Operating a complex network can be like playing Jenga in the dark. It’s hard to see what you’re doing, and you know touching the wrong block will bring the whole thing down.
Two startups, Veriflow and Forward Networks, think they’ve found a way to shine a light into the network and take the stress out of making changes. And both these companies may provide the foundation to start climbing toward real software-defined networks.
Veriflow, which announced the general availability of its product this week, makes software for continuous network verification to help organizations prevent network outages, improve reliability, and meet compliance requirements.
Here’s how it works. The company’s software examines the CAM and ACL tables from network devices to get a picture of the configured state of the network. The software gathers information from physical and virtual routers and switches, as well as firewalls and load balancers.
From there, it can map how a packet will flow through the network. By understanding how the network behaves, it can compare this information against policies to see if a stated policy can actually be enforced by the network. The software collects device state at regular intervals to keep abreast of ongoing changes.
Note that the software isn’t looking at live traffic. Instead, it uses algorithms to determine if the system is configured to meet operator expectations.
For more details about its software, see a previous post I wrote about Veriflow.
“The analogy is to continuous integration,” said Brighten Godfrey, CTO and co-founder. “When you check in code it goes through tests to make sure the code is bug free. We’re doing continuous integration for networks.”
The company isn’t alone in this space. Another startup called Forward Networks came out of stealth this week promoting a similar approach using algorithms and mathematical models to predict network behavior.
Marcia Savage at Network Computing described it this way:
“Called Header Space Analysis, the technique builds a model for predicting packet forwarding behavior on a network after collecting configuration and state data from network devices.”
Start With A Base Camp
How are these startups different? Honestly, I don’t know. I’ll have to do more digging to find out.
But both companies have identified a significant opportunity. Complexity and a lack of visibility are holding back organizations from building out the ambitious and highly automated infrastructures promised by the “software-defined” industry.
(There’s also a lot of other things holding us back, including but not limited to immature products, high costs, and training, but that’s another discussion.)
In my opinion, companies such as Veriflow and Forward Networks will build the base camp for more machine-driven, rather than hand-curated, networks.
That’s because these companies can help solve existing problems with the way networks are run, and they do it without you having to buy a metric ton of new equipment or retrain all your engineers as programmers.
And once organizations get a better degree of visibility and operational stability, they may be better prepared to make the long and difficult ascent toward the pinnacle of SDN.