The DCK Guide to Software-Defined Technologies
February 21st, 2014 By: Bill Kleyman
New logical technologies are helping create operational efficiencies at all layers of the data center model. New terms and technological concepts are born because of gaps in the cloud deployment model.
This has led to the introduction of software-defined technologies (SDx), which abstract a number of different services to improve cloud and data center performance. But this also causes a bit of confusion. Where does this technology fit in? Is it really complicated? What does it really all mean to me?
To help simplify the many facets of the software-defined revolution, here is your SDx dictionary, which provides explanations and examples of the many ways in which software is redefining the ways data center and cloud infrastructure is managed.
Software-Defined Networking (SDN)
Because we have so many new connection points, it became necessary to create a better system to help control the flow of traffic. Traditional networking equipment focused too much on the physical layer where connections where required to accomplish the job. When cloud became a more widely used platform, it became necessary to abstract that physical layer. Now, we’re capable of controlling traffic which traverses the WAN completely at the software layer. This means network automation, optimization, and efficiency are no longer dependent on the physical infrastructure. VMware’s NSX, for example, creates a new model for how network traffic is controlled at the virtual layer. This introduces the capability to program, provision, and better manage both virtual and physical resources within the environment.
It’s important to note that SDN is also happening on the physical layer as well. Cisco’s NX-OS creates a modular building-block approach to the networking layer. Deployed on the entire switching stack, this networking operating system controls resiliency, virtualization, efficiency and even extensibility all at the logical layer. This type of intelligence can help dynamically route traffic in during peak times or even during outages. Not only is the physical layer being utilized to the fullest efficiency, administrators are able to create network flow automation policies to ensure continuous availability for both critical and standard workloads.
This has become a very interesting approach to controlling the storage layer. Much like servers and desktops, storage has experienced a bit of a physical infrastructure boom. There had to come a point where storage management became even more efficient. With that came the concept of software-defined storage. This is a virtual layer that sits in front of all storage components to control and distribute incoming requests to the appropriate storage pool. Atlantis ILIO USX, for example, creates a virtual layer where any storage controller can be inserted into the pool. With that, you can point DAS, Flash, SSD, spinning disk, and even RAM as a storage pool repository to the USX appliance.
From there, the software-defined storage system will intelligently push appropriate traffic to the appropriate pool. For example, archive data might be sent to less expensive storage while VDI requests are sent to a flash array. Similarly, VMware’s Virtual SAN, aims to aggregate both compute and storage resources directly from VMware vSphere hosts to create a simpler and better managed infrastructure. VMware introduces Storage Policy Based Management (SPBM) where administrators can now create intelligent storage policies aimed at availability and the enhancement of other virtual services. In creating that virtual layer, storage provisioning, scaling, and performance become direct benefits for the entire virtual infrastructure.
The concept of software-defined security falls directly in line with next-generation security technologies. Traditional security is simply not enough for today’s diverse infrastructure. The logical layer in the security realm was created to address new challenges around data in the cloud and more data within the actual data center. Checkpoint’s Virtual Appliance for Amazon Web Services helps create a direct software-defined security extension from a primary infrastructure directly into a cloud environment. This means utilizing advanced features spanning an entire WAN infrastructure including IPS, access controls, DLP, and unified security management.
Similarly, Palo Alto completely abstracted the security layer with their next-generation security operating system, PAN-OS. These virtual appliances can sit anywhere within the data center to process a variety of security requests. With an intelligent security operating system, administrators are able to utilize next-generation firewall capabilities, such as dynamic address groups, complete virtual machine monitoring, the creation of security policies that instantly sync with virtual workload creation, and a unified security management platform.