When it comes to software-defined networking (SDN) automation, certain benefits frequently get more attention than others. Take, for instance, the simultaneous provisioning of network functions and servers, which allows applications to become available in minutes instead of days or weeks.
Often overlooked, however, is how SDN automation strengthens your network security posture, particularly through quarantine and monitoring.
Imagine this scenario: Your security team has the infrastructure to monitor and detect malicious traffic within the data center. As a result, you’ve discovered a server with a compromised IP address. In turn, that server is now probing other servers in an attempt to laterally spread the compromise across the data center. What’s the best way to thwart this attack?
In a traditional data center, a server administrator must manually find and remove the machine from the network.
This function is made more powerful with the ability to program the network remotely using REST API calls into the SDN solution. The benefit is that your security appliance can easily integrate with your SDN solution. In turn, the security appliance can immediately quarantine compromised servers with an API call to the SDN solution.
Most importantly, SDN automation reduces your network’s exposure to malicious actors. This is critical for maintaining, not only a secure network, but a secure IT infrastructure.
One common misconception about SDN automation is that network visibility is compromised or lost. This fear is based on the notion that current monitoring tools that use SNMP, syslog, or NetFlow can’t see into the network — which isn’t true.
In reality, SDN vendors want to integrate SDN monitoring with existing tools wherever possible. With this in mind, they offer the capability to monitor your data center network using technologies common to a traditional data center. In other words, SDN automation can incorporate the same tools and alerts found in the traditional data center.
On the flipside, SDN vendors also realize that automation provides a wealth of data that can be used to visualize and protect your network’s current state.
For example, with automation you can simulate a packet traversing the network between client and server machines. The SDN solution can track a simulated packet as it crosses through the routing, switching, load balancing, and firewalling. With this information, you can uncover network connectivity problems and pinpoint exactly which network function is causing them.
Alternatively, automation can also identify places in your network that are allowing traffic that should actually be blocked. Taken from an expanded view, the network data gathered through automation can provide a real-time view of your network’s health.
In short, don’t overlook the security potential offered by SDN. With powerful benefits like quarantine and monitoring, SDN automation should be part of your overall network and IT security posture.