Great malware infections hit hard in 2017, leading to new cybersecurity concerns. As malware evolves, so too do networks and SDN and NFV solutions, which may be a good response to increasing threats. Let's talk about SDN security.
According to the Cisco Annual Cybersecurity Report 2018, WannaCry and NotPetya were the most devastating ransomware attacks launched in 2017. WannaCry spread throughout institutions, including the Spanish telecom Telefonica, FedEx and Deutche Bahn while NotPetya hit Ukrainian banks, companies and the international logistics giant Maersk.
As Cisco states, both WannaCry and the NotPetya wouldn’t have been so devastating if more organizations had applied best cybersecurity practices, including updating software on a regular basis, designing and sticking to policies and doing regular backups. Our experience clearly shows that all this advice would be easier to follow if companies made the switch to SDN/NFV. Here are the five reasons why SDN may be more secure than traditional legacy networks.
According to Gartner, cloud computing provides greater security than on-prem infrastructure. In 2018, 60% of enterprises that implement appropriate cloud visibility and control tools will experience at least 33% less security failures in traditional data centers. In 2020, the rate will hit 60%. In 2022, says Gartner, at least 95% of cloud security failures will be the customer’s fault.
By relocating their networks in the cloud and using the cloud to enhance infrastructure, companies will be able to take advantage of all the security benefits the cloud provides. When it comes to compliance with the GDPR and other legal standards, the benefits are easy to see. All cloud providers need to show that they are fully compliant and provide the best security they can afford. For Microsoft and Amazon the affordable solutions are top-notch ones. Every user of the cloud is provided with the highest security standard available. Thus, no matter the size of the company, the cloud usually is more secure than on-prem infrastructure.
The SDN controller is the mind and soul of a network and boasts a slew of benefits. It provides the administrator with a single control panel to manage the entire network, and maintain, supervise and update all network components without the need to change the hardware. It also makes is easier to keep all devices updated, while reducing the risk of forgetting one somewhere on the network’s periphery. Additionally, by applying automation, it is easier to ensure that SDN security policies are being applied.
Automating all aspects of the network provides interesting opportunities, including the ability to automatically cut off some resources (a data warehouse, for example) when a particular malicious event occurs.
Of course, the SDN controller may itself be targeted by an attack, so designing a cyber-stronghold around it should be the highest cybersecurity priority for all SDN users.
Embracing the SDN also provides a unique way to tailor procedures and responses to threats. The centralized controller is able to filter out and block malicious traffic without affecting the rest of the network’s operations.
Moreover, any suspicious activity can be automatically redirected and reported to the administrators. Thus the intruder cannot operate within the system undetected for long--or at least not if the proper policies are in place.
In contrast to traditional and legacy networking equipment, SDN software is open source, thus the source code is available and can be modified at will. This renders single vulnerabilities less likely to remain undetected for long.
While their open source status may make SDN networks similar on one plane, each is in fact different and infinitely tweakable so that companies can ensure the system they use fits their needs. Building a solution from open source blocks makes it more reliable and breaking it may prove more difficult than exploiting vulnerabilities in a proprietary system.
The fully digital nature of the system makes handling redundancy and backup much easier. In legacy mode, best-class redundancy requires maintaining the ready-to-go mirror infrastructure. Pricey hardware and software drive costs up. Moreover, launching redundant infrastructure takes time and can come with surprises, such as an undetected lack of synchronization.
SDN infrastructure, by contrast, can be replaced on the go, as establishing new virtual machines comes with minimal costs. Additionally, it is supported to maintain multiple redundant controllers so the network remains operational.
It is also easy to establish automatic backups and distribute the schedule within the cloud. With the support of leading cloud providers, it is not a problem to keep two independent copies on separate continents.
Although SDN is not a panacea for all networking challenges, it makes handling many common issues easier. By combining the security of cloud and the flexibility of one’s own SDN network, it may be much easier to build a custom system that is clear of holes and updates with the latest patches. That alone boosts security significantly.