By leveraging technoligies like SDN and NFV and therefore advancing to an evolved security architecture – organization can take advantage of the benefits and opportunities that were either not possible in the past, or were too expensive to be justified.
Key benefits to businesses include:
–Central management of security.Organizations can use security software, through the SDN controller, to implement, control and manage threats from one single place.
–Efficient and dynamic mitigation of security threats and attacks. Since the mitigation can be applied close to the source of the attack, organizations can relieve their network from having to off-ramp traffic to a central location, and allow for dynamic insertion and removal of security points where and when needed.
–Hardware cost reduction. Due to the virtualization of network security applications in commodity hardware, the need to buy and deploy specialized vendor appliances is reduced or eliminated.
–Use of existing network appliances. Even if legacy appliances do not support advanced traffic monitoring mechanisms, organizations can aggregate the legacy functionality via the SDN controller and blend this with other new technologies as they are introduced.
–Dynamic configuration of existing network nodes for the mitigation of an attack. Virtually configuring connection points, as and when needed, will replace the traditional resource intensive and often vendor-specific method of using static pre-configured policies.
–Harmonized view of logical security policies. The policies exist within the SDN controller and are propagated across the infrastructure nodes rather than being tied to a server or specialized security device, enabling a holistic approach to cyber security.
–Visibility of information from one source. This replaces the need to introduce network probe elements in different locations of the network, which then have to be correlated.
–Integration with sophisticated applications. These applications can therefore use the existing information around the network in order to correlate events in a simpler way and respond more effective and intelligently to security threats.
By adopting the SDSec model, businesses can realize the benefits of programmability and automation, which will consequently enable them to respond to today’s security threats in a more dynamic, efficient and intelligent way.
Feel free to contact E-SPIN for software defined security infrastructure, availability monitoring and security management.