Every day we read about a massive new data breach. Today it’s AT&T and Yahoo. This comes after huge security incidents at Target, Home Depot, and JP Morgan in which millions of accounts were compromised. It’s clear that the era of the cloud and big data means big opportunities for the hackers.
In today’s news, AT&T is warning customers that an insider illegally accessed the personal information of an unspecified number of users, according to Threatpost. The compromised data includes Social Security numbers and driver’s license numbers.
In a recent article I did, I was surprised to find that some people said that security threats aren’t any worse than they use to be. I disagree. It seems like if the hackers to break into JP Morgan, Target, and AT&T in less than a year, it’s worse. Nowadays, every time I fill up the gas tank and swipe my credit card, I think about an angry hacker in Russia looking for my data on the other end.
Enter Software Defined Networking (SDN) technology, which many experts believes has the potential to change the way we deal with security threats. If you think about it, security solutions are a hodgepodge of applications, many of them linked to specific networking appliances.
The broad nature of SDN technology, in which the software management infrastructure can be separated from independent hardware appliances, has to potential to broaden the scope of network security by looking at more of the network. With SDN, it’s possible to gain a more holistic view of all the network activities from an abstracted management console, and then apply smart analytics to detect anomalous activity that might be associated with cyber crime.
I met with Pluribus Networks founder and Chief Technology Officer Sunay Tripathi last week in San Francisco. He says that security applications will be a huge opportunity for Software Defined Networking (SDN) technology.
“Home Depot got broken into. We know JP Morgan got broken into. We know they got broken into from inside. The fact that your network can show you every connection, inbound at the leveral of every VM talking to every VM (Virtual Machine) and every mobile device, including the signature of that connection. Our analytics can show all of the MAC connections, this includes new outbound IP connections that somebody inside is connected to. That allows you to distill things down to ‘how did it happen.'”
This is a definite advantage of the promise of SDN, in which there will be more interoperability and visibility across all devices of the network.
Of course it cuts both ways. With the more centralized management approach of SDN, it can be a tool in fight against the security, but it also introduces new vulnerabilities. An all-powerful controller to the network could represent a single point of failure, with all sorts of valuable information about the network that a hacker in one place.
Last fall, the Open Networking Foundation (ONF) published a paper on SDN and security, pointing out both the benefits and new threats.
The threats come in the form of the new cloud model and virtualized environments, such as public cloud networks, where portals to access data centers are more visibile than ever before.
But the ONF also points out that the flow-based paradigm of SDN is particularly well suited to protect traffic for virtualized networks. There could be many new applications and use cases for security.In an example of a new application, the ONF presented a use case for automated malware quarantine (AMQ). AMQ detects and isolates network devices that have become compromised before they can negatively affect the network.
You can read the paper here.
It’s clear to me that security has the potential to be a huge application for SDN, and it’s fertile ground for both startups looking to find new ways to stop cyber bad guys as well as customers looking for new solutions.