Software defined security (SDS) could this be the SDN “killer outcome”
Software defined networking (SDN) continues to be a major customer discussion within both the specialist networking and enterprise datacenter arenas. After bubbling under in the mindshare league well below cloud, virtualisation and mobility for quite a while SDN is starting to move up the ranking. However this is not without a fair degree of murmured discontent.
Enterprises, whilst digesting the technical concepts behind SDN are struggling to understand the most effective SDN solution design approach and focus in on the business problem / outcome resolved by SDN. At the highest most strategic level, there are numerous benefits that can include operation efficiencies, network agility and simplicity to name a few. But however compelling they all are, they currently do not seem compelling enough (unless a convenient infrastructure upgrade requirement is often factored into the SDN discussion). This could be the result of looking at something so hard that the some of the more obvious benefits are overlooked and in the case of SDN one said benefits is certainly security.
Networking in software (prior to SDN) had already found its home in the middle of a hypervisor as part of a virtualised compute environment, with the result some degree of understanding of the use of software in enterprise computing to realise networking outcomes is already known. But with the unrelenting growth of server virtualisation beneath a hypervisor with the resulting change to network traffic flows (much of it remaining within the hypervisor or physical host) a hidden challenge became the norm – securing virtualised workloads. The drive by many towards a virtualised enterprise changes decades of traditional design norms of physical perimeter security device placement with the requirement to reproduce a revised ideal for the virtualised workload world.
Enter software defined security (SDS) included within or as a by-product of an SDN strategy. The ability to micro segment virtual workloads using internal virtualised firewalls and controls in software with the reduced need for traffic to flow out of the virtual environment and back to determine the security state is surely a “killer outcome mobilised by SDS or SDN. And before you state it, a secure environment in a virtualised context can be realised today without the use of SDN and software defined security implementation, but SDN makes it much easier, tightly couples it with management and automation frameworks with the result reduced time to value. There are numerous software defined security approaches from standard functionality within specialist SDN overlay networks through to dedicated SDS (software defined security) solutions from specialist vendors with next generation security at the heart. And with enterprises wrestling with the urgent need to secure physical, virtual, hybrid and cloud environments working together as one, a new approach to solving this KEY enterprise IT infrastructure security challenge is surely required.
Software defined security alone isn’t the answer, SDN in isolation isn’t the answer but they are both serious and viable considerations to deliver security outcomes today aligned with problems of tomorrow. To that end, software defined security (SDS) may well be the “killer outcome” that kick starts the SDN change.
Until next time.