Technical white paper Mock RFI for Enterprise SDN Solutions HP sample response Technical white paper | Mock RFI for Enterprise SDN Solutions Table of contents Background and intended use .................................................................................................................................................... 3 Introduction .................................................................................................................................................................................... 3 Definitions and terminology ....................................................................................................................................................... 5 The solution architecture............................................................................................................................................................. 6 The SDN controller ........................................................................................................................................................................ 9 SDN infrastructure ...................................................................................................................................................................... 11 Management ................................................................................................................................................................................ 12 Security .......................................................................................................................................................................................... 17 SDN applications .......................................................................................................................................................................... 18 Professional services.................................................................................................................................................................. 20 Value added .................................................................................................................................................................................. 25 Written by Sponsored by Technical white paper | Mock RFI for Enterprise SDN Solutions Background and intended use One of the key characteristics of Software-defined networking (SDN) is that it is fundamentally changing the role of networking in the enterprise. SDN brings increased agility and automation to networks, which enable them to deliver more business value. Another characteristic of SDN is that it can be confusing. There are many sources of that confusion, including but not limited to the: • Increasing number of vendors with SDN solutions or claiming to have SDN solutions • Varying roadmaps and timing for SDN solution availability • Wide range of SDN technologies and solutions The goal of creating this mock Request for Information (RFI) is to reduce that confusion. The intended use of this document is for enterprise IT organizations to utilize this document to drive a conversation with vendors of SDN solutions. The primary focus of this document is vendors who alone or with partners provide SDN applications, controllers and infrastructure such as switches and routers. IT organizations may choose to modify this document prior to using it to drive conversations with SDN vendors. For example, the section of this RFI entitled “SDN Controller” asks a question about the network services that the vendor supports; e.g., load balancing, security. If there is other functionality that is important to the IT organization, they can either create additional section(s) in the RFI that focus on that functionality or they can address that functionality in the section of this document that is entitled “Value Added”. This document is identified as being a Request for Information (RFI) and not a Request for Proposal (RFP). As a general rule, a RFI is more exploratory than is an RFP. As a result, RFIs generally don’t provide a detailed description of the network of the company that is distributing the RFI. Analogously, RFIs generally don’t request that vendors respond with a detailed design or with detailed pricing. Throughout the mock RFI the company that is distributing the RFI will be referred to as The Company and the vendors who will receive the RFI will be referred to as The Vendor or The Vendors. Each section of the mock RFI will begin with a Foreword, the goal of which is to put that section into context. It is expected that The Company will delete this text prior to distributing the RFI. Introduction Foreword: The purpose of this section is to establish the goals, guidelines and timetable for the RFI process. One goal of this section is to eliminate any miscommunication between the IT organization that distributes the RFI and the vendors that respond to it. Another goal is to minimize the amount of time it takes the vendors to respond to the RFI and the time it takes the IT organization to evaluate those responses. Below is the set of topics that The Company should include in this section. Description of the Company This subsection should be a one or two paragraph description of The Company. This description is particularly helpful if some or all of The Vendors are not familiar with The Company. Focus of the RFI This subsection should state if the focus of the RFI is The Company’s branch and campus networks; their data center networks; their WAN or some combination of those networks. Goals of the project The Company should identify the goals of the project. Possibilities include centralizing configuration management; supporting the dynamic movement of virtual workloads; enabling applications to request services of the network; performing end-to-end traffic engineering. It is up to The Company to decide the level of detail that it will provide to The Vendors. For example, if The Company is exploring the possible deployment of SDN as part of a private cloud computing initiative, it is up to The Company to decide how much of that initiative it chooses to disclose to The Vendors. Non-disclosure agreement (NDA) If The Company decides to disclose confidential information to The Vendors, of if The Company expects to receive confidential information from The Vendors, particularly concerning their future plans, then The Company should execute mutual NDAs. The process of distributing and executing mutual NDAs should begin at least a few weeks prior to the anticipated date of distributing the RFI. 3 Technical white paper | Mock RFI for Enterprise SDN Solutions Intended use The Company should indicate how it intends to use the information that it receives from The Vendors. For example, is it likely that after it has evaluated the responses to the RFI, The Company will issue a RFP to a smaller set of vendors? The use of partners The Company must decide if it is acceptable for The Vendors to include in their response products from their partners. If The Company does allow that, then it must instruct The Vendors to clearly indicate in their response which part of the solution they provide and which part(s) are provided by one or more named partners. Maturity of products The Company must decide if it wants to have The Vendors responses only refer to products that are currently shipping or if it is acceptable for The Vendors to include products that are likely to ship in a reasonable time frame, such as within one year, which is defined by The Company. If The Company goes with the latter option, then it must instruct The Vendors to clearly indicate in their response those products that are currently shipping and those products that will ship in the future along with their expected ship date. Evaluation criteria The Company should identify the criteria that it will use to evaluate the responses from The Vendors. Some of the criteria can be related to the RFI process itself such as the timeliness and completeness of the responses. Other criteria may include the degree to which the solution helps The Company achieve the goals of the project; i.e., the use of open protocols and or industry standards; the ease of integrating the proposed SDN solution with traditional networks; specific technical criteria such as the scalability and extensibility of the solution. Response guidelines In an effort to avoid just getting boilerplate responses, The Company might include response guidelines such as: • In order that meaningful comparisons can be made, The Vendors are requested to provide complete answers to all the questions that apply to the SDN solution they are proposing and to indicate when a question doesn’t apply and that they are intentionally not responding. Generic documentation on products often provides valuable background information and can be included in an appendix to your response. On its own, however, generic documentation on products will not be considered a satisfactory response to this RFI. • The Vendors are also requested to notify of any major change to their SDN solution that occurs during the RFI process. Contacts The Company should provide a single point of contact for The Vendors to interact with during the RFI process. One of the primary roles of this person is to ensure that the process flows smoothly and that The Company gets the information it needs and that The Vendors are treated fairly. The Company should also request a single point of contact from each of The Vendors. Clarifying questions The Company must decide and communicate to The Vendors whether or not it will hold a meeting to enable The Vendors to ask clarifying questions. Options include one meeting with all of the vendors present or separate meetings with each vendor. In any case, The Vendors should be encouraged to submit clarifying questions to The Company’s single point of contact at any time during the RFI process. If The Company’s response to those questions adds materially to what was included in The RFI, The Company needs to make that information available to all of The Vendors. Response date The Company must indicate when the responses are due and whether an electronic version of the response is acceptable or if a printed version is required. 