You’re enjoying a nice lunch free of work-related conversation when, all of a sudden, SDN becomes the next topic of discussion. “SD-what?” you may be thinking. Better think fast… here’s a look behind the scenes of the modern data center to give you something to contribute to the conversation.
Understanding the Terms
Since a la carte terms like virtualization, micro-segmentation, NSX and data center security are generally paired with SDN, one could ponder as to whether or not they are sitting at the right table. Fear not, as there was once a time when USB keys, RAM and URLs were terms of a foreign tongue. Today will be the day we add clarity in demystifying what these terms mean and why they are favorable subject matters within technical congregations. In short, SDN is a smart, intelligent, automated network that controls itself with guidance from humans to ensure that the flow of traffic is always efficient and transfer speeds are maximized.
Many of us might not remember what RCA revealed at the 1939 World’s Fair: the television. On the contrary, most of us do remember what took place in 2009, which was when the United States flipped the switch from analog over-the-air television signals to digital. For 70 years, analog televisions revolutionized how people obtained information and enjoyed entertainment. Notice how this medium is similar to what’s now commonplace in most households and offices to-date: the internet. Fortunately, it has not taken 70 years to retool the mechanics of computer networking, for which virtualization, micro-segmentation, and software-defined networking resembles the analog to DTV switch.
Hacks and Attacks
The most common driver for adopting SDN is security. There’s no argument as to whether computer breaches are leading news headlines across the globe. Why is this happening, and why are they so frequent? How are the hacks conducted, and who is orchestrating them? The answers being sought are generally omitted from the column, due to active remediation and open investigations. According to a study conducted by Cybereason, it takes 210 days on average to detect a breach, with the average cost being $3.5 million. With 57 percent of security experts anticipating a breach by next year, the technology that most companies rely on is unsafe. It’s time for a “switch.”
One answer to the security weaknesses that we face today is virtualization. Virtualization is starting to become the de facto standard within organizations, and we can easily compare this technology to hostels and hotels. A hostel usually permits a group of individuals to share an open space for lodging, whereas hotels have individual, secured silos for their guests. These individual guest rooms (silos) are contained within one large establishment – the hotel (the hypervisor). This helps us understand how virtualization works. This modern-day approach allows companies to save on hardware licenses, support contracts, diminish cooling expenses and reduce their rackspace overhead, all while having better visibility and control into the traffic and data on the network.
Operating in concert with virtualization, micro-segmentation is the process of creating secured network compartments that permit access to specific people and devices. An example would be a guest having a safe within their hotel room that not every guest in the room has access to, nor the hotel staff. The safe is a micro-segmented area within the compartment that adds additional security and scrutiny to the data and contents within it. Having programmed keycard access to various entry points, as in elevators, swimming pools, or fitness rooms within the facility, is another example of adding security and visibility within the establishment – the network.
So, Next Time SDN Comes Up…
Circling back to the sudden mention of software defined networking at lunch… SDN ties all of the virtualization pieces together by hosting a software-level networking fabric. In lieu of numerous networking switches and routers, SDN virtually consolidates all the physical hardware. This would be the hallways, elevators and stairwells within the hotel. Modern-day networking suites like VMware NSX not only have the ability to host the virtual environment, but are also capable of hosting the networking aspects. This augments the organization’s security posture AND provides intricate levels of visibility that is limited in legacy networking architectures.
May no acronym ruin lunch again!
For more information about SDN, virtualization, micro-segmentation and other data center buzzwords, please contact Leon Balarin.
By Leon Balarin
Sr. Systems Engineer
Arrow ECS Security
Last modified: May 2, 2019