Presentation is loading. Please wait.

Presentation is loading. Please wait.

Software Defined Networking for Data Centers

Similar presentations


Presentation on theme: "Software Defined Networking for Data Centers"— Presentation transcript:

1 Software Defined Networking for Data Centers
Sponsoring innovation in a hybrid cloud environment Global Technology Services June 2016 GTP11103-USEN-02

2 The situation

3 What if you were spending more time sponsoring innovation as opposed to managing costs and running IT? Today, enterprises need to spend more time sponsoring innovation as opposed to managing costs and running IT. Sponsoring Innovation Building relationships across the organization and enabling business leaders to create new products and services with technology Managing Cost Optimizing the use of infrastructure, complexity of cloud sprawl and distribution of workloads across the entire IT ecosystem Running Enterprise IT Establishing the right mix of cloud and traditional infrastructure required both to run the existing business and support innovation There is a need for IT transformation, not to forget the networks

4 In a perfect networking world, you would have the agility to design and deploy new apps and innovations at the speed of today’s business… To drive business innovation and growth, you need network agility to roll out new services and applications faster. You need the agility to scale up and scale down your business rapidly.

5 You would have the flexibility, speed and reduced costs of a hybrid cloud environment…
You need an IT and network infrastructure that allows easy access to cloud resources and supports hybrid cloud.

6 You would have visibility and governance across the hybrid cloud environment including networks
You need to establish full visibility and dynamic governance across cloud, on-premises platforms and networks tailored for your enterprise, on which you can innovate - You should be able to innovate utilizing the services you prefer while ensuring speed, flexibility, quality, security and compliance within your environment - You should gain visibility and should manage spending strategically, with the ability to scale up or down according to the business’s needs - You need to continuously expand your IT (including networks) architecture and avoid vendor lock-in with a neutral broker service - You need to enhance your agility with the freedom of choice in platforms and infrastructure through a single pane of glass that simplifies financial management and analysis

7 And you would have network security to secure your data and applications
You need to protect applications from a breach inside the data center. You need to protect critical and non-critical applications and systems.

8 Enterprise-IT-as-a-Service enables you to leverage a Hybrid Cloud environment to create the most value Digital Busi Transformat Solutions Consumable Services and Applications Hybrid Cloud Platform & ness ion IT Infrastr ucture Digital Business Transformation Solutions Consumable IT Services & Applications Hybrid Cloud Platform & Infrastructure Workforce Enablement Solutions Business Partner Solutions Customer-Facing Solutions Modular IT Services Applications Intelligent Brokerage & Management Fulfillment & Orchestration Platform Traditional On-Prem IT Client-based Automation DevOps Third-Party Cloud IBM Cloud (Private, Hybrid, Public) Cognitive Analytics Private Cloud This equips you and your enterprise with: Self-service for agility Speed, security & reduced cost Visibility and governance Optimal integration Enterprise ITaaS helps you define and consume everything as a digital service across hybrid clouds, simplifying your ability to plan, procure, govern, manage – broker IT services and reduce risk and cost. it gives you: The self-service model that gives developers and business leaders the agility to design and deploy new innovations at the speed of today’s business The ability to take full advantage of the flexibility, speed, security and cost benefits of a Hybrid Cloud environment The visibility and governance across the Hybrid Cloud environment delivered by brokerage services The optimal integration to support the apps you run in cloud and on-prem IT You can leap frog directly to ITaaS with our Brokerage Services we will touch upon in the later slides, or use ITaaS for: Application Migration Application Innovation Visibility & Governance Integrate & Optimize The framework outlines how we can help you envision a future enabled by hybrid. We can help you move purposefully to hybrid by connecting: The business solutions designed to deliver differentiated experiences that have the capacity to unlock new business models. To the ecosystem of services and applications you can mix and match to form the right solution for your needs. To the platform and infrastructure backing those services, which ensure seamless implementation and simplified management. The network is a critical part to build these connections.

9 Traditional networks can slow down your business
Equivalent capabilities are required for optimal IT responsiveness and agility Compute Storage Lacks the speed and automation of servers and storage Requires days or weeks for network changes compared to minutes or seconds for virtual server and storage additions or changes Network Current networks with traditional network architectures cannot achieve today’s business objectives- they are expensive, they're complex, they don’t scale. These networks don’t represent innovation through technology and they certainly do not provide a form or a means of reducing cost. Today’s networks lack the speed and automation of servers and storage. They require days, weeks, or months for network changes compared to seconds for virtual server and storage. Creating and rolling out applications takes months due to physical limitations. There is a need for change and a need for innovation.

10 Is your network environment ready for IT-as-a-service?
Enterprise infrastructure is fundamental to a successful organizations—and a strong network is the backbone of that success. If a network is stagnant and continuously inefficient and/or unsecure, vulnerabilities lead to liabilities. Today this could not be more true and more challenging across sectors and industries.

11 There is. It’s called Software Defined Networking.
What if there was something that could synchronize your network with your application and business needs? There is. It’s called Software Defined Networking. It is critical that the networks align with the application and business needs. You need a network for: Agility that enables the infrastructure to evolve at the pace of application development and enhances speed to market New workload delivery models like hybrid cloud Capacity to support mobile, big data, analytics, video applications Security policies to match business need and compliance Automation to improve both speed and accuracy of deploying new applications Data center structures that allow for workload balancing and maximum usage of capital assets

12 The solution

13 Software Defined Networking is not a lonely tower
First, let’s take a holistic view of your networking environment. To fully understand and realize benefits of SDN, we need to understand what’s called a Software Defined Environment.

