Given all the talk and hype around SDN what if any security are we seeing around these implementations in customer environments?
Software-defined networking (SDN) is an emerging technology that gives the ability to split the data plane from the control plane in routers and switches. The control plane, which has historically been proprietary and known only to the vendors that developed them, would be open and controlled centrally with SDN (by the SDN controller) while having commandsand logic sent back down to the data planes of the hardware (routers or switches).
From a security perspective, SDN can allow for granular security by giving an administrator a complete view of the enterprise network, facilitating rapid responses to attacks (e.g., malware). However, by giving the SDN controller centralized management over network nodes to push down changes to these systems, the SDN controller (the brains of SDN) becomes a juicy target along with the command interfaces on the systems that the SDN controller interacts with. it becomes imperative that the security around this system is locked down. Without proper security, the network becomes completely vulnerable to malicious attacks or accidental changes, both of which can take a network down.
Bottom line…major elements of security for SDN will be associated with locking down the SDN controller technology and interfaces rather than security functionality in the network. This is definitely a problem because it means that vendors will be responsible for a critical element of security in their implementations.
I enjoyed reading the following article on this topic. Let me know what you thought of it. I thought the example about different attacks in an SDN context was relevant: e.g. rather than flooding routers or attacking the hosts or applications, an adversary might craft traffic streams simply to increase the interactions between the switches and the controller, i.e., a Control Flow saturation attack. Very much in line with what Eric had posted.
Retrieving data ...