Ivan raises good points about interoperability and standards in the SD-WAN market on his blog today.
In particular he highlights the proprietary systems that have replaced open protocols:
…. uses central controller, and therefore doesn’t have to use a complex plethora of protocols like IKE, IPsec, GRE, NHRP, NBAR, IP SLA, PBR or routing protocols like BGP or OSPF. All that is replaced by some secret sauce proprietary to each startup (yeah, that’s a comforting thought right there).
Any technology needs to focus on the business proposition. Here is a couple of points that I think are most important:
- The WAN is really expensive and often more than 70% of the IT network budget. Even a 10% reduction in WAN cost has a substantial impact on the bottom line.
- Typically 50% of WAN spending is unused or “zombie” bandwidth as it is wasted for redundancy. (Imagine having 50% of your employees sitting around waiting for something to do,
just in case something went wrong….)
There are many other inefficient aspects of the modern WAN such as cost of assets, remote administration, and cost of operation, but these two items are headline issues that need urgent solutions.
Standards Take Decades
There is a substantial amount of Differentiation in Software Defined WAN today as startups compete to get their products into the market. It will take quite some time for standards bodies to initiate change to adapt to what software can now achieve. The history of standards progress on MPLS, BGP, TRILL, GENEVE, etc. shows it will take about a decade for standards to reach some sort of market acceptance and adoption.
And we must recognise that incumbent vendors have little interest in changing the existing technology. The current generation of SD-WAN could undermine profits and revenue of the companies whose employees [‘run’ or maybe ‘belong to’ or ‘oversee’] are the standards bodies.
Standards bodies work when they grow the entire market in some way. They don’t work when it [a standard?] disrupts and shrinks the existing market. See Open Source movement. [Do you mean open source is a response to slow or anti-competitive standards, because it’s a way to get things done while still providing for community input?]
Most, if not all, SD-WAN vendors are using as many standards as possible because they can reuse existing open source code for many parts of their products. Ivan makes this comment:
You wouldn’t want to transport your internal traffic across Internet unencrypted, would you? Every SD-WAN solution has to solve the traffic encryption problem (hint: there’s a standard way of doing it, called IPsec) and key distribution problem (aka IKE in multi-vendor world).
For all the vendors that I’ve spoken with, SSL VPN is the most common traffic encryption, along with IPSec. No vendor has implemented proprietary approaches to cryptography. Likewise, key distribution uses standards-based protocols, often
and often, using open source software.
The Central Controller
For all SD-WAN solutions I have seen, the controller acts as a configuration engine for devices. Each SD-WAN device remains a fully functioning device with a control plane and protocols and will operate independently. In particular, SD-WAN controllers improve security through improved administration of cryptographic keys for VPN administration, SSH, and other device operations.
And, frankly, I’m tired of playing trivial pursuit with legacy protocols like NHRP, BGP, and IKE that were designed in a time when software was hard, compute & memory were limited, and the total market size was small so money wasn’t always spent on testing or new technology.
Users don’t need to understand bubble sort or linked list algorithms to use a database, so why should network operators needs to understand arcane protocols ? That is what an SDN controller does for me.
All SDN Is Non-Standard
In the current SDN market, not just the WAN, every SDN controller solution is a lock-in to a greater or lesser degree. Cisco ACI, VMware NSX, Nuage Networks, Juniper Contrail, Viptela, CloudGenix, Glue Networks, Velocloud — all of these SDN products use standards to a greater or lesser degree but each and every one is not standards [-based?] itself.
I remain concerned about standards and regularly discuss the fact that customers must constantly & repeatedly ask vendors to create standards on the podcast.
[While standards are important], I don’t believe they are practical in the current situation around the WAN. I perceive that incumbent vendors will be slow to change the WAN due to internal processes and market demands to sustain profits & revenue. Those same vendors expect to buy startups who are innovating, working ahead of standards, and getting customer acceptance.
Second, customers can make substantial reductions to the cost of WAN bandwidth. Big companies are measuring those reductions in terms of millions of dollars of yearly OpEx (and I’ve spoken with people talking tens of millions in savings). If you can achieve a return on investment in the first year, then you can afford to replace a solution in five to ten years when standards do finally arrive. Here is a quote from a Talari Networks press release (emphasis is mine): [I wouldn’t cite figures from a vendor press release. If you’ve spoken with folks, I’d leave it at that.]
With a Talari THINKING WAN, Lake Area Bank and Roundbank can resume the digitization of loan and deposit documents, support teller applications, deliver a superior voice experience and meet FDIC requirements for business continuity and disaster recovery. In addition, the banks are seeing a 50 percent savings using broadband to connect branch offices, compared to leased lines.
Standards are important. In fact they are vital to core of SD-WAN operation, but the “lock-in” is in the “software defined”. It’s in the path selection algorithms, not the IP Packet format, it’s in compression & optimisation methods, not the encryption tunnels and key distribution.
And if I can cut millions from my WAN costs while improving performance and making my life simpler, then I will choose SD-WAN today over standards tomorrow. I agree with Ivan that moving away from standards is dangerous to customer generally and we need to start applying pressure to the SD-WAN vendors to talk interoperability and openness.
Tell your vendors that standards are important. But first, tell your manager you want to save money today.