14 Software Defined Environment is foundational to IT-as-a-service and hybrid cloud
Network Key design principles: Flexibility Automation Integrated processes Availability Open standards Compute Storage SDN is one of the operational building blocks of a Software Driven Environment. An enterprise can’t have networks, storage and compute functions operate as silos and still have a truly agile IT environment. In today's environment, resources are assigned manually to workloads. This happens automatically in a SDE. In a SDE, workloads are dynamically assigned to IT resources based on application characteristics, best-available resources, and service level policies to deliver continuous, dynamic optimization and reconfiguration. Beneath this are policy-based compliance checks and updates in a centrally managed environment. SDE applies programmable capabilities to the entire infrastructure, optimizing the compute, storage and networking infrastructures holistically so it can adapt to the different types of workloads requirements without manual intervention. The programmability allows you to rapidly migrate workloads to the cloud and enable DevOps in a hybrid cloud environment. Software defined networks completes the virtualization strategy for an enterprise along with storage and compute. Platform as a service and Software as a service leverage this underlying software defined environment. Because it applies key design principles of cloud and enterprise data centers, it is inherently open, flexible, automated, integrated and highly available. While Software defined environments have evolved around the hybrid data center architecture, it is not limited to the data center. We may see this approach pervading into other parts of the organization to address virtualized environments. One of the key shifts that IBM is observing is the desire to move to IT as a service so as to only acquire those services when they are required. Not to have unessential processors running at all times and incur costs associated with having all those processors running all the times.  There's a need to define policies that decide which network services are required by applications and when they are required. The software defined construct, through an automated process, can provision network services as they are needed. So the main transformation that’s coming about in this area is related to the fact that its software based control rather than individual static control that used to be in the past, API driven to enable the agility and the programmability of driving the requirements from the applications to the infrastructure.

15 SDN leverages “programmability” through virtualization of network capabilities
Business Applications Application Layer Software based programmability and control of networks Network virtualization Network function virtualization API API Brokerage, Automation and Orchestration Virtualized infrastructure functions Software Driven Control Layer Network Storage Compute Physical Infrastructure Layer Software defined networking is based on three constructs: SDN enables programmability and centralized management by decoupling control and data planes Network virtualization catches up with server and storage virtualization and automation Network functions virtualization (NFV) allows network functions to be virtualized, rather than relying on dedicated physical appliances IT shops want to be agile like cloud providers. They want to be able to dispense infrastructure and services on demand. When networks lack the same speed and automation as servers and storage, it limits IT’s overall responsiveness and agility. Traditional networking is a physical infrastructure that interacts with the application layer. With software defined networking, we introduce the missing layer between these two that enables this automation and programming. Elaborating on the three constructs: Software base control and programmability SDN decouples network service control and data planes from the switches, routers and other network appliances. Abstracted from the underlying infrastructure, these controls become directly programmable and management can be centralized. This enables the network to automatically request and have services provisioned as needed through APIs. This process creates operational agility. Since no manual intervention is required, it happens automatically and provides a level of flexibility where the systems and the networks respond as needed. It provides a platform that makes it easier to support devices from a centralized control point. As an example if there is a need to make changes to the network/network function, with SDN there's no need to manually make changes (provisioning, configuring, changing perimeters and creating new instances of the things that are associated with that function) to every box within the network. All this is done through a central control point and a programmable interface – any control is blasted to each and every one of those boxes making the process much more agile. The second is the ability to create virtualized networks using overlays that are controlled through the API’s. The third is network function virtualization. NFV allows the network to catch up with existing server and storage virtualization and automation. The appliance-based network functions are now software-based applications, running in a virtual machine environment enabled by software control. It virtualizes network functions previously performed by proprietary dedicated hardware, like switching and management. As with server and storage virtualization the goal is to increase network resource utilization while reducing the costs associated with developing and deploying new services. NFV works to reduce network operating and equipment costs. NFV also reduces complexity and makes managing a network and deploying new capabilities easier and faster.

