The first big SDN data breach is just a matter of time

As more enterprises opt for software-defined networking implementations, the potential for a major security breach will grow

Over 40% of enterprises have plans to deploy software-defined networking (SDN) by 2019, and where enterprises go, cyber criminals are bound to follow, raising the possibility of major SDN security breaches in the future.

Research released by SDN cheerleader Brocade to mark the opening day of IP Expo Europe 2014 at London’s ExCeL centre suggested that as enterprise budgets remain flat but demands on the corporate network increase, more network managers and CIOs are looking to evaluate SDN and network functions virtualisation (NFV).

Brocade’s headline statistics claimed that 40% of enterprises will deploy software-defined networks in the next five years and 30% in the next three years, while 34% of organisations are looking to adopt NFV by 2019 and 27% by 2018.

According to Brocade's European CTO, Curt Beckmann, early SDN adopters outside of the world of telcos and cloud service providers will be lines of business and verticals that do not handle large amounts of sensitive or confidential data.

“I think almost everyone will be evaluating SDN, but the first to jump I would expect to be a vertical with a lot of content that is not hyper-sensitive, such as manufacturing or retail,” said Beckmann.

SDN is new technology. Businesses with sensitive data have a responsibility to wait until something is proved robust

Curt Beckmann, Brocade

“This is new technology,” he went on to explain, “and every new technology will bring some set of exposures to the business. People who have sensitive data have a responsibility to wait until something is proved robust. It’s not that SDN is inherently faulty, by any means, but it is new.”

Beckmann suggested a number of ways in which SDN could help improve overall network security, by giving IT departments more and better means to respond to volumetric attacks and avoiding brute force responses to attacks and breaches.

“It is easy to say there will be a breach around SDN, but you still might be better off with SDN because it may shut down other security holes,” he said.

Nevertheless, he predicted there will be “a high-profile security event within the next two years based on SDN”.

The hope among suppliers such as Brocade, which is a member of the Open Networking Foundation and committed to the supplier-agnostic OpenFlow industry standard SDN communications protocol, is that a wide community of open-source developers will be more quickly able to respond to and develop solutions to any flaws that arise.

Read more on SDN

  • App store-style network apps will drive SDN adoption
  • Lancaster Uni supports SDN development with HP Networking
  • Five commercial SDN controllers you should know about
  • Why you need software-defined security for your SDN
  • The future network is software-defined: Prepare your WAN now
  • A software-defined networking reality check for potential adopters

A recent report by called for network managers to integrate security capabilities into their fledgling SDN infrastructure.

The report warned that network architects were overlooking how to provision and manage security services inside an SDN environment, which would ultimately lead to an undesirable scenario whereby networking and datacentre infrastructure was fully virtualised but security remained hardwired.

The latest release of the OpenDaylight Project’s SDN stack, Helium, now includes security enhancements around authorisation, authentication and accounting, as well as a secure network bootstrapping infrastructure feature.

Brocade emphasised that the possibility of harm should not be a reason for network managers to shy away from evaluating SDN to find out exactly what it is and what it does. 

The research also revealed that 37% of respondents – all UK IT decision-makers – did not fully understand SDN, and 45% were not sure about NFV either.

Read more on Software-defined networking (SDN)