The Open Security Controller Project software will automate the deployment of virtualized network security functions — such as firewalls, intrusion prevention systems, and application data controllers — to protect east-west traffic inside the data center.
The initial code for the project is already available and was originally created by Intel, according to an email to SDxCentral from Arpit Joshipura, general manager of networking and orchestration at The Linux Foundation.
“Intel has donated the project to the Linux Foundation for collaborative growth,” said Joshipura. “We are very excited to have our founding members, Huawei, Intel, Nuage Networks from Nokia, McAfee, and Palo Alto Networks join in this collaborative process.”
According to the Linux Foundation, the complexity of hybrid clouds and the uptake of software-defined networking (SDN) is causing the need for more sophisticated security. Current physical security systems that inspect traffic at the perimeter have limited visibility into virtual workloads.
The Open Security Controller Project orchestrates the deployment of virtual network security policies. And it applies the correct policy to the appropriate workload. “It really means providing consistent security orchestration, automation, and policies for ‘workloads aka services’ in a multi-cloud environment in a software defined data center,” said Joshipura.
The Open Security Controller Project is agnostic to virtual firewalls and other virtual security software as well as agnostic to SDN controllers.
The project’s code is licensed under Apache 2. Governance for the project fits under the overall open source networking umbrella set of projects and follows the same template as those other Linux Foundation projects.