4 Technical white paper | Mock RFI for Enterprise SDN Solutions Definitions and terminology Foreword: Given the ambiguity that currently surrounds SDN, The Company should provide a definition of the SDN related terms that are included in the RFI. The following definitions are intended as a starting point and The Company may choose to modify some or all of these definitions. The Company should request that each of The Vendors indicate in their response if their definition of these terms is substantially different than what is provided by The Company. • SDN – Software-defined networking (SDN) is an emerging architecture that is dynamic, manageable, cost-effective, and adaptable, making it ideal for the high-bandwidth, dynamic nature of today’s applications. 1 This architecture decouples the network control and forwarding functions enabling the network control to become directly programmable and the underlying infrastructure to be abstracted for applications and network services. The OpenFlow protocol is an example of a protocol that can be used as a programmable interface for building SDN solutions. The SDN architecture is: • Directly programmable: provides a programmatic interface in which applications can be executed • Agile: Abstracting control from forwarding lets administrators dynamically adjust network-wide traffic flow to meet changing needs • Centrally controlled: Network intelligence is (logically) centralized in software-based SDN controllers that maintain a global view of the network, which appears to applications and policy engines as a single, logical network control plane • Programmatically configured: SDN lets network managers configure, manage, secure, and optimize network resources very quickly via dynamic and automated SDN programs. Network managers are now able to write programs as they do not depend on proprietary software • Business applications – This refers to applications that are directly consumable by employees of The Company. Possibilities include video conferencing, supply chain management and customer relationship management. • Network & Security Services – This refers to functionality that enables business applications to perform efficiently and securely. Possibilities include a wide range of L4–L7 functionality including load balancing, network tapping, and security capabilities such as firewalls, IDS/IPS and DDoS protection. • Network virtualization – Network virtualization is the abstraction of underlying network hardware along with software into a network overlay. Network virtualization is one use case of SDN. • Overlay – Consists of the virtual network infrastructure. Protocols such as VXLAN can be used to implement overlay networks. • Underlay – Consists of the physical network infrastructure such as switches. • Open protocol – An open protocol is a protocol whose specification the company, or group of companies, that created the protocol has made public. • Standards based protocol – A standards based protocol is an open protocol that was created by a recognized standards body such as the IEEE, IETF, or the Open Networking Foundation (ONF). • Pure SDN switch – In a pure SDN switch, all of the control functions of a traditional switch (i.e., routing protocols that are used to build forwarding information bases) are run in the central controller. The functionality in the switch is restricted entirely to the data plane. • Hybrid switch – In a hybrid switch, SDN technologies and traditional switching protocols run simultaneously. A network manager can configure the SDN controller to discover and control certain traffic flows while traditional, distributed networking protocols continue to direct the rest of the traffic on the network. 1 This is the ONF definition of SDN: opennetworking.org/sdn-resources/sdn-definition 5 Technical white paper | Mock RFI for Enterprise SDN Solutions • Hybrid network – A hybrid network is a network in which traditional switches and SDN switches, whether they are pure SDN switches or hybrid switches, operate in the same environment. • Northbound API – Relative to figure 1 below, the Northbound API is the API that enables communications between the control layer and the application layer. • Southbound API – Relative to Figure 1 below, the Southbound API is the API that enables communications between the control layer and the infrastructure layer. • East-west API – East-west APIs enable multiple SDN controllers to communicate with each other sharing state information and allowing for federation. The solution architecture Foreword: Given the previously mentioned ambiguity that currently surrounds SDN, The Company should also include in the RFI a graphic that reflects either The Company’s view of the SDN architecture or a commonly held view of the SDN architecture. One possibility is the SDN architecture as envisioned by the Open Networking Foundation (ONF) shown in figure 1. 2 Figure 1. ONF’s SDN architecture Source: Open Networking Foundation • Indicate any differences between your company’s definition of SDN and the definition of SDN that was included in the section of this RFI entitled “Definitions and Terminology”. – There are no differences. • Indicate any differences between your company’s definition of the terms and phrases that were included in the section of this RFI entitled “Definitions and Terminology” other than the term SDN. – There are no differences. • Describe the SDN solution that you are proposing and include in that description how the SDN architecture for the solution you are proposing is similar to the architecture shown in figure 1 and also describe how it is different. – HP’s SDN solution is built upon the same ONF definition depicted in figure 1 and continues the model with orchestration and management. 2 6 This is the ONF definition of SDN: opennetworking.org/sdn-resources/sdn-definition Technical white paper | Mock RFI for Enterprise SDN Solutions Figure 2. HP SDN solution overview – Infrastructure HP offers OpenFlow-enabled products within its portfolio and builds on the success of the FlexNetwork Architecture: • HP is the first tier-one networking vendor with commercially available OpenFlow software. • HP currently supports OpenFlow on 50 switch models and 10 routers. • Over 25 million installed ports are OpenFlow capable. • HP offers a free upgrade to HP’s OpenFlow-enabled software. – Control HP has introduced the HP Virtual Application Networks (VAN) SDN Controller as an enterprise-grade SDN controller. – Application HP offers a variety of SDN applications along with an Enterprise-grade SDN App Store & Software Development Kit (SDK). See other RFI topics for more details. – SDN management HP Provides a complete SDN management solution that: • Delivers network agility through rapid provisioning and automation of network policy enforcement and enabling SDN deployments. • Accelerates application deployment through rapid provisioning of server connectivity. • Enables service agility and velocity from access to core through network resource provisioning. • Provides comprehensive management of all SDN layers. • Identify the aspects of your solution architecture that enable high availability and the aspects of your solution architecture that enable scalability. – The Controller offers federations of multiple controllers for HA and scale. More information on the controller HA and scale can be found in the SDN Controller section of this RFI. • Describe how the solution helps The Company achieve each of the goals of the project that were identified in the introduction. (Note to The Company: If one of your goals is to enable applications to dynamically request services from the network, then one component of this question is to ask how The Vendor’s solutions supports that capability.) – This RFI response is sample and does not include any specific project goals. 7 Technical white paper | Mock RFI for Enterprise SDN Solutions • Which components of the solution architecture do you provide yourself and which components do partners provide? – All infrastructure, controller, management solutions are provided by HP. Controller federation solutions, such as HP-VMware Networking Solution, which provides a unified physical and virtual infrastructure solution will be provided jointly with partners. The SDN App Store will provide SDN apps that are HP developed, partner developed and community developed. • If the solution you are proposing includes components from partners, is there a single point of accountability and support model for the solution? – Controller federation will be jointly supported and the ConvergedControl application will be supported by HP. – Partner apps will be supported by HP – Community apps will be tested and validated and supported by the provider of the app. As with any SDN integration, the controller will be fully supported along with the infrastructure even if running community apps. • What testing has been done on the solutions you are proposing? Is it possible to get access to those test results? – All of our solutions have been fully tested and are supported. For more details please contact HP directly. An NDA may be required. • In your SDN solution, what control functions reside in the control layer and which control functions reside in the infrastructure layer? – All control functions reside on the controller layer in an all SDN environment for these solutions. HP does support hybrid environments that allow network control functions to reside in the infrastructure layer. – For example, HP’s SDN Application, HP Network Protector SDN Application runs on a hybrid mode LAN, as it only intercepts certain packets of traffic flows for inspection. Path computation and forwarding/re-routing control can be done using legacy control protocols running in the switches and routers. – Hybrid mode programming of traditional L2/L3 forwarding protocols and SDN bootstrapping functions are supported using an external management component such as HP’s IMC products. • Does your solution provide control for both vSwitches and physical switches? If so, which ones? How does your solution integrate with hypervisor management systems? – The HP solution supports any standards based infrastructure. • Describe the Northbound protocols/APIs you support between the control layer and: • Network services • Enterprise applications • Cloud management/orchestration