OpenFlow, HP Sentinel and Security SDN

HP-Sentinel-1.png

HP Sentinel is an SDN Security application that combines a reputation database, HP VAN Controller and OpenFlow to build a Campus security solution. Here is a quick overview of the process and how you can mix existing security technology with standards-based OpenFlow/SDN to provide a useful campus security tool. This product is expected to reach the market later this year.

Blessay: Categorising SDN Network Solutions and Architectures for Understanding

SDN Strategy Map (Click for Larger Image)

I’ve been digging deeper into the SDN architectures over the last few days and there may be a pattern starting to emerge. I’m currently figuring that there are four broad classes of SDN technology that you can fairly neatly classify the current products from vendors. I’m classifying SDN Solutions into three categories of Micro, Centi and Kilo as well as classifying physical devices for SDN systems into three classes of Breve, Medius and Magnus.(Yeah, OK, I’m not good at names.)

Response: Cisco Extends ACI’s APIC to Campus & WANs – Reactions and Thoughts

cisco-head-shot

Cisco announces that it has expanded its ACI Strategy to include the Campus and WAN in the scope of the product as well hybrid cloud functionality. Some thoughts on what this means for network architects and engineers: My View – Cisco wants to maintain control and ownership of customer budgets on networking by having a […]

Overlay Networking & VXLAN Means MPLS in the Data Centre is Dead

VXLAN-Frame-Transformation-595-opt.png

Overlay networking has been around for a year or so now and the ideas behind it are well established. It was about 3/4 weeks ago while researching VTEP functionality in Dell and Arista switches that I realised I could build manually configured tunnels with VXLAN and get the same results as an EoMPLS x-connect with almost zero effort. More importantly, I don’t have to pay for expensive hardware that has MPLS functions or pay again for software licenses to upgrade with MPLS features.

Musing: Cisco ACI Validates The Independent Network Operating System Model

cisco-nexus-9000-product-family

The Cisco Nexus 9000 supports two versions of network operating system on the device. You can buy some models of the Nexus 9000 family today that run NX-OS just like the NX6K, NX7K etc and late in 2014 “NX-OS Plus” will be available. Two operating systems for the same switch isn’t new for Cisco if you remember the switch […]

What Does Programmable Networking Mean ?

OpenFlow-rule-sample-20131007

In a recent discussion someone asked the relatively simple question “What does Programmable Networking even mean ?” and, after I stumbled around trying to explain, agreed to write something that attempted to explain what I see as the basic requirement that networking has not met. Here are some ideas just jotted down to open the discussion a bit wider.

Uncollected Thoughts on VMware NSX

NSX Standalone Graphic

VMware NSX got it’s official launch this week at VMworld. As a measure of how important VMware regards NSX, the first keynote on the first day is Martin Casado doing the official presentation.

My general view is the NSX is the real deal. I have been talking and writing about OpenFlow since May 2011 and many have complained that SDN isn’t important and I should focus on real network issues. Well, it should now be clear that SDN is a serious strategy issue and we might have been ahead of the market.

Published: Evolving SDN: Tackling challenges for web-scale deployments

gigaompro-evolving-sdn-2.png

I was commissioned by GigaOmPro to write a report on “SDN Challenges in Large Scale Deployments”. I spoke with a number of network and virtualization engineers about their perspectives on SDN, the challenges they faced and how they would use Software Defined Networking in their data centres. It was evident during the research phase is that many people are not clear on what Overlay Networking is and just how deeply Overlay Networking will change Data Centre architecture and especially the nature of the networking and security domains.