Can Software Defined Networks revolutionise data centre cybersecurity?
August 18, 2017
- By Brian Kelly, CSO, Rackspace
With both the frequency of cyberattacks and the complexity of networks increasing, it’s become a continuous struggle for enterprises to find security solutions to defend themselves. While measures such as encryption, key management and two-factor authentication are imperative, many developers are looking for new ways to use their networks for additional protection.
Holding much promise in cybersecurity is the ‘software-defined network’ or SDN – a virtual network where developers can manage their physical networks through a single digital control console. Rather than interacting with network hardware directly, as in a traditional network, a SDN uses software.
Unlike traditional networks, SDNs aren’t limited by hardware infrastructure. In the past, if developers wanted to introduce a data flow in their network, they had to manually change configurations in each router, switch and server affected. Software updates were also restricted by the hardware in use. This isn’t the case with an SDN, as it allows developers to apply updates simultaneously across an entire network and to ensure all the configurations are in sync.
Not only does an SDN allow a business to manage the infrastructure with software policies, but developers can also programme scripts which enable them to automate the process. This has huge benefits for any business that relies on its network, from minimising network downtime to helping optimise applications – saving developers considerable time and money.
By freeing up sysadmins and developers, SDNs allow businesses to focus on improving other elements of their business IT offering. But how does this benefit a business’ cybersecurity defences?
SDNs Super Security
For cybersecurity experts, SDNs are revolutionary – offering numerous advantages over traditional networks. As with installing data flow changes, security policies must no longer be applied to network nodes individually – they can be instantly applied to all of them.
In today’s threat landscape, it’s considerably more difficult to secure a business than it is to hack it. An attacker only needs to find a single unsecured port amidst thousands to breach a business’ defences. However, an SDN mitigates this risk – with the correct monitoring tools, developers can easily identify which, if any, ports are unsecured.
Another huge benefit of SDNs becomes apparent in the event of an external security breach – it’s possible to track the progress of an intrusion in real time. The agile nature of an SDN makes it much simpler for analysts to observe which server or network segment has been accessed and seal it off, like a bulkhead in a sinking ship. This prevents the hacker from accessing further parts of the network – this is known as network segmentation. It’s even possible to automate this process, saving experts even more time.
SDNs make it easier to access data stored in a network, as engineers can administer access rights using policy instead of using router configurations. This helps businesses comply with data requests, and improves their overall cybersecurity – by being able to identify data more easily and quickly,
They can ensure vulnerable data is protected. Businesses can also restrict access to this data directly, adding protections such as encryption and two-factor authentication.
So, what’s the SDN catch?
On paper, SDNs sound like a cybersecurity silver bullet, but they have shortcomings. The biggest barrier standing in the way of SDN implementation is that any business currently relying on a network will be using legacy hardware. A business can’t simply migrate to an SDN overnight – it takes time to make the change.
Despite their numerous benefits, SDNs carry the same risks to businesses as physical networks, if network administrators treat them in the same vein. To make the most of an SDN, it’s crucial the firms implement tools to manage, monitor and automate elements of the network.
In a worst-case scenario, a poorly-managed SDN could allow a hacker to gain control of an entire network. As the controls for the network are software based, the potential damage could be devastating, as a hacker could reconfigure the network itself, permanently locking out the business from its data. A scary thought! While hackers can also breach traditional networks, this scale of damage isn’t as easy to achieve.
As the risks posed by hackers grow, and the damage of data breaches extends beyond annoyance to reputational, legal and financial repercussions, any edge in security enterprises can get is invaluable. While at present there isn’t an industry consensus on how to best manage SDNs, this will improve as adoption increases. Ultimately, by creating easier to manage and agile network environments through SDNs, cybersecurity experts and developers can focus on improving other elements of a business’ security.