Cisco Subnet An independent Cisco community View more

CISOs Should Become Proactive and Influential in SDN Planning, Deployment, and Strategy

Networking team will take the lead but security professionals should participate and provide input

In 2014, SDN gained a lot of momentum and many organizations are already piloting SDN or planning deployment projects for next year.  Good news for network security as SDN holds a lot of promise for improving the role of the network with incident prevention, detection, and response.

So who controls SDN infrastructure decisions and who gets input into these decisions?  ESG looked into this question by surveying organizations already deploying SDN.  According to ESG research (note:  I am an ESG employee):

  • 41% of organizations say that the networking team owns SDN infrastructure decisions with no input from any other functional IT groups including infosec.
  • 35% of organizations say that the networking team owns SDN infrastructure decisions but sought out some input from other functional IT groups including infosec.
  • 17% of organizations say that the networking team owns SDN infrastructure decisions but sought out a lot of input from other functional IT groups including infosec.
  • 7% of organizations say that SDN infrastructure decisions are owned by a cross-functional IT team including networking and infosec. 

SDN is an innovative networking technology that will greatly impact core switching and routing functions so it’s understandable why networking owns technology decisions.  That said, SDN could have an equally important influence on the future of network security.  Kind of makes you wonder why 41% of organizations consider SDN a networking monopoly -- this makes no sense to me.

I’m not suggesting any power play or malicious intent on the part of the networking team as it makes sense for the VP of network engineering and his or her peers to quarterback the SDN effort.  Still, CISOs need to make sure to elbow their way into SDN research, testing, and planning in order to explore SDN network security opportunities and push their own agendas. 

From a supply side perspective, Cisco, Juniper, and to some extent VMware straddle the networking and network security worlds so they can facilitate SDN discussions and planning in both areas.  Other network security players including Check Point, Fortinet, HP, IBM, McAfee, and Palo Alto Networks should plan on an offensive approach to SDN in 2015.  How?  By helping CISOs sort through the SDN morass (i.e. hype, standards, proprietary technologies, etc.) and working with customers’ networking teams on SDN infrastructure project planning and deployment sooner rather than later. 

To comment on this article and other Network World content, visit our Facebook page or our Twitter stream.
Must read: Hidden Cause of Slow Internet and how to fix it
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.