Huawei Software Defined Network (SDN) Solution

The information-sharing era requires the targeting of multiple information resources to better serve users. Various Big Data analytics and mining technologies are evolving, bringing with them a rise in personalized applications and shorter product lifecycles. More agile networks are required to adapt to fast service development. Featuring integrated cloud computing, Network Functions Virtualization (NFV) and edge calculation, Huawei’s Software-Defined Networking (SDN) solution consists of data center, IoT, and security field innovations that help enterprises re-architect networks and accelerate digital transformation.

SDN Technology on Data Center Network (DCN): Huawei Cloud Fabric 5.0 builds a simple, open, and elastic DCN

♦Fully automated service provisioning within minutes
♦Refined O&M, smart fault location within minutes
♦ndustry’s largest-capacity networking capability, flexible service scalability

SDN Technology on Campuses: Huawei’s Cloud Campus solution based on SD-campus architecture

♦Application-oriented automated deployment, on-demand campus network
♦Visualized network based on Big Data analytics and network data for decision-making
♦Access to applications anytime and anywhere, delivering a consistent user experience

SDN Technology in the IoT: Agile IoT provides highly efficient management of edge computing networks

♦SDN architecture, managing tens of thousands of IoT terminals
♦Edge calculation; local, intelligent, real-time processing
♦4-level security defense (chip/OS/pipe/platform)

SDN Technology on Branch Interconnection Networks: CloudVPN builds on-demand enterprise interconnection experience for enterprise branches

♦eCommerce service experience from implementation to service
♦SD-WAN implementing Internet cost-effectiveness and Quality of Experience (QoE) of leased lines
♦Unified controller in full scenarios: End-to-End (E2E) integrated resource allocation and network policy deployment

SDN Technology on Network Security: Building a highly efficient, flexible, and ubiquitous security defense system

♦The Agile Controller schedules services uniformly and builds a cloud-pipe-device threat defense system in data center, campus, Bring-Your-Own-Device (BYOD), and IoT scenarios
♦Precise defense based on Big Data — detects 12 types of threats with a detection accuracy of 99 percent or greater
♦On-demand security service provisioning: Function virtualization, on-demand, and self-help subscription of 12 types of Valued Added Services (VASs) in the cloud


SDN Concepts and Scope

Widely recognized in the industry, SDN is not always well understood. SDN involves four concepts; however, some
organizations and vendors focus only on one concept and ignore the others.

1. Centralized control architecture: Control functions, such as route calculation of network devices, are centralized
on one controller, which generates the forwarding table and delivers it to devices. Network devices are responsible
only for forwarding packets, with OpenFlow as the control interface between the controller and devices. Centralized
architecture and OpenFlow are promoted and defined by the ONF(Open Networking Fundation).

2. Network capability openness: Third-party applications use Application Programming Interfaces (APIs) to invoke
network capabilities and implement flexible architecture, similar to the combination of the operating system and
applications. The ONF and IETF SDN working groups focus on network capability openness, but implementation varies
significantly. Network openness is irrelevant to centralized architecture; however, in existing network architecture,
network and device openness can be implemented.

3. Network resource virtualization: In cloud computing environments, computing and storage resources are
dynamically allocated. Customers only need to enter the quantity of required computing and storage resources on
the cloud management page. Virtual Machines (VMs) are then dynamically generated and allocated to departments
or tenants. To provide a complete IP system for a tenant or department, computing and storage resources, as well as
network resources, must be dynamically generated. Nicira Overlay uses software to deploy a virtual network, which
is fully decoupled from the physical network. Overlay technology encapsulates Layer 2 packets into Layer 3 packets
for transmission and can be regarded as an upper-layer application after the physical network is virtualized. This kind
of technology is used in cloud data centers to effectively isolate multiple tenants and automate network-wide Virtual
Machine (VM) migration, fully satisfying the requirements of large cloud service providers and enterprises. Current
data encapsulation modes include Virtual Extensible LAN (VXLAN), Network Virtualization using Generic Routing
Encapsulation (NVGRE), and Stateless Transport Tunneling Protocol (STT).

