I’ve been banging the table about how network security is the hottest application for Software Defined Networking (SDN). This week, Big Switch Networks confirms this trend with the release of Big Tap Monitoring Fabric 4.5, a “next-gen packet broker” designed to dig deep into networks for security monitoring.
Up to this point, packet brokers have been standalone network appliances that “tap” into a network and make copies of all the network traffic, gaining packet-level insight into what’s going on. They can then run analytics to detect performance or security issues. Some of the bigger packet brokers include Gigamon (NYSE: GIMO) and VSS Monitoring. The downside of this approach is that you must add more hardware to the network for the sole purpose of analytics and monitoring.
An SDN approach, such as that taken by Big Switch, integrates packet brokering and visibility into the networking software itself, obviating the need for a standalone appliance. Big Tap 4.5 scales from 10 Gbit/s to 40 Gbit/s. Some of the monitoring capabilities it will provide include inline/out-of-band deployment, flow-level granularity, and analytics.
Big Switch doesn’t sell any hardware itself. Instead, its SDN networking software can run on the networking hardware provided by Big Tap’s partners, which include original device manufacturers (ODMs) and Dell. This so-called “white-box” approach packages SDN software on commercial off-the-shelf (COTS) hardware, separating the software market from the hardware market.
Big Switch has also lined up a number of security and networking partners, including the following:
- A10 Networks. Big Tap 4.5 integrates with A10 security tools for DDoS protection and SSL insight.
- Blue Coat. The two companies are delivering a joint solution for visibility into SSL encrypted inline traffic and analysis of offline traffic for malware detection.
- Cyphort. Big Tap’s monitoring capabilities are integrated with Cyphort’s distributed software approach for threat detection.
- ExtraHop. Big Tap interoperates with ExtraHop products for application monitoring and analytics.
- InMon. The joint solution with InMon enables real-time flow-level visibility into the production network.
These moves not only represent a pivot for the company, but they also show where the overall SDN market is going. Over the last 12 months under the management of CEO Doug Murray, Big Switch has shifted its focus from OpenFlow-based controllers to building a more robust suite of SDN software that includes an OS, controller, networking fabric, and analytics applications.
The security move is important because it shows that in order for the SDN ecosystem to take hold, the open networking gang — which is taking on the long-established presence of the big vertically integrated networking vendors such as Cisco and Juniper — needs to add value through new applications and use cases for SDN.
To this end, Big Switch is also partnering with VMware to deliver network-level visibility and analytics to VMware NSX. This is a significant move in VMware’s competition with Cisco’s Application Centric Infrastructure (ACI).
There are signs that this open networking ecosystem is starting to come together. 2015 is going to be a pivotal year to see whether the white-box model can make a meaningful dent in the incumbent proprietary hardware dominance. Is there revenue momentum?
Big Switch officials recently disclosed to The Rayno Reprot that the company has delivered 30% sequential quarterly growth “five quarters in a row,” according to Chief Marketing Officer Gregg Holzrichter.
“The customer count and numbers are getting meaningful,” says Holzrichter.
Big Switch’s moves point to signs that the open SDN ecosystem is starting to take hold. The key differentiator is how much value the ODMs, OEMs, and SDN vendors can put together through their partnerships. Big Switch’s new plan of going after security applications represents a new phase of development in the market.