systems – For all of these services HP provides a wealth of REST and Java APIs that allow standard interfaces, abstractions and extensibility. For a complete list of APIs supported for Network services, Enterprise applications and Cloud management/orchestration systems please visit hp.com/go/sdndevcenter. • If The Company were to implement the SDN solution you are proposing, how would it move traffic between that SDN solution and the rest of The Company’s network? – HP supports both Full-SDN and Hybrid SDN solutions to support the rest of The Company’s network. The resulting LAN can either be fully under control of the SDN controller or only certain functions can be relegated to the controller. The mode (pure-SDN or hybrid) depends on the SDN application set deployed by the operator. – For example, HP’s SDN Application, Network Protector SDN Application runs on a hybrid mode LAN, as it only intercepts certain packets of traffic flows for inspection. Path computation and forwarding/re-routing control can be done using legacy control protocols running in the switches and routers. – Hybrid mode programming of traditional L2/L3 forwarding protocols and SDN bootstrapping functions are supported using an external management component such as IMC. • Is it possible to have your proposed solution span multiple data centers? To extend from a data center out to branch offices? If so, what technologies enable this? – HP’s SDN infrastructure includes data center, campus and branch, all utilizing the same SDN solution. Further HP’s SDN solutions support all SDN standards-based infrastructures; including non-HP standards-based SDN-enabled devices. 8 Technical white paper | Mock RFI for Enterprise SDN Solutions • How are you working towards enabling an open, standards-based solution architecture; e.g., what Northbound APIs, Southbound APIs, and East-west APIs do you support? – HP is a founding member of the ONF and is working toward standardizing all the APIs. • Northbound APIs—HP is working in the ONF NBI group to standardize Northbound APIs. For a complete list of HP Northbound APIs please visit hp.com/go/sdndevcenter. • Southbound APIs—HP controller supports OpenFlow along with NETCONF from the controller south to the infrastructure. • East-west APIs—HP supports a wide range of APIs available on hp.com/go/sdndevcenter that can be utilized for east-west interaction. HP first east-west controller federation is being jointly developed between HP and VMware to federate the NSX platform and HP VAN SDN Controller. The SDN controller Foreword: The purpose of this section of the RFI is to help The Company understand the functionality and performance of varying SDN controllers as well as how those controllers add to the availability, scalability and extensibility of the proposed solution. Some of the questions that appear in the preceding section of this RFI could just as well appear here. An example of that is the question in the preceding section that asks The Vendors about the Northbound protocols/APIs that they support. • Describe the overall architecture of your SDN controller. Include in your response an emphasis on how the architecture will enable you to add functionality over time; how the architecture lends itself to high availability and to scalability. – The HP Virtual Application Networks (VAN) SDN Controller is the central building block of the SDN network. By separating the control plane from the forwarding plane, SDN makes it possible for the network status and capabilities to be exposed directly to the business service layer, so that business systems can request services from the network directly. SDN applications thus provide higher level application direction to the SDN controller. – Northbound APIs utilize the REST architecture and provide easy access to applications that are integrated directly in the controller or off the controller. Native APIs, provided in Java, deliver support to Network Control applications that are integrated directly in the controller. • Please describe how your solution can take advantage of a cluster of controllers to improve availability and performance in processing flows. Describe the relationships between members of the cluster (e.g., master/slave or other alternatives that allow parallel processing of flows). Are there test results available showing the rate at which the controller(s) can process flows? If so, is it possible for The Company to see those results? – We designed our SDN controller to meet high availability and scaling requirements through a scale-out teaming model. Our SDN controller can be clustered, so that if any one controller in the network fails, another in the cluster will take over. – Scale-out architecture uses scalable, resilient database frameworks, allowing expansion beyond a single standalone controller to a high-availability cluster. Based on open-source in-memory database systems including ZooKeeper (for strict consistency), Cassandra (for eventual consistency), and a PostgreSQL relational database, persistent data can be shared among multiple controllers to deliver a scale-out approach to the control of large or demanding networks. – High availability provides a “2n+1” active consistency model which allows three controllers to manage individual subsets of the network while sharing a common network view. The failure of one control component generates a rapid response by the cluster to ensure continued network operations. – Each member of the controller cluster is active, and can be configured to handle specific OpenFlow switches. Performance can therefore scale nearly linearly with the size of the cluster—if one controller can support 1.8 million flows/sec (Cbench), three controllers can handle 5.4 million flows/sec. • What platforms support your SDN controller? (e.g., hardware appliance, Linux server, or virtual appliance running on specified hypervisors). – The HP VAN SDN Controller is a software package that can run on a standard Ubuntu Linux server or within a virtual machine. • What path does your control data take as it transits the network? Does it, for example, transit the same path as the data traffic or is some or all of the controller traffic out of band? – The control data is IP routed between the controller and the switches. Based on the customer deployment, the control data can transit the product network or a dedicated management network. 9 Technical white paper | Mock RFI for Enterprise SDN Solutions • Provide a list of the switches or other network devices with which the controller has been tested. Is it possible for The Company to review these test results? – The HP VAN SDN Controller controls policy and forwarding decisions, which are communicated to the OpenFlow-enabled switches in the data center or campus network. A variety of HP and third-party SDN applications can leverage the SDN controller to automatically deliver the necessary business and network service levels. HP has announced 50 OpenFlow-enabled switches and 10 routers. – The VAN SDN Controller has been tested with HP & some 3rd party devices. Please contract HP directly for more information. An NDA may be required. • What network services does your controller natively support (e.g., network virtualization, multi-pathing, load balancing, and security)? Include in your answer a description of those services and indicate which of these services are provided directly from The Vendor and which are provided via technology partners. Also indicate which of these services can run on the controller platform, as well as which services require separate platforms. – Network virtualization, multi-pathing, load balancing and security are not provided by the controller. The customer must deploy them as applications, either from HP or third parties. • What Cloud Management Systems, Orchestration engines, and hypervisor management systems has the controller been verified to interoperate with? – The HP SDN Controller and Virtual Cloud Networking (VCN) application is available as an integrated solution with HP’s CloudSystem 8.0 product. The VCN application provides the Neutron interface for HP’s OpenStack converged infrastructure product. In its initial release, both KVM and ESX hypervisors are supported. HP’s SDN and cloud networking solution will also be integrated into HP’s Cloud OS solution set, enabling customers to deploy SDN-enabled applications onto their virtual (overlay) and physical (underlay) data center networks. • Which components of your SDN controller, if any, are based on open source and what type of license is used? – The HP Virtual Application Networks controller is available for licensing. Table 1. HP Virtual Application Networks SDN Controller pricing HP VAN SDN Controller Description Pricing J9863AAE HP VAN SDN Ctrl SW Base SW w/ 50-node E-LTU $495 USD J9864AAE HP VAN SDN Ctrl 50-node E-LTU $4990 USD J9865AAE HP VAN SDN Ctrl HA E-LTU $9990 USD • Describe the performance of your SDN controller. Include in that description a discussion of the factors that impact performance as well as realistic performance limits for your controller. One performance limit that SDN controllers have is the number of flow set-ups per second they can establish. If, within your solution differing types of flow set-ups consume differing amounts of resources, include in your response a description and quantification of the varying types of flows and the amount of resources that they consume. Performance of single controller: – Maximum new flows per second: 1.8 million – Maximum OpenFlow ports: 80,000 – Maximum OpenFlow devices: 2,000 – Typical OpenFlow ports: 1,000–2,000 – Typical OpenFlow devices: 100–200 • How does your controller deal with time periods when many new flows are initiated (e.g., the start of the work day at a large facility)? Are the switch tables pre-populated from the controller or do they persist on the switch from the previous day? – This is application and implementation dependent. In general, HP sees that most initial deployments will leverage traditional L2 and L3 routing protocols to handle network traffic, while the SDN controller is used to manage application-specific traffic at the edge of the network. This mitigates some aspects of the “start-up” problem. However, just as in the case of wireless networks, the controller must be scaled to meet the new connection-per-second requirement of the application and customer. – Since the HP controller can be installed on any standard Linux server, the controller can be scaled as needed. In addition, the scale-out controller model allows the requirements of the customer and the scale of the controller to be matched appropriately. 