Majority/Middle of the Road of SDN and cloud environment security issues
SDN will become important as IoT matures and its demands on the network increase. For SDN to become the norm, the growing number of mobile and other connected devices must begin to process the data they create between them. Additionally, the sectors interested in accessing data from these connected devices will n eed to create security related processes to transfer and store this data. Experts have a term to describe the changes the network will undergo to cope with IoT, and it is called elasticity.
That’s industry terms for how a network responds in an agile way to data transfer. Sreekanth Sasidharan, Software-Defined Networking -A Critical Enabler of IoT,, Infosys,
Holistic Views/panorama of Security:( sdn.cioreview.com/cxoinsight/security-advantages-of-software-defined-networking-sdn-nid-23290-cid-147.html) to block or divert malicious traffic during a distributed denial of service (DDOS) attack, SDN applications can be used to predictively and more accurately model the effects of such action in real-time on a more comprehensive view of the entire network.
Security Design Integration: SDN allows designers to go “back to the drawing board” with security features in the wide area network (WAN). This is exemplified by the integration of security-relevant functions such as data analytics into SDN controllers. SDN controllers with embedded analytics can offer complementary correlative views of network activity “from the inside-out.”
Improved Incident Response and Forensics: SDN provides an improved means for response, including swapping and restoring the underlying cloud hardware because it is decoupled from its software.
Incident response can also include simplified patching through the provision of clean virtual images, rather than trying to diagnose and fix infected systems. SDN also provides a means for more complete forensic images of virtual machines in the network to be collected with minimal disruption.
On-Demand Security Expansion: Because SDN is designed for on-demand expansion of features, real-time provisioning of additional security functions can be made by human administrators through portals or by automated systems through cloud application programming interfaces (APIs). This capability allows for the addition of improved security protections during an attack. Dynamic and real-time provisioning of additional outbound security filtering is possible through SDN portals to immediately reduce the risk of exfiltration.
DDOS Attack Absorption: While SDN infrastructure will require continued vigilance against DDOS attacks aimed at shared access points such as provisioning portals, cloud expansion offers the potential for targeted systems to expand dynamically during a DDOS attack to thwart resource exhaustion. The idea is that as resources experience degradation through accelerated use, the virtualization inherent in SDN makes possible the creation of new virtual machines to absorb the requests. Such dynamic expansion can then contract after the event has subsided.
These SDN security benefits -like all benefits from new technology -do come with some costs, the most obvious of which is the collective challenge associated with the software engineering of complex systems.
Correctness concerns achieved through attention to strict process controls, design and code quality initiatives, extensive testing, and rigorous verification processes will increase in relevance as SDN deployment carries critical infrastructure traffic supporting essential services. Such attention, when combined with the security advantages listed above for SDN, should result in a future virtual telecommunications infrastructure that will safely and securely serve consumers, business, and government for many years.
The use of SDN and virtualization technologies can serve to manage heterogeneous network.
Software define network (SDN): SDN motivations are
👋 Hi! I’m your smart assistant Amy!