How SDN improves your network security
Software-defined networking has enticed telecoms and other organizations with extensive network environments for several years, promising more granular control and governance. However, the benefits of SDN don't end there. One of the less-talked-about advantages of SDN is the enhanced security it enables. With the average data breach costing $3.62 million, according to the latest Ponemon Institute figures, maybe it's time people gave those SDN security benefits another look.
Where can SDN bolster your security? Consider these applications:
Defend against DDoS attacks
Distributed Denial-of-Service (DDoS) attacks can be a company's worst nightmare. For telecoms, especially, DDoS can be absolutely devastating to business. When executing a DDoS attack, hackers or other malicious actors flood their target's network with hordes of bogus traffic requests. This is often done with the help of a botnet network, comprised of compromised machines and devices.
With the expansion of the Internet of Things, there are far more connected devices than ever before – which means hackers can leverage any number of assets to launch their DDoS attacks. Take, for instance, the October 2016 attack that triggered a huge internet outage across the globe. As cyber security expert Brian Krebs explained, connected devices like digital recorders and CCTV cameras were easily compromised by the culprits and used to overwhelm internet Domain Name System (DNS) services provider Dyn with fraudulent traffic. The attack ultimately prevented internet users from accessing some of the most popular sites and web platforms in the world, including Amazon, Twitter and Netflix.
SDN can help address this threat by separating the data planes tasked with forwarding network traffic from the control plane. Aleph Tav Technologies explained that this separation enhances security because the control plane will be unaffected when incoming traffic begins flooding the data plane layer during a DDoS attack.
Greater network control, visibility
One of the hallmarks of modern cybercrime is the slow-burn breach. That is, hackers are prioritizing longer, more surreptitious breaches rather than flashier hit-and-run attacks. According to a June 2016 FireEye report, the average time to detection for breaches across the globe is 146 days. There is simply more to be gained by going undetected for as long as possible while quietly exfiltrating data.
Spotting suspicious activity before any real damage happens is an absolute must, and SDN solutions offer the security capabilities needed to identify breaches as soon as possible. Writing for InfoWorld, CloudRouter Project head Jay Turner noted that SDN firewalls provide greater visibility across the entire network. Network security teams can define firewall policies as they see fit from a central location, giving them more granular, more agile and immediate control over network traffic.
What's more, SDN facilitates more detailed data collection from around the network. AT&T security researcher Jennia Hizver explained that information could then be used to design more precise and sophisticated detection algorithms. One of the problems facing network security teams today is separating truly malicious activity from the merely suspicious.
"There's a tremendous amount of potential in leveraging SDN for security."
False positives can waste a lot of time and manpower while teams are busy chasing down what they believe to be a data breach. With the help of SDN-supported security applications, companies can more accurately identify intrusions and limit their reach and impact across the network.
Lock down affected network segments
Another major security feature provided by SDN is the ability to segment parts of the network in near real-time to isolate and quarantine malware in the event of a breach. From a central location, security teams can block off the affected network portion and keep the threat contained. This allows organizations to remediate breaches and prevent them from spreading to other corners of their network.
There's a tremendous amount of potential in leveraging SDN for network security purposes. The level of control and visibility offered by SDN can be harnessed to improve cyber security measures and decrease the chances of a lengthy and costly data breach. Security researchers and experts are finding that a speedy response is just as – if not more – important to a robust cyber security posture than a seemingly ironclad defensive perimeter.
Networks are as porous as ever, and plugging those holes can often feel like a Sisyphean endeavor. SDN allows for a different approach to cyber security, one aimed at remediation and rapid response. That, at the end of the day, is the best way forward with today's threat landscape. Contact one of our experts today to find out more about the security benefits of SDN.