Software-Defined Networking and Intent-Based Networking

Background

Traditional networking has been recurrently addressed in the literature as somewhat outdated due to the limited functionality that could not escape dedicated equipment. For instance, Hadi et al. (2018) mentioned that the majority of functionalities offered within traditional networks were included in the hardware. The utilization of Application-Specific Integrated Circuit (ASIC) allowed many system administrators to customize their networks to a certain extent to be able to make the most out of available functionalities. Nevertheless, the key problem with legacy networks is that they require a lot of time to be set up properly and avert the end-users from human errors and their devastating consequences for performance and security.

With so many complex processes at hand, many organizations strived to find an opportunity to update server configuration without any human intervention. The availability of the network and existing VLANs can hardly be managed by network administrators because they require constant attention and monetary investments (Kim & Park, 2021). Therefore, the network becomes way more susceptible to hacker attacks and end-user negligence. This is why traditional networking has to be augmented with the help of software-defined networking and intent-based networking that are aimed at achieving network growth and fewer cases of human intervention.

Software-Defined Networking

Software-defined networking (SDN) represents a network architecture that can be utilized to separate the control and data planes. This would give improved access to switches and routers while also proposing a much more open system to vendors and developers. In a sense, SDN creates room for back-to-back communication between the hardware and commands and logic included in the architecture (Bera et al., 2017). With SDN, the idea is that a device-centric configuration on every switch or router could help the system administrator make changes to the network without affecting it in real-time. For instance, there are OpenFlow standards that create room for network transformations and positively affect the degree of security and speed within the network (Restuccia et al., 2018). Such open protocols are necessary to manage control planes and achieve a certain level of precision in network-related decision-making.

The key strength of SDN relates to the fact that all areas of the network can be quickly assessed by engineers via a high-level view that also allows modifying the network in certain ways. The essential benefit of this architecture is improved control over the network and enhanced digital security (Restuccia et al., 2018). Efficient changes can be introduced without any limitations since there will be a centralized outlook on the network that does not require managers and administrators to conduct lengthy network analyses. For instance, a malware outbreak could be easily stopped with the help of SDN paired with OpenFlow, as the control plane would be centralized and provide a chance to access multiple switches and routers at the same time (Bera et al., 2017). Accordingly, SDN represents a powerful tool because it focuses on network security and enables system administrators to change certain elements of the network quickly. Nevertheless, the speed and efficiency of SDN still have to be viewed as limited due to several challenges that can be associated with this architecture.

There are also security concerns that have to be addressed before implementing the SDN architecture and exploiting it in the face of innovative technologies that continue conquering the world. The essential challenge that should not be overlooked is employee awareness regarding how controllers evolve and what kind of capabilities they give to end-users. For example, if the controller cannot be secured, the whole network will be in danger since switching and routing depend on how the control panel remains active (Tsai et al., 2018). In the case where an attacker gains access to the controller, auditing and reporting features will be destroyed easily, with lots of sensitive information being lost to the wrongdoer. The lack of a proper configuration would lead the network to a complete meltdown resulting in malicious attacks becoming the new norm for the organization. Central control over the network is a problem that cannot be ignored or postponed in an attempt to find a better solution to improve filtering and log all the changes occurring within the network (Bera et al., 2017). Custom events may be hard to track within the system, especially with the ever-changing policies and improved hacker attacks.

Overall, it may be safe to say that SDN is a quickly growing technology that can be utilized by information technology administrators to oversee the enterprise network and achieve detailed security with all the essential capabilities on the list. Nevertheless, the presence of challenges that can be generated through the interface of centralized management creates multiple obstacles that make it imperative to spend more time and money to improve security around the controller (Tsai et al., 2018). Given that the system is not going to exist without its brain, it should be noted that proper security for the controller may be hard to achieve due to specific vulnerabilities that come with SDN. Even accidental changes could give severe damage to the network, especially with the network going down due to improper deployment or the lack of employee experience with SDN implementation. The management of SDN presupposes that a network is designed with an eye to security and all the little details that could be exploited by hackers.

Intent-Based Networking

The notion of intent-based networking (IBN) revolves around the notion of a network management platform that would provide network administrators with an opportunity to set up the network in accordance with the organizational expectations and implement every required technology to follow suit. Therefore, IBN represents a framework that establishes the connection between the administrator and the network where responses are obtained in real-time (Rafiq et al., 2020). The so-called ‘intent’ may be acquired at the service level when the administrator defines the required actions and outcomes. The notion of algorithmic validation included in IBN helps network administrators to evade any manual configurations or translations and focus on the process of automation instead. The lack of systematic tactics when addressing the field of network administration turns IBN into an inevitably beneficial instrument. Yet, existing approaches are still affected by latency issues, load unbalancing, and the inability to attain power-saving methods (Wei et al., 2020). When an IBN system is applied to a network, it is expected to provide network administrators with the capability to monitor network activities in a continuous manner and validate the system from time to time.