10 Technical white paper | Mock RFI for Enterprise SDN Solutions • Does your SDN controller support federation with any other controllers? If so, what technologies are used? – The HP-VMware solution is the industry’s first interoperable SDN solution. The solution provides unified automation and visibility of the physical and virtual data center networks, enabling business agility and continuity. The solution federates the HP Virtual Application Networks SDN Controller with the VMware NSX network virtualization platform providing a centralized control plane and view of the physical and virtual network while automating underlying configuration. SDN infrastructure Forward: This section will ask questions about The Vendor’s switches that support SDN in some fashion. In order to limit the complexity of the RFI process, no attempt will be made in this section to ask any questions about the non-SDN aspect of the vendor’s switches unless those aspects are directly related to the SDN solution. • Identify the portfolio of virtual and physical switches and routers that support your SDN solution. For OpenFlow devices, identify whether the device is a pure OpenFlow device or a hybrid OpenFlow device. – HP has over 50 products including routers & switches that are OpenFlow-enabled & ready. The products are designed for a variety of environments including campus, branch & data center. – Please visit: hp.com/sdn and view the product tab for the latest listing. – HP has implemented OpenFlow in hybrid mode on all of its switches. • What protocols do you support between the control layer and the infrastructure layer? If OpenFlow is supported, what versions have been implemented? What required features, if any, of the supported version are not included in the implementation? Indicate which of the optional features are supported. Describe any significant vendorspecific extensions that have been made. – HP has implemented OpenFlow on its SDN controller as a Southbound interface to infrastructure devices. Today, HP supports both OpenFlow 1.0 and 1.3 within its portfolio. – HP has implemented OpenFlow in hybrid mode on all of its switches. – Please refer to product documentation and software release notes for specific implementation details as it is both software and hardware dependent. • If the switches used in your solution support technologies other than OpenFlow, describe both the Southbound protocols used and the agents used to modify forwarding behavior and indicate whether these are traditional switches, hybrid switches, or pure SDN switches. – OpenFlow is the primary method used today in our implementation. Some other interfaces that exist in the network OS such as NETCONF may also be used to manipulate switch behavior. • For each protocol that you support between the control layer and the infrastructure layer, describe the network behaviors that can be programmed using that protocol and also describe the services that can be constructed from those behaviors. – Please refer to examples in this document of SDN applications that have been developed using OpenFlow. • With a switch in SDN mode, are there any types of traffic that must be processed partially in software before being forwarded? – Once OpenFlow established a forwarding rule, traffic can be forwarded in hardware. For details on specific hardware and software capabilities refer to platform specific documentation and release notes. • If one of the switches in your proposed solution is in hybrid mode, does that have any impact on the behavior of the traditional component of the switch? If yes, explain. – When running OpenFlow in hybrid mode, switch resources are shared between the traditional network OS resources and OpenFlow. Some protocols can be impacted if they share common resources with OpenFlow. Please contact HP directly for performance test results. An NDA may be required. • Do the switches have multiple hardware forwarding tables (e.g., MAC CAM and TCAM)? What is the maximum number of flows the tables can support? In hybrid mode with the switch forwarding both traditional L2/L3 traffic and SDN traffic, how are the hardware tables shared by the two traffic types? Is the forwarding rate of the switch or other behavior affected by being in hybrid mode? – All switch implementations use TCAM. Some products also implement an IP Control table which facilitate certain SDN applications. In other products the MAC/IP forwarding table can be used for traditional forwarding actions on certain products. The scale of these tables are specified per switch in product documentation & release notes. 11 Technical white paper | Mock RFI for Enterprise SDN Solutions Management Foreword: Relative to management, there are three key concepts that need to be explored with vendors. One concept is the ability of the vendor to manage SDN’s unique features such as the performance of the SDN controller or the configuration of SDN switches. The second concept is the ability of the vendor to manage a hybrid SDN network, as that type of network is likely to dominate for the foreseeable future. The third concept is the ability of the vendor to provide a single pane of glass solution for managing the entire IT infrastructure. • Describe the extent of your management solution. For example, does it manage just the SDN solution you provide? Does the same tool also manage any traditional network components that you also provide? To what degree will it manage networks (SDN or traditional) that are provided by other vendors? – SDN management is based on the Intelligent Management Center (IMC) Virtual Application Networks (VAN) SDN Manager which is an add-on module to the IMC platform to provide full Fault, Configuration, Accounting, Performance Monitoring and Security (FCAPS) integrated management for both traditional and software-defined networks and across 3rd party devices, including over 6000 devices from over 220 manufacturers. – HP VAN SDN Manager provides the following: • Consistent management experience across SDN and traditional networks • Configuration, monitoring, and policy management for a software-defined network • OpenFlow switch management for quick troubleshooting and deployment Figure 3. IMC VAN SDN Manager dashboard – IMC is designed to manage 3rd party devices that are OpenFlow enabled. No testing has been conducted with other vendor OpenFlow infrastructure so management support cannot be verified. At this time, VAN SDN Manager provides FCAPS management for the HP VAN SDN Controller. • Describe the integration that exists between the management tool you provide to manage your SDN solution and other management tools, whether provided by your company or by a third party. – VAN SDN Manager is integrated into IMC to provide a single pane-of-glass view for managing traditional and software-defined networks. The IMC platform offers support for many plug-in modules that the VAN SDN Manager can leverage. – Integration into 3rd party tools is supported via the import/export capabilities, trap forwarding, and API support that the platform offers. The VAN SDN Manager can leverage any of these integration options as it resides on the IMC platform. • If your solution includes the OpenFlow protocol, describe your support for the OF-Config protocols created by the ONF. – OF-Config is supported in the VAN SDN Manager solution. Instead IMC leverages the REST interface of the controller to manage and monitor SDN and OF parameters. The SDN Manager uses OF-Config to configure a data path, and to do it configures the assignment of one or more OpenFlow controller, the configuration of ports and the ability to remotely change some aspects of ports (e.g., up/down). – Switch configuration is performed using SNMP and CLI. Physical switch pre-configuration is handled by standard IMC configuration methods. 12 Technical white paper | Mock RFI for Enterprise SDN Solutions • If your solution doesn’t include the OpenFlow protocol, describe your support for configuration protocols other than the OF-Config protocols created by the ONF. – The SDN Manager leverages OF-Config, SNMP and CLI for management and monitoring of HP SDN environments. • What type of management interface do you provide into your SDN controller? For example, is it based on REST? Or something else? – IMC uses a REST interface to manage the HP VAN SDN Controller. • Describe the ability of your solution to monitor the SDN controller. Include in that description your ability to monitor functionality such as CPU utilization as well as flow throughput and latency. Also describe the statistics you collect on ports, queues, groups and meters; and the error types, codes and descriptors you report on. Also, does your solution monitor the number of flow set-ups being performed by the SDN controller? If, as is the case with OpenFlow v1.3, within your solution differing types of flow set-ups consume differing amounts of resources, does your solution recognize that and report accordingly? Does your solution send an alert if the controller is approaching exhaust? – The VAN SDN Manager provides the following for OpenFlow controller management • Support for single, teamed, and redundant controllers • Display for information on the network service status, OpenFlow device types, host numbers, flow entry numbers, VLANs – OpenFlow network management: • Enables management of OpenFlow resources, flow policies, traffic monitoring, reporting, troubleshooting, and application management • Facilitates visualization of the network traffic flows, service quality, and SDN application status • Allows access to the detailed service management interface from the dashboard with a single click • Enables inventory management and monitoring of network resources with the information reliant on that of the IMC platform and other modules – Flow Management: • Displays the list of all current Flow entry in OF network, including Match Field, Instruction and other statistics. • Shows detailed flow