Comments
yourfanat wrote: I am using another tool for Oracle developers - dbForge Studio for Oracle. This IDE has lots of usefull features, among them: oracle designer, code competion and formatter, query builder, debugger, profiler, erxport/import, reports and many others. The latest version supports Oracle 12C. More information here.
Cloud Expo on Google News
SYS-CON.TV
Cloud Expo & Virtualization 2009 East
PLATINUM SPONSORS:
IBM
Smarter Business Solutions Through Dynamic Infrastructure
IBM
Smarter Insights: How the CIO Becomes a Hero Again
Microsoft
Windows Azure
GOLD SPONSORS:
Appsense
Why VDI?
CA
Maximizing the Business Value of Virtualization in Enterprise and Cloud Computing Environments
ExactTarget
Messaging in the Cloud - Email, SMS and Voice
Freedom OSS
Stairway to the Cloud
Sun
Sun's Incubation Platform: Helping Startups Serve the Enterprise
POWER PANELS:
Cloud Computing & Enterprise IT: Cost & Operational Benefits
How and Why is a Flexible IT Infrastructure the Key To the Future?
Click For 2008 West
Event Webcasts
Question Answered. SDN Is Secure | @CloudExpo @Ciena #SDN #IoT #M2M #API
SDN provides a centralized intelligence and control model that is well-suited to provide flexibility to network security

The Question Has Been Answered. SDN Is Secure

Software-Defined Networking (SDN) is one of the most interesting developments in networking to emerge in the last decade. The potential to establish a simplified infrastructure and leverage software to dynamically modify existing flow characteristics has the potential to address many concerns around hardware costs, faster service provisioning, and greater configuration control across diverse networks. However, concern for or lack of information about security is a key inhibitor to SDN adoption in today's rapidly-evolving data centers and connected wide area network environments.

With good reason: there is news of another global data breach almost daily. More than 1,500 data breaches led to 1billion data records compromised in 2014 alone, a 49% increase in data breaches and a 78% increase in data records stolen or lost compared to 2013. While it's easy to focus on all of the security vulnerabilities (actual and perceived) in an open system, there a number of security benefits that SDN can in fact help realize.

It's true that currently available security solutions are difficult to deploy, manage, program, scale, and secure. Policies are tightly coupled to physical resources as opposed to services and applications. Security solutions struggle to provide quick and automated threat mitigation across equipment from multiple vendors. Consistent security policies are difficult to administer across compute, storage, and network domains, and multiple data centers.

What SDN provides is a centralized intelligence and control model that is well-suited to provide much-needed flexibility to network security deployments with a number of complementary attributes that are useful for implementing a highly secure and manageable environment, including:

  • A flow-based paradigm that untethers policies from the physical perimeter. The perimeter security model of "keeping the bad guys out" no longer works in today's dynamic cloud and mobile computing world. Networks and servers will continue to be attacked, despite using best-in-class content inspection, tunneling, and continuous monitoring technologies. The flow paradigm is ideal for security processing because it offers an end-to-end, service-oriented connectivity model that is not bound by traditional routing constraints.
  • Highly granular policy management and enforcement, for diverse, multi-tenant environments. Granular policy management can be based on application, service, organization, and geographical criteria rather than physical configuration. This allows the operator to designate who is authorized to update control information, and by extension exclude unauthorized individuals or groups. It also allows the owner to determine the state of the platform at any time, as well as what changes were made, when, and by whom.
  • Logically centralized control allows for effective performance and threat monitoring across the entire network. In SDN architectures, network intelligence is centralized, so decision-making is facilitated based on a global (or domain) view of the network, as opposed to today's networks, which are built on an autonomous system view where nodes are unaware of the overall state of the network. This gives operators a more efficient way to detect and isolate threats.
  • Programmability which offers far more sophisticated security processing than is available today. SDN networks are inherently controlled by software functionality, which may be provided by vendors or the network operators themselves. Such programmability enables automation and adaption to mitigate risks, as well as for dynamic and flexible adjustment of security policy.

By blending historical and real-time network state and performance data, SDN facilitates intelligent decision making, achieving flexibility, operational simplicity, and improved security across a common infrastructure. And with the proper configuration and integration, you can secure an SDN environment without impact to SDN capabilities. This provides a way to address one of the most common security critiques - that security is bolted on, as opposed to built-in. With SDNs, security can be a core part of the network solution right from the beginning, making the management and implementation of proven security mechanisms easier.

About Chris Janz
Dr. Christopher Janz serves as Vice President and CTO of Ciena’s Agility business division. Ciena Agility distributes software that enables network operators to deliver and monetize consumption-based services on demand; flexibly, efficiently and at high velocity. As CTO, he is largely responsible for designing Ciena Agility’s forward path in the fast-evolving SDN and NFV technology and market landscape, and for managing Ciena Agility’s contributions to industry organizations and efforts defining and driving those evolutions.

Chris has 20 years of industry experience in roles ranging from primary research, system architecture, and product development team management; to product line management and strategic marketing. He holds a B.Eng. in engineering physics from the Royal Military College of Canada, a Ph.D. in electrical engineering from the University of Alberta and an M.B.A. from Queen's University.

In order to post a comment you need to be registered and logged in.

Register | Sign-in

Reader Feedback: Page 1 of 1

Latest Cloud Developer Stories
"Storpool does only block-level storage so we do one thing extremely well. The growth in data is what drives the move to software-defined technologies in general and software-defined storage," explained Boyan Ivanov, CEO and co-founder at StorPool, in this SYS-CON.tv interview at...
You know you need the cloud, but you’re hesitant to simply dump everything at Amazon since you know that not all workloads are suitable for cloud. You know that you want the kind of ease of use and scalability that you get with public cloud, but your applications are architected ...
Is advanced scheduling in Kubernetes achievable?Yes, however, how do you properly accommodate every real-life scenario that a Kubernetes user might encounter? How do you leverage advanced scheduling techniques to shape and describe each scenario in easy-to-use rules and configura...
As Marc Andreessen says software is eating the world. Everything is rapidly moving toward being software-defined – from our phones and cars through our washing machines to the datacenter. However, there are larger challenges when implementing software defined on a larger scale - ...
A strange thing is happening along the way to the Internet of Things, namely far too many devices to work with and manage. It has become clear that we'll need much higher efficiency user experiences that can allow us to more easily and scalably work with the thousands of devices ...
Subscribe to the World's Most Powerful Newsletters
Subscribe to Our Rss Feeds & Get Your SYS-CON News Live!
Click to Add our RSS Feeds to the Service of Your Choice:
Google Reader or Homepage Add to My Yahoo! Subscribe with Bloglines Subscribe in NewsGator Online
myFeedster Add to My AOL Subscribe in Rojo Add 'Hugg' to Newsburst from CNET News.com Kinja Digest View Additional SYS-CON Feeds
Publish Your Article! Please send it to editorial(at)sys-con.com!

Advertise on this site! Contact advertising(at)sys-con.com! 201 802-3021



SYS-CON Featured Whitepapers
ADS BY GOOGLE