Automation is key
In addition to these options there is one crucial element that organizations should use to manage SDN security – automation. When Gartner asked businesses about their primary motivation for deploying cloud infrastructure as a service (IaaS), the winning factor – by a significant margin – was agility. It is crucial, therefore, that security does not become the bottleneck that prevents fast, agile deployments (and decommissioning processes) in a cloud environment.
Yet, by 2019, according to Gartner, 80% of all cloud breaches will be due to user misconfiguration as well as mismanaged credentials or insider theft, rather than provider-based vulnerabilities, which illustrates that the biggest potential vulnerability in SDN is user error rather than an inherent lack of security.
This is where automation comes in. Making manual changes to network and security processes policies every time a new application is deployed or a new server added is a cumbersome, error-prone process in on-premise networks. But in a hybrid cloud environment making changes manually quickly becomes downright impossible. A security policy management solution that automatically calculates, implements and documents all change processes, from connectivity discovery right through to security policy decommissioning, is therefore essential for SDN.
Network security implementation in SDN is undoubtedly different to that in an on-premise environment. Businesses that take the same approach to network security in both situations are doing it wrong.
However, the security fundamentals in SDN environments remain the same. It is extremely helpful for organizations migrating to an SDN environment to bring cloud experts onto their network security teams, to evaluate the different cloud security controls available, to help select the best one for that organization’s needs, and to ensure that security policies are managed in a consistent way across the entire environment. When using the right automation tools and processes, managing security processes across SDN provide the same levels of visibility and control as they are in on- premise networks, helping to take the fear out of moving your networks.
Sign up for Computerworld eNewsletters.