service information and flow traffic and trend in flow entry detail page • Delivers History Flow Entry records flow entry used before to help administrators audit flow policy change • Provides shortcut to locate flow to topology show device and link status – IMC has an alerts and alarms built into the platform. Admins can configure alarms or alerts for SDN events such as controller exhaustion. • What type of management interface do you provide into your management tool? For example, is it based on REST? On something else? – The IMC platform provides over 220 RESTful APIs for management interfacing. – The IMC SDN Manager utilizes the REST interface for the controller, and SNMP/CLI for the OpenFlow-enabled devices. • What type of management interfaces do you provide into the network elements that are part of your SDN solution? CLI? SNMP? NetFlow/sFlow? Something else? – CLI – SNMP – NetFlow, sFlow, NetStream, IPFIX – REST • Describe the ability of your solution to monitor the network elements in your solution. Include in that description the key performance metrics that you monitor and report on. Also, can the performance data gathered by SDN switches (e.g., counters and meters) be integrated with data from traditional performance management tools based on sFlow and SNMP? – For the infrastructure devices—IMC provides the following: • Displays all the flow entries, counters, DPIDs, and other OpenFlow statistics per device • Helps locate OpenFlow devices within the network topology – Meter information • Displays the list of all device meters • Filters and queries meter by controller, switch etc. 13 Technical white paper | Mock RFI for Enterprise SDN Solutions • Unifies display for Meter, Meter bands and counter flow information • Provides a popup GUI configuration for Meter and Meter Band – Other metrics • OpenFlow resource consumption (CPU, memory, etc.) • SDN metrics gathered by controller • SNMP and sFlow data from switches – This information can be available on the home page which can be configured to display performance information from traditional and software-defined networks. • How does your SDN management solution learn the end-to-end physical topology of the network? Is it possible for service assurance solutions, such Root Cause Analysis (RCA) to access this topology? Can defined virtual networks be mapped to the underlying physical network elements for RCA and performance analysis? – The SDN controller contains topology information of the devices within its domain. IMC queries this topology information from the controller and displays it along with the traditional topology to complete discovery across hybrid environments and present a full physical view. Additionally, The VAN SDN Manager can display logical views by DPID, Controller, Path, etc. Figure 4. OpenFlow topology in IMC – Root Cause Analysis is built into the IMC platform. In terms of support for fault troubleshooting, the following information is presented in IMC. • Faulty link/device positioning • Display affected hosts and corresponding flow entries • Flow Path analysis for root-cause detection. • Automatic analysis for each node including matching fields, input/output, and other parameters to determine the problems root cause – VAN SDN Manager displays the physical topology and the logical topology of the OpenFlow network. VAN SDN Manager provides easy methods quickly to locate and view network resources, configure OpenFlow instances and service flows. • Shows device link, utilization, and terminal nodes accessed • Spreads service flow link from physical link, and do real-time monitor flow status • Provides entrances to detailed flow entry information based on topology link and nodes 14 Technical white paper | Mock RFI for Enterprise SDN Solutions • Describe how the solution can monitor the messages that go between the SDN controller and the SDN switches. – By monitoring specific counters from the controller, the VAN SDN Manager can determine if controller-switch messages are being lost. An event is generated if this occurs and the event is exposed through the REST interface. – Also, VAN SDN Controller gathers statistics on the OF messages to and from the switches. IMC displays these statistics. • Describe the visualization functionality that your solution provides for a hybrid SDN network that is comprised of both physical network elements and virtual network elements. – Single Point-of-View for OpenFlow SDN and non SDN fabric • Displays device links, utilization, and nodes accessing the network • Visualizes service over physical and logical links for real-time monitoring Provides an end-to-end flow deployment from the physical topology • Relative to visualization, describe the ability of your solution to provide visualization of traffic flows and service quality. – Visualize service over physical and logical links for real-time monitoring of flow status Figure 5. OpenFlow path illustration • Describe the functionality that your solution provides for functionality such as access control and identity management. – IMC has two modules to support access control and identity management—User Access Manager (UAM) and TACACS+ Access Manager (TAM). These modules provide access control and enforce policy on wired and wireless networks. At this time, UAM and TAM do not extend the access control capability and identity management to OF access devices. • Describe the capability of your solution to audit, deploy and manage the licenses of applications or network services. – This capability is not yet available since HP SDN applications are not yet available. – Application licensing will be available in the next release of the HP VAN SDN Controller. – What is planned? • IMC-based software library • Ability to browse library, select and install SDN application(s) to the appropriate controller(s) • Application licensing and application metrics • Usage record and other licensing metrics 15 Technical white paper | Mock RFI for Enterprise SDN Solutions • Describe the reporting functionality of your management solution. For example, describe some of the key reports it produces and include appropriate screen shots. – Provide real time, historical statistics, and detailed reports that can be exported – OpenFlow service reports cover OF network asset, utilization, service flow statistic, fault statistic and terminal statistic etc., and provide service report by tenant, that are helpful for monitor, audit and capacity analysis – Includes reports by tenant Figure 6. Screenshots of sample reports • Describe how your solution provides event correlation and fault management for both the SDN component of a network as well as the traditional component of a network. – Full event management is provided by taking SDN/OF event from the REST interface of the controller and pushing them to the event system within the IMC platform. The platform has built in RCA capabilities that take into account the SDN/OF events. Additionally there is Trouble Analysis. This feature combines ping, traceroute, and OF counters, to troubleshoot a path. • Describe how your solution provides performance monitoring for both the SDN component of a network as well as the traditional component of a network. – IMC provides performance monitoring for traditional and software defined networks by detecting bottlenecks and other network problems including those related to CPU, memory, BW utilization, device response times and availability. TopN statistics enable the quick identification of the most loaded areas and devices in the network. The same mechanisms are used for SDN infrastructure. 16 Technical white paper | Mock RFI for Enterprise SDN Solutions Security Foreword: SDN poses both security challenges and security opportunities. The primary security challenge is to ensure that an attacker cannot compromise the central controller. In addition to securing the controller itself, all communication between the controller and other devices including switches, network services platforms and management systems must be secured. The SDN security opportunity is that, as asked about in the section on the SDN controller, that the solution supports security-oriented network services that provide enhanced security functionality. • For the controller, describe the measures that have been taken to harden its operating system and to ensure availability of the controller function. – The HP Virtual Applications Network (VAN) SDN Controller is designed to meet high availability requirements through a scale-out teaming model. The VAN SDN Controller can be clustered, so that if any one controller in the network fails, another in the cluster will take over. • Describe the authentication and authorization procedures that govern operator access to the controller. What additional physical and logical security measures are recommended? – Security is an important factor of our controller. It uses robust authentication and authorization methods so that SDN applications can interact with the controller while preventing unauthorized applications from gaining network access. Controller security delivers security at multiple levels; HTTPS is used for the REST API, and the authentication of users and applications is performed by way of the Keystone identity service. – The Southbound connections between the OpenFlow switches and the HP VAN SDN Controller are also secured and encrypted. • Describe how communications between the controller and other devices is secured by authentication and encryption (e.g., SSL/TLS). – Controller-to-switch communications are secured through the Transport Layer Security (TLS) encryption protocol, as specified in the OpenFlow standard. • What measures are available to deal with possible control flow saturation (controller DDoS) attacks? – Depending on the type of attack, different measures can be taken. One example could be to prioritize control traffic in order to avoid saturation. • What tests have been run to verify the effectiveness of the security measures that have been taken? Is it possible to see those test results? – All of our solutions have been fully tested and are supported. For more details please contact HP directly. An NDA may be required. • The opportunities SDN brings to security include the ability to implement network access control (NAC) and