track configuration changes SDN: Configure customized and ever-evolving software, setup data and control plane Availability Traditional: Set up alternate routs in case of failure SDN: Configure alternate forwarding device behavior in case of failure Performance Traditional: Assign and reserve bandwidth. Enforce quality of service configuration SDN: Monitor performance of network applications and adjust connection quality between data plane and control plane Isolation and Security Traditional: Control network access and prevent intrusion, spoofing and DoS attacks SDN: Use cloud security components, such as virtual firewalls, to grant isolation to network applications, prevent eavesdropping and capture of traffic Bottom Line = SDN solves classical network management problems, but also creates new ones
  • #42: Configuration Traditional: Set up well-known protocol parameters and track configuration changes SDN: Configure customized and ever-evolving software, setup data and control plane Availability Traditional: Set up alternate routs in case of failure SDN: Configure alternate forwarding device behavior in case of failure Performance Traditional: Assign and reserve bandwidth. Enforce quality of service configuration SDN: Monitor performance of network applications and adjust connection quality between data plane and control plane Isolation and Security Traditional: Control network access and prevent intrusion, spoofing and DoS attacks SDN: Use cloud security components, such as virtual firewalls, to grant isolation to network applications, prevent eavesdropping and capture of traffic Bottom Line = SDN solves classical network management problems, but also creates new ones
  • #43: Configuration Traditional: Set up well-known protocol parameters and track configuration changes SDN: Configure customized and ever-evolving software, setup data and control plane Availability Traditional: Set up alternate routs in case of failure SDN: Configure alternate forwarding device behavior in case of failure Performance Traditional: Assign and reserve bandwidth. Enforce quality of service configuration SDN: Monitor performance of network applications and adjust connection quality between data plane and control plane Isolation and Security Traditional: Control network access and prevent intrusion, spoofing and DoS attacks SDN: Use cloud security components, such as virtual firewalls, to grant isolation to network applications, prevent eavesdropping and capture of traffic Bottom Line = SDN solves classical network management problems, but also creates new ones
  • #44: Configuration Traditional: Set up well-known protocol parameters and track configuration changes SDN: Configure customized and ever-evolving software, setup data and control plane Availability Traditional: Set up alternate routs in case of failure SDN: Configure alternate forwarding device behavior in case of failure Performance Traditional: Assign and reserve bandwidth. Enforce quality of service configuration SDN: Monitor performance of network applications and adjust connection quality between data plane and control plane Isolation and Security Traditional: Control network access and prevent intrusion, spoofing and DoS attacks SDN: Use cloud security components, such as virtual firewalls, to grant isolation to network applications, prevent eavesdropping and capture of traffic Bottom Line = SDN solves classical network management problems, but also creates new ones