2017: The year of widespread SDN adoption and DDoS attack mitigation

What can we expect in 2017? Accelerated SDN adoption and sharper focus for DDoS attacks.

ddos attack explanation
Nasanbuyn (CC BY-SA 4.0)

Earlier this year, IDC published a study predicting a 53.9% CAGR (compound annual growth rate) for the SDN market from 2014 to 2020, by which point it will be valued at $12.5 billion. If you interpolate from the numbers given and the CAGR, you'll find that the current valuation of the SDN market is roughly $0.61b. $610m is nothing to scoff at, but it suggests that SDN deployments are still fairly uncommon. That will change in 2017.

A universal SDN protocol or standard will accelerate adoption

As SDN proliferates, more potential standards will present themselves, but we could all save a lot of time if we could agree on an interoperable protocol early on. That agreement will come in 2017 and be the catalyst for the rate of growth IDC has predicted. The merger of the Open Networking Foundation and ON.Lab (under the ONF name) makes ONF a candidate to be the standard, but there's some competition, as well.

ECOMP is an open source project from AT&T that the company believes will rapidly accelerate innovation in the SDN space. AT&T is tapping the Linux Foundation to help with the structure of the initiative and has implied that anyone using ECOMP won't be limited to AT&T for support. If the project catches on, it could end up as the standard for SDN. 2017 will be the year where we witness the SDN community get behind a single protocol or standard, allowing for dramatic growth in the years to follow.

The concrete, fully-deployed SDN use case we've been waiting for will appear

Everyone knows that SDN works, but it's the lack of a concrete, fully-deployed use case that's impeding its proliferation. Companies are waiting for a real-life deployment they can point to as a success. In 2017 SDN will move from PoC (proof of concept) trials to having notable commercial use cases that will accelerate adoption. Furthermore, a testing environment will reveal that SDN quantifiably reduces costs and increases revenue, which will spur adoption on a commercial scale, widening the scope of PoC trials as well as inspiring some cutting edge companies to dive into full adoption.

Network operators are having trouble rolling out SDN services at sale, but there's a new alliance on the prowl that offers global telecommunications services to other carriers. Ngena is an alliance of four major operators -- CenturyLink, Deutsche Telekom, Reliance, and SK Telecom -- whose global network might push SDN into the quickly-deployed, immediately-profitable territory it needs to be in. Ngena offers a faster way to roll out SDN services and lets gigantic companies purchase all their telecommunications services from a single source. The appearance of this alliance might be the final strike to break the barrier impeding widespread adoption.

DDoS attacks will be increasingly focused on DNS vendors

According to researchers with NexusGuard, there was an 83% increase in DDoS attacks in the second quarter of 2016 compared to the first quarter. That trend will continue and since DNS is gaining favor as a primary attack target, DDoS attacks will increasingly target DNS vendors. Look for a serious uptick in DDoS attacks against DNS vendors in 2017.

Hackers use weaknesses in DNS itself to build botnets like the Mirai botnet. An effective way to hide malware behavior is to compromise DNS, so directly targeting a DNS vendor makes sense. Compromising a DNS vendor also allows the attacker to affect tons of properties. The attack against Dyn, for example, meant that Twitter, Netflix, Slack, and dozens of other services were taken offline. Companies need to take a look at the properties that are crucial to their business and start demanding security improvements.

Recent DDoS attacks were a warmup for the 2017 global DDoS attack

In the first half of 2016, there were 274 attacks over 100 Gbps. Compare that to 223 attacks of that size in all of 2015. As for attacks over 200 Gbps – there were 46 in the first half of 2016 compared to 16 in all of 2015. The average DDoS attack increased 30% in the same time period. A 1 Gbps DDoS attack is enough to take most organizations offline completely.

With those numbers in mind, it's clear that DDoS attacks are ramping up for something big, perhaps an attempt to take the entire public internet offline. Efforts to protect DNS vendors are in the works, but don't measure up favorably to the problem, so far. DNS security won't be strong enough by the time the global DDoS attack hits in 2017.

Security companies will use SDN to secure networks after severe botnet attack

Security is an ongoing concern for network managers and SDN can be used to make networks more compartmentalized and centrally manageable. SDN firewalls have the ability to see and filter internal traffic and the firewall policy can be defined centrally, allowing for better visibility into -- and control over -- the network. Micro-segmentation of the network through SDN allows portions of the network to be automatically isolated if certain red flags are raised.

Endpoints are ubiquitous, now. Instead of trying to protect a nonexistent perimeter with a traditional firewall setup, network managers need to reconsider their approach by using SDN. With SDN they can define a particular set of behaviors for each application. Expect to see more of this approach after the global DDoS attack that will happen in 2017.

Copyright © 2017 IDG Communications, Inc.

The 10 most powerful companies in enterprise networking 2022