4. NFV: Established by 13 ETSI carriers, Network Functions Virtualization (NFV) is designed to evolve telecom networks
into IT-oriented networks. Various types of devices on carrier networks, such as Digital Derived Services Networks
(DDSNs) and Content Delivery Networks (CDNs), increase Operating Expense (OPEX) and make it difficult for new
services to go online. To solve these problems, carriers must implement Layer 4 to Layer 7 functions using software


Huawei Agile Network Solution Architecture

Huawei Agile Network Solution

Based on Software Defined Networking (SDN) concepts and three architectural innovations, Huawei Agile Network Solution is a next-generation enterprise solution that enables a swift and flexible network for services. The solution provides rapid service innovation (four times faster than the industry average), helping enterprises seize business opportunities amidst fierce competition.
The Huawei Agile Network Solution encompasses four sub-solutions: Agile Campus, Cloud Fabric, Agile WAN and Agile Branch solution.Huawei's solution fully satisfies the requirements of new services, such as mobile applications, cloud computing, social media, Big Data, and the Internet of Things (IoT), bringing significant benefits to enterprise customers.

Fully Programmable: Ethernet Network Processor (ENP) + Protocol Oblivious Forwarding (POF) implements the change from hardware- to software-defined networking.
Software-defined: Software upgrades and SDN programmability promoted by many vendors cannot actually be implemented. New functions for packet forwarding (for example, added protocols and new protocol processing functions), cannot be achieved. Huawei is the first to use ENP for packet forwarding, offering software flexibility and hardware performance. Network functions can be flexibly changed and enhanced through software. Switches on enterprise networks provide fixed ASIC-based packet forwarding. Optimized SDN architecture and POF allow network
functions to be programmable and quickly expanded, transforming from hardware- to software-defined. Due to its fully programmable architecture, Huawei’s agile network and agile switches provide free mobility, united security on the entire network, Packet Conservation Algorithm for Internet (iPCA), and wired and wireless convergence.

comparison between traditional switch and Huawei Agile Switch

Quality Awareness: iPCA technology is the first to enable IP network quality awareness, ensuring that users have a good experience.
SDN does not enable detectable IP network quality; therefore, neither the network nor administrators are alerted to service quality degradation regarding such real-time services such as voice, video, and desktop virtualization. To solve this problem, Huawei uses iPCA, which can detect faults on the switching network, device, card, and link. When user experience is degraded due to network faults, iPCA can detect and accurately locate the faults in a timely manner, ensuring a good network experience.
Huawei Agile Network Quality awareness

Smooth Evolution: One device with dual planes makes this solution the first to allow SDN to be directly deployed on the live network.
SDN uses centralized control, whereas the current network uses distributed control. Huawei uses one device with dual planes to solve smooth evolution and interworking problems — the first solution to allow SDN to be directly deployed on the live network.

Dual control plane on one switch

Agile Campus Network Solution

The Huawei Agile Network Solution is implemented on the agile campus network. When compared with the traditional campus network, the agile campus network differs as follows:

The addition of the Agile Controller: The Agile Controller controls the campus network (including the egress router/SVN device) and dynamically schedules and allocates network resources, ensuring good service experience in mobile environments. It can allocate and schedule security resources on the entire network to implement united security.

•The agile switch replaces the traditional switch, adding agile detection and execution capabilities to detect users, applications, network quality, problems, and security events.

Security resources such as firewalls can be shared on the entire network.

Huawei Agile Campus Network architecture

Agile WAN

WAN leased link bandwidth cost is a key element influencing the experience of most services. According to statistics provided by leading Internet Service Providers (ISPs), data center leased link use efficiency is only about 30%. Improving inter-data center link bandwidth use is critical for reducing link deployment costs and enhancing user experience.

Huawei uses the independent path control plane and Agile Controller to calculate the path according to network status to improve bandwidth use efficiency. Huawei provides network status and service priority detection to display service network characteristics, implementing path planning and calculation to increase link use efficiency on the entire network to more than 90%. In addition, high-priority services are scheduled first.

