Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

NSA uses OpenFlow for tracking ... its network

Jim Duffy | June 19, 2015
Just as the industry is becoming more comfortable with SDNs, the NSA says it's using them too.

The NSA is using NTT's Ryu SDN controller. Larish says it's a few thousand lines of Python code that's easy to learn, understand, deploy and troubleshoot.

"We're not just about the new technology," Larish says. "We're also looking at how does this change how we do business, how we operate."

Still, bureaucracy threatens that pace of change. NSA had the OpenFlow SDN developed and ready to deploy a year ago.

"We wanted to then expand the deployments to get more lessons learned," Larish says. "It takes eight months to order hardware. You have an entire organization where the culture, they don't want to do something new -- that's maybe unfair. But the culture has been not to embrace change. So it's been a year of fighting government processes and culture to actually get the technology deployed that's been working, no problem."

In the data center, the NSA runs some "very large" Hadoop data centers with service similar to Amazon Web Service's S3 file storage. Similar to the campus SDN, NSA plugs a controller into an inventory database to configure the network in a predictable and deterministic way so that when something breaks it is easy to isolate it and find out why.

The NSA also has OpenStack data centers where the complexity and dynamic nature of those clouds is prompting the agency to look at commercially available products to aid in the integration task.

"In this brave new world, what role do we want as the enterprise?" Larish asks. "Do I want to be a purchaser of building blocks and do the integration myself? Or do I want to buy an end-to-end solution from somebody? The great thing from my perspective is that this new business model, this new openness, give us the opportunity to explore those trade spaces, where in the past I only had one option."

Next up will be the NSA WAN and software-defined exchanges, peering points with other government agencies, Larish says. He's evaluating the Open Network Foundation's Atrium open source distribution for one of those use cases.

"This is a wonderful opportunity to implement new capabilities and change how we do business," he says.

A big part of that is sharing experiences through communities like ONS and the Open Network User Group, Larish says. Though opening up and sharing experiences might run against the NSA's grain, he admits.

"For me, this is an exciting thing," Larish says. "I think it makes a lot of people at NSA nervous because for such a long time we were not very open about what we did. But in this new world, from an IT perspective, we have no business advantage, no competitive advantage -- nothing but our best interests to partner with folks that are doing this."


Previous Page  1  2  3  Next Page 

Sign up for MIS Asia eNewsletters.