About UsBlog

SDN Software-Defined Network

SDN Software-Defined Network

Software-defined networking (SDN) technology is an approach to network management that enables dynamic, programmatically efficient network configuration in order to improve network performance and monitoring, making it more like cloud computing than traditional network management.

SDN encompasses several types of technologies, including functional separation, network virtualization and automation through programmability. SDN solution is meant to address the fact that the static architecture of traditional networks is decentralized and complex while current networks require more flexibility and easy troubleshooting.

SDN technology attempts to centralize network intelligence in one network component by disassociating the forwarding process of network packets (data plane) from the routing process (control plane). The control plane consists of one or more controllers which are considered as the brain of SDN network where the whole intelligence is incorporated. Originally, software defined technology focused solely on separation of the network control plane from the data plane. While the control plane makes decisions about how packets should flow through the network, the data plane actually moves packets from place to place.

In a classic SDN scenario, a packet arrives at a network switch, and rules built into the switch's proprietary firmware tell the switch where to forward the packet. These packet-handling rules are sent to the switch from the centralized controller. The switch - also known as a data plane device - queries the controller for guidance as needed, and it provides the controller with information about traffic it handles. The switch sends every packet going to the same destination along the same path and treats all the packets the exact same way.

Software defined networking solutions use an operation mode that is sometimes called adaptive or dynamic, in which a switch issues a route request to a controller for a packet that does not have a specific route. This process is separate from adaptive routing, which issues route requests through routers and algorithms based on the network topology, not through a controller.

The virtualization aspect of SDN comes into play through a virtual overlay, which is a logically separate network on top of the physical network. Users can implement end-to-end overlays to abstract the underlying network and segment network traffic. This microsegmentation is especially useful for service providers and operators with multi-tenant cloud environments and cloud services, as they can provision a separate virtual network with specific policies for each tenant.

The most popular products in category SDN Software-Defined Network All category products

Citrix SD-WAN
0
19
Cisco Application Centric Infrastructure (ACI)
11
3
Forcepoint Secure Enterprise SD-WAN
11
0
Fortinet FortiGate SD-WAN
9
20
NSX SD-WAN by VeloCloud
17
17
Viptela Secure Extensible Network (SEN)
8
8
Juniper Cloud CPE with SD-WAN
20
8
Nuage VNS
20
6
Bigleaf Cloud-first SD-WAN
0
18
Zyxel SD-WAN
14
2
Silver Peak Unity EdgeConnect SD-WAN Solution
3
9
Talari SD-WAN
20
14

Compare of products in the category SDN Software-Defined Network

Please turn the screen for optimal content display

Compare: Software-Defined WAN (SD-WAN)