Optimized WAN shows WAN links between the data centers in Beijing, Shanghai, and Shenzhen. A new service (requiring 300 Mbit/s bandwidth) must be provided between Beijing and Shenzhen. The bandwidth on this link (shortest link) is insufficient, preventing provision of new services; however, bandwidth use between Beijing and Shanghai, and between Shanghai and Shenzhen, is only 40%. To address this, Huawei introduced Path Computation Element (PCE) technology. Now, the Agile Controller centrally calculates paths, obtains the real-time status of each Network Element (NE), and automatically deploys the new service on the Beijing – Shanghai – Shenzhen link. The PCE ensures new service provisioning and raises the link bandwidth use to 70% or higher, significantly reducing customer OPEX.

Huawei Agile WAN solution

Agile Branch

Enterprise branch networks currently face challenges brought about by Big Data, cloud computing, diversified IT applications, wireless broadband, and IP-based transformation of industrial terminals. As a result, the number of CT and IT systems keeps increasing, and branch networks become ever more complex. Service deployment, network experience management, and maintenance of a huge number of branches have become major concerns and challenges to branch networks, resulting in high network construction and maintenance costs.

Huawei Agile Branch Solution uses a two-layer architecture: Agile Controller + Agile Gateway.
• Huawei's solution is the first to introduce the Agile Controller into branches, implementing unified deployment and control of branch network resources.
• The Agile Gateway supports a variety of functions, such as routing, switching, and voice of traditional branch gateways, as well as dynamic uploading of IT applications, implementing CT and IT system convergence and resource sharing.

Agile branch Huawei SDN solution

The Huawei Agile Branch Solution helps customers implement one-click service deployment, zero-touch local maintenance, and open and VAS provisioning capabilities.

• The Agile Controller performs unified orchestration of branch IT and CT services, as well as template-based operations, implementing one-click service deployment.

• The Agile Controller monitors branch services in real time and automatically troubleshoots faults based on health monitoring results, implementing zero-touch local maintenance. For example, health monitoring results show that the branch has a poor quality WAN. The Agile Controller can then be used to enable the WAN to accelerate application installation without manual configuration. The Agile Controller automatically delivers applications to the Agile Gateway.

• This solution provides open devices, networks, and applications, facilitating both the integration of third-party service systems and that into third-party service systems, boosting innovative industry-leading solutions and delivering economic benefits to enterprises.

Cloud Fabric

Huawei Cloud Fabric

Rapid development of cloud computing, Big Data, and mobility have brought unprecedented challenges and opportunities to data centers that function as service bearing infrastructure. Currently, the level of virtualization inside a data center is very high. Virtual servers, storage, and switches (vSwitches) come together to build a new virtualized network, supporting cloud computing development; however, data centers are deployed with a large number of network devices that make up independent physical networks. A set of problems in service deployment, unified resource delivery, associative fault diagnosis, and automatic service optimization exist due to the split between virtualized and physical networks, causing a considerable barrier to service deployment and cloud computing data center maintenance.

To help customers tackle these challenges, Huawei has put forward an innovative Data Center Cloud Connect Solution in its Cloud Fabric 2.0. The major components of this solution include the industry-leading CloudEngine (CE) series data center switches and the Agile Controller. The Cloud Connect Solution aims to simplify cloud computing. Huawei's Cloud Connect Solution offers customers the following benefits:

• Connecting cloud services: being service-driven and allowing IT application administrators to easily schedule network resources
Huawei's Cloud Connect Solution is service-centric and allows IT management personnel to easily schedule network resources, enabling the network to flexibly migrate to cloud platforms; IT management personnel can use service languages to define network requirements from the perspective of services. Different services have independent application framework views, and IT management personnel can adjust the application frameworks on demand. The Agile Controller can understand and transform three types of views: application framework, logical network, and physical network views. It can automatically transform the application framework view to the logical network view and deliver configurations to the physical network, implementing on-demand network resource allocation.

• Connecting cloud platforms: seamlessly connecting to mainstream platforms in the industry and unified delivery of ICT resources
Huawei has been building an open cloud computing data center ecosystem. It has carried out cooperation efforts with well-known IT device vendors and standards organizations across the globe in Huawei's Cloud Connect
Solution, featuring the following advantages:
··Cloud Connect seamlessly connects to VMware's vCloud cloud management platform and NSX network virtualization platform and builds a joint online network policy migration solution and a joint VXLAN hardware gateway solution.
··Couples with and connects to Microsoft's CloudOS and builds a Hybrid Fabric solution in Overlay mode together with Microsoft. This solution has been applied to large-scale cloud computing data centers.
··Connects to OpenStack and other mainstream cloud platforms, implementing unified management of network and IT resources.
··Works with Huawei's FusionSphere cloud platform to build an end-to-end Distributed Cloud Data Center (DC2) Cloud Fabric Solution.

