Software-defined networking promises to ease and speed change in the network, especially the data center network. That’s good for company agility and making sure the network can keep up with the pace of change the business can set. But it could be bad for risk management and security if it is not done right. The security operations center therefore needs to get into the SDN act from day one.
We have been down this road before on the path to the virtualized data center. We saw IT set standing security measures aside in the early waves of server virtualization without new security management and monitoring tools to provide a line of sight into the new environment. Servers were being virtualized onto the same hosts despite having been separated on the network by VLANs or subnets or even firewalls. Eventually the virtualization environment matured enough to allow security partitions to be maintained even when external network separation went away, but in the interim many data centers were either breaking their security or hobbling their virtualization effort to maintain it.
So it may be with SDN, if IT is not careful. This will not be on the actual security side -- network engineers and admins will be able to recreate and even improve on protections they have in place now. It will be on the security operations side that IT has to be careful. Because the engineers are changing how they control and structure the network, security and network operations teams will need to make sure that their monitoring tools can see and accurately portray the new lay of the land. If virtual overlay networks are creating new security zones, for example, or tunneling through existing ones, then the security operations center must be able to see and report on activity within and across those zones as needed. This is true both for active operational monitoring and for testing and auditing.
These are early days for SDN, however. There is still time for those exploring SDN deployment to make sure they understand the importance of the security operations center and that their security operations teams are involved in the process of selecting tools and platforms and in planning the implementation. To do otherwise would be courting disaster.
Why today's networks need SOCs
SDN security: Is there cause for concern?
Challenges found where IT and security operations meet
Dig Deeper on SD-WAN
Related Q&A from John Burke
Networking analyst John Burke explains managed software-defined WAN, and he discusses why providers are starting to offer the service to their ... Continue Reading
Our expert explains the difference between the OSI model vs. the TCP/IP model, and breaks down how the layers of the models relate to each other in ... Continue Reading
The rise of SD-WAN has many asking: Do we really need MPLS connectivity? Expert John Burke explains what factors to consider before renewing your ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.