NSA’s SDN Push

By using the Vulcan mind meld, Star Trek’s Mr. Spock created a telepathic link with another individual simply by placing his hands on the person’s head.

The ability to merge minds is pure science fiction, but it is that type of connection that Jean Schaffer, the National Security Agency’s chief of enterprise connectivity and specialized IT services, wants her employees at NSA to have with the IT network.

“We want to understand everything,” said Schaffer, who spoke recently at a Federal Computer Week event in Washington, D.C. “As our networks grow in size, we want to simplify them in complexity.”

To do this, the NSA has turned to software-defined networking. SDN decouples network control and forwarding of data flows. This allows network administrators to adjust network traffic flow to meet changing needs and gives leaders a global view of the network. And it provides administrators more control over network security, which is critical for an agency like NSA, which works primarily with highly classified information.

“We, as an enterprise, need to be able to control our network,” said Bryan Larish, NSA’s technical director for enterprise connectivity and specialized IT services, at the Open Network Summit in June, according to Network World. “We need to do it predictably and efficiently if we’re going to make it secure, and if we’re going to be able to support mission-critical workloads.”

NSA Culture Shift

Schaffer said the agency’s foreign intelligence services did not understand the way the networks were constructed, leading to possible vulnerabilities for enemies to exploit. The biggest change, though, focuses on culture as much as technology.

“The technology continues to improve, but we have to improve how we work with it,” Schaffer said. “You have to have people that look at that process and see what needs to change. You cannot be constrained by how you do things, because without that agility you lose the benefit of the technology you implement.”

Schaffer said NSA has done two main things with its network to maintain flexibility. First, it has instituted agile development cycles with 60- or 90-day turnarounds. That helps the agency from becoming too invested in late-arriving projects and allows for changes on the fly.

Second, the agency has become hardware-agnostic.

“We want to be able to be able to move with advances in software and process, but not be tied into one type of equipment that will limit our agility,” she said.

The Power of SDN

Speaking at the same FCW event, Steve Wallo, federal chief solutions architect at Brocade, described how SDN helps with network fragility. Most IT organizations, he said, especially large ones like those at federal agencies, avoid working on a network out of fear that it will crash.

SDN provides added stability, Wallo said. By taking the management control off the network, all that is left to do is move data. That helps maintain data flow, avoiding the backups and delays that choke overall speed.

“The network replies to what the applications need,” Wallo said. “Over time, the machine learns what is needed and talks with the SDN controller to maintain the overall environment. It makes for easier visibility, but also increased bandwidth.”

Both the NSA and the Defense Information Systems Agency are government leaders in using SDN, Wallo said, adding that nearly every agency — on both the civilian and defense sides — is eager to see what SDN can do.

“SDN can definitely help a lot of agencies,” Wallo said. “This is massive.”

This content is made possible by FedTech. The editorial staff of Nextgov was not involved in its preparation.