Add as a preferred source on Google


Internet2 SDN Network Adds Multi-Tenancy

  • By Dian Schaffhauser
  • 10/29/14

Internet2 has added a new resource that enables its national education network to be divided into segments that can be allocated for use as multiple, discrete private networks by specific research or other user communities. The "FlowSpace Firewall" has been installed in the Internet2 production network, allowing it to be partitioned across nearly 40 100G-attached access nodes throughout the country. The firewall software was commissioned by the community organization and co-developed by Indiana University.

With the new firewall in place on the Internet2 network, one allocation will be prevented from consuming resources set aside for other allocations. The first uses are expected to surface among the research and education community.

The news came during this week's 2014 Technology Exchange in Indianapolis, a gathering of technologists who participate in the Internet2 network.

Internet2 runs the first 100-gigabit open, national software-defined network (SDN), a platform for network virtualization. As with virtualized servers and storage, SDN-enabled hardware uses abstraction to simplify the management of the underlying physical network, especially useful as data centers integrate cloud services and virtualization with on-premises operations. The SDN approach is intended to enable IT to pull together and manage hardware such as switches and routers from different vendors without having to deal with the underlying operating systems or protocols running on those components. When network service delivery changes are required, the network can respond programmatically.

The segmenting capability now built into the network "is a foundational technology that we've put in place," said Rob Vietzke, executive director of networking services within Internet2. "We don't quite know which [communities] will use it and for what. The first people will probably be computer scientists and folks developing infrastructure services. But it's a really unique partitioning of a very important national resource in a way that allows each person that chooses to take a partition to essentially act like they have their own national network."

Several institutional research organizations have already announced new projects to try out virtual slices of the SDN network. In August the National Science Foundation awarded separate $10 million grants to two projects creating cloud computing testbeds.

Chameleon is a large-scale, reconfigurable experimental environment for cloud research, co-located at the University of Chicago and the University of Texas at Austin.

The Chameleon testbed is intended to adapt to multiple experimental needs "from bare metal reconfiguration to support for ready-made clouds," said Kate Keahey, a scientist at the Computation Institute at U Chicago and principal investigator, in a statement. "Furthermore, users will be able to run those experiments on a large scale, critical for big data and big compute research." That project also encompasses creation of a community "where researchers will be able to discuss new ideas, share solutions that others can build on or contribute traces and workloads representative of real life cloud usage."

CloudLab, the second project, is a large-scale distributed infrastructure based at three institutions, the University of Utah, Clemson University in South Carolina, and the University of Wisconsin. Researchers will use CloudLab as a support for constructing different kinds of clouds using new architecture. Each site will have unique hardware, architecture and storage features and will connect to the others via Internet2's SDN-enabled network.

"By connecting CloudLab to Internet2's nationwide SDN network, we can give researchers a level of end-to-end network programmability that is unprecedented in a cloud platform," said Robert Ricci, a research assistant professor of computer science at U Utah and principal investigator of CloudLab. "Having this level of control, programmability and visibility into the network will enable the research community to push the boundaries of cloud networking and explore the future of network architectures for the cloud."

Traditionally, systems and network researchers have been part of the computer science department in the university while computational scientists worked in other disciplines using computing and network resources as tools to do their simulation and modeling-oriented research, added U Utah's Interim CIO, Steven Corbato. "Where we're headed is for these two disciplines to start talking to each other in ways they haven't done in probably 20 or 30 years. It's a pretty exciting time. Whenever you can bring scientists from different disciplines together, I think there are usually good results that come from it. That's one of the drivers from Utah's end."

Although the work going on now is intended to test out and prove the merits of the technology, eventually, the technologies and architectural schemes developed through the use of Internet2's SDN experimental efforts will infiltrate institutional data center operations, he noted.

"If I look at our network, it has historically been based on campus geography or organization," said Corbato.

What he'd rather see is a network structured to accommodate traffic segmentation based on the role of the individual and the risk profile of the data being handled. "We have a hospital; we have a lot of educational records flying around, especially now that we're pushing online education very hard. Those all fall under classes of protected information. Credit card information is protected. We need to put that on a special part of the network where it does not mix with other traffic." SDN and the other developments coming out of work being done by Internet2 and its members and partners "can help us achieve this architectural vision."

Featured

  • Analyst or Scientist uses a computer and dashboard for analysis of information on complex data sets on computer.

    Anthropic Study Tracks AI Adoption Across Countries, Industries

    Adoption of AI tools is growing quickly but remains uneven across countries and industries, with higher-income economies using them far more per person and companies favoring automated deployments over collaborative ones, according to a recent study released by Anthropic.

  • magnifying glass highlighting a human profile silhouette, set over a collage of framed icons including landscapes, charts, and education symbols

    AWS, DeepBrain AI Launch AI-Generated Multimedia Content Detector

    Amazon Web Services (AWS) and DeepBrain AI have introduced AI Detector, an enterprise-grade solution designed to identify and manage AI-generated content across multiple media types. The collaboration targets organizations in government, finance, media, law, and education sectors that need to validate content authenticity at scale.

  • Digital clouds with data points and network connections

    Microsoft Makes Windows 365 Cloud Apps Available for Public Preview

    Microsoft has announced that Windows 365 Cloud Apps are now available for public preview. This allows IT administrators to stream individual Windows applications from the cloud, removing the need to assign Cloud PCs to every user.

  • cloud with binary code and technology imagery

    Report: Hybrid and AI Expansion Outpacing Cloud Security

    A new survey from the Cloud Security Alliance (CSA) and Tenable finds that rapid adoption of hybrid, multi-cloud and AI systems is outpacing the security measures meant to protect them, leaving organizations exposed to preventable breaches and identity-related risks.