to recognize suspicious flows at the edge of the network. For example, suspicious flows can be directed to a series of virtual or physical security devices for detailed inspection and mitigation. If a problem is detected in the network, the attack can be blocked by diverting and isolating malicious traffic. Describe your SDN-specific security solutions that protect the edge of the SDN from intrusions and attacks. – The HP Network Protector SDN Application enables automated network posture assessment and provides real-time security across the network. HP Network Protector always-on security feature-set can be deployed across the campus and data center network infrastructure and delivers an exceptional protection against threats. – The HP Network Protector SDN Application leverages the HP VAN SDN Controller and OpenFlow to program the network infrastructure with security intelligence from the TippingPoint RepDV Labs database. All new flows and DNS requests are compared based on its reputation against the RepDV database. This feature effectively turns the entire network infrastructure into security-enforcement devices, providing unprecedented threat protection and visibility. • SDN can also potentially be used to police the behavior of end systems within the network. Describe any SDN-based solutions that are available both to detect the communications patterns of spurious traffic (e.g., botnets, spam, and spyware) from internal end systems and to block or quarantine the source. – The HP Network Protector SDN Application provides protection against 1 million malicious botnet, malware, and spyware threats. 17 Technical white paper | Mock RFI for Enterprise SDN Solutions SDN applications Forward: The primary value of a SDN comes from the business applications and network functions that run on top of the SDN. • What business applications run on top of your controller? Has the performance of those applications running on your proposed SDN solution been tested? If so, is it possible for The Company to see the test results? – Business applications can interact seamlessly with the VAN SDN controller through the extensive set of APIs. The software-defined network solutions now enable networks and applications, both exposing services and events through programmable interfaces, to interact and provide a holistic end-to-end solution. HP does not advocate embedding network state in applications, but rather leveraging application state information and communication context that is already being exposed as part of a Service Oriented Architecture (SOA). One example is HP Network Optimizer SDN Application for Microsoft® Lync. – All of our solutions have been fully tested and are supported. For more details please contact HP directly. An NDA may be required. • What network services applications run on top of your controller? Has the performance of those applications running on your proposed SDN solution been tested? If so, is it possible for The Company to see the test results? – Network services applications can interact seamlessly with the VAN SDN Controller through the extensive set of APIs. One example would be HP Network Protector SDN Application. – HP Network Protector SDN Application is able to stop threats before they reach your network. This application can be deployed across a campus or data center network to protect you from over 1 million malicious malware, spyware, and botnet threats. • One possible use case for Network Protector is the redirection of Domain Name System (DNS) queries from user machines to the Network Protector SDN Application running on the HP Virtual Application Networks SDN controller. Take, for example, a corporate user who was to click a link in an email: • First, the user’s DNS query would be sent to the local OpenFlow-enabled HP access switch • Second, the switch would forward the traffic to the HP Virtual Application Networks SDN controller via an OpenFlow rule implemented by the Network Protector application targeting DNS queries • Once the SDN controller receives the query, the Network Protector application jumps into action by checking the hostname against the HP TippingPoint DVLabs RepDV database of known threats • Finally, if Network Protector determines that the site is legitimate, the query is forwarded across the access layer switch. If Network Protector detects a threat, an unresolvable response is sent back to the client, the action is logged with HP ArcSight, and the user is prevented from accessing the threat – Network Protector can be used in any network environment where security is a concern, including the data center and cloud computing environments. HP envisions a network where Network Protector SDN Application can be implemented for unprecedented network visibility, event correlation accuracy, and security control. • How does your proposed solution implement network virtualization? Include in your answer whether overlays are used; what protocols are supported; how the tunneling control function is implemented. If virtual networks are defined by flow partitioning, describe which header fields are used and how the partitioning is accomplished. In a cloud environment with multiple virtual tenant networks (VTNs), is a controller or cluster of controllers dedicated to each VTN? Are hybrid solutions, such as overlay Network Virtualizing and flow partitioning Network Virtualization supported by your solution? – HP’s network virtualization solution is integrated with the OpenStack framework, based on the open-source Neutron interface to dynamically provide automated cloud services. Two levels of tenant isolation are provided: a private cloud scale VLAN-based solution designed to run on L2 networks (4k limit) and a scalable VXLAN-based solution that uses tunneling across an L3 network (16k limit). A single or clustered SDN controller is used to manage the entire provider network. Support for both open vSwitch (OVS) and the ESX VDS is provided. – HP’s Virtual Cloud Networking application is built onto the VAN SDN controller. This opens up the opportunity for additional SDN applications to interact with the virtual and physical network elements to respond to the needs of the provider or tenant network teams. The mapping of the physical (underlay) and virtual (overlay) networks onto a common control plane enables enhanced visibility and control. Note that the architecture still uses standard L2/L3 protocols in the fabric, using OpenFlow to enable enhanced security, traffic engineering, and monitoring/management options. 18 Technical white paper | Mock RFI for Enterprise SDN Solutions – For customers that prefer alternate network virtualization solutions, HP has created a federated architecture that enables third-party virtualization to take advantage of many of the same SDN capabilities. This solution is built upon: • Federation APIs between the HP VAN SDN Controller and VMware NSX network virtualization platform. • Unified physical and virtual visibility and intelligence with HP ConvergedControl SDN Application • Single pane-of-glass management tool with HP Intelligent Management Center (IMC) with SDN Manager and integrated VMware vCenter plug-in • The HP FlexFabric 5930 Switch to support the automated provisioning of the virtual network with VXLAN support – With VAN SDN and NSX federation, HP and VMware allowing—for the first time—the ability to: • Unify virtual and physical devices • Bridge virtual and physical networks • Simplify network lifecycle management • Deploy additional bandwidth rapidly • Provide end-to-end visibility into availability and performance • Enable rapid root-cause analysis and troubleshooting – Availability HP’s VCN application is included as a component of HP’s CloudSystem 8.0 release (1H 2014) and will be embedded into HP’s Cloud OS offering (2H 2014). The HP-VMware federated solution is also targeted for release in 2H 2014. • Does your network virtualization solution allow overlapping IP address and VLAN spaces? – Yes • What is the practical limit on the number of virtual networks that your proposed solution can support? Is there any testing that supports your response? If so, is it possible for The Company to see the test results? – The theoretical limit for VXLAN overlays can support over 16 million virtual networks vs. 4094 for traditional VLAN. Scaling targets for the VXLAN-based approach is likely to be in the tens of thousands of VMs at initial release for a single controller domain. – All of our solutions have been fully tested and are supported. For more details on real-world limitations please contact HP directly. An NDA may be required. • How does the network virtualization functionality that your proposed solution implements interface with network virtualization in a traditional network environment that is based on protocols such as VLANs? – The network virtualization solution can be implemented with both VXLAN and VLANs. The HP 5930 ToR switches also support bridging between VXLAN and VLANs. • Do you have any applications that can dynamically adapt network policy parameters such as QoS, rate-limiting, shaping, routing, etc.? – Applications can affect quality of service, rate-limiting, shaping and routing based on Northbound APIs. For more details about the Northbound APIs available please visit hp.com/go/sdndevcenter – One example would be the HP Network Optimizer SDN Application for Microsoft Lync. HP and Microsoft have demonstrated at the ONF an interesting Unified Communication (UC) proof of concept involving on-demand provisioning for a Lync session. The demonstration utilized the HP VAN SDN Controller and switches plus two software components: • Lync SDN API POC (MS) • HP Network Optimizer SDN Application for Microsoft Lync. – Lync uses the API to notify the Network Optimizer Application on the controller session details which it then uses to automatically provision the switches including QoS and securing network elements from attacks. – The solution dynamically engineers the network using real time usage and other criteria. The SDN controller can also work with the WAN to take into consideration WAN capabilities when provisioning a Lync session. – Please refer to figure 7—HP Network Optimizer SDN Application for Microsoft Lync SDN API Demo diagram. 