Why 56% of large businesses are turning to SDN for cybersecurity
Published: Jul 10, 2018
Author: John Loveland
Cybersecurity is a critically important C-suite issue for the companies we meet. From the threat of a devastating attack to the possibility of a damaging customer privacy breach, the vast majority of boards we talk to now recognize the potentially existential danger of poor cybersecurity and resilience. The trouble is, doing something about the danger is not straightforward; not only are cyber attackers becoming ever-more sophisticated, but also, organizations’ increasingly sprawling networks offer so many vulnerabilities.
This imperative is one of the most important drivers of the rapidly accelerating take-up of software-defined networking (SDN). These technologies, which enable organizations to virtualize and automate their network operations, offer businesses a valuable new means to enhance their security.
Growing numbers of organizations share this view. Our latest research, based on a survey of senior IT leaders at 165 global enterprises, found that almost one in two organizations (47%) said the need to improve their cybersecurity has been a factor in their take-up of SDN tools.
Many of these organizations are targeting crucial gains in this area. More than half (56%) believe that increased network security will be one of the most important benefits they will gain from a move to SDN; meanwhile, 48% expect to count improved network performance and resilience as a benefit following implementation.
Embedding security controls
There are a number of reasons for this optimism. First, enterprises recognize that SDN can be inherently more secure than the technologies it is replacing. By moving to fully enclosed networks carrying encrypted traffic, your business will be significantly less exposed to attacks and breaches than traditional network solutions. Also, SDN provides you with an opportunity to build the security protocols that are already embedded in your users’ applications into their virtual environments.
From a control perspective, SDN should also make it much simpler for your organization to collect data on network usage, which can be used to design algorithms and policies that will spot incoming cyber attacks. With traffic anomalies detected at an earlier stage using such techniques, it will often be possible to automate the blocking of malicious threats before they have a chance to penetrate your network.
Better management, better security
We’ve also found that SDN tools can help organizations manage their IT infrastructure for resilience while simultaneously repelling or evaluating threats. For example, it is possible to selectively block suspect traffic flows while allowing non-malicious traffic to pass through. Automated tools can divert irregular traffic to the network’s security controls, such as firewalls or threat prevention systems.
And don’t forget the human factor. Technical considerations aside, another important argument for SDN as a driver of greater security and resilience is the simplicity it offers. Stripping complexity out of an organization’s network can reduce the number of points of vulnerability. Automating network controls, moreover, reduces the need for manual interventions; since human error is often at the heart of a cybersecurity failure, this offers further benefits.
More broadly, the resilience of the internet holds up well compared to conventional networking technologies depending on traditional telecoms; many businesses trialling SDN tools report improvements in their network resilience.
Transforming network security
None of which is to suggest that SDN will provide a complete answer to your cybersecurity issues. We’re not arguing that this technology should be considered a panacea. And it will also be important to consider potential security vulnerabilities during the SDN implementation process – as you adopt SDN across your organization, look each time at how you manage security, what advantages SDN offers, and what you can achieve with the next roll-out process.
The bottom line is that security should be a central priority during the implementation process, on a par with the top-line benefits that you may hope to gain from SDN. Tight controls and protections around the central SDN control point will be especially crucial, but also look at where security features are installed throughout the whole IT infrastructure – are they embedded in the network itself or within servers, user devices and other endpoints, for example?
Above all, SDN technology needs to be part of a robust security policy and framework, with clear lines of accountability and control. Deployed effectively, however, these tools have the potential to play a significant part in transforming the security of organizations for the better.