16 BROKERAGE ORCHESTRATION AUTOMATION
SDN Reference Architecture Application Programmable network controls Orchestration of physical and virtual networks with systems and storage Network functions can be chained Centralized management API API API API API BROKERAGE ORCHESTRATION AUTOMATION VIRTUALIZED NETWORK SERVICES CONTROLLER CONTROLLER CONTROLLER vSwitch vSwitch Software Driven VM VM VM vLB vFW VM VM VM Physical Network Storage Compute Compute This slide gives an overview of the IBM SDN architecture. On this slide we break down SDN a little further to provide more detail about virtualization and orchestration. As mentioned earlier, the orchestration typically happens through a software defined network controller of some kind (shown at the center of the diagram on this slide). This could be OpenStack or some other open platform. There are multiple options in the marketplace. Similar to the case of network, there is a controller that’s orchestrating compute and storage resources. Orchestration is able to synchronize networks, systems and storage requirements together The virtualized network services shown on this slide refer to taking virtualized switches and virtualized routers and creating a virtual network on top i.e. a virtual machine environment. We create virtual networks on top, and we haven’t touched any of the physical network yet. We can also add network functions that are virtualized, as described earlier. Here there are examples of a load balancer (LB) and a firewall (FW). Both are made possible in the software. As shown here, you can create a virtual network infrastructure that’s connecting different virtual machines (VMs) in a virtual domain with virtual switches and routing capabilities. And you can add network functions virtualization to that so you have a networking capability that spans your data center and potentially multiple data centers and cloud environments the same way. You can build these environments of virtual networks in several ways and also create virtualized network functions that cane be deployed in different places. Now the orchestrator can take those workload requirements for servers, storage and network, package them up, build the virtualized network, build the load balancers and associated firewalls, build all the segmentation that you need. It can package them up as a composite service to be used by one data center. The package makes it portable and so it can be used across multiple data centers. Once you establish these patterns, you can use them for the appropriate workloads. Patterns are implemented with policies about network flow, bandwidth, security, etc. For example, a workload might need a security policy that segments two data sets or applications. The orchestration leverages these patterns and policies, and it builds service chains by taking pieces of switches, connectivity, a VLAN, and adding load balancers or firewalls as required to build that composite image. Service chains are essentially catalogs of network resources and related policies (like quality of service parameters and bandwidth) to which workloads can be applied as they move onto the network.  The orchestration layer is able to keep track of the patterns and service chains, and it applies them to specific workloads as needed. That’s kind of the way the agility of this whole infrastructure comes into play because now you’ve taken the requirements of that workload and built them into a package that can be implemented automatically and almost instantaneously. VM Virtual Machine vLB Virtual Load Balancer vFW Virtual Fire Wall

17 PREMISE/CLOUD DATA CENTER WITH SDN
Creating agility for rapid app innovation Dynamically align network functions as required across a DevOps cycle Quickly create, dissolve or modify network instances along with systems and storage Reduce error due to manual intervention PREMISE DATA CENTER PREMISE/CLOUD DATA CENTER WITH SDN AUTOMATED SDN Controller Orchestrator Development Test Production Management MANUAL Virtual Network vSwitch dFW vLB Virtual Machine Environment Development Test Production Let’s get into more details on how SDN can help drive rapid app innovation. For agile DevOps you need: 1. Network and IT (server, storage) resources in the cloud data center to dynamically align to the entire DevOps cycle - Development, Testing (scalability , functionality, regression, system testing) & Pre-production and final deployment/full-production. 2. A data center network that allows to create and tear-up the development environments instantly 3. To ensure that your data center is architected such that applications on cloud can access on-premise data/information if required 4. To implement security and governance In a physical network environment you purchase network resources, install them, configure and manually make changes each time there is a new release, slowing down the process of developing new apps. This process could take weeks or months. Manual processes require significant resources and time driving cost inefficiencies. Not to forget the errors in setting up an environment manually. You need a software-defined approach in your data center to spin the required network resources and change them in seconds as required across all locations and all instances - making the process faster Most enterprises operate 3-tier applications in their data centers today. In a 3-tier application architecture, you have a presentation tier (running the user interface on a PC or other client), an application tier (running the business logic on an application server), and a data tier (running on a database server). Currently, each tier operates its own VLAN with routing between the tiers. Provisioning and operations are handled manually, and it can take days to weeks to months to implement changes. The average environment lacks sufficient agility and speed. SDN technologies can be used to increase agility for provisioning and operations of 3-tier applications. Today, the enterprise needs a network operation that supports faster deployment of new applications, reduced human errors, deployment of new VLANs with updated switch configurations and easy implementation of updates to firewall rules. With SDN network operations are automated based on established patterns, best practices and business rules, making it easier to abide by policy and security constraints. SDN provides the solution, enabling organizations to provision network services through software APIs, using orchestration and SDN controller to automate operations, use overlay networks instead of VLANs, deliver monitoring systems to oversee automated operations , and use distributed firewalls (dFW) for added security. The result is a new operational model that allows new applications to be deployed in minutes with greater support for DevOps development, Network operations to be automated based on established patterns (best practices) and business rules, making it easier to abide by policy and security constraints. Changes to be initiated automatically when monitoring thresholds are triggered Traditional model DevOps model

