You'd be forgiven for thinking that SDN and Network Virtualization are just two different names for the same basic process. Both terminologies describe a process whereby physical appliances — wires, switches, and routers — are turned into abstractions, made of and controlled by software.
While SDN has been getting a lot of attention in the world of tech, Network Virtualization is a distinctly different technology that has gone more or less under the radar. Here's how the two technologies differ and the main differences between NFV vs. SDNs.
The Difference Between Network Virtualization and SDN
SDN, by its nature, involves taking important compute functions out of what were formerly physical appliances, such as switches, modems, and routers, and placing them into a centralized control plane. The physical appliances still exist, and they still forward packets along, but the decision as to where these packets get forwarded gets handled by one or more separate applications. In general, this leads to a more flexible network that's controlled by less expensive hardware.
Network Virtualization is different. A good working example of Network Virtualization is a public data center. There, you have multiple companies hosting separate applications on the same set of servers. It's important that there be no overlap between these applications — data intended for one company should not be seen by another organization. Network Virtualization is able to solve this problem.
- First, as in a normal private data center, each server is connected to every other server
- Some servers are designated as virtual routers, and Ethernet switches are used to control traffic between them
- Although all servers are theoretically capable of communicating with each other, Network Virtualization routes designate traffic only through individual segments belonging to separate companies and applications.
In a nutshell, SDN has more to do with active network control, while Network Virtualization has more to do with passive network design. Although both technologies have their place in the data center, Network Virtualization is a key component of both security and compliance strategies.
Network Virtualization for Security and Compliance
Network Virtualization essentially turns what's known as a "flat" network into a segmented network. Segmented networks are much more secure than flat networks. Flat networks don't have any separation between critical files and databases and non-critical subsystems. Attackers can easily compromise a flat network by accessing a weakly defended system and gain access to critical areas. This was the case during the historic 2013 Target breach, when attackers compromised an HVAC system and got access to the store's credit card processing systems.
Preventing attackers from easily breaching your network is a great reason to adopt Network Virtualization on its own. Network Virtualization also has important compliance implications, however. PCI-DSS audits, for example, only scope in those network segments that contain credit card data. If your network is flat, then that segment comprises your entire network. If your network is segmented, then only the small segments that contain critical information are subject to audit. These small segments are much easier to defend in a compliant manner.
NFV vs. SDN: Implement Network Virtualization with Edgewater Networks
Companies need to implement Network Virtualization functions quickly and cheaply in order to defend their networks. Edgewater Networks offers a path forward. Using our Edgeview Service Control Center, users can view and manage all voice and data traffic across an entire network. This makes it easy to setup and manage Network Virtualization, while adding real time analytics and alerts. Learn more about Edgewater Networks and the EdgeView Service Control Center by watching our on-demand webinar, "What Network Edge Orchestration Really Does, As Told by Users."