Reply is the place to meet an incredible variety of enthusiastic, passionate, ideas-driven people, who want to make a difference and an impact.Would you like to know more?
Organisations today are evolving and rapidly adopting new technologies. This has led to redefining the organisational boundaries, but has also increased the risks and the threat footprint of the organisation.
In order for an organisation to be able to protect their resources and mitigate the risks, it has been necessary to deploy solutions that would protect the network from such attacks. In addition to these trends, the evolution of networking technologies has introduced concepts such as SDN and NFV. These advancements can enable organisations to implement security solutions in a different way and maximise efficiency, whilst minimising cost.
Traditional Security Architecture. Today’s approach to implementing security in an organisation has been firstly to identify the potential threat (i.e. DDoS or Malware attacks), then assess the risk by calculating the likelihood of the threat and the impact to the business and lastly define a security solution or control mechanism that can be put in place, in order to detect and mitigate the attack when it happens.
The configuration of the network nodes is complex and following this approach every single device that takes part in the process will have to be pre-configured, even if an attack is not happening and mitigation is not needed. In addition, if an organisation wants to achieve the most effective security design, they usually select to introduce the specific security appliances inline in the network, which can cause delays in traffic processing and forwarding.
Software-Defined Security Architecture. One of the inherent capabilities of an SDN controller is the fact that it has knowledge of the network topology and infrastructure and it provides visibility of the traffic. Since the introduction of the SDN logic and its architecture, the controllers have now evolved and are also offering integrated security functions. The overall model is described as Software-Defined Security (SDSec).
The design of security solutions to protect organisations from DDoS and Malware attacks can drastically change and evolve to a more dynamic and sophisticated implementation.
The mitigation can now be realised in a more dynamic and efficient way:
Solutions. Most of the network security vendors are evolving their products, in order to integrate with the SDN layer and utilise the concepts of NFV. This will allow organisations that have invested in security products to evolve and incorporate such technology integrations at their own pace. In the case that an organisation is looking to invest in introducing an SDN solution, they should be mindful of the integration of such products with the selected SDN controller, since interoperability between different vendors’ products is not yet mature or standardised.
By leveraging technologies, such as SDN and NFV, and advancing to an evolved security architecture, an organisation can realise benefits and opportunities that were either not possible in the past, or too expensive to be justified.
Overall some of the benefits that can be realised by introducing SDSec in an organisation are the following:
The evolution of networking through the use of SDN and NFV is introducing tremendous opportunities for organisations to evolve their traditional security architecture and implementation models, realise the benefits of programmability and automation and adopt the Software Defined Security model, in order to respond in a more dynamic, efficient and intelligent way to the continuously increasing security threats that they face today.
Through its distinct competencies, Sytel Reply assists clients in realising the benefits and dealing with the impacts of the disrupting technologies on their environments. Sytel Reply leverages real-world experience in SDN & NFV consulting for the TMT market, having worked with global Telco providers and established strong relationships with all major SDN vendors.