Cisco: SONA promises advanced next-generation networks

Cisco says its Services Oriented Network Architecture (SONA) plans could help network executives tackle advanced IP services while cutting costs and reducing management complexity on their networks.

Cisco is incorporating services into its network gear, software and services, company officials say, to better equip customers to handle today's and tomorrow's advanced IP applications such as voice, video and virtualization.

Cisco introduced its Services Oriented Network Architecture less than two years ago, and now the company says the SONA concept in action will reduce corporate costs and move customers toward virtualized services, including security, voice, mobility, applications, management, processing and storage -- with the network as the common facet. Bill Ruh, vice president of Advanced Services at Cisco, recently discussed with Network World Senior Editor Denise Dubie about why network engineers should be already be incorporating the principles of SONA into their network design and how Cisco's services-oriented architecture (SOA) would help them better architect and navigate tomorrow's next-generation networks.

Can you give me a bit of background on SONA?

Cisco has had a number of architectures over the years that have evolved. We came out with SONA about 18 months ago. It was in response to the changes in the network that we see and trying to make sense of the broad Cisco product line and figuring out how all the pieces fit together because it's no longer just routing and switching. SONA is partly about voice technology, collaborative technology, security technology and data center networking technology and how all these things come together and fit together into a single integrated whole. Secondly, SONA is aligned with the movement toward service-oriented architecture.

Where is Cisco in terms of its internal development of SONA?

We are not 100% there, and there is an evolution going on in terms of people looking across all the product lines to determine what it means to be a service. Not all services need to have a programmable interface but some do. It is impacting our products in the sense that some services are black-box services and some services will be more programmable. This evolution is going on today in our product lines. Certainly there is more to be done going forward in making sure we can support a strong SOA environments. As other vendors build out the software capabilities that really allow an SOA to build we have to be paralleling that in the network that allow for highly scalable, highly reliable distributed SOA services. There is obviously a lot of work to be done by both the software vendors and ourselves as this market matures. We know what the next few steps are for the next year or so. But it's going to take several years before the software market works out all the architectural components it needs in terms of what is going to be the most successful capabilities for an SOA environment. We have to continue to stay tuned into that to make sure we parallel that with the right networking services.

Considering the company's equipment focus, how has a movement toward SOA, which involves re-usable software components, impact Cisco?

It has impacted [Cisco] in that people are looking to us as to what are the services that the products or components provide. It is becoming more and more a key aspect of the role of the network so the real questions are becoming what services belong in the network, how do we expose those services, what do those services do and how do they fit into a broader SOA environment. SONA is really how the network plays and what services are offered and how all these capabilities are brought together. It also helps SOA development teams to start thinking about opening up the products themselves by providing programmable interfaces above and beyond what we traditionally have done in command line. All of that is what SONA is all about.

At Cisco, is SONA specific to a set of products or certain equipment?

Every time Cisco announces something -- because we are so product-driven -- people want to know if there is a specific product or more often is there a specific box associated with this news. But the answer is no, absolutely not. There is no specific SONA product. There are a lot of changes that have occurred and been driven into the product line as a result of SONA. SONA just like all architectures is a way to begin thinking about how you are going structure your network and how we structure our products. If you look at the voice technology -- which has probably been the most aggressive at opening up -- and the ability to build applications on top of voice technology using our CUAE [Cisco Unified Application Environment] development capability. That would be an example of how at Cisco each of our individual product lines is extending itself to open up more into a service-oriented environment.

How do you envision customers starting to use SONA in their networks?

Every part of our product line has been impacted by the idea of a service-oriented approach and the idea of SONA. And there are several ways customers will start to see SONA. First we have something called Cisco-validated designs. These would be things like an empowered branch, a campus network, a data center network and more. We are showing design patterns and offering best practices as to how to construct a specific place in the network. Because in reality there is no such thing as the network anymore, there are multiple networks. We have this Cisco-validated design as an offering to show how to architect places in the network. That's really the fundamental underpinning of the architecture. All of that has driven changes to the existing product lines. On top of that, we start to think of a variety of the products as services.

Can you give me an example?

For example, when you think of security, you have to ask, 'What kind of security services belong in the network and how do those services get utilized by applications?' But all our products really fit in; for instance, at the lowest level in terms of the place in the network and the way we architect it to the products that really sit above that at the interactive services layer in security, voice, collaboration and data center networking. These products sit on top of the places in the network and are much closer to the applications. The impact across those product lines -- what we have done and what you will continue to see -- is more interfaces to interact and utilize those services in the network.