Characteristics

Deployment

Network Connectivity

Zero-touch provisioning

Identification of applications

Network Performance

Cloud Connect

Routing Capabilities

Load balancing modes

Dynamic Path Switching

Packet Duplication

Packet Loss with FEC

Firewall

AES-256 Encryption

WAN Optimization Support

Network segmentation

Content filtering

Purchasing

  • Physical
  • Virtual
  • Physical
  • Virtual
  • Physical
  • Virtual
  • Physical
  • Virtual
  • Physical
  • Virtual
  • Physical
  • Virtual
  • Physical
  • Virtual
  • Physical
  • Virtual
  • Physical
  • Virtual
  • Physical
  • Virtual
  • Physical
  • Virtual
  • Physical
  • Virtual
  • Physical
  • Virtual
  • Physical
  • Virtual
  • MPLS
  • DSL
  • Ethernet
  • Broadband
  • 3G
  • 4G/LTE
  • Satellite
  • MPLS
  • Broadband
  • 4G/LTE
  • Satellite
  • MPLS
  • Broadband
  • DSL
  • 4G/LTE
  • MPLS
  • Broadband
  • DSL
  • 4G/LTE
  • MPLS
  • Broadband
  • 4G/LTE
  • MPLS
  • DSL
  • 4G/LTE
  • MPLS
  • MPLS
  • Broadband
  • MPLS
  • Broadband
  • MPLS
  • Broadband
  • DSL
  • 4G/LTE
  • MPLS
  • Broadband
  • 4G/LTE
  • MPLS
  • Ethernet
  • Broadband
  • 3G
  • 4G/LTE
  • Satellite
  • MPLS
N/A
over 4500
N/A
over 7000
over 3000
over 3000
2200
1400
over 1300
over 10000
N/A
2600
3000
N/A
  • N/A
  • Passive
  • N/A
  • Active
  • Passive
  • Active
  • Passive
  • Active
  • Passive
  • Passive
  • Active
  • Active
  • Passive
  • Passive
  • Active
  • Active
  • N/A
  • N/A
  • AWS
  • Azure
  • Google
  • Services supplied by carriers
  • VMware
  • AWS
  • Azure
  • N/A
  • N/A
  • AWS
  • Azure
  • Blue Jeans
  • Box
  • Cisco
  • Google
  • HP Helion
  • IBM
  • Salesforce
  • Sunguard
  • VMware
  • N/A
  • AWS
  • Azure
  • VMware
  • AWS
  • Azure
  • VMware
  • Services supplied by carriers
  • Services supplied by carriers
  • Services supplied by carriers
  • N/A
  • WAN
  • QoS
  • WAN
  • Application
  • QoS
  • Load Balancing
  • WAN
  • QoS
  • WAN
  • Application
  • QoS
  • Load Balancing
  • Multi-Link VPN
  • N/A
  • QoS
  • WAN
  • Application
  • QoS
  • Traffic Shaping
  • QoS
  • Application
  • QoS
  • WAN
  • Application
  • QoS
  • WAN
  • Application
  • QoS
  • N/A
  • WAN
  • Application
  • QoS
  • Load Balancing
  • N/A
  • N/A
  • Per-flow
  • Per-packet
  • Per-flow
  • Per-packet
  • Round Trip Time
  • Ratio
  • Per-flow
  • Per-flow
  • Per-flow
  • Per-packet
  • Per-flow
  • Per-flow
  • Per-flow
  • Per-packet
  • Per-flow
  • Per-packet
  • Per-flow
  • Per-packet
  • Per-flow
  • Per-packet
  • N/A
N/A
Yes, for VoIP
Yes (VoIP, real-time applications)
N/A
N/A
N/A
Yes, for VoIP
N/A
N/A
N/A
Yes, for VoIP
Yes, UDP applications
N/A
N/A
N/A
N/A
N/A
N/A
N/A
N/A
Yes (dynamic, for VoIP)
N/A
N/A
Yes
N/A
Yes, TCP applications
N/A
N/A
Integrated
Integrated
Integrated
Integrated
Integrated
Integrated
Separate
Integrated
Integrated
Integrated
Separate
Separate
Integrated
Integrated
N/A
Yes
Yes
Yes
Yes
Yes, 3rd party
Yes
Yes, 3rd party
Yes
Yes
Yes
Yes, 3rd party
Yes
Yes
N/A
Yes, VRF-lite at SD-WAN CPE
N/A
Yes
Yes
Yes, VRF at SD-WAN CPE
Yes, VRF at SD-WAN CPE
Yes
Yes
Yes
Yes
Yes
Yes, Proprietary VPN ID in IPsec packet header
N/A
N/A
N/A
N/A
Yes
Yes
N/A
Partial
N/A
N/A
N/A
N/A
Yes
Yes
Yes
  • N/A
  • N/A
  • Recurring
  • Upfront
  • N/A
  • N/A
  • N/A
  • Recurring
  • N/A
  • N/A
  • N/A
  • Upfront
  • Recurring
  • N/A
  • N/A
Found mistake? Write us.

F.A.Q. about SDN Software-Defined Network

Benefits of Software Defined Networking

With SDN software, an administrator can change any network switch's rules when necessary - prioritizing, deprioritizing or even blocking specific types of packets with a granular level of control and security. This is especially helpful in a cloud computing multi-tenant architecture, because it enables the administrator to manage traffic loads in a flexible and more efficient manner. Essentially, this enables the administrator to use less expensive commodity switches and have more control over network traffic flow than ever before.

Other benefits of SDN are network management and end-to-end visibility.A network administrator need only deal with one centralized controller to distribute policies to the connected switches, instead of configuring multiple individual devices. This capability is also a security advantage because the controller can monitor traffic and deploy security policies. If the controller deems traffic suspicious, for example, it can reroute or drop the packets.

Software defined networking software also virtualizes hardware and services that were previously carried out by dedicated hardware, resulting in the touted benefits of a reduced hardware footprint and lower operational costs.

Additionally, SDN contributed to the emergence of software-defined wide area network (SD-WAN) technology. SD-WAN employs the virtual overlay aspect of SDN technology, abstracting an organization's connectivity links throughout its WAN and creating a virtual network that can use whichever connection the controller deems fit to send traffic.

Are there any SDN security benefits?

As security issues become more complex at the edge of the network, it’s no wonder that network and security professionals are looking for new ways to approach network protection. Nowadays, it seems like SDN is going to be the answer.

  • Centralized Network Control

In a traditional network, devices (router/switches) make their own decisions locally about where and how best to send traffic.  In terms of network security, SDN can be used to route data packets through a single firewall and make IDS and IPS data capture more efficient.

  • Simplify Configuration

The SDN makes it easier to automate configuration and improves the traceability of those configurations. The introduction of SDN network management allows dynamic programming and restructuring of network settings, which reduces the risk of DDoS attacks. It is also worth adding that SDN has automatic quarantine capabilities.

  • Creation of High-level Network Policies

Rather than physically configuring security solutions, SDN facilitates the central management of security policies to make network operator roles more efficient and flexible. Moreover, SDN helps to move away from current management approaches such as SNMP/CLI and build more effective policy management.

  • Easy to use Application Programming Interfaces (APIs)

Cloud APIs are interfaces presented by software and play a vital role in SDN controllers and applications. Easy to use APIs help to manage network resources, improve the efficiency of IT resources, and aid integration with IT tools. Additionally, a number of good cloud security practices have been introduced recently.