Fotolia

Q
Manage Learn to apply best practices and optimize your operations.

What is the role of the security operations center in SDN?

As SDN continues to gain traction, it's important that security keeps pace. Expert John Burke explains the role of the security operations center in a software-defined network.

Software-defined networking promises to ease and speed change in the network, especially the data center network. That’s good for company agility and making sure the network can keep up with the pace of change the business can set. But it could be bad for risk management and security if it is not done right. The security operations center therefore needs to get into the SDN act from day one.

We have been down this road before on the path to the virtualized data center. We saw IT set standing security measures aside in the early waves of server virtualization without new security management and monitoring tools to provide a line of sight into the new environment. Servers were being virtualized onto the same hosts despite having been separated on the network by VLANs or subnets or even firewalls. Eventually the virtualization environment matured enough to allow security partitions to be maintained even when external network separation went away, but in the interim many data centers were either breaking their security or hobbling their virtualization effort to maintain it.

So it may be with SDN, if IT is not careful. This will not be on the actual security side -- network engineers and admins will be able to recreate and even improve on protections they have in place now. It will be on the security operations side that IT has to be careful. Because the engineers are changing how they control and structure the network, security and network operations teams will need to make sure that their monitoring tools can see and accurately portray the new lay of the land. If virtual overlay networks are creating new security zones, for example, or tunneling through existing ones, then the security operations center must be able to see and report on activity within and across those zones as needed. This is true both for active operational monitoring and for testing and auditing.

These are early days for SDN, however. There is still time for those exploring SDN deployment to make sure they understand the importance of the security operations center and that their security operations teams are involved in the process of selecting tools and platforms and in planning the implementation. To do otherwise would be courting disaster.

Next Steps

Why today's networks need SOCs

SDN security: Is there cause for concern?

Challenges found where IT and security operations meet

This was last published in December 2015

Dig Deeper on SD-WAN

PRO+

Content

Find more PRO+ content and other member only offers, here.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

How do you view the role of the SOC in a software-defined network?
Cancel

-ADS BY GOOGLE

SearchNetworking

SearchEnterpriseWAN

SearchCloudProvider

SearchUnifiedCommunications

SearchSecurity

SearchDataCenter

Close