Understanding the value of software-defined networks (SDN)

  • A firewall is the best defense in a local area network.
  • In a software-defined network, traffic, security, and visibility can be managed more effectively using software.

Here is a satellite view of the street that I grew up on. Doesn’t it make you think of a LAN (Local Area Network)? Think of how we draw a LAN on a network diagram. It is a central line with a series of perpendicular lines connecting it to all the host devices, similar to how the driveways in the picture below connect all the homes to the street.

With a LAN, all the host devices share the same network address. On my street, all of my friends shared the same street address. When I was six years old, this block was the extent of my social network. There was big George, little George, Phil, Joe, and Pauly. We had a great block, and everyone knew everyone.

However, I cannot say that I was friends with all of the kids on this street. In fact, there was one kid in the neighborhood that was a little bit older than me, and I was warned to steer clear of him. But this was my network, and if a troublemaker wanted to observe when I came and went, or where I was going, there was nothing to stop them. Similar to a LAN, I can’t change my neighbors, and I can’t stop someone from knocking on my door. My only defense is the lock on my door, or in network terms, a firewall.

street view

Expanding the network

As I entered High School, I started to make friends from outside of my immediate neighborhood. I had to take a bus to get to my friend Jon’s house. His street looked a lot like mine, but he lived a few miles away. Like a Wide Area Network, we did not share the same street address, but there was a reliable path between our two homes.

I now had a larger network with more friends. But what is also interesting is that I was now more vulnerable than ever. Sure, the NYC bus service was relatively safe, and sure, the driver was there in case a fight broke out. But I was then surrounded by a bunch of folks that I’d never seen or met before. When I was fifteen, this was the extent of my social network.

transport between homes

As I entered college and the workforce, my network grew even larger. My social network now reaches across the country.

Further defining the network

In 2006, I joined Facebook — a new kind of social network. Facebook was very different from the social networks I had in the physical world, because it allowed me to define my neighborhood using software. That’s right. My new virtual neighborhood only included my friends, so no one outside of my social network could see what I’d been doing.

To some extent, with Facebook, I don’t exist to those outside of my network. I can further create filters to share information with a subset of my friends. To me, this resembles a Software-Defined Network (SDN). With software-defined networks, a network is defined by the host devices that need to communicate with one another rather than by physical geography or common broadcast domains. This allows us to manage traffic and security in ways that are very different from how we manage today’s networks, compartmentalizing applications and users alike. Instead of using firewalls to keep others out, we can use software to eliminate visibility from outside host devices.

I’m very excited about Software-Defined Networks and look forward to seeing how it will change the way we work and live.

If you have any questions or thoughts about SDNs, leave a comment and I’ll be sure to respond.

Don Parente Technology Strategy and Chief Architect Director AT&T About Don