The Virtual Cybersecurity Frontier
It’s no exaggeration to say the networking industry is going through a period of near-unprecedented change. The explosion of software defined network (SDN) concepts over the past few years brings great promise for new networking capabilities and increased economies of scale. The rapid adoption of SDN and network functions virtualization (NFV) by global telecommunications service providers will continue to drive the rapid evolution and standardization. Additionally, SDN will bring many benefits to enterprise securities yet to be fully explored or imagined.
A New Security Approach
Consider today’s network environment. It consists of devices performing various functions and capabilities across networks, with each collecting vast amounts of information every second. Unfortunately, the complexity of the multilayer, multivendor network complicates obtaining actionable intelligence from this invaluable pool of data. For example, forensics on a breach incident typically requires multiple people with specialized skills to perform unique audits at different network layers. Obtaining a holistic picture is difficult because different tools and resources are used across different parts of the network.
A vendor-agnostic SDN orchestration solution collects and assesses analytics and situational information from each component regardless of vendor or function. Beyond the network infrastructure, an SDN orchestration solution provides enhanced situational awareness, letting enterprise architects parse network functionality across multiple domains at a much more granular level without making operations and maintenance more complex.
Intra-domain boundaries generate a much better picture of data flow through the network, letting security specialists cordon off specific sensitive data from pedestrian traffic. This capability is dynamic and does not need to be pre-engineered, but may evolve as the enterprise data requirements change. It provides a much more robust forensic capability that shortens the interval between breaches and detection and reduces damage caused by a breach attempt.
The scale of modern networks challenges the effectiveness of today’s tools that alert, audit and triage networks after a breach. SDN provides an additional layer of relevant data to focus capabilities and make these efforts more effective.
A Brave New Networking World
SDN and NFV hold great potential to revolutionize networking. A virtualized world provides benefits of enhanced situational awareness and controls responses to cyber events. They offer the mechanisms to create more secure network environments and the potential for automated network response to stimuli generated by the network security protection apparatus. As virtualization scales, both data sets are available to augment traditional security tools and the ability of the network to reconfigure, recompute and respond will extend throughout the enterprise. This means that all network layers, from application dynamics through infrastructure, play critical parts to ensuring the integrity of tomorrow’s enterprise.
The key technological advance that will enable this new security paradigm is the network orchestration layer. Network orchestration allows multivendor interoperability, multilayer seamless operation and integrated virtualized functionality. Requirements of the expanding scale and economics of carrier networks drive network orchestration to technological maturity. At the same time, it consists of data-driven processes and control mechanisms that feed the next generation security infrastructure and execute appropriate network responses.
Large-scale network virtualization is coming along with the attendant network orchestration capability that makes it multivendor and more robust. Advancing security architecture commensurate with the improvements in network architecture presents opportunities for cyber defense; enterprise cyber protection strategies that do not leverage this new technology will find themselves overwhelmed by the new technologies.