19 Technical white paper | Mock RFI for Enterprise SDN Solutions Figure 7. HP Network Optimizer SDN Application for Microsoft Lync Active Directory, Exchange & SharePoint HP Network Optimizer SDN Application Lync SDN API POC HP VAN SDN Controller HP Server HP Server HP OpenFlow Switch HP OpenFlow Switch HP OpenFlow Switch Traffic Generator Traffic Generator User: James User: Linda • A possible feature of a SDN solution is to better satisfy the needs of an application in terms of the characteristics of the network service that are provided (e.g., latency, bandwidth, security). If this is a feature of your solution, please indicate in some detail how this is accomplished and how the application can make its needs known to the network. For example, if your answer is that the application signals the network via the Northbound API, provide some insight into how much detail the application developer needs to know about the network. Also, as part of the description indicate the time it would take for the network to adjust to the needs of a high priority application that is just beginning to initiate flows on the network. – See previous question for example. For more details on API and development best practices visit hp.com/go/sdndevcenter for the HP SDN SDK. Professional services Foreword: Given that SDN is a new way of implementing networking, some IT organizations may choose to use a professional services organization to help with one or more stages in the overall Plan, Design, Implement, and Operation (PDIO) lifecycle. The relevant services that IT organizations might use could be technology centric (e.g., developing SDN designs, testing SDN solutions), organization centric (e.g., evaluating the skills of the current organization, identifying the skills that are needed and creating a way to develop those skills) or process centric; e.g., evaluating the current processes and developing new ones. These services could be light-weight (i.e., the professional services organization provides limited support) or heavy-weight. They may also be consumed just as part of an initial rollout of SDN or they could be consumed over an extended period of time as The Company extends its deployment of SDN. • Describe your professional services organization. As part of that description include: The total number of people in the organization The number of people in the organization who are networking professionals The number of networking professionals in your organization who reside in each of the major theatres; North America; Latin and South America; Europe, Middle East and Africa; Asia and the Pacific Rim The number of networking professionals in your organization who have appropriate certifications and indicate which certifications they have. For example, you might have 500 employees in your organization that are CCIEs – HP Technology Services provides works with you to get the most value out of your technology investments, including where investments have an impact of people and process. That means getting the most out of these investments today—keeping the business up and running no matter what, as well as getting the most out of investments tomorrow. It also means aligning technology, people and process to business goals and proactively staying ahead, rather than just reacting and catching up. 20 Technical white paper | Mock RFI for Enterprise SDN Solutions – HP Technology Services is: • Proven: HP brings decades of experience, technology leadership, and deep industry experience, to help you solve your toughest challenges. But don’t take our word for it; just ask any HP customer. • Open: HP delivers solutions built on open systems. We’ve been at the forefront of open standards, and we lead the industry in their adoption. We design solutions for a heterogeneous world. • Modular: With HP, you don’t have to scrap your technology environment and start over. We design and build modular solutions, giving you the ability to start small and add components over time as your needs evolve. • Collaborative: It’s not just what we can do; how we do it is just as important. We work closely with you to bring out the best from both of us, to create solutions that are just right for your organization. • Innovative: We thrive on pioneering experiences you never imagined, and helping you solve problems on any scale. Our goal is to exceed your expectations. This is how we define innovation. We deliver innovation with a purpose. – Our core strengths include: • A strong history of innovation and industry leadership • People who are talented, committed, and passionate about our customers and about our company • Financial strength • The industry’s best and broadest portfolio • Market leadership in virtually every category where we compete, from the consumer to the enterprise • Unmatched reach and scale • One of the world’s most powerful brands, with a reputation that opens doors in any market worldwide Note HP does not disclose details on headcount in specific organizations. • Relative to SDN, there are a number of functions that must be accomplished at each stage of the PDIO lifecycle. For example, the planning stage for SDN could involve functions such assessing the current network’s capabilities or evaluating the value proposition of varying SDN solutions. These SDN functions could have a technology focus, an organizational focus or a process focus. For each stage in the PDIO lifecycle for SDN, indicate and describe the services that you provide for each of the three focus areas: technology, organizational, process. For example, in the planning stage you may provide a service with a technology focus. That service assesses the client’s current network capabilities. Include the deliverables of the service, the involvement needed from the client and any options associated with the service; e.g., can it be delivered in a lightweight fashion as well as a heavyweight fashion? As illustrated below, in order to enable The Company to do an accurate comparison of the responses that it receives to this RFI, first describe your planning services, then your design services, then your implementation services and finally the services you offer that are related to the ongoing operations of the network. Within each stage of the lifecycle, first describe the services with a technology focus, then those with an organizational focus and then those with a process focus. If one of your services crosses the boundary of a stage of the lifecycle or a focus area, note that in your response and include the description in the most appropriate place. Figure 8. SDN Services—Pragmatic path to achieve SDN vision Making people process and technology work Enterprise/IT alignment Full transformation lifecycle Capability model Automated flexible architecture Services innovation Future operating model Design implement support Practical experience 21 Technical white paper | Mock RFI for Enterprise SDN Solutions – HP’s SDN Services focus on taking a practical approach in working with customers at their pace to realize the benefits of SDN encompassing people, process and technology. – HP’s approach to transformational initiatives such as SDN is a proven methodology that is grounded in realistic and practical steps based on service innovation, lifecycle approach and project experience. – The approach uses HP tools and models to, align business and IT quickly and it standardizes components in an automated flexible architecture. A plan can then be built for a future optimal operational model. Critical to this plan is current state with respect to technology, management, governance, people, process and services, or in other words, the capability model. An estimate of the required effort and priorities can then be built. Another critical element is building the business case to get faster buy-in from senior management business stakeholders. – Design and Implementation can then be undertaken which leverages HP’s expertise and capabilities across the control, application and infrastructure layers. Figure 9. HP Software-defined network Services Managing through people, process & technology change Management Application SDN Architecture • Network Cloud Optimization Service • Transformation Experience Workshop • SDN Strategy & Roadmap Services • Virtual Network Protection Service • SDN Baseline Discovery • SDN Design, Implement Services • Network Infrastructure Optimization Services • Virtual Application Network Proof of Concept • Cloud-ready Networking Services Control Infrastructure Support Services – Planning Stage • Describe the planning services that you offer that have a technology focus. • Describe the planning services that you offer that have an organizational focus. • Describe the planning services that you offer that have a process focus. The following services focus on people (organizational), process and technology: • The Transformation Experience Workshop (TEW) is a proven approach to achieve the crucial enterprise/IT alignment necessary for any transformational initiative such as SDN, especially where there are clear people (organizational), process and technology implications with regards to the future operating model. The output of a TEW is a set of recommendations, initiative roadmap plus quick wins, that can then be further built out with respect to go forward plans. • Our SDN Baseline Discovery helps customers to create a factual understanding of the state of their current network, operations and processes and where SDN can positively impact network services to the business. • The SDN roadmap service helps you develop a comprehensive plan for integrating SDN within your organization, including financial and other impacts across six domains: network, security, infrastructure, applications, people/process and governance/finance. A modular collection of nine work packages provides a flexible stepwise approach, and gives you a clear, global SDN transition roadmap aligned with your business drivers and goals. As part of the SDN roadmap services, the SDN Release Strategy & Roadmap describes a path from the Customer’s current state to their future state on a company-wide scale and at a high level. The complex nature of the SDN transition requires a phased approach using discrete SDN releases across the domains. This process also takes into consideration individual IT refresh cycles and other specific restrictions and external influences. • In order to achieve a successful implementation of the developed strategy, HP strongly recommends providing support to C-level management. HP’s SDN planning services include an executive summary presentation to your key stakeholders. 