Software-defined networking promises to ease and speed change in the network, especially the data center network. That’s good for company agility and making sure the network can keep up with the pace of change the business can set. But it could be bad for risk management and security if it is not done right. The security operations center therefore needs to get into the SDN act from day one.
We have been down this road before on the path to the virtualized data center. We saw IT set standing security measures aside in the early waves of server virtualization without new security management and monitoring tools to provide a line of sight into the new environment. Servers were being virtualized onto the same hosts despite having been separated on the network by VLANs or subnets or even firewalls. Eventually the virtualization environment matured enough to allow security partitions to be maintained even when external network separation went away, but in the interim many data centers were either breaking their security or hobbling their virtualization effort to maintain it.
So it may be with SDN, if IT is not careful. This will not be on the actual security side -- network engineers and admins will be able to recreate and even improve on protections they have in place now. It will be on the security operations side that IT has to be careful. Because the engineers are changing how they control and structure the network, security and network operations teams will need to make sure that their monitoring tools can see and accurately portray the new lay of the land. If virtual overlay networks are creating new security zones, for example, or tunneling through existing ones, then the security operations center must be able to see and report on activity within and across those zones as needed. This is true both for active operational monitoring and for testing and auditing.
These are early days for SDN, however. There is still time for those exploring SDN deployment to make sure they understand the importance of the security operations center and that their security operations teams are involved in the process of selecting tools and platforms and in planning the implementation. To do otherwise would be courting disaster.
Why today's networks need SOCs
SDN security: Is there cause for concern?
Challenges found where IT and security operations meet
Dig Deeper on Network Security
Related Q&A from John Burke
WAN-cloud exchanges provide private and secure connectivity to cloud environments, making them beneficial for software-defined WAN and SaaS platforms. Continue Reading
Intent-based networking doesn't use any magical commands. But it does use a heavy dose of automation, which might cause some network teams to be wary... Continue Reading
Analytics tools that incorporate machine learning can monitor network behavior, highlight anomalies, and improve performance management and security. Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.