Software defined security (SDS or SDSec) lets companies implement network segmentation, intrusion detection, and other security controls through software. It’s popular because traditional security tools, which rely on static network and machine configurations, are not well suited to the dynamic environment of virtual machines (VMs) and virtual networks. Unlike those tools, SDS relies on logical policies rather than physical configurations. Its benefits come from its use of abstraction, automation, orchestration, scaling and application programming interfaces (APIs).
Abstraction makes security independent of physical devices like firewalls. Instead, the security relies on policies that are applied across all assets, regardless of their physical or virtual nature. This device independence allows security and compliance requirements to be applied to cloud deployments as well as local data centers, ensuring required security measures are implemented everywhere consistently.
SDS allows deployment and configuration of security controls with little human interaction. Security policies travel with devices and applications, so security measures don’t need to be redefined if an asset is relocated to another data center or to the cloud. New devices can be automatically covered by the base security policy. SDS detects and automatically responds to security events, generating alerts and isolating devices depending on policy specifications. As a result, human error is reduced. SDS also lets network administrators focus on complex tasks like planning and understanding future threats, rather than on more routine tasks like configuring firewalls.
Rather than managing every network security control separately, SDS integrates intrusion detection, network segmentation and monitoring into a single platform that oversees all those security functions. This integration of controls makes it easier for companies to satisfy the control requirements of various compliance standards and provides security administrators with much greater visibility into the network. In addition, the orchestration features of SDS streamline the process of adding new devices by integrating security management with hypervisors and other platforms.
Modern data centers and cloud computing are designed to be scalable, with VMs that can be spun up on demand. As a result, security needs to spin up on demand as well. Because SDS implements security through software, it is easily and automatically applied as needed.
SDS provides access to its security monitoring and control functions through APIs that allow the SDS functionality to integrate with any other tools that the security team requires. APIs enable SDS to be aware in real time of infrastructure changes that affect the way policies are applied and allow access to fine-grained features in order to modify individual security controls as well as the functionality of the orchestration platform. Through APIs, SDS offers companies flexibility to adapt their security to new demands rather than locking them into a specific model of protection.
The benefits from these SDS features are especially relevant to environments that rely on VMs and cloud deployments. Traditional security measures rely on firewalls in order to secure the perimeter, which doesn’t match the needs of environments where VMs increase internal network flows and increase the challenge of segregating and managing this east-west traffic. Using SDS, virtual firewalls can provide visibility and protection.
Feel free to contact E-SPIN for software defined security infrastructure, availability monitoring and security management.