Secure your SDN controller

The controller is the heart of software-defined network (SDN), so make sure you secure it.

Secure your SDN controller
Thinkstock

Managing networks has become increasingly complex, and it will remain a challenge as the use of Internet of Things devices continues to grow. This complexity makes it difficult to reconfigure a traditional network in a timely manner to respond to malicious events or fix configuration errors.

A software-defined network (SDN) can help by giving network engineers the flexibility to dynamically change the behavior of a network on a node-by-node basis — something not typically available in a traditional network. An SDN uses virtualization to simplify the management of network resources and offers a solution for increased capacity without significantly increasing costs.

As network controls move from hardware to software, the result is multiple devices merged into one controller, which enables the network engineer to control the entire network. There are security challenges with this new model that must be addressed, though.

Benefits of SDN

An SDN makes it much easier to integrate services such as real-time HD video conferencing and cloud applications into your environment. Application developers or testers can isolate and run workloads without risk as virtual tenants in a production network. This can speed up problem solving and decrease the amount of time required to test before deployment.

SDN brings the benefits of increased visibility and control through a centralized dashboard. The controller can determine the best route for each application traffic flow. Congestion levels, link health, and priority can be tracked in real time. And the ability to route specific application traffic through different or multiple paths increases redundancy. 

For example, if you have an application that is hosted at two separate cloud providers, you can route a specific customer’s traffic to the cloud provider that is averaging lower latency values. This can enable an organization to provide a better customer experience.

Another benefit of an SDN is you aren’t locked down to using one vendor. The goal of SDN is to use open standards. Enterprises can easily use multivendor options, which can helps reduce costs. 

Costs can also be reduced by pooling multiple compute, storage and processing functions on low-cost commodity servers. This can significantly reduce capital expenditure. This virtualization enables a lot of manual network configurations to be automated and improves their traceability.

Security is also another benefit that enterprises notice with an SDN. This means you can extend your defense capabilities from simply blocking specific attacks to making proactive changes to adjust to new threats. The SDN controller can push global security policy updates out centrally across the network, and a virtualized switch can filter packets at the network edge and redirect suspicious traffic to other security devices for further analysis.  

SDN security concerns

A significant issue regarding SDN security is that virtualizing every aspect of the network infrastructure increases your attack footprint. The SDN controller is typically the primary target for attackers because it is the central point for decisions in a network and a central point of failure.

Attackers can try to get control of the network by breaking into a controller or pretending to be one. Once a central controller is compromised, an attacker can gain complete control over your network. This would be considered an extreme scenario, but it could be possible as SDN usage continues to grow.

There are new types of denial-of-service attacks that try to exploit potential scaling limits of an SDN infrastructure by locating specific automatic processes that use a significant amount of CPU cycles.

An SDN could be very vulnerable to attacks because of the separation of control and data planes. A disruption in the communication path between the two planes could potentially result in a major hole that attackers can compromise.

Due to the programmability features of SDN controllers, engineers can install security applications on the controller's northbound interface to open up new ways to apply security policies on a network. The programmable northbound interface can also be a potential vulnerability.

Also, the applications installed on the controller can potentially reconfigure the network. Attackers can trick network engineers into installing applications that have been compromised and could make the network do something completely unexpected.

How to secure your SDN controller

It is critical that access to the SDN controller is controlled to prevent unauthorized activity. Role-based access policies that are audited and reviewed on a consistent basis should be used. Any unauthorized attempts should fire up alerts to security staff. Also, configuration changes to it must be audited and reviewed regularly.

Best practices for hardening and patching the system should be in place. If a best practice or security standard is not followed, then the risk and potential impact of it must documented, measured and approved by leadership.

It is important to use a high-availability controller architecture to prevent distributed denial-of-service (DDoS) attacks. You do not want to take the chance of having your controller out of commission. Also, having high availability in your design will allow you to test updates or changes in the production environment, as well as provide the option for an immediate failover if the change does not work properly.

Northbound communication should be encrypted via TLS or SSH. Also, any northbound applications should be coded securely. Any attack or compromise on these applications can affect the security and operation of the controller. In addition, it is critical to avoid using default passwords for these applications and make sure there is some form of authentication for an application before it can communicate with the controller.

For southbound communication, it is important to use TLS to authenticate endpoints, and control protocol traffic should be segregated from the primary data flows. It is best to do this via an out-of-band network.

You must factor in security when designing an SDN solution. The controller is the heart of an SDN, and securing it, the applications it communicates with and any flow of traffic between them is critical. Including security in your design plans right from the beginning will avoid potential problems down the road and is worth the time and effort.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Now read: Getting grounded in IoT