There are quite a few upsides to the utilization of IBN that can be seen as inextricable and practical. The essential benefit is that IBN translates commands and leaves system administrators able to reduce the number of manual tasks that can be performed to keep the network intact. The association with artificial intelligence and machine learning serves as another serious advantage since manual network configuration may be way more damaging than valuable (Wei et al., 2020). All the repair and formation work completed by automated IBN instruments could eradicate human error and improve the quality of the network. Another reason why IBN has to be viewed as a powerful instrument for the administrators is the access to improved security measures that are established via monitored threats and traffic encryption (Rafiq et al., 2020). All restrictions and violations become restricted and acknowledged in real-time, with most of the applications being protected proactively and security databases updating rather often. The capabilities of the network are also improved drastically because of the constant data collection that turns into better-quality network performance. The low operational costs and response times also have to be considered when reviewing the upsides to IBN.

Unfortunately, IBN does not only provide network administrators with never-ending benefits, as one of the key challenges that organizations have to meet is a rather complex design that includes a multitude of network components, operating systems, and environments. On the other hand, the proper functioning of IBN has to be achieved by means of constant validation and verification procedures that are somewhat costly and require additional time to be allocated (Wei et al., 2020). Another problem that might have to be resolved when implementing IBN is the system’s success rate that depends on the API. An incorrectly picked intent could hinder any of the performance testing attempts for the organization, as the process is going to slow down with no guidance. On the other hand, IBN may be less secure than SDN in some cases because of weak machine learning and artificial intelligence algorithms (Rafiq et al., 2020). The capability to filter web traffic is also affected by the challenges related to firewall and the lack of up-to-date security measures.

Virtualization and Back-End Infrastructure

The notions of virtualization and back-end infrastructure go hand in hand within the framework of modern network setup. One of the main reasons why virtualization is so important is the possibility to decrease the cost of ownership and facilitate the process of network management through simplifications. The functioning of desktop virtualization paves the way for virtual machines to be reached by end-users through the interface of a remote central server (Enes et al., 2018). This form of server-user communication is rather powerful because it provides administrators with multiple opportunities for personalization and makes centralized management much easier.

A variety of network connections may be addressed by the users and the administrator to help end-users establish a virtual connection to the desktop from any given location. This is a serious advantage because information technology admins get the possibility to control the network and manage available resources in a much more meaningful manner (Morabito et al., 2018). This is where back-end infrastructure plays its role because administrators set up everything there and prepare the system for the implementation of virtualization. If the system is set up incorrectly in terms of its back-end, there will be numerous issues linked to network administration.

Links between SDN and IBN

One particular idea that has to be mentioned when discussing the association between SDN and IBN is that the latter is a much younger concept that is based on SDN. Therefore, the idea should be to take the best from both these approaches instead of trying to pick the best one, as they are not intended as mutually exclusive replacements (Restuccia et al., 2018). The main reason for taking both SDN and IBN into consideration is that they serve the same purpose and cover each other’s downsides when used in conjunction. One important factor to consider when discussing the role of IBN is its capability to execute commands and bring required changes to the network. According to Rafiq et al. (2020), most of those benefits can be achieved with the help of automation tools included in the IBN bundle that assists administrators in configuring the network and preparing it for new transformations.

SDN, on the other hand, resembles an architecture that may be utilized to improve the scalability of the network and establish a centralized management approach to the virtualized network. SDN can be significantly improved through the interface of IBN because intent represents the opportunity to achieve desired outcomes via network setting and business determination (Bera et al., 2017). Different abstractions can be translated into SDN architecture to improve network management and bring more network functions to the table. It may be safe to say that SDN is much of a building block for the network, while IBN represents an instrument intended to enhance the scalability of the system. Also, an association between IBN and SDN might create a network where future changes are expected and nurtured instead of being improvised and costly.

References

Bera, S., Misra, S., & Vasilakos, A. V. (2017). Software-defined networking for internet of things: A survey. IEEE Internet of Things Journal, 4(6), 1994-2008.

Enes, J., Cacheiro, J. L., Expósito, R. R., & Tourino, J. (2018). Big Data-oriented PaaS architecture with disk-as-a-resource capability and container-based virtualization. Journal of Grid Computing, 16(4), 587-605.

Hadi, M. S., Lawey, A. Q., El-Gorashi, T. E., & Elmirghani, J. M. (2018). Big data analytics for wireless and wired network design: A survey. Computer Networks, 132, 180-199.

Kim, N. W., & Park, J. S. (2021). A case study of the implementation and verification of VLAN-applied network based on a five-step scenario. The Journal of the Korea Institute of Electronic Communication Sciences, 16(1), 25-36.

Morabito, R., Cozzolino, V., Ding, A. Y., Beijar, N., & Ott, J. (2018). Consolidate IoT edge computing with lightweight virtualization. IEEE Network, 32(1), 102-111.

Restuccia, F., D’Oro, S., & Melodia, T. (2018). Securing the internet of things in the age of machine learning and software-defined networking. IEEE Internet of Things Journal, 5(6), 4829-4842.

Rafiq, A., Afaq, M., & Song, W. C. (2020). Intent-based networking with proactive load distribution in data center using IBN manager and Smart Path manager. Journal of Ambient Intelligence and Humanized Computing, 1-18.

Tsai, P. W., Tsai, C. W., Hsu, C. W., & Yang, C. S. (2018). Network monitoring in software-defined networking: A review. IEEE Systems Journal, 12(4), 3958-3969.

Wei, Y., Peng, M., & Liu, Y. (2020). Intent-based networks for 6G: Insights and challenges. Digital Communications and Networks, 6(3), 270-280.