While SDN in the data center gets most of the attention, there’s going to be significant SDN activity in the campus LAN as well.
- Campus LAN administrators are already using automation extensively, so making the transition into SDN should be easy.
When SDN is brought up, it’s almost always in the context of the data center, but few are talking about taking SDN to the campus LAN. The data center focus makes sense because there is a considerable enterprise spend on data center acquisitions and networking, which has been holding back many enterprises from seeking additional benefits from further virtualization. And there are technologies in the market now and more coming in 2014 that will address SDN in the data center.
There are, however, equally difficult problems to solve in the campus LAN which aren’t being addressed. When I talk to enterprise IT users, the problems they describe are screaming for campus SDN, they just don’t call it that. Those problems include increasingly complex operations management, more demands for better performing applications, stricter yet more flexible network policies, and demands for better monitoring, troubleshooting, and analysis.
Campus network administrators are primed for automated and orchestrated management. Automation is already used extensively throughout the campus LAN such as using device discovery to provision a port for a particular VLAN, assigning QoS, and applying access control policies based on what is connected to a particular port. Power consumption can be managed based on device demands, time of day policies, and even device priorities.
Organizations that have deployed network access control can automatically classify computers attaching to the network, compare status to a defined policy, and automatically take actions based on the resulting outcome, actions such as placing an unknown laptop into a guest VLAN. These examples are common and completely automated once they are set-up.
What’s next for campus LAN? Making improvements, particularly in better managing access and traffic flows. Currently a lot of automation takes place at the network edge and those changes are expected to be carried forward through the network to the destination. For example, a VoIP phone can be attached to a voice VLAN and tagged with high priority QoS markings. The assumption is that the configuration will remain in force end to end. That enforcement depends on the rest of the network being properly configured with the right VLANs and priority queues.
Protocols such as shortest path bridging (when and if 802.1Qca,* which adds direct control of IS-IS, is ratified) and OpenFlow greatly enhance the end to end isolation of network traffic, and they can also prioritize traffic on a hop by hop basis as needed. The automated manner in which they work reduces IT overhead and improves application performance intelligently.
Other strategies are afoot with increased focus on improving application detection and classification within the network, integrating with application services which tell the network how to treat undiscoverable traffic that may be encrypted with SSL, and creating isolated networks between data center applications and clients in wired and wireless networks.
As you’re planning your 2014 campus LAN acquisitions, be sure to get the current roadmap from your chosen vendor or VAR. What do you want to see in 2014?
* <i>Standard for Local and Metropolitan Area Networks-Media Access Control (MAC) Bridges and Virtual Bridged Local Area Networks Amendment: Path Control and Reservation</i>