The increased network visibility, intelligence, and agility that Software Defined Networking (SDN) promises may equip enterprises to better handle security threats. Some vendors have already released solutions to leverage those benefits, among them Santa Clara, CA-based visibility and monitoring solutions vendor Net Optics. Net Optics presented its Security-Centric SDN architecture this year at the third annual Cyber Security Conference in Israel and at Cisco Live in Orlando.
Weaknesses of traditional network security measures
According to Bob Shaw, Net Optics president and CEO, enterprises can no longer rely on disparate point solutions or legacy defense mechanisms to protect their networks from threats. Cybercrime is "moving faster, in many cases, than the development of technology to prevent it," he told me. And the limitations of enterprises' security budgets often preclude comprehensive protection. "Folks are forced to compromise and pick the areas of the network at greatest risk or that are the most critical to protect," Shaw said, rather than protecting the entire network.
The scenario Shaw describes sounds dire, and traditional approaches to security ineffective. Many organizations have decided on a redundant approach to security, he said, purchasing a second set of solutions and to put on standby in the event of an attack. Unfortunately, "these deployments become so complex that as the network switches from primary to secondary, how it's architected becomes very complicated, and there may only be a handful of folks who are experts on how to run that network as it moves forward," he said.
Network Packet Brokers for security orchestration
That's where Security-Centric SDN comes in. Instead of forcing customers to deploy different security solutions than what they already have, Net Optics combines an SDN controller with Network Packet Brokers (NPBs) in an architecture that allows for the intelligent orchestration of the customer's existing security appliances and solutions. Each existing security component in such a network can then be tasked to address specific risks and vulnerabilities. The network as a whole would adapt its behaviors based on the threats detected, diverting suspicious traffic, changing security devices' responses, or blocking packets altogether, and all with minimal human intervention. Security-Centric SDN can also bring to bear multiple security tools to bear on an attack as needed.
Essentials of Security-Centric SDN
The Security-Centric SDN paradigm consists of five essential attributes, Shaw explained. Decoupling the security, monitoring, and switching elements from the data planes allows greater control of traffic flow across the network. Network visibility enables better network monitoring. A simplified security infrastructure creates flexibility within the network to integrate multiple security appliances and solutions. That flexibility empowers enterprises to orchestrate multiple best-in-class security solutions as one unified, optimized defense. And automated provisioning not only eases network complexity, but also supports better access management. Taken together, these five attributes add up to the potential for drastically improved network security.
SDN in general and Security-Centric SDN in particular are, of course, at early stages in their life and hype cycles, and whether Net Optics' security solution will gain traction remains to be seen. If Security-Centric SDN does turn out to be all that its proponents say it is, enterprises both within Net Optics' 7,000-customer installed base and beyond stand to reap the benefits.
Jude Chao is executive editor of Enterprise Networking Planet. Follow her on Twitter @judechao.