18 Migrating & modernizing apps in a hybrid cloud environment
CLOUD SERVICES WITH SDN Align network functions instantly to match app requirements Deploy workloads and network functions together Provision networks quickly to migrate and place apps in a hybrid cloud environment Virtual Network PREMISE DATA CENTER PREMISE DATA CENTER WITH SDN AUTOMATED SDN Controller Orchestrator Presentation Application Data VLAN MANUAL Management Virtual Network vSwitch dFW vLB Virtual Machine Environment Presentation Application Data To take full advantage of a hybrid cloud environment you need to assess and place applications on cloud, on-premise. It is important to understand what applications need to be on-premise and which applications need to get migrated to the cloud (s) and then ensure that: 1. The on-premise data center networks are ready to export the applications to the cloud i.e. set up the data center network (on-premise and cloud) so that the applications can be transferred with the correct response rate, bandwidth, quality and security 2. The data center network is architected such that they allow smooth running of applications once migrated i.e. the applications have access to information they need and the on-premise and cloud based applications are able to interact 3. There is connectivity between on-prem data center/ cloud data center and end users in multiple locations. Users should have access to both environments and if they share information across environments they need to be set up with the right right capacity for proper user experience 4. You need to implement security and governance Each time you migrate/ modernize an app, making all these changes to the physical environment, will take you several weeks or months. You need a software defined approach across you data center network environment that gives you the programmability to automatically spin up the network resources in line with the workload needs Traditional routing and switching platforms haven't met these agile requirements for building and managing cloud services. A traditional virtualization approach is not enough to adapt quickly to changing business requirements, nor does it support the volatility of cloud applications running in a virtualized environment. While customers can instantiate routers, firewalls and load-balancers, the orchestration of all these functions is very complex and difficult to change due to the manual management of this connectivity. Also, due to the manual operations, human errors are prevalent and these lead to outages and service downtime. SDN addresses these problems and can facilitate the incorporation of cloud services to increase application scalability. It makes cloud services highly automated and programmable allowing them to be deployed quickly. This enables provisioning of network services through software APIs, orchestration and SDN controller which are used to automate the operation, the use of hybrid IT infrastructure (including legacy systems plus public and private clouds) and the use of overlay networks instead of VLANs With SDN, the network operation has the ability to move workloads across hosting locations, creating a high-functioning hybrid cloud environment.

19 Improving visibility and governance
Get visibility into your networks along with systems and storage Implement and push out policies instantly Dynamic management and automation IT OPERATIONS IT Policies Monitoring and management Brokerage Automation Security Policies PREMISE DATA CENTER PREMISE/CLOUD DATA CENTER WITH SDN Presentation Application Data Policies and Management VLAN MANUAL AUTOMATED SDN Controller Orchestrator Virtual Network vSwitch dFW vLB Virtual Machine Environment It is critical to establish full visibility and dynamic governance across cloud and on-premises platforms and the underlying networks that connect all these platforms. The network management system should be able to proactively monitor and manage on-premise and cloud networks (SDN) with a feedback mechanism for constant improvement. With agile DevOps, movement of workloads in a hybrid cloud environment, governance policies should be applied and changed quickly. There's a need to define policies that decide which network services are required by applications and when they are required. It is easier to get visibility into you networks and apply policies if they are software-defined. For data centers, with programmable SDN it is also easy to apply, push out and change policies on VMs making the governance model more agile and secure. Manual administration and governance inhibits business agility.

20 PREMISE/CLOUD DATA CENTER WITH SDN
Improving security posture of critical business applications NFV enables micro segmentation with a distributed virtual firewall Protect applications in case of a perimeter breach Implement security policies in seconds Distributed virtual firewalls Main data center firewall PREMISE DATA CENTER PREMISE/CLOUD DATA CENTER WITH SDN VM APP Hypervisor Perimeter firewall Security is another issue that will be enhanced by the implementation of SDN. In the existing environment, there is a main firewall or a pair of firewalls for the data center. There is the need to protect applications from a breach inside the data center, protect critical and non-critical applications, and protect systems in the same security zone from one another. NFV technologies can be deployed to enhance the security posture of critical applications. As we’ve discussed, NFV enables network functions switching and firewalls to be consolidated and then included virtually on high volume servers. Instead of operating on new pieces of hardware (that must be set up, updated and replaced with the passage of time) each time a new function is needed, network operations take place in software that can be used on, and moved to, any piece of pre-existing hardware. From security standpoint, this allows greater protection, providing the potential to eliminate or mitigate some threats inherent to the network function software through new mechanisms, such as hypervisor introspection and centralized security management. NFV enables micro segmentation of security with a distributed virtual firewall within each hypervisor kernel. Security rules can be created based on application, network and other VM metadata. It is easier to maintain simplified perimeter firewalls with streamlined rules. Network functions can be configured and protected effectively according to a common policy instead of a collection of per-network function security procedures that may not be consistent and up-to-date. In this new operational model, security groups and policies can be orchestrated and deployed in seconds. The default is a zero trust policy where rules must be implemented to allow network communications. Incident response is improved virtualized network functions can be de-provisioned easily. If a virtualized network function is suspected of having been compromised (for example, through unauthorized access via a back door), an uncompromised version can be instantiated to replace it. The compromised version can be de-provisioned and a copy of it made for forensic analysis.

21 SDN supports an IT-as-a-service journey
Self-service for agility Speed, security & reduced costs Visibility and governance Optimal integration Getting deeper into how SDN aligns with IBM’s IT-as-a-service strategy and Brokerage Services. Brokerage services transform how you plan, buy and manage IT services through a catalog of …and help you consume IT-as-a-service. We help: PLAN Assess your present and future applications’ readiness for the cloud with the only neutral multi-provider ecosystem BUY Order from a compliant, CIO-curated store, that expedites service procurement and delivery MANAGE Operate and govern usage and cost in a single, end-to-end, fully customizable platform that is seamlessly tied to operational management, without any additional IT intervention With these services you can discover and manage all IT services being used within your enterprise . These services: Provide credentials that enables the system to discover VMs, storage and network services on AWS, Azure, VMware and OpenStack Map the resources to architect patterns for each workload and drive standardization for hybrid cloud Use contextual analytics to understand usage and cost for each workload and centralize all billing and account management for your enterprise The business leaders, app and infrastructure teams can partner to continuously update the catalog of services. You can effortlessly add value services like monitoring and security to new innovations as you move them into production. You can provision, manage and govern IT services in an automated way across any platform. And view and administer on-premises and cloud IT services from a single pane of glass Brokerage services provide the business process front-end for an enterprise to plan, buy and manage a large portfolio of IT capabilities from a catalog of service offerings. But you need: 1. Networking services (both for data centers and WAN) that provide the backend aggregation of a variety of network services required for the applications and business processes made available via the brokerage service. 2. To spin up and utilize data center networks in line with the application requirements 3. To select network technologies/ service providers to ensure best-fit network services SDN for data centers spin up and manage the network functions required by an application in the data center using as a service model.