Why is it important that Cisco customers are thinking about their network in terms services?

While there has been a lot of talk around distributed applications, it hasn't been until the last few years that some of our more leading-edge customers have really built out large-scale distributed applications. I like to use Google Maps as an example. It’s so easy now to take Google Maps and your data and create a mashup and that has exacerbated it even more. The idea of using the Internet with applications and Web services is really coming true and we are seeing these highly distributed applications appear. It creates a lot of very interesting behaviors on the network that quite frankly were never planned for or never expected.

What types of network behavior might take network executives by surprise?

For example, take the security and performance implications of a mashup of Google Maps with your internal data and utilizing that inside your organization as a user interface. Well suddenly the traffic patterns and traffic levels are going to change and your internal customers are still going to expect fairly high performance. You may have optimized internally, but now you are using more external services so you've got to optimize the security of the firewalls and begin to think about certain things you haven't had to consider before -- which is there are certain parts of the network out of your control. It really begins to change the way you think about your network and how you design your network.

Where do you see network design changing most?

We see more of a movement toward highly distributed environments when it comes to branches. Retail stores used to be a very heavy-weight environment. Network design used to put a lot of the processing in the stores. Now there is a movement toward more light-weight capabilities with a lot more services being put out in retail branches. That is really going to change the nature of the design of the network. Instead of doing batch processing or batch network dumps, now you have a few centralized sites talking to a lot of highly interactive retail outlets. That does change fundamentally the nature of the network and the kinds of interaction on the network from maybe being batch and dumping things out and having a lot of control of the application in the centralized environment to one in which you lose a bit of control in this fully distributed environment. And the network is the only thing that touches it so you need to optimize the network to support what really is a fundamentally different kind of application.

How does virtualization fit in with Cisco's SONA vision?

SONA helps you how to understand how to virtualize your environment. What we have done with the best practices is to educate customers that you don't go all virtualized in one day. There really is an approach you want to take to think about virtualization. We see a number of areas of virtualization. You may start out virtualizing your storage and then you may consider virtualizing servers. Virtualizing applications is a much more significant activity. Clearly there are certain areas that are easier to do and then you could slowly move forward to fully virtualizing your applications. SONA does two things. It helps to understand that virtualization is going to be how we enable next-generation architectures. And at the same time, the best practices around SONA are there to help lead you through this idea of starting with something you know you will get some benefit from and take it step by step by step.

What about enterprise applications? How does SONA help customers get better performance?

What's interesting is that SONA has opened up a new world for us in the application space. One area is that we have announced a fairly deep and strategic relationship with SAP. SAP was never a partner of ours before and it wasn't clear where we would partner. But what SONA has done for us is allowed us to look at the network playing a new role with applications. The idea that these services can be opened up to work with SAP applications and allow those SAP to applications work better or allow them to do things they couldn't before in this significantly distributed environment is what we have been working on with SAP.

What is an example of how SONA works with SAP?

The network is really the largest untapped source of information. It transports information, but rarely is the information itself being utilized. One of the areas that SAP has gotten into strongly is governance, risk and compliance (GRC). If you look at these areas, the network gives you the only view of most of your business transaction. When has something come into my system? When is it leaving my system? When you consider digital rights management, which is a big part of GRC, the ability for the network to look at the information and do deep packet inspection can tell you a lot about digital rights management and what information is leaving your organization and going to third parties. With that, you can have more of a real-time GRC application. As a result, one area we partner on right out of the box is a network-based set of capabilities and opening up a set of those services within the GRC allowing them to see those business events on a real-time basis and be able to act on them in real time. And it is one of the areas we are working on very hard with SAP and a couple of early lighthouse customers.

Most agree the network needs to have some level of intelligence, but to what degree does SONA propose the network be intelligent?

Today's network is intelligent. It's not really a question whether the network should be intelligent or dumb. I think it's really a question of what forms of intelligence. MPLS provides a fairly intelligent environment. It's not a question anymore of whether the network should be intelligent or not, it's more a question of which services belong in the network and which don't. Really the question is which pieces or what forms of intelligence should be in the network. For us, certainly we think routing, switching and networking intelligence; no one denies that anymore. Now security intelligence isn't even up for debate. I think we have fairly good lines drawn with regard to security as to what belongs in the network and what belongs in the operating system and the servers. We are now drawing lines about voice and video and intelligence for managing voice and video.

1 2 Page 1
Page 1 of 2
IT Salary Survey: The results are in