Project 3: SDN and IBN Assignment

profilead2
LearningResources.docx
Home>Information Systems homework help>Project 3: SDN and IBN Assignment

Learning Resources

Part 1: Introduction to Software-Defined Networking

Print

This section will introduce you to the software-defined networking (SDN) architecture, which is designed to manage computer networks using software applications. You will learn more about the core components of SDN and explore how this can be applied in organizations.

The SDN Architecture

Software-defined networking (SDN), in which software controls the hardware, is defined by the Open Networking Foundation (2018) as the physical separation of the software that controls the networking: the network control plane from the forwarding plane, and where a control plane controls several devices.

SDN is a network architecture much different from what we are used to, since software operates all aspects of the networking. The goal is to create and enable a network that is intelligent, centrally controlled, all via “programmed” applications. It changes how we design, manage, and operate the entire network. Modern networks are comprised of many different devices, such as routers, switches, and firewalls. However, they can all be considered as part of a larger “system.” This system is complex and functionally limited, is affected by any one of the many devices it comprises, and is mostly unpredictable when changes occur. Thus, the intent of SDN is to design, manage, and operate the network such that any change is practical and reliable. To be clear, SDN is a network architecture, not a product per se.

SDN Architecture

There are many components of SDN architecture, but we are going to discuss the basics. For a more detailed view, it is recommended students review the Open Network Foundation (ONF) SDN Architecture  white paper . Again, the aim of SDN is “to provide open interfaces that enable the development of software that can control the connectivity provided by a set of network resources and the flow of network traffic through them, along with possible inspection and modification of traffic that may be performed in the network” (ONF, “SDN architecture,” 2014, p. 13).

3 levels of a SDN architecture involves the application plate including the SDN Applications; control plane including the SDN controller; data plane including the SDN Datapath.

Overview of Software-Defined Networking Architecture

Source Open Networking Foundation  (2013).

SDN Application (Layer)

SDN applications perform specific tasks and can replace and expand upon functions that are implemented through firmware in the hardware of a network architecture. This will allow for better programmability across all network layers. It also allows for the explicit control of a set of resources exposed by the SDN controller.

SDN Controller (Layer)

SDN controllers manage the flow control, or data between device and nodes in a network, which will enable intelligent networking. What do we mean by “intelligent”? Is there “nonintelligent” networking? Think of the controller as the central point of the SDN network. It is between the physical devices and the applications. Because any communication must go through the controller, it, in and of itself, can dictate the rule—that is, the logic we program it with. How do we program the logic? We can do so via policies. More on that when we discuss intent-based networking (IBN) next week.

SDN and the Organization

SDN offers many benefits to the traditional network architecture model. One particular use case is that of microsegmentation. For instance, “a customer could split a network connection between an end user and data center,” and there could be different security settings for each type of network traffic (Butler, 2017).

This way, a network could have a public low security segment that does not handle sensitive information, and another part could have access control with a software-based firewall for sensitive data. That way, if someone improperly gained access to the public network, there would be no access to the part with sensitive data (Butler, 2017).

This has been a brief introduction to the SDN architecture and core components. Organizations moving toward a virtual environment configuration would find additional benefits through more control, automation, and security. In fact, there are many  use cases  that organizations in a variety of industries have realized.

References

Butler, B. (2017, July 19). What SDN is and where it’s going. Retrieved from https://www.networkworld.com/article/3209131/lan-wan/what-sdn-is-and-where-its-going.html

Open Networking Foundation (ONF). (2014, June). SDN architecture. Retrieved from https://www.opennetworking.org/images/stories/downloads/sdn-resources/technical-reports/TR_SDN_ARCH_1.0_06062014.pdf.

Open Networking Foundation (ONF) (2018). Software-defined networking definition. Retrieved from https://www.opennetworking.org/sdn-definition/

Licenses and Attributions

Overview of Software-Defined Networking Architecture  by Open Networking Foundation (ONF) from Wikimedia Commons is available under a  Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported  license. UMUC has modified this work and it is available under the original license.

Learning Resource

What Is Intent-Based Networking (IBN)?

Intent-based networking (IBN) comprises software and machine learning algorithms to automate what has traditionally been manual network administration tasks. In short, IBN enables intelligent automation. The goal is to create self-managed networks.

Many confuse SDN and IBN, or believe they are the same thing, because they have complementary goals. However, there is a difference. In short, SDN focuses on the provision, configuration, and management of networks through technologies such as virtual machines and cloud computing. IBN, on the other hand, focuses on designing, implementing, and improving the agility and availability of networks. There are some components that have overlap between the two technologies. However, there are key characteristics of an IBN system.

IBN Framework

According to Gartner, IBN is defined by four key elements (Lerner, 2017):

· Translation and validation: For example, an IBN system can take an end user higher-level business policy (known as the "what") and convert it to whatever network configuration would be needed (known as the "how.") The system validates the design and configuration.

· Automated implementation: An IBN system configures network changes (the "how") across existing infrastructure, usually by network automation and/or network orchestration.

· Awareness of network state: An IBN system knows real-time network status for its controlled systems.

· Assurance and dynamic optimization: An IBN system validates (in real time) that the business intent is being met, and can take corrective actions.

References

Lerner, A. (2017, February 7). Intent-based networking [Blog post]. Retrieved from https://blogs.gartner.com/andrew-lerner/2017/02/07/intent-based-networking/

Company Highlights ● The organization currently maintains 2,000 Microsoft Windows desktop computers for the workforce. As you recall, these desktop computers were about to be refreshed. The organization is currently considering the Dell Optiplex series. Specifically, each computer would have a Intel Core i5 processor, run Microsoft Windows 10, contain 8GB DDR4 RAM, and have a 256GB solid state drive. The rough estimate for each PC is $1,250, which equates to a $2,500,000 upgrade cost to the organization. ● Microsoft Office runs on each of these computers. The license fee for each computer is $150, which equates to a $300,000 outlay. The organization typically upgrades all PCs with the latest version of Microsoft Office when it is released. ● The organization used multiples instances of Oracle Database. These databases are distributed across 10 Dell PowerEdge servers. These servers cost a minimum of $2,159 each, for a total cost of $21,580. ● The organization maintains an additional 20 Dell PowerEdge servers for a variety of reasons to include email, file backup, remote access, etc. The total cost to refresh each of these servers is $3,000 for a total cost of $60,000. ● The organization maintains various networking devices. The total cost of this equipment is $3,000,000 and yearly refresh costs are $750,000. ● The organization maintains a suite of network security hardware and software solutions. They include a DMZ configuration, multiple firewalls, VPN hardware, antivirus solutions, intrusion detection and protection devices, and log management solutions. The total yearly hardware and software costs for the organization cybersecurity efforts are $2,000,000. ● The organization also allows users to access the network via their company-issued Android phones, or iPads. Employees receive a mobile device with VPN software installed so that they may remotely access company systems when they are at home, or traveling. ● Because this is a notional example and assignment, you may make further assumptions about the organization IT environment. There is no need to ask your instructor for permission. Simply make explicit your assumptions in the white paper. For example, you are free to assume the number of IT professionals, their specialties, and more importantly the cost to run the IT department.