22 With SDN your network is no longer a bottleneck
With your network optimized with the rest of IT, you can get on with business Compute Storage Network With SDN you can now really focus your network for agility and speed. We now have networks that will move at the same speed as your storage and servers. What used to take months, can now be done in minutes.

23 Taking care of your needs

24 You need an ideal SDN Partner that can help with…
Finding the best solution for you Cloud-based leadership 360 Technological Expertise Robust Enterprise IT framework Client Innovation Centers Setting up SDN is no small task. It is a complex transformation. It requires a knowledgeable partner with the tools and experience to guide you through the process. When picking your partner in SDN implementation, consider the following:

25 Finding the best solution driven by business requirements versus a product centric approach
Relationships with leading technology providers Expertise Experience Unbiased POV Proven reference architecture IBM has the experience and the knowledge to guide you through your SDN journey. We have a part of several IT and network transformation journeys. With thousands of networking professionals -- ranging from consultants, architects and operational specialists – IBM can support the full life cycle of services from strategy to management. IBM’s expertise goes beyond services. IBM has professionals that are certified in a variety of technology providers, and their products that enables them to understand and support the needs of your business. With IBM, you can leverage a pool of experts, their capabilities and experience from around the globe. Leveraging standard methodologies, knowledge sharing , proven tools and techniques, experience from a variety of engagements across industries, countries and enterprise types (small, medium, or large businesses to very large enterprises), IBM network consultants have driven major network and business transformations. IBM network consultants serve as your trusted advisors and facilitators for your business. We work face-to-face with you to understand your concerns and develop solutions. We believe that trust needs to be earned, based on credibility and reliability. We do not manufacture SDN technologies and have an unbiased and valuable point of view when it comes to the various SDN technologies in the market. Coupled with our relationship with leading technology providers we can help select and integrate the best technology aligned to your business needs. Our approach is not limited to the technology. We look at the requirements rather than pushing a particular technology.

26 Traditional infrastructure
Cloud based leadership to create hybrid cloud based network environments Private Cloud Traditional infrastructure Hybrid Cloud Public Cloud As a leader of cloud-based solutions, we know virtualization inside out. We are well positioned to help clients achieve their cloud based needs for business expansion and agility via hybrid cloud based network environments. established emerging

27 Making everything work in harmony
360 technological expertise to seamlessly transform your networks with the rest of IT Making everything work in harmony We acknowledge that networking cannot operate in silos - we can work with you to address all of your technological needs. As the world’s largest services integrator, we make sure that your network transformation co-exists with the entire IT environment (mobility, resiliency, security, systems, cloud). IBM builds on its own experience of 40 years – We as a very large enterprise are a huge consumer of IT. Our expertise in using technologies has given us greater insight and understanding on where we need to take our customers into the marketplace. IBM can use a combination of tools that are deployed both locally and in cloud delivery platforms and can pull in skills from various areas of IT to drive the much needed holistic transformation.

28 Our Enterprise IT framework that intelligently fuses established and emerging technologies
Flexible Access and Consumption Intelligent Automation Integrated Service Management Agile Infrastructure Design Build Advise Run / Manage Modular IT Services Applications IBM App e.g. Commerce on Cloud e.g. Watson Analytics Vendor App e.g. Salesforce Client App Fulfillment & Orchestration Platform Analytics Automation Cognitive Non-IBM Public Cloud e.g. AWS, Azure, Etc. Traditional On-premise IT Client-based Customer-facing Solutions Business Partner Solutions Workforce Enablement Solutions IBM Public Cloud SoftLayer Private Cloud Intelligent Self-service Brokerage & Management Resiliency e.g. Backup aaS Mobility e.g. Mac at Work Networking e.g. SDN aaS Security e.g. Identify, Protect, Respond aaS Systems e.g. Management & Automation aaS TSS e.g. MVS Cloud e.g. BlueMix Services Vendor aaS e.g. Other Services e.g. Azure Services e.g. AWS Services Digital Business Transformation Solutions ITaaS Platform & Hybrid Cloud Infrastructure Consumable IT Services & Applications Our Enterprise IT framework can address business requirements.

