Visibility in SDN/NFV Networks
The Challenge due to virtualization & cloudification in the networks
Provide optimal information for monitoring systems in ever changing SDN / NFV environment.
- Provide relevant network traffic to monitoring systems under continuous dynamic service changes
- Fast detection of network configuration changes and capability to notify automatically the Network Operations team
- Fast implementation of the visibility solution configuration in line with the network configuration changes
Telecom operators are facing ever growing complexity of different technologies, various interfaces, protocols, and combination of bare metal, virtualization and cloudification in the networks. The networks themselves can span from remote sites to multi edge computing making it increasingly difficult to get an understanding of the network itself.
The visibility paradigm is on a way to dramatic changes. Visibility on the physical Layer is not efficient anymore as the only solution. Network design has changed from device-oriented to software defined. Therefore, network visibility should also follow the principles of programmable networks.
Programmable networks aim to be automatically orchestrated or at least require minimal intervention using Software, and network Visibility has to be able to be as dynamic. Without this ability network visibility changes become unmanageable and for example security and performance monitoring is inefficient.
Cubro's Software Defined Visibility Solution
Cubro’s Software Defined (SDV) Visibility solution discovers the network assets, and maps and stores the network assets to a database. The SDV solution detects network configuration changes in real time and notifies Network Operations who can implement alternate SD Visibility configuration by triggering workflow process that executes necessary changes automatically and thus enables continuous relevant network traffic to network monitoring and security tools or functions. Using this information CSP can implement alternative configurations to facilitate network reconfiguration or to resolve service degradation. This same information is used to create service flows that make the management and configuration of the visibility layer much simpler.
Software Defined Visibility and Cloud Switch
Cubro offers the first automated software defined visibility solution in the market.
Cubro Software Defined Visibility has four main components:
- Virtual and Physical Tapping
- Aggregation, traffic steering and packet processing
- Metadata extraction
- Automation controlling the whole cycle using workflows and extracted data as both modelling information and feedback method
Virtual and Physical Tapping
Virtual and Physical tapping provide access to the raw packets; this is important for any visibility application. Depending on the monitoring application, either a part or full packet is needed.
Network schema drawing shows that a lot of tapping points are needed to capture all traffic. Physical Taps as their name implies need to be physically installed when building the network in order to provide data for monitoring platforms. Virtual Taps can be powered on using a management platform when needed. Some implementations use also smart NICs.
Cubro sees the network visibility tools to include the use of Virtual Taps, Smart NICs and Physical Taps depending on the environment and on the cloud implementation. Due to the number of expected tapping points orchestration of the network visibility is required (In some networks multiple 100 tapping points are standard and virtualization increased the number of tapping points even further).
Aggregation, traffic steering and packet processing
Network monitoring tools require the input in a specified way. Aggregation, Filtering and Packet processing are vital to provide the data in the correct format to any monitoring tool. The challenge today is to provide the the right data in the right format when the network may have:
- Encapsulation in multiple network stacks (overlay networks)
- Too much traffic for the tools
- Asymmetric traffic (up and downlink separated)
- Ciphered traffic
- Traffic transported in a virtual network
- Dynamic transport layer for example using SDN
Aggregation and Filtering is not any more enough since networks are more automated and agile. In the same way the network visibility has to follow this dynamic approach.
Metadata is important since it provides understanding of the network and its behavior.
Extracting Metadata out of the network from different sources including non-Cubro equipment* allows to model the network topology and adjust it dynamically. Metadata is produced for the visibility fabric itself to support the network changes (naturally there are monitoring tools that can use the data as well). Cubro uses the following Metadata:
- Sflow out of the Visibility devices (physical and virtual)
- Nflow from Probes if needed
- DPI information if needed
- IPFIX from VDS (information from the virtual domain)
- Neutron Interface from OpenStack (behavior in OpenStack)
- BGP from live network to correlate services over slices
- Configurations out of production switches and other network elements
After correlating the data Cubro produces an end-to-end dynamic view of the network.
Automation – Asteria Orchestration
Asteria is the controller that makes the automation work. It controls the whole cycle using workflows and extracted data as both modelling information and feedback method.
Asteria is a superset of Vitrum. Only Asteria has the orchestration capability. Technically speaking Vitrum is using containers that are packaged to VM to make the delivery simple at this stage.
Benefits of Cubro's Solution
Cubro’s SDV solution ensures that the required network service performance and security are continually optimally delivered via dynamically and constantly changing SDN and NFV environments to deliver low latency, high performance and agile services by:
- Improving user service experience by constantly providing network monitoring, security and analytics tools with accurate and relevant network packets to enable effective Service Assurance and Customer Experience Management.
- Delivering API for network and visibility orchestration to allow optimal configuration and management of resources to resolve service degradations as they occur.
- Improving and maintaining the effectiveness of network monitoring, security and analytics tools.
- Maximizing the Return On Investment of network tools.