22 Technical white paper | Mock RFI for Enterprise SDN Solutions – The Virtual Application Network (VAN) proof of concept (POC) assists IT staff with examining the benefits of implementing products defined within our VAN Framework in a carefully planned and proven way. This is a way of validating the plan from a technology perspective. – Management of change – HP Education Consulting delivers sustainable benefits through the HP Management of Change (MoC) methodology, as well as through extensive capability with other proven methodologies and tools. Our approach to MoC reflects both structure and flexibility: • Structure—Delivery of plan-of-change related activities, underpinned with methods and tools to implement and assess the impact of the changes. • Flexibility—The nature of the change may require altering the balance of effort and methods used, while still working within the overall program and delivery milestones. – The HP MoC services help you to: • Drive successful and timely implementation of projects by focusing on the people element • Communicate the objectives and benefits of the change effectively • Create employee acceptance and motivation • Manage and control all aspects of the training deployment during the entire change period • Deliver proficient use of new systems and processes • Enable the business in sustaining the changes – Design Stage • Describe the design services that you offer that have a technology focus. • Describe the design services that you offer that have an organizational focus. • Describe the design services that you offer that have a process focus. These services focus on all three areas: technology, organizational and process. The SDN IT Strategy and Architecture Service includes defining and reaching agreement on the underlying fundamental principles for your SDN architecture so that a high-level reference architecture can be developed based on these principles. The principles guide the strategy and design; consider people, process, and technology; highlight the impact from changes and interdependencies; and build a foundation for the upcoming decisions related to SDN. The principles will be developed using HP’s proven IT Strategy & Architecture (ITSA) methodology that uses four views: • The Business view (The Why) • The Functional view (The What) • The Technical view (The How) • The Implementation view (with What) Your high-level SDN Reference Architecture describes the essential elements of your future or desired state at a conceptual level, focusing on the key building blocks and how they influence each other. It is designed to become a living document, owned by the global IT architecture board. The SDN Release Strategy & Roadmap describes a path from the Customer’s current state to their future state on a company-wide scale and at a high level. The SDN Design Service uses your defined SDN architecture and develops a comprehensive set of design specifications you can use as a blueprint for transforming to SDN. Plus, we’ll analyze your current state and desired state, and then build a foundational strategy to help ensure you can successfully deploy SDN across the entire enterprise. – Implementation Stage • Describe the implementation services that you offer that have a technology focus. • Describe the implementation services that you offer that have an organizational focus. • Describe the implementation services that you offer that have a process focus. These services focus on all three areas: technology, organization and process The SDN Implementation service turns your SDN strategy into reality. Drawing on more than 40 years of experience working with multivendor infrastructures, we help get your SDN environment up and running quickly and efficiently by supplementing your IT staff with the expertise necessary to achieve a successful transition. You get: • Professional project management of the end-to-end integration and deployment • Pilot and testing • Staging and distribution for large-scale deployments • Installation and configuration • Integration 23 Technical white paper | Mock RFI for Enterprise SDN Solutions • Troubleshooting • Acceptance testing • Training • Release to production – Ongoing Operations Stage • Describe the services that you offer that are related to ongoing operations that have a technology focus. • Describe the services that you offer that are related to ongoing operations that have an organizational focus. • Describe the services that you offer that are related to ongoing operations that have a process focus. Figure 10. The HP Datacenter Care for SDN service – These services focus on all three areas: technology, organization and process. – HP Datacenter Care is our most flexible and comprehensive support offering that will help you create optimized operational procedures. HP works in partnership with you to provide end-to-end support tailored for your existing IT environments as well as to help you evolve to the future. HP Datacenter Care is made from “building blocks” of services, each tested and delivered globally. These can be combined to meet a customer’s specific needs, and are monitored and updated to change as the needs change. The service starts with the core building blocks of relationship management, optimum call handling, proactive and reactive support. – The HP Datacenter Care for SDN service provides end-to-end support of the complete SDN solution. This includes OpenFlow hardware, SDN controllers and HP/3rd Party SDN applications. The service offered is flexible and can be tailored to specific needs. – Simplify the complexity of your SDN support environment with: • One point of accountability, contact, and responsibility for HP and other vendors’ products • One number to call for support • One contract to negotiate • One source of expertise to support and evolve your SDN Solution • Improve agility, scalability—react at the speed of business – Proactive services to anticipate and prevent outages • Remote monitoring of hardware and applications • Firmware analysis and recommendations 24 Technical white paper | Mock RFI for Enterprise SDN Solutions Value added Forward: In addition to asking prescriptive questions such as the questions in the preceding sections of this RFI, it is important to also ask some broad-based, fairly open-ended questions about The Vendors and how they are approaching SDN. • Describe the unique value-add that your company and your solution provide. – HP’s unique value add in SDN really stems from our strategy of network simplification enabled through: • Open standards based approach • Product Innovations • SDN partner ecosystem • SDN App Store & SDK • Professional Services, Training, & Certification – HP launched our SDN ecosystem at hp.com/go/sdndevcenter along with an SDN software development kit to help ignite innovation. Figure 11. HP SDN open ecosystem Enterprise Ready SDN App Store Powered by HP All SDN-enabled Devices SDN App Store Open Powered by HP Simulate & Validate Develop SDN SDK SDN Developer Kit Simple Open Innovation Partners Overlay VXLAN, NVGRE Underlay Collaborate Campus, Branch & Data Center Design Implementation & Support Services Switching & Routing Over 25 million ports 25 Technical white paper | Mock RFI for Enterprise SDN Solutions – In addition, HP is helping IT departments start on the SDN journey by offering SDN specific learning and certifications: Figure 12. HP Learning & Certification journey Prepare • Understand your network & SDN • Start now with OpenFlow, SDN SDK Engage • Take SDN architecture & deployment certification • Take SDN application development certification Deliver • Deploy SDN applications • On-going SDN learning • What are your key partnerships? What value do they bring to The Company? – HP’s SDN ecosystem includes many partners. These partners add value to our SDN solutions in a variety of ways with their own solutions that interface with our open, interoperable approach. Figure 13. HP SDN ecosystem Open ecosystem delivered by HP SDK and SDN App Store 26 Powered by HP SDN App Store SDN SDK Powered by HP Technical white paper | Mock RFI for Enterprise SDN Solutions • What is your company’s roadmap for how your SDN solution will evolve over the next two years? Include in your answer the major components of this RFI: Solution Architecture; SDN controller; SDN Infrastructure; Management; Security; Network services and applications. – HP views SDN as a journey for customers and has developed an increment approach that provides investment protection while offering best in class solutions. The diagram below provides guidance on what customers can do now and over the next several years: Figure 14. SDN journey 2016 2015 2H14 1H14 Now Now Deploy SDN enterprise-wide Develop more SDN application using SDN SDK Test and deploy more HP & Partner SDN applications Deploy SDN Controller & SDN applications from HP SDN App Store Create a Lab with HPN VAN SDN controller & applications Use the SDN Learning Journey and Certifications to gain new skills Deploy FlexNetwork OpenFlow-enabled and overlay-enabled switches and routers Schedule a Transformation Experience Workshop with HP Technology Services – For specific roadmap details please contact HP directly. An NDA may be required. • How does your company’s strategy provide flexibility and choice as the SDN ecosystem evolves? – HP’s standards based approach provides solutions that are open and interoperable. This help customers avoid vendor lock-in. – HP continues to participate and lead in many different standards bodies and group including but not limited to Open Networking Foundation, ETSI, and OpenStack amongst others. Sign up for updates hp.com/go/getupdated Share with colleagues Rate this document © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein. Intel logo is a trademark of Intel Corporation in the U.S. and other countries. Microsoft is a U.S. registered trademark of the Microsoft group of companies. Java is a registered trademark of Oracle and/or its affiliates. 4AA5-1162ENW, March 2014
© Copyright 2024