The Open Networking Foundation’s security working group is preparing to release guidelines for designing and deploying secure software-defined networking (SDN) controllers. The guidelines are currently in review and will be published in June, according to Sandra Scott-Hayward, vice chair of ONF’s security project.
The ONF report also will analyze open source SDN controllers and look at how they compare to other controllers, says Scott-Hayward.
SDN controllers are considered the “brains” of the network because they are the control point of the SDN network and are responsible for relaying information to the switches and routers.
Open source SDN controllers typically contain a collection of “pluggable” modules that can perform different tasks, including taking inventory of devices within the network and gathering network statistics.
The ONF’s security working group is also working on a guideline on security hardening. This guideline will help members figure out how to select and secure SDN components to configure SDN security. “We aren’t providing specific protocols but giving general guidelines,” Scott-Hayward says.
The ONF’s security working group started three years ago as a discussion group but is now a full working group producing documentation for its members. The group in 2015 published a white paper on the principles and practices for securing software-defined networks. The paper provides details on where vulnerabilities to the network might be introduced and delves into the specific characteristics of SDN that can affect network security.
Scott-Hayward said that, because SDN networks are automated, human errors are eliminated, making some aspects of the network more secure. In addition, because SDN allows operators to better track devices on the network, it can help bring a higher awareness of potential threats. “The fact that you can deploy a security policy to all of your networks simultaneously… will help you know what is going on across the network and help pick up any security vulnerabilities.”