Open Network Featured Article

As enterprises move away from traditional routers and switches and look to adopt software-defined networking (SDN), they’re going to reap a lot of benefits. The world is mobile and digital today, and additional options for handling traffic are very necessary. It doesn’t make much sense to add new applications and expect additional capabilities from networks that haven’t changed in years. Enter software-designed networking, which provides open, easily-programmable solutions for sexy new capabilities.

At the same time, IT personnel are keeping security at the forefront of their experiments with SDN, and this is a wise decision, according to Nemertes Research’ John Burke writing for Tech Target.

“SDN users should be as worried as anyone about their networks’ vulnerability, and perhaps a little more worried than most, if for no other reason than: (a) They are changing the rules for how their networks work, and (b) they are doing so using relatively new technology,” wrote Burke.

As a result, system updates and patches become critical, and IT personnel need to be on the lookout for security holes constantly. (Some industry writers are doubtful it’s even possible: read this interview with Phil Porras of SRI (News - Alert) International titled, “SDN Security – An Oxymoron?”)

“Many network managers have been quite tardy in rolling out security fixes on their existing infrastructures; that won't do with so much new hardware and software in the mix,” wrote Burke. “If they are doing classic SDN -- in which network control and network data packet handling are separate -- they will have to watch both controllers and data plane devices for updates, and also every SDN application they use on top of the controllers,” he said, noting that it becomes even more critical for companies engaging in more virtualization-focused SDN with physical devices that each have their own operating system.

For smart companies, monitoring tools will become absolutely critical, as well. There is evidence that SDN is already attracting the wrong kind of attention for opportunists, and most companies aren’t equipped to identify and mitigate these risks, according to Burke.

“Everyone will have to be prepared for evolving network attacks based on SDN technology,” he wrote. “For example, several new kinds of resource-exhaustion denial of service attacks might be possible based on the use of SDN controllers. All should be prepared to jump in with new kinds of mitigation and defense -- software-defined networking security? -- in response.”

What seems clear is that companies looking to take advantage of the benefits of software-defined networking – and there are many – will need to build risk and security strategies at the same time. (Tech Target (News - Alert) offers some helpful strategies here.) As with any new technology, the benefits and drawbacks should be carefully evaluated before a company embarks on a new journey with SDN. Companies that offer white box SDN to enterprises such as Pica 8 are a great way to take advantage of the benefits of SDN without as much risk as a “do it yourself” approach.