29 Select and deploy the best
Client Innovation Centers to test, integrate and select the best SDN technologies per your business needs IBM Solutions + Partner Technologies Innovation Center Experience Integrate Test Increased Business Agility Reduced Risks and Costs Select and deploy the best For Clients The business and the technology environment is changing significantly and we are at the cusp of a new era of networking. There are so many players and interfaces that need to be pulled together in order to build a solution. And it is not typically one vendor or a single product – it’s a combination of multiple technologies and technology providers that need to integrate. Add to that the changing dynamics in terms of APIs and interfaces, and interoperability between existing and new systems. All this introduces complexity and makes it increasingly difficult for enterprises to make a sound decision before investing. IBM realizes that there is a need for enterprises to be able to simulate environments to reduce the risk of deployment or to build new solutions quickly using agile technologies and agile methodologies. At IBM Client Innovation Centers we can bring down the risk by testing multiple SDN technologies ahead of time to select the best fit technology. At these centers, IBM networking professionals can help clients test, integrate and experience new network technologies from IBM and leading network technology providers in near real environments. Through the Client Innovation Centers, IBM brings together networking services and technology capabilities together to demonstrate infrastructure agility. Our carrier and enterprise Client Innovation Centers support proof of concepts (PoCs), validate technologies and demonstrate use cases at the business solution level.     At these centers IBM is able to give create an environment where clients can experience an integrated solution which may be a mix of multiple products and multiple providers. Below are examples of some key areas that will be supported by the centers: Develop IBM supported networking solutions from leading network technology providers in legacy, cloud and hybrid IT environment Integrate legacy and SDN-NFV based networking environment for interoperability, manageability, scalability and performance Move from reactive to proactive network operations by leveraging analytics Enable networking functions on an open multi-vendor cloud environment Validate complex hybrid solutions through provisioning of network functions and users in the IBM SoftLayer Cloud Understand and test how enterprise workloads interact with the new carrier network technologies being deployed

30 A map for the road ahead

31 IBM Consulting services A method to the magic
IBM Deployment services Getting it done IBM Managed services Keeping it running SDN/SDE is a very agile construct – It is very different from how current IT environments are built and managed. It takes a bi-model approach where the old way of implementing and managing IT will have to coexist with this new way of implementing and managing IT. This new approach requires all teams (networking, systems, storage, operations, security, application development) to look at any transformation holistically because there is a blur between where one responsibility starts and where it ends.  Functions are moving from boxes to applications and programmability is not only programming applications but programming network functions resulting in a variety of interactions that need to be understood by any enterprise. This may also require enterprise to re-evaluate skills, organizational alignment to build and deploy services in an agile, DevOps model. We provide the entire lifecycle of services for SDN keeping these synergies and holistic IT approach in mind. There are a lot of different SDN approaches and technologies in the marketplace. The solutions that will need to be deployed are highly likely to be hybrid solutions. There's no one vendor who can provide all the capabilities to meet all business requirements. At IBM, there's a life cycle approach to doing an implementation as well as keeping that implementation alive. It starts with strategy goes through assessment, plan, design to provide a full suite of services to assist our customers with there business needs and transformation.

32 Design, Implementation Monitoring, Management
IBM Consulting: Strategy, Planning and Assessment A method to the magic A complex transformation requires a consulting led approach… and a great deal of planning Design, Implementation Monitoring, Management Engagement Data Gathering Analysis Planning Buy-in Roadmap IBM provides relevant recommendations based on the analysis of data from the client’s network, industry insight and IBM experience, and leverages a scorecard methodology. Consulting Methodology Understanding the requirements of the network cannot be limited to the technology and understanding of where the technology is going. Keeping only the technology in mind would result in a network refresh that necessarily does not tie back to the business imperatives and application needs. Typically, in the past there were no hooks or programmatic linkages to APIs. This is now possible with SDN which allows enterprises to tie their business imperatives, applications and networks dynamically. It is critical to have a network strategy tied into business needs. SDN makes it much more possible to actually tie back network and policies to the business and to the applications themselves. Our consulting methodology and approach has been tested and proven across thousands of engagements across the globe. We have a global knowledge base and learnings from multiple engagements to drive a well-informed transformation. Our consultants are able to prioritize key actions and focus on business needs. A consulting engagement includes - Strategy, Assessment and Planning. Strategy IBM looks at three aspects of your environment: Firstly, we understand that we need to focus upon the technology, the infrastructure itself. Secondly, IBM realizes the importance to focus on processes that are used to support, maintain and keep the environment alive. And thirdly, we focus on the organization itself i.e. the appropriate skills to maintain and support the environment. It is important for any enterprise to have plans in place to ensure that there are skills at the appropriate levels. It is critical to stay current, in touch with the latest trends to fulfill current and future network environment needs. From a SDN perspective, it becomes even much more important because the SDN approach is very different in terms of how it fits within the legacy network environment. The strategy really has to focus on the business imperatives and manifested through the applications representing the business. It is in this we identify what elements of the network/IT or organization need to be assessed, what criteria will be used within the assessment to determine how well something compares with the end objectives. Assessment In terms of assessment, we look at the current state and desired state in line with business and application requirements. We compare the two to identify gaps and this also allows us to understand how to bridge those gaps. From a SDN perspective, IBM consultants look at the current architecture, the current plan for segmentation, the current infrastructure, the current level of automation and compare it with the desired state. Here you can see the sample representation of the readiness assessment outputs and various possible elements under investigation. IBM looks at the technology, process and skills alignment from a business needs perspective. We leverage a scorecard methodology (red, green, yellow) or a numeric approach (1 through 10 for high, medium, low) to make it very easy to see where the greatest need is in terms of making changes to ensure that the environment is ready for SDN implementation. Planning The next step is to put the plan together for how to close those gaps. In fact, in each phase we determine which of the gaps identified makes sense to close (is it feasible or too costly). The closing of gaps is also prioritized in this stage. __________________________________________ Phases of engagement On the left hand side you can see the various stages of a consulting engagement. It starts with a well-defined scope and good understanding of what the desired outcome should be for the best possible deliverables. The engagement definition is a very critical part of the exercise, and that takes place with IBM and the client defining the statement of work, the aspects of what the deliverable should be. Data-gathering is based upon an understanding of the customer's requirements driven through the scope identified in the engagement definition. This allows our consultants to have an idea of the breadth and depth of investigation on various elements. The focus is to identify and define the specific data elements in order to execute the engagement. This is done by producing a data collection matrix. And a data collection matrix identifies the specific information that is required, the means by which it is going to be gathered or acquired, and the source of the data. The various possible sources could be: One-on-one interviews with executives - typically to gain a sense of requirements and expectations – both current and future. This helps establish what the guiding principles should be. Documentation that can come from the Internet, business profiles, annual statements and even existing IT documentation. Examples of existing documentation include - process definition, documentation procedural documents, architectural drawings, it could also be site walk-throughs by officially taking a look at what a site looks like and seeing how that maps to the existing documentation. Surveys i.e. a series of questions to the people who are responsible for operating and for keeping the network alive and making changes to the network. Workshops that are done to close out any gaps in our understanding based on the information/ documentation provided and surveys done. Next is synthesis or analysis. IBM consultants take the data collected in the previous stage and distill them down into the findings/summary statements. A conclusion then takes that finding or summary statement, with some business context around it. From that, IBM consultants produce a set of recommendations outlining what changes need to be made to the network environment. In addition they also create a roadmap, based on the guiding principles derived from an understanding of the business imperatives. __________________________________________________________________

