Are Virtual Network Devices Creeping Into Your Network?

Virtualization technologies have dramatically changed the way that we think about servers and computing resources in general; this is common knowledge among most technologists and especially with system administrators. However, many engineers fail to realize that these technologies have also created significant changes to our networks.

The presence of virtual network devices, especially virtual switches, can change the topology, security, and performance of our networks. Security policies in place for best practice and compliance use may not function in a virtual switch. Troubleshooting, which for me usually starts with a firm grasp on the network topology, can become more complicated due to these added complexities and connectivity changes.

I doubt that the first time someone enabled a virtual machine in your company they realized that they were also turning on a virtual switch. I know that I sure didn't. I'd been using virtualization technologies from VMWare, Microsoft, and Citrix for quite a while before I realized that within that virtual server there was a virtual switch that didn't have all of the features or adhere to all of the rules that my traditional, physical, managed switches did.

I don't think I'm alone. When I visit customers I often ask to see their network drawings. Maybe I'm a bit of a freak but I just love a good network drawing printed out on poster sized paper. While these network maps are full of routers, switches, VLANs, circuit IDs, and the like I very rarely see any of the virtual network devices drawn out. Why is that? Virtual network appliances including virtual switches, routers, and firewalls are pretty common place at this point, right?

Well, to help answer these questions we recently conducted a survey. The goal was to find out how well-distributed virtual switches were within company networks. Over 40 percent of the respondents said that they don't have any virtual switches deployed. This number surprised me so I dug a little deeper. Guess what I found -- in a separate survey, over 80 percent of the respondents said that they were utilizing virtualization (server and/or desktop) technologies.

Why the disparity in results? Well, there are a few good theories. First, in most organizations virtual server technologies are managed by the server teams and routers and switches are managed by the network teams. Second, as I mentioned above, not everyone realizes that "virtual server" implies "virtual switch."

Virtual network devices are here, and they are here to stay. As a matter of fact, they've evolved quite a bit over the last three years and many of them are quite feature-rich even when compared to their physical brethren. If you aren't actively managing these devices and treating them with the same diligence that you manage your physical devices, you're looking for trouble.

Do you have virtual switches in your network? If so, are they managed by your network teams, the server teams, a dedicated virtualization team or another group? Drop comment and let us know your thoughts.

Josh Stephens is Head Geek and VP of Technology at SolarWinds, an IT management software company based in Austin, Texas. He shares network management best practices on SolarWinds’ GeekSpeak and thwack. Follow Josh on Twitter @sw_headgeek and SolarWinds @solarwinds.

Subscribe to the Security Watch Newsletter

Comments