DENVER — Software-defined networking (SDN) has become a possible answer to today’s network security issues, but it is also raising some concerns, according to executives speaking at Light Reading’s 2016 NFV & Carrier SDN event yesterday.
The availability of more sophisticated tools is making cybercrimes easier to commit and is enabling a wider range of threats than ever before.
The Equation Group, a hacker group studied by Kaspersky Labs that’s widely believed to be part of the U.S. National Security Agency (NSA), is described as one of the most sophisticated hacker groups in the world. Executives at the event warned that network operators have to be aware of this group and need to be prepared to act.
“The way we need to think about security, is how it needs to change — solutions that can get better on the fly will give us the agility to cover measures against the thinking enemy and will certainly be required,” said Mike O’Malley, vice president of strategy and business development for Radware. “Most enterprises are not in a position to defend themselves from attacks.”
This is where SDN applications can help, O’Malley explained. These apps can look at all the different types of data to detect threats and mitigate risks.
If you can achieve automation, not only have you reduced the jobs of 30 people to one, but you are able to detect more threats than you otherwise could, said Rob Sherwood, CTO of Big Switch Networks. But automation overlaps with artificial intelligence and machine learning, which Sherwood thinks will be difficult to implement across legacy systems.
Until automation, artificial intelligence, or machine learning become a standard there will continue to be a large talent shortage for network security engineers, according to the panel.
“Finding network security people is hard,” said Ray Watson, VP of global technology at Masergy. “You have to grow good talent yourself, and everyone is looking for security engineers.”
Virtualization Has Its Issues, Too
While SDN is fixing security problems, it is simultaneously creating new ones. By removing on-premises hardware, you no longer have a physical perimeter, so it is hard to tell where exactly in a network to secure things, O’Malley explained.
“Around 50 percent of breaches are done without any malware at all, so forget the perimeter — we need to be worrying about every piece, end-to-end, no matter where it is, because you don’t know where [attackers] are going to come in,” said Gary Sockrider, principal security technologist with Arbor Networks.
While there is a lot of opportunity in virtualizing security apps, having centralized control means that if one thing goes wrong, everything goes wrong, Sockrider said.
“The condition of being secure is never a reality. We always have to evolve new ways of thinking because opponents are always responding to our new ways of mitigation,” Watson said.