Cisco Subnet An independent Cisco community View more

Could SDN Revolutionize Network Security?

Enterprise organizations identify attractive use cases where SDN-enabled network security can be used to improve threat detection/response, ease network security policy auditing, and centralize network security policy and configuration management.

Network security grows more and more difficult all the time. According to recent ESG research, 79% of security professionals working at enterprise organizations (i.e. more than 1,000 employees) believe that network security is more difficult than it was two years ago (note: I am an ESG employee). Why? Threats are getting more targeted, voluminous, and sophisticated while networks grow more complex with the addition of more users, devices, traffic, etc.

Yup, traditional network security technologies can’t keep up with all of the internal and external changes happening simultaneously, but there may be help on the horizon – Software-defined Networking (SDN). 

SDN has the potential to deliver real network security value. How? ESG asked enterprise security professionals to define the most attractive use cases for SDN-enabled network security and found:

  • 28% of organizations would use SDN-enabled network security to, “selectively block malicious traffic from endpoints while still allowing normal traffic flows.” 
  • 28% of organizations would use SDN-enabled network security for, “network security policy auditing and conflict detection/resolution.”
  • 23% of organizations would use SDN-enabled network security to, “centralize network security service policy and configuration management.”
  • 23% of organizations would use SDN-enabled network security to, “automate network security remediation tasks.”
  • 23% of organizations would use SDN-enabled network security for, “more granular network segmentation for network security.”

I often describe a model called the “CISO Triad” which I extrapolated from numerous conversations with enterprise CISOs. In essence, CISOs are responsible for three things:

  1. Security efficacy (i.e. risk management and incident detection/response)
  2. Operational efficiency (i.e. Facilitating the right processes and methodologies to allow the security team to work smarter and not harder)
  3. Business enablement (i.e. Ensuring security is built into business processes that leverage IT resources).  In my humble opinion, SDN-enabled network security has the potential to add tremendous value in all three of these areas.  It that’s not a “killer app,” I don’t know what is. 

CISOs won’t be the only beneficiaries as SDN-enabled network security takes off. Cisco could be a big winner here as it has market opportunities for network hardware/software and network security hardware/software. VMware may not have the same revenue opportunity as Cisco but NSX could stimulate the SDN-enabled security market for the company and its partners. Prescient networking companies (i.e. Arista, Extreme, HP, Juniper, etc.) and network security vendors (i.e. Check Point, FireEye, Fortinet, IBM, McAfee, Palo Alto Networks, etc.) see market dollars ahead so they are also actively planning their SDN-enabled network security strategies.

The RSA Security Conference is only a few weeks away. Given the “game-changer” potential for SDN-enabled security, I expect a lot of buzz at the Moscone Center on this very topic. 

Must read: Hidden Cause of Slow Internet and how to fix it
View Comments
Join the discussion
Be the first to comment on this article. Our Commenting Policies