Sunday, June 7, 2015

ONOS Advances its SDN Operating System with 3rd Release

A third version of the Open Network Operating System (ONOS), named Cardinal, has been released, adding several significant enhancements in the areas of Application Intent Framework, southbound interfaces and new distributed core features and capabilities.

ONOS, which was first released in December 2014, is currently deployed live in three research and education networks worldwide with more to come in Europe and Asia. These include SDN-IP peering application deployments at Internet2 in the U.S. and FIU/AmLight to South America as well as a BGP Peering Router deployment at CSIRO, Australia. It is also being used to enable proof-of-concept (PoCs) of multi-layer IP/optical networks and for the migration to SDN using the SDN-IP peering application.

Some Cardinal highlights:

  • Improves performance for flow operations, application intent processing and network topology maintenance by more than 25 percent.
  • Creates several new uses by enabling the central office to be re-architected as a data center (CORD).
  • Cardinal’s Application Intent Framework supports all the key solution POCs that will be demonstrated at the Open Networking Summit (ONS2015) conference with extensions such as MPLS and tunnel support added to the framework to support a wide variety of SDN applications.
  • A new flow-objective subsystem in the distributed core enables device agnostic SDN deployment. It allows apps to use a variety of OpenFlow switches with support for multiple tables without being concerned about the device specific details. It is definitely a big step forward towards the inter-operability and elimination of the solution silos that exist today.
  • At the southbound, NETCONF and PCEP interfaces are now available, and the TL1 interface will be used by two vendors for a few solution POCs although TL1 is not yet available from ONOS for open source distribution.

“The ONOS team has been running on all cylinders and continues to increase momentum with the help from the community,” said Bill Snow, vice president of Engineering at ON.Lab. ”The code base continues to add functionality, while keeping code quality high and continually improving performance. ONOS’ use cases really show its unique capabilities to transform service provider and mission critical networks.”

Download is available here:

Intel Security and VMware Introduce SDN-powered IPS

Intel Security and VMware introduced an SDN-based Intrusion Prevention services (IPS) solution for the protection of east-west traffic within the data center.  The security solution leverages the VMware NSX network virtualization platform to automate the distribution and enforcement of Intel Security’s McAfee Network Security Platform (NSP), providing Intelligent.

The idea is to extend the services inside the data center that Intel Security provides for north-south traffic at the perimeter of the data center.

The new integrated solution includes the McAfee NSP IPS-VM100-VSS (a new IPS-VM Series model designed for interoperability with VMware NSX), McAfee Network Security Manager, Intel Security Controller and VMware NSX network virtualization platform. The Intel Security Controller transparently runs as a broker between the VMware NSX infrastructure and the Intel Security’s McAfee NSP.  IPS protection can be dynamically and automatically provisioned to help protect intra-VM traffic based on the defined policies and requirements

“The McAfee NSP takes advantage of the VMware NSX platform’s distributed micro-segmentation enforcement and simplified automated provisioning, creating a zero-trust environment to automatically help protect organizations’ assets against advanced threats,” said Raja Patel, General Manager for the Network Security Business Unit, Intel Security.

"The tight integration between VMware NSX and Intel Security’s McAfee NSP means security controls follow application workloads, allowing customers to dynamically scale security services,” said Tom Corn, Senior Vice President, Security Products, VMware.