SDN Use Cases: Data Sovereignty

As Packet Design works with service providers across the globe on SDN management solutions, we are hearing all sorts of use cases for the technology. We’ve already outlined the use case of “running networks hotter.” Another interesting one that service providers are requesting is data sovereignty.

According to a blog post by Infosecurity Europe, data sovereignty is “the idea that data is subject to the law of the country where it’s located.” This is a timely issue for many, especially those living in or doing business with EU countries. The EU’s “General Data Protection Regulation” (GDPR), which goes into effect on May 25, 2018, strengthens privacy regulations and data sovereignty rules.

Countries across the globe, including Russia, Germany, Canada, and France, already have data sovereignty laws on the books that require personal data about its citizens to stay within each country’s borders (or in France’s case within EU territories). Some U.S. federal agencies mandate that their data be stored solely within the United States. Many public and private corporations across the globe have similar security policies.

Adhering to these various data sovereignty regulations requires service providers to create policies that specify the devices and links that traffic can cross, from both an optical and IP perspective. To do this, they must know which paths should be used and have recovery options. This is normally a very labor-intensive process. SDN makes automating data sovereignty protection services possible, if service providers have the intelligence needed to drive automated path provisioning.

The new Packet Design Explorer SDN Path Provisioning application will make it much easier for service providers to comply with data sovereignty laws and offer compliance services. Built on our SDN Platform and based on the real-time, historical, and predictive analytics from our Explorer suite, the app automates service path computation. What used to take days or even weeks can now be done in minutes, with confidence that the right paths are being used.

In the case of data sovereignty, a service provider can add the service to its catalog with multiple characteristics and constraints. Operators can define constraints such as:

  • The transport service’s priority
  • The optimization algorithm required
  • Use of RSVP-TE or segment routing traffic engineering
  • Type of path diversity protection required, such as node, link or Shared Risk Link Group (SRLG)
  • Options to include or exclude nodes, interfaces, and SRLG

Operators can then quickly fulfill customer requests using the application’s intuitive, web-based wizard to define the different services. For instance, they can include only devices and links within a certain country. Or, they may want to exclude routers in a certain city, region or country.

The SDN Platform’s path computation and optimization engine then calculates the best path based on the supplied policies, including recovery options. Once approved by the operator, a click of the application’s Provision button passes the configuration data to an SDN controller or other orchestration software via published APIs for automated provisioning in the network.

For more information about the application, visit

Provisioning New Service Paths in Minutes with SDN (Blog Post)

Explorer SDN Path Provisioning (Data Sheet)

Learn More about Packet Design SDN | Request Demo