Cisco, VMware take SDN battle to policy arena

major vendors are taking the game to a higher level than configuration management of forwarding devices through a decoupled controller

The focus in SDNs and programmable networking is shifting to application policy, an area where vendors can instill their unique architectures and maintain customer dependency.

As more software-defined networking moves to open source software and bare metal switching based on merchant silicon, major vendors are taking the game to a higher level than configuration management of forwarding devices through a decoupled controller. Application policy is an area where they can continue to influence customer deployments and seed them with custom ASICs and interdependent software, bypassing the disaggregated hardware/software mode SDNs encourage.

"Application infrastructure policy becomes the next battlefield," said IDC analyst Brad Casemore at the Interop trade show and conference. "Open systems as a competitive proxy is not present here. It's vendor value-add."

+MORE ON NETWORK WORLD: Cisco reveals OpenFlow SDN killer | Complete list of stories from Interop 2014 +

Cisco, perhaps the vendor with the most to lose from the decoupled, disaggregated SDN model, is leading the charge towards application policy infrastructures with its Application Centric Infrastructure (ACI) fabric, Nexus 9000 switching line and OpFlex policy protocol. ACI is intended to maintain network intelligence in the switches and routers themselves by abstracting application policy instead of network infrastructure, and allowing the network to self-configure to adhere to and enforce those policies.

Implementation of the full ACI fabric depends on custom Cisco ASICs in the Nexus 9000 switches -- Cisco also uses Broadcom Trident II merchant silicon in them -- for VXLAN routing, and the OpFlex protocol is the southbound mechanism by which those policies are delivered to the infrastructure. In the application policy context, OpFlex is analogous to the open source-based OpenFlow protocol in the decoupled control/forwarding SDN architecture embraced by much of the networking industry.

But to acknowledge industry appetite for SDN openness, Cisco is submitting OpFlex to the IETF and the OpenDaylight open source SDN consortium, and is also contributing to the ACI Group Policy model and northbound API to OpenDaylight.

"Open source is a competitive advantage now," said Lauren Cooney, Cisco senior director of software strategy in the Chief Technology and Architecture Office. "It's a great way to interoperate among vendors and extend contributed code."

"Innovative and open companies make more money," Cooney said.

But Cisco is a founder of OpenDaylight, and many consider the vendor to be influencing the direction OpenDaylight takes so it's aligned with Cisco's own product development objectives. Indeed, OpenDaylight co-founder IBM, which is endorsing OpFlex along with Microsoft, F5, Citrix, Red Hat and Canonical, appears to be following Cisco's lead rather than co-piloting the consortium as it wrestles with its own SDN strategy. Observers have noted that reports surfaced earlier this year that IBM is shopping around its SDN business.

"IBM and Cisco don't share the same objectives in OpenDaylight," said IDC's Casemore during a breakfast briefing hosted by the market research firm. "Various vendors are jockeying for position in submissions and product roadmaps."

IBM says any sense that it is taking a back seat to Cisco in OpenDaylight is off target.

"We are actually increasing our involvement and have many new IBM engineers on the project," says Inder Gopal, vice president, networking development and technical strategy at IBM, and an OpenDaylight board member. "The total number of IBM engineers involved with (OpenDaylight) is larger than it has ever been. The SDN work in IBM is now closely aligned with our cloud systems work, making it central to IBM strategy. And the (OpenDaylight Technical Steering Committee) is very much a meritocracy. New elections will shortly open up TSC seats that will be directly elected by community members. And many other platinum members such as Brocade and Red Hat have stepped up their engagement in a major way. To portray this as a parochial Cisco effort is quite unfair and does not do justice to the dedication and passion of the hundreds of engineers who are working to create a true open source platform that can be of immense value to the industry."

VMware is also a member of OpenDaylight but a rival of Cisco's in SDNs, network virtualization and now, application policy infrastructure. VMware and its partners are spearheading an OpenStack project called "Congress" that is focused on declaring, auditing and enforcing policy in heterogeneous cloud environments.

Congress is intended to provide policy as a service across any collection of cloud services in order to offer governance and compliance of those services with business-level policies. Even though Congress is an OpenStack effort, vendors will compete to add value on the open-system model by developing the application policy engine and how it defines relevant communication with and instruction to the infrastructure, Casemore said.

Congress is expected to be explained further at the OpenStack Summit May 12-16 in Atlanta. VMware plans to use it as a base for its policy engine and analytics, sources say.

Once Congress is launched, the table will be set for an application policy infrastructure showdown between Cisco and VMware, raising the stakes from network virtualization for configuration management to automating the infrastructure for business policy.

"Once you own policy you own the account," said one VMware source.

Jim Duffy has been covering technology for over 28 years, 23 at Network World. He also writes The Cisco Connection blog and can be reached on Twitter @Jim_Duffy.

Read more about lan and wan in Network World's LAN & WAN section.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags NetworkingciscoLANLAN & WANSDNInterop 2014

More about BroadcomBrocade CommunicationsCiscoCitrix Systems Asia PacificF5IBM AustraliaIDC AustraliaIETFInteropLANMicrosoftRed HatTechnologyTridentTSCVMware Australia

Show Comments