SDN Security—What is it and Why Should SMBs Care?

Antivirus Program Download

Small and mid-sized businesses (SBMs) have every reason to be interested in deploying software-defined networking (SDN) technology, because it offers capabilities such as dynamic, efficient network configuration that can enhance network performance and monitoring.

SDN is designed to address the static architecture of traditional networks, making networks more like cloud services and centralizing network intelligence in a single component by disassociating the forwarding process of network packets from the routing process.

Using SDN, companies can create and control virtual networks via software. Traditional networks, on the other hand, use dedicated hardware devices such as routers to control network traffic.

Growing Market

The concept of SDNs and other software-defined IT components has been around for years, but only recently has it hit the mainstream. The technology appears poised for a significant growth spurt.

A report by market research firm Expert Market Research (EMR) said the global SDN market was valued at about $9.2 billion in 2020, and is projected to increase at a compound annual growth rate of 25% between this year and 2027, reaching a value of about $35.6 billion by 2026.

SDN market growth is being driven largely by the rising demand for network bandwidth, an increase in the use of cloud services and the introduction of 5G-enabled Internet of Things (IoT) services, according to the report. In addition, the use of mobile devices has risen exponentially in recent years, the study said, which means well-organized data networks across private and public sectors are increasingly needed.

As with anything else related to technology, SDN has implications for cyber security—both good and bad.

Security Benefits

On the good side, SDN provides flexibility, agility and central management. These are among the biggest benefits of the technology from an operational standpoint, said Yasser Fuentes, technical product manager (cloud) at Bitdefender.

“One of the most significant advantages of SDN is granularity when it comes to having adequate and augmented visibility throughout the entire network infrastructure,” Fuentes said. “For example, in traditional networking any security countermeasure you put into place impacts the backbone and overall performance of the network. However, with SDN security controls can be used selectively to prevent undesirable traffic from your network without impacting production.”

SDN can be used to improve an organization’s security posture by complementing security controls, which allow organizations to monitor, detect and respond to security incidents, Fuentes said. The same is true for security automation, he said, since all the controls can be configured to automatically engage when needed, without any human interaction.

Security Risks

On the negative side of the security ledger, SDN can add the complexity of micro-segmentation and its correlation with system-wide permissions, Fuentes said. There are also concerns about compliance with security standards and regulatory frameworks, risks related to advance persistent threats, and limited capabilities in terms of prevention, detection and response.

“One of the most relevant challenges we see is lack of proper planning before SDN implementation,” which might lead to exposing an SDN controller) to unauthorized users, Fuentes said. This can introduce a wide variety of threats, he said, including brute-force attacks over the vulnerable SDN controller access mechanisms, which allows attackers to gain broad access to corporate systems; and denial-of-service or distributed denial-of-service attacks that could have serious consequences for organizations.

Another big issue for SMBs is over-reliance on embedded SDN security capabilities, which might lead to limited visibility and observability, Fuentes said.

Bolstering Protection

Companies can deploy various tools and processes to ensure security with SDN. One is two-factor or multi-factor authentication, an authentication method in which a user is granted access only after presenting two or more pieces of evidence to an authentication mechanism—something the user knows and something the user possesses.

In addition, SMBs should perform periodic assessments to detect and address issues such as misconfigurations and vulnerabilities.

It’s a good practice to complement SDN security controls by using network security analytics solutions. For example, Bitdefender’s Network Traffic Analysis (NTA), a key component of Extended Detection and Response (XDR), applies threat intelligence, machine learning, and behavior analytics to network traffic to detect advanced attacks early and enable effective threat response​.

In 2021, Bitdefender announced GravityZone Security for Containers, expanding its cloud workload security (CWS) offering with run-time support for containers and Linux kernel independence. The product offers threat prevention, extended endpoint detection and response (XDR) and anti-exploit protection for containers running in private and public clouds with visibility and control through GravityZone, the company’s unified cyber security platform.

By putting in place a comprehensive cyber security strategy that addresses the risks of SDN, SBMs can leverage this networking technology for business benefit.

Learn more about securing cloud workloads and hybrid environments.