Can SDN usher in better IT security?

That software-defined networking (SDN) is a coming reality is starting to gain traction in IT security circles

That software-defined networking (SDN) is a coming reality is starting to gain traction in IT security circles, with some vendors arguing it could lead to a level of interoperability in security largely missing at present.

"SDN we see an as open network that gets people away from proprietary ways of defining networks," says Kurt Roemer, chief security strategist at Citrix Systems, adding in the future, networks will be defined through more open dynamic "flows" rather than more vendor-dependent, IP-based relationships. Roemer even says he anticipates that the Linux Foundation's OpenDaylight project, which is bringing vendors together to ensure openness in SDN products, could result in more secure networks.

There's the potential to "design security into the workloads and communications" under a framework that would include strong encryption, Roemer says. There's the potential for related security standards from organizations that include the IETF and Trusted Computing Group.

Others are optimistic but say it's too early to know how big an impact SDN will have on IT security.

"Will SDN help in overall security enforcement? Our view is absolutely yes," says Rishi Bhargava, general manager and vice president for the software-defined datacenter at Intel Security Solutions. "In the software-defined data center, you can put the security controls at the granular level and it's going to happen with virtual appliances." But Bhargava says it's yet to be defined what interoperability in security might mean for SDN, in terms of OpenStack. "It's too early."

In terms of virtual-machine security, this week the focus has been on VMware's NSX software-defined networking and security, as VMworld Conference in San Francisco is in full swing. Intel Security Solutions, (which includes the McAfee business acquired by Intel), announced a security controller designed to receive commands from VMware's NSX management console to allow existing McAfee virtual intrusion-prevention systems (IPS) to protect virtual machines in an NSX environment. Intel's Bhargava adds it's optimized if it's all running on Intel Xeon servers.

Bhargava points out this new approach eliminates the more awkward manual controls that have been used. The potential downside to this integration, though, is that if the NSX management console is unavailable for some reason, "policy couldn't be changed," he acknowledges. The Intel/McAfee security controller, now in beta, is expected to ship sometime in the fourth quarter.

Intel Security anticipates extending integration into VMware's NSX beyond just its IPS, adding support to the McAfee Next-Generation Firewall, data-loss prevention products and MOVE AntiVirus suite for virtual environments. Future targets include similar integration with OpenStack.

JK Lialias, director of product marketing responsible for server security, data protection and security management at McAfee, says new software connectors for OpenStack KVM and Microsoft Windows Azure cloud-computing platforms are now available to extend control of McAfee server security to the traditional McAfee management console, ePolicy Orchestrator.

Join the CSO newsletter!

Error: Please check your email address.

Tags CitrixSDNNetworkingsecuritylinux foundationOpenDaylightIETFintel

More about IETFIntelIPSKVMLinuxMicrosoftNSX

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Ellen Messmer

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place