Software Defined Networks (SDN) and Network Function Virtualisation (NFV) have the potential to redefine the way in which we build and manage the next generation internet. By effectively providing a “centralised brain” across a network, SDN promises network operators far greater transparency and control over their infrastructure and the traffic crossing it.
As I discussed in my recent blog, like any new technology, SDN must be seen to be safe and secure if it is to be widely adopted. Ultimately however, the centralised intelligence SDN provides should prove to be a real advantage when it comes to identifying and preventing cyber-threats, says Brian Levy of Brocade.
For example, the SDN layer of the network could be used to receive information from across the infrastructure, maybe in the future even from everything connected to the network. This visibility could be hugely valuable in helping organisations to spot attempts to divert or block streams of traffic. It could also be used to instantiate new dynamic firewalls or other threat mitigation elements in the infrastructure.
These security advances will, however, be hugely dependent upon collaboration and coordination from the industry as a whole. In order for emerging threats to identified before they can do any harm, companies must be willing to share data about threats they have encountered and new approaches to dealing with them. By pooling their knowledge and experience, the industry can adapt to emerging threats much faster, which will in turn help to unlock the wider business benefits of SDN.
This kind of cross-industry activity is not always easy to implement but we have seen some recent high-profile examples of how this kind of collaboration could work. Foremost among these examples is Facebook’s “Threat Exchange” which now has more than 100 participants, including the likes of PayPal, Twitter, Yahoo and Microsoft. Previously, sharing of application level threat information had been something done by small groups of “Trusted” individuals in darkened rooms so this is certainly a real step forward, with Facebook offering a free tool for sharing information (although of course you do need a Facebook account to join).
There are advantages to this kind of initiative in that the fast sharing of information across social networks such as Facebook allows new information to be shared very rapidly. However, it is important to make sure that neither the quality of information shared nor the trust level of the individuals is compromised. Some kind or rating system should perhaps be put in place to help members of the community verify the source of threat information.
It is, of course, a long road to establishing a cross-industry information sharing system for SDN but as we move towards a new IP world, emerging big data and analytics technologies will allow this vision to be realised.
Anonymity and privacy are also important in lots of ways. Obviously nobody would like to announce automatically to the world that they have vulnerability on their particular network. We must, therefore, strike a balance so that we can create an environment where individuals and companies are confident and comfortable with sharing information for the greater good.
As SDN and NFV technologies continue to evolve, I would like to see the industry working together across all levels to make sure that a robust, consistent security framework is put in place.
By Brian Levy, CTO EMEA, Brocade
