JNT Visual - Fotolia
A network overlay is a method used to abstract underlying network hardware, software and protocols. Early on, network overlays were designed with the sole purpose of creating multiple, separated networks on shared physical hardware. The primary use-case scenario was when a cloud service provider wanted to segment customer traffic without having to use separate hardware or network connections.
Over time, network overlays were adapted to create an end-to-end, software-defined networking architecture using legacy network hardware and software -- or to create an SDN across incompatible network vendor equipment. Using this architecture, overlay software can be used to create a virtual, end-to-end network for centralized control plane purposes related to SDN.
Commercial network vendors offer several network overlays to fit with software-defined networking architecture. There are also many available open source options. While some users praise the flexibility of network overlays, others are quick to point out faults. For example, adding yet another layer of abstraction to an already heavily virtualized data center and campus network can further complicate troubleshooting processes.
Additionally, one must consider the extra overhead that is consumed by running an abstracted software layer on top of hardware. Overlays can be slow when compared to native SDN options that run directly on application-specific integrated circuits.
The flexibility benefits must be gauged against performance when looking at network overlay options for software-defined networking architecture. In many cases, IT leadership may choose to go with an SDN overlay as a temporary stopgap to gain SDN benefits without an expensive and time-consuming network upgrade. Yet, as time moves on, it's likely that overlay approaches will give way to hardware and software that is specifically designed to provide all the benefits of software-defined networking architecture without the overhead.
Dig Deeper on Network Infrastructure
Related Q&A from Andrew Froehlich
The zero-trust security model demands infosec leaders take a holistic approach to IT infrastructure security. Learn about the top six business ... Continue Reading
Zero trust and the principle of least privilege may appear to solve the same issue, but they have their differences. Read up on the two methodologies. Continue Reading
Security administrators don't have to choose between zero-trust and defense-in-depth cybersecurity methodologies. Learn how the two frameworks ... Continue Reading