Tuesday, September 16, 2014

Northbound applications on SDN controllers

Computer applications make our lives easy and cater to a specific task or need. In SDN's context, the applications can bring ease and comfort for the network/IT administrators. This blog post describes the northbound applications used over various SDN controllers. The applications range from network management, monitoring, security, QoS etc.

The application development on SDN controllers is taking place through multiple models. Some vendors(SDN controllers) make their own applications, some collaborate with others to create a joint solution, some just outsource it and some are putting in efforts to create an ecosystem by publishing APIs on which programmers like us can create innovative applications. Many applications are available on github as scripts for vendors like Cisco, Ryu, Floodlight etc.

After reading through a lot of controllers and northbound applications, I have tried to summarize it as given below.

HP VAN Controller

  • HP Network Protector SDN Application: The Network Protector SDN Application, running on the HP Virtual Application Networks (VAN) SDN Controller, enables automated network posture assessment and real-time security across OpenFlow-enabled network devices. There is no need for dedicated appliances as the security application is deployed as software.

  • HP Network Optimizer SDN Application Series: The HP Network Optimizer SDN Application for Microsoft Lync enables automated provisioning of network policy and QoS to provide an enhanced user experience.
  • BlueCat DNS Director: BlueCat DNS Director provides you with programmatic control of your DNS services to prevent DNS tunneling, and secure application access for central DNS security, globally delivered.
  • ECODE evolve™:  ECODE evolve™ is a suite of tools to facilitate dynamic network design, provisioning, simulation and automation leveraging the power of SDN. It empowers you with dynamic, real-time network designs. You can safely modify and test the designs, and then have it automatically deployed in a production environment.
     
  • The F5 BIG DDoS Umbrella: The F5 BIG DDoS Umbrella, powered by the HP VAN SDN Controller solution allows you to implement network, application, DNS, and SSL DDoS protection near the network edge.
  • GuardiCore Defense Suite: The GuardiCore Defense Suite adds a new layer of defense through automatically preventing targeted attacks from within the datacenter where it is most vulnerable.
  • KEMP Adaptive Load Balancer App: Provides an end-to-end visibility of network paths for optimal routing of applications across the server and switching infrastructure.
  • Hyperglance: Hyperglance is a Hybrid Cloud and SDN management platform that provides visibility of your whole topology and all flows in a scalable 3D environment to easily interrogate switches and interfaces and set up and take down flows
Juniper Contrail

  • Junos Space Security Director: It helps organizations improve the reach, ease, and accuracy of security policy administration with a scalable, GUI based management application.
  • Junos Space Services Activation Director: It ensures error-free service provisioning and monitoring of legacy Carrier-Ethernet and MPLS using a simple interface to design, validate and manage these services.
  • Junos Space Network Director: It simplifies network operations by unifying wired and wireless management for complete life-cycle of management of campus and data center networks from a single pane of glass.
  • Junos Space Service Now: It is a remote, automated trouble-shooting client that enables Juniper to quickly identify a problem in the customer's network to achieve a 40% increase in Day 1 issue resolution. Comes with the Junos Space Network Management Platform.
  • Junos Space Service Insight: It reduces network downtime by delivering proactive bug notifications specific to your network configuration, and thorough automated end-of-life/support analysis where you can do complete EOL auditing across 100's of devices in seconds. Comes with the Junos Space Network Management Platform.
  • Junos Space Content Director: It speeds and simplifies deployment and configuration of Junos Content Encore through the network, with a centralized caching management solution that scales to manage hundreds of caches from a single server.
  • Junos Space Virtual Director: It automates instantiation of Virtual Machines for Juniper's virtual security services supporting fast and error-free service rollout.
FloodLight Controller
  • Circuitpusher: It utilizes floodlight rest APIs to create a bidirectional circuit, i.e., permanent flow entry, on all switches in route between two devices based on IP addresses with specified priority.
  • packetStreamerClientExample.py: Allows you to intercept packets from floodlight's packet_in processing chain and read them.
  • graphDeps.py and graphTopo.py: Read the module dependencies (graphDeps.py) or the topology from the REST API and output it in the 'dot' format used by the popular graphviz (www.graphviz.org) package so that they can be visualized.
  • DefenseFlow by RadWare: It programs networks for DoS security, providing network-wide attack mitigation services, providing defense against any DDoS attack.
Ryu Controller

  • cbench.py: A dumb OpenFlow 1.0 responder for benchmarking the controller framework.
  • simple_switch: An OpenFlow 1.0 L2 learning switch implementation.
  • simple_isolation: MAC address based isolation logic.
  • simple_vlan: VLAN based isolation logic.
  • gre_tunnel: Flow table updater for OpenStack integration. Despite of the name, this isn’t GRE specific.
  • tunnel_port_updater: This module updates OVS tunnel ports for OpenStack integration.
  • rest: This module provides a basic set of REST API.
  • rest_quantum: This module provides a set of REST API dedicated to OpenStack Ryu plug-in.
  • rest_tunnel: Provide a set of REST API for tunnel key management. Used by OpenStack Ryu plug-in.
  • quantum_adapter.py: Listen OpenFlow port status change notifications from switches. Consult ovsdb to retrieve the corresponding port uuid. Notify relevant parties, including quantum (via Ryu plug-in) and Ryu applications. (via Ryu Events)
  • rest_conf_switch.py: This module provides a set of REST API for switch configuration.
  • rest_qos.py: Enable queue setting to interface individually
  • topology: Switch and link discovery module.
Cisco (Scripts available on github)

  • NexusDash: A Django based monitoring web dashboard for Nexus machines. Simply drop-in the app and go!
  • interface_rate_n7k: This script prints interface throughput/packet rate statistics in an easy to read list format
  • link_monitor_nexus7000.py: Goal of this script is to monitor a set of interface status and act upon another set of interface status.
  • cdp_description.py: This script add description to interfaces based on "cdp neighbors" information.
  • crc_checker_n7k.py: The following python script checks for CRC errors on all interfaces.
  • link-state-monitor: This Script,
    • Shuts down all the interfaces mentioned in the –a options, when all the interface mentioned in –m option is down
    • Brings up all the interfaces mentioned in the –a options, when at least one of the interface mentioned in –m option is back up
  • ABM-Beam: It sends out Active Buffer Monitoring histogram for all the ports and the buffer-blocks over UDP.
  • PyMonitor: Buffer monitoring
  • hadoop-integration: Integration with hadoop
  • vlan-add: This script will prompt the user to enter a VLAN ID to be created on multiple switches.
Nicira/VmWare NVP
  • Security Services (Network Security, Threat Protection, Firewall, Anti-virus, IDS, IPS , Vulnerability Management, Security Operations.): Through partnership with Intel, Palo Alto Netoworks, Next Gen Security, PAN-NSX, Rapid 7, Symantec,and Trend Micro.
  • Application Delivery Services(Load balancing, application delivery controllers, WAN optimization controllers): Through partnership with F5, Citrix.
  • SDDC Operations and Visibility Services(Network operations, security operations, application and network performance monitoring/management, compliance management, infrastructure analytics, cloud management): Through partnership with  EMC Smarts, Riverbed Cascade, Gigamon, Tufin.
NetSocket vFlow
  • vApps :Many third party products/applications are listed under vApps. 
Italtel SBC
  • It is designed to support different virtualization technologies, including VMware, Linux KVM and MS System Center, and can be managed by different/multiple Cloud Orchestrators.

Posted by at
Labels: , , , , , , , , , , , , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)