Does SDN Need to Get More Intelligent?

Deep Dive

Does SDN Need to Get More Intelligent?

By Ken Osowski, Director of Solutions Marketing  |  June 10, 2013

I know I promised in my last article on DPI that I wasn’t going to focus on acronyms in this column, but here I go again, leading off with the term SDN. By now it is as familiar as the term OTT when references are made to next-generation data networks. During our many press and analyst briefings at MWC 2013 everyone asked the same question, no matter their editorial or research focus: “What is your SDN play? Everyone else we spoke to at the show has mentioned it.”

So what is everyone getting so exited about in regards to software-defined networking, or SDN? 

The promise of SDN is to separate out all network control functions in the control plane from data plane forwarding functions in network switches and routers. These network control functions can then be managed as a configurable resource running on off-the-shelf servers. A key component of the SDN architecture is the OpenFlow protocol that enables the network control functions to communicate with data plane network devices throughout the network. The Open Networking Foundation is an industry consortium that publishes the OpenFlow protocol as a standard to foster interoperability among vendors providing network technology in this new environment.

This need for SDN became more apparent as enterprises and cloud operators began looking for flexibility in configuring their networks. The second order need was to dynamically allocate computing resources to host the network control function in virtual machine environments, enabling racks of servers to be pre-positioned to handle varying network topologies and capacities.

SDN network intelligence is viewed as centralized in software-based SDN controllers that actively maintain state and control of the entire network. This could work well for most enterprise networks but may end up facing scaling issues in large-scale service provider networks. Moreover, in a service provider network, the access network presents special challenges since intelligent devices are already working mostly autonomously. So intelligence needs to be collected from these systems to ensure an accurate view of network usage to exercise precise control.

So where does DPI fit? Will public and private network operators using SDN still need to be able to identify, classify, and analyze in real-time the applications and traffic running on their networks using DPI? The answer of course is yes. Without it, robust application-specific policy creation will be very difficult. Even though OpenFlow does enable programmatic southbound-facing control of device interfaces in Layer 2 from network control functions in OSI Layer 3, northbound APIs still need specification to introduce real-time application intelligence derived from OSI Layers 4 through 7 using DPI technologies. The DPI APIs will need to communicate application intelligence between Layer 4 and Layer 3 where SDN network policies are used. SDN protocol standardization is a key step in achieving network device interoperability; however, DPI intelligence APIs will sustain long-term innovation.

In my last article, I discussed shallow versus deep packet inspection. In fact what we have seen defined so far as SDN handling intelligence is what I would call shallow intelligence, since it is focused on dynamically configuring networks. What we need in service provider networks is deep intelligence in the SDN architecture that can leverage DPI-derived policies such as how subscribers are using various Internet applications. Both shallow and deep intelligence will be communicated among SDN network elements using network control functions in a distributed fashion. Both end user devices and core network elements will include DPI functions and communicate DPI intelligence. This will bring a new level of intelligence to service provider networks so that they can monetize their network investments.

In the meantime, before SDN interfaces are created to address the incorporation of DPI intelligence, current intelligent policy enforcement platforms and embedded DPI software will perform these critical network functions. DPI everywhere will be a call to action for SDN networks as they get implemented. The more intelligence that is available from an application perspective, the better SDN will meet the needs of network subscribers, enabling innovation and generating new revenues as a result.

Regardless of the underlying approach to implementing next-generation data networks, it all boils down to creating better user and subscriber experiences. DPI-based policy platforms do just that by enabling new services that evolve the service paradigm from simple metered data plans to value-based, personalized subscriber services.

Ken Osowski is director of solutions marketing at Procera Networks (News - Alert) (

Edited by Stefania Viscusi