33 IBM Deployment: Design and Implementation Getting it done
Manage deliverables and create reports Solution functional and specified design with BOM Order, stage, and deliver verification Site survey, establish readiness Build solution for pre-production and full production deployments Test and validate solution Hand over to operations staff Deployment Services: Getting it done To deploy SDN, IBM provides SDN design and implementation services. Design takes the planning stage a step further and details out: What are the actual technology components that map against that technology solution; What are the relationships between those technology components; and Ultimately what are the vendor products that map against the technology components. This is followed by the integration stage – i.e. how does SDN solution integrates with existing systems outside the solution and if we are looking at coexistence with old systems (as opposed to complete migration) then we look at interoperability. The key steps include: Develop test plans with Equipment Procurement services Order, Stage, and deliver verification. Site survey and establish readiness. Require validation of design in Non Production/Limited Production. Build and validate solution deployments for full deployments Develop and review for solution validation. Validate operations and review results with constant education, training, and client staff training. Do solution turn overs -- handing over ongoing operations staff and Manage deliverables with project management reports, solution architecture and design reports, as well as solution integration and deployment reports. There will always be a bill of materials Last but not least, we always test the plan.

34 Infrastructure Management
IBM Managed: Monitoring and Management Keeping it running Infrastructure Management Cloud Stack + Management Monitoring Reporting Traditional IT Private Clouds Network Soft Layer Public Clouds With IMI for Networking, we can monitor and manage a client’s entire hybrid cloud environment: servers, storage, networking, middleware, cloud, databases, etc. Software defined networks are a part of this overall environment. Dynamic automation, advanced analytics, proven processes & tools, cognitive capabilities are used for incident prevention and reduced mean time to resolution. Deep expertise in networking and cross-IT domains helps manage the network with the rest of IT IMI provides centralized IT infrastructure management across multiple technologies and technology providers

35 Let’s get started Schedule a visit to our Client Innovation Centers to experience SDN technologies Download the white paper

36 Network Transformation to SDN – What does it mean?
Traditional Infrastructure (Today) SDN Virtualized Infrastructure (Tomorrow) Today Tomorrow Physical Virtual Rigid Programmable Proprietary Open Manual Automatic Consumed as device Consumed as-a-service Custom appliance COTS/Open Hardware Separate Operation Operated like compute/IT Slow to deploy Inflexible Costly Single supplier with backup Slow technologies adoption Quick to configure and deploy Flexible/Agile Significant savings with new business models Multiple supplier Quick technologies adoption

37 What is the promise of SDN? Agility, Security, Automation
Provision network services quickly Provision networks quickly Automate/orchestrate in concert with application deployments Improve network security Note: SDN can use overlay tunneling protocols (such as VXLAN), but some SDN technology don’t use overlay but instead directly program hardware devices through OpenFlow or NetConf. Therefore SDN not only can create virtual networks quickly, using Overlay tunneling protocols, but it can create networks quickly as well, by directly programming the hardware devices. 2) Provision Network services quickly => Network Function Virtualization Network Services (routers, firewalls, load balancing, IPS/IDS) must be provisioned to allow VM to communicate. SDN uses NFV (Network Function Virtualization) to provision and configure virtual routers, virtual firewalls, virtual Load Balancers, virtual IPS/IDS to implement the path between VM. This is called Service Chaining. With SDN, the network infrastructure : virtual networks and virtual network functions can be implemented as quickly as VM. Some SDN technologies rely on multi vendor NFV, other technology include NFV directly inside the solution. SDN can provision Network services, either virtualized (NFV) or physical network services (integrating with 3rd party vendor network services). 3) Improve Network Security Distributed Firewall function provides what is called “micro-segmentation”. This allows centralized security rules (easier to manage) with distributed policy enforcement at the VM. 4) Programmability and automation SDN relies on software. SDN controller offer APIs to enable programmability. SDN includes orchestration solution to automate the provisioning of the virtual network and NFV. Orchestration can even interconnect with network monitoring to implement scenarios where actions are automated when thresholds are reached. Integrate the SDN into the broader orchestration and provisioning that is part of SDE (Software Defined Environment). These benefits bring agility (less time to deploy VM and network infrastructure), and better time to market. They optimize the existing hardware infrastructure and limit configuration errors and resource and skills to operate the network, reducing costs

38 Network Functions Virtualization (NFV)
SDN is comprised of three sub-areas Hypervisor-based SDN Example: VMware NSX, Juniper Contrail, Nuage Implemented via software in server hypervisors No changes to the existing physical network Fabric-based SDN Example: Cisco ACI, Brocade Operate physical network in more efficient manner Involves modifying/upgrading physical switches Network Functions Virtualization (NFV) Example: Firewall, Load Balancers Use service chaining to steer traffic through FWs & LBs automatically Virtualize functions Not an either/or choice, areas compliment each other Enterprise SDN merges all three Telcos are focused on ETSI NFV Long term direction: integration of all three Within network virtualization there are two general approaches: overlay and fabric. There are products that combine both approaches in a hybrid. Overlay: Typically implemented as software in the hypervisor with some aspects within network switches Can create up to theoretically 16 million virtual network segments Encapsulates network communications, layer 2 and layer 3, within IP Can have multiple tenants and overlapping IP addresses within these virtual networks within the overlay There is no reliance on the physical network hardware, key requirement is a robust IP network If IP network doesn’t work well, the overlay and SDN will not work well Fabric: Typically involves the physical network to create virtual networks using OpenFlow or some network hardware oriented Ethernet approach similar to FabricPath, Qfabric, Brocade’s version, and others. OpenFlow is considered one of the pioneering approaches to SDN that in the enterprise has been overtaken by overlay solutions ACI is a bit of a hybrid approach where the overlay networks are established in the network switches creating essentially an overlay fabric within the network hardware switches. SDN Not an either/or choice, each has its place and value Maximum value through full integration into SDE

39 Network Virtualization (NV) is a key SDN component
Hypervisor-based network virtualization Implemented via software in hypervisors, with no changes to the existing physical network VXLAN is de facto tunnel encapsulation Example: VMware NSX, Juniper Contrail, Nuage A virtual network is an abstraction of a physical network To application, looks just like an Ethernet VLAN Implemented in software, created programmatically via API calls Decouples binding between application and physical network Fabric-oriented network virtualization Physical switches involved in providing virtualization service (e.g., VLANs) Example; Cisco ACI, Arista, Brocade Hybrid of overlay and fabric Cisco ACI Hardware-based VTEPs Within network virtualization there are two general approaches: overlay and fabric. There are products that combine both approaches in a hybrid. Overlay: Typically implemented as software in the hypervisor with some aspects within network switches Can create up to theoretically 16 million virtual network segments Encapsulates network communications, layer 2 and layer 3, within IP Can have multiple tenants and overlapping IP addresses within these virtual networks within the overlay There is no reliance on the physical network hardware, key requirement is a robust IP network If IP network doesn’t work well, the overlay and SDN will not work well Fabric: Typically involves the physical network to create virtual networks using OpenFlow or some network hardware oriented Ethernet approach similar to FabricPath, Qfabric, Brocade’s version, and others. OpenFlow is considered one of the pioneering approaches to SDN that in the enterprise has been overtaken by overlay solutions ACI is a bit of a hybrid approach where the overlay networks are established in the network switches creating essentially an overlay fabric within the network hardware switches. SDN Not an either/or choice, each has its place and value Maximum value through full integration into SDE

40 © COPYRIGHT IBM CORPORATION 2015
IBM Global Services Route 100 Somers, NY 10589 U.S.A. Produced in the United States of America June 2016 IBM, the IBM logo and ibm.com are trademarks of International Business Machines Corporation in the United States, other countries or both. If these and other IBM trademarked terms are marked on their first occurrence in this information with a trademark symbol (® or TM), these symbols indicate U.S. registered or common law trademarks owned by IBM at the time this information was published. Such trademarks may also be registered or common law trademarks in other countries. Other product, company or service names may be trademarks or service marks of others. A current list of IBM trademarks is available on the web at "Copyright and trademark information" at ibm.com/legal/copytrade.shtml. This document is current as of the initial date of publication and may be changed by IBM at any time. Not all offerings are available in every country in which IBM operates. The performance data discussed herein is presented as derived under specific operating conditions. Actual results may vary. It is the user’s responsibility to evaluate and verify the operation of any other products or programs with IBM products and programs. THE INFORMATION IN THIS DOCUMENT IS PROVIDED “AS IS” WITHOUT ANY WARRANTY, EXPRESS OR IMPLIED, INCLUDING WITHOUT ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND ANY WARRANTY OR CONDITION OF NON-INFRINGEMENT. IBM products are warranted according to the terms and conditions of the agreements under which they are provided. Statements regarding IBM’s future direction and intent are subject to change or withdrawal without notice, and represent goals and objectives only.


Download ppt "Software Defined Networking for Data Centers"

Similar presentations


Ads by Google