Much like the concept of cloud in the early 2010s, software-defined networking (SDN) is an equally ambiguous term. Many IT leaders and executives hold the common misconception that SDN will replace what we’ve historically done in a physical environment; the reality, though, is that SDN is the decoupling of networking capabilities from physical, often dated, elements and environments of networking.
This change in networking strategy can provide some significant results for government IT teams. SDN’s real value comes from its ability to take technology and apply it in places we haven’t been able to before. No longer will there be physical limitations to accessing a software environment.
SDN’s biggest area of play is the modern application. Traditionally, applications were driven from an end-user back to a server (the client-server environment). Older models of networking tools were designed to deliver traffic back and forth to the end user – they were not intended to support machine-to-machine data transfer. However, the proliferation of big data and the advent of applications built as a system are creating server-to-server traffic, or east-west traffic, inside the data center.
As a result, the physical capability of traditional networking models is overwhelmed by the number of communications traveling back and forth within the data center. SDN allows us to sit on top of that physical layer and have the applications view the virtual network, no longer beholden to a physical wire of networking. This frees up the network and applications to run more smoothly and with greater flexibility around storage, end-user utility, and access.
From a security perspective, the historic model of networking defended an outsider from coming inside. However, the applications stored in the data center are actually the modern hacker’s target—threat actors try to get inside an application and exploit it in order to gain access to other information within the data center, often through a non-critical system in order to move unnoticed to an agencies critical applications. To put it metaphorically, with the old ways of networking a data center, put a lock on the front door and assumed that as long as the bad guys didn’t come through the front door your are secure. The reality however is once an outsider was inside the house, they were able to go from room to room.
Because SDN changes how an application and network see one another, CISOs and other IT leaders can actually segment security off at a much closer level to the application. Referring back to the same adage, if a window was left open in the house, the attacker can get into that room, but they won’t be able to get into the next room and the next room after that, because every single door is locked. This granular segmentation provided by SDN has changed the way agencies are able to address security and it is helping us understand the many hacks that have taken place in the federal government.
The SDN Evolution
SDN is an evolution that we’ve seen in every other part of IT. We saw it in telephony and networks coming together in the early 2000’s with IP telephony – SDN is simply the next evolution of network transformation. As with every major shift in the IT world, SDN will take some time to be fully accepted and integrated. Historical silos and old habits slow down the rate of technological change, but strong leadership – whether it’s at the executive level or grassroots – can successfully push forward intelligent, progressive ideas which will ultimately revolutionize the IT landscape in a positive way.
By removing ourselves from