• Connecting ICT resources: awareness between virtual and physical networks and unified display of
Huawei's Cloud Connect Solution gives IT management personnel and network administrators a global view of the data center and displays virtual and physical networks in a unified manner. In this way, IT management personnel and network administrators can learn the global layout, utilization, and fault situation of their ICT resources.

• Lowered TCO: compatible with a variety of physical network technologies and smooth evolution
Huawei's Cloud Connect Solution decouples logical networks from physical networks and shields differences among various physical networks (including virtual networks) as well as those found in other specific network technologies. This allows Huawei's solution to work seamlessly with a broad variety of physical networks, preventing device replacements from causing losses.

Agile SDN Controller

Huawei's Agile Controller is the core component of Huawei's Agile Network Solution. It is applicable to various scenarios covering its four sub-solutions: Agile Campus, Agile Branch, Agile WAN, and Cloud Fabric. The Agile Controller implements application policy control for E2E connection from access points to data centers, redefines networks by concentrating on services and user experiences, and enables networks to be more agile for services.

Based on the SDN concept of centralized control, the user- and application-oriented Agile Controller automatically allocates and dynamically adjusts network resources, enabling them to migrate based on the user's location. Under the Agile Controller's smart control, networks tend to use natural languages and automatic policy deployment instead of manual configuration. Additionally, networks shift from single-point edge security protection to united security protection over the entire network. Networks also shift from concentrating on technologies, devices, and connectivity to services, users, and experiences.

In addition, the Agile Controller seamlessly connects to mainstream cloud platforms in the industry, including Huawei's FusionSphere, VMware's vSphere, the OpenStack cloud platform, and Microsoft's Hyper-V. The Agile Controller is dedicated to building an elastic, open platform, integrating excellent practices in various fields, allowing users to flexibly define networks based on service demands.

Agile Switch

Agile switches are the most important components of an agile campus network. When viewed from the switch evolution perspective, agile switches are fifth-generation switches. Compared to predecessors, the biggest advantages of agile switches are the use of ENPs to make packet forwarding programmable and the combination of the ENP and POF to make switches software-defined to allow for rapid service innovations. If the previous four generations of switches could be likened to traditional feature phones, agile switches can be thought of as smartphones.

ENP fully demonstrates the strength of Huawei’s proprietary chips. ENP is cost-effective and provides highly flexible software and high-speed hardware for simultaneous forwarding performance. ENP is the only component that can implement fully programmable on switches. Compared to ENP, other packet forwarding components have the following disadvantages:
•ASIC: High hardware performance and cost-effective — but no flexible software
•CPU (including multi-core CPU): Flexible software, poor performance, and high cost
•Traditional NP: Flexible software, comparatively poor hardware performance, and high cost

The S12700 is Huawei’s first series of agile switches. Huawei S9700 and S7700 series switches can be easily evolved into agile switches though the insertion of an agile card. The S5700 series switches can also evolve into agile switches in this manner. By leveraging their fully programmable, agile switches implement innovative functions on the agile campus network, including free mobility, united security across the entire network, quality awareness, and wired and wireless convergence. In this manner, agile switches implement native AC and native user management functions.
Agile switch reliability conforms to Internet core router reliability design requirements, meeting demands for high network reliability and quality in cloud networks. Most important, agile switches provide SDN capabilities, and new function evolution is far faster than that of traditional switches; therefore, Huawei agile switches not only deliver direct benefits but also allow enterprise networks to fully evolve into future networks.

Market Analysis

According to CRN, here are some top vendors of Software Defined Network (SDN):


Cisco is the No. 1 data center vendor and is leveraging its experience with silicon to drive innovation in the SDN market, with custom chips that gather application traffic flow data. They have the largest market share by ports shipped and by revenue in the data center. Cisco's Application Centric Infrastructure (ACI) SDN solution hit its 1,000-customer mark in September, and the company recently reported that it now has more than 5,000 Nexus 9000 "ACI-ready" customers.


VMware witnessed 100 percent year-over-year growth in its SDN NSX business in fiscal year 2015, with NSX bookings doubling in the second half of 2015, compared with the first half. The company recently boasted it has more than 1,200 paying NSX customers. VMware is the market leader by revenue for SDN overlays


Huawei has been innovating SDN for years both in hardware and software. They launched a programmable switch, which has a programmable control plane in silicon. They are on top of the SDN-type software to make it programmable. Any element of software, orchestration, virtualization of servers and storage -- pretty much all the hardware you would want to do most networking on, Huawei can supply it.


NetApp is an important vendor in the Global Enterprise Storage market. The company established a sizeable market presence in the SDS space. Its SDS offerings include NetApp clustered Data ONTAP OS, NetApp OnCommand, NetApp FAS series, and NetApp FlexArray virtualization software. Some salient features of NetApps SDS are:

Virtualized storage services: Includes effective provision of data storage and access based on service levels
Multiple hardware options: Supports hardware deployment in a variety of enterprise platforms
Application self-service: Delivers APIs for workflow automation and custom applications


 Hewlett Packard Enterprise has seeded the market with more than 30 million OpenFlow-capable switch ports and branded bare-metal switches Hewlett Packard Enterprise has seeded the market with more than 30 million OpenFlow-capable switch ports and branded bare-metal switches. They continued to be very innovative, launching the first SDN 'App Store.' Then they jumped into open networking, offering branded bare metal switches with the choice of Cumulus [Networks], Pica8 or others right now coming down the pipe. They saw it as a way for them to change the game and grab market share and move their position forward in the market.HPE touts 6,000 downloads of its VAN SDN controller as well as an SDN Open Ecosystem that enables customers to develop enterprise-ready networking applications.


Juniper Networks was one of the first vendors to open source its SDN controller and disaggregate its switch OS and hardware. They continue to bring innovation both in silicon and software to the data center network and SDN.They made a bold move to bet on SDN as an overlay and the open-source model for software. Then they complemented that with an enhanced fabric that does multi-path. They also recently jumped into the bare-metal switching market with the QFX 5200, which has a very unique flavor of disaggregation that not only disaggregates the switch from the software, but within the software itself, providing an open development environment.

Cumulus Networks

One of the strongest disruptors in the SDN market is Mountain View, Calif.-based Cumulus Networks. The company was first to market with a Linux operating system for Ethernet switches. They're very much working with the Dev Ops, IT folks, providing a switch OS that's familiar to many Linux developers that is really helping push forward the marketplace around disaggregated switches. They're very well-positioned to be part of the transformation that SDN represents to disaggregated switching

Nuage Networks

Nuage Networks, a Mountain View, Calif.-based division of Nokia, provides a Border Gateway Protocol-based SDN network virtualization overlay along with a SD wide area network (WAN) solution. Alcatel-Lucent [part of Nokia] was one of the first large traditional telco vendors to really jump in SDN and launch a Nuage product line by leveraging their very strong heritage in the router market,hey took elements from their router code and created the SDN controllers and the policy infrastructure that is core of the Nuage offering.


San Jose, Calif.-based networking vendor Brocade Communications offers an open-source SDN controller distribution along with a strong data center fabric. They've leveraged their strong footprint in the data center to build one of the early data center fabrics …. that supported multi-path. So they recently made a very important leap in the software world by providing a commercial distribution of OpenDaylight, which now makes them smack in the middle of a leadership position in SDN,


Huawei SDN

The agile SDN Controller-DCN edition is the core component of Huawei's Agile Data Center Network solution. Based on the hierarchical decoupling capability of SDN architecture, it provides an automatic mapping from applications to physical networks, resource pool deployment, and visualized O&M in order to build an IT service-oriented platform that allows the dynamic scheduling of network resources.

The agile Controller-DCN edition can seamlessly interoperate with existing mainstream cloud platforms. Utilizing the open and standard northbound and southbound interfaces, highly reliable cluster load balancing capability, as well as elastic scalabity, the agile Controller-DCN edition allows customers to flexibly deploy and schedule network resources according to their IT service needs, enabling data center networks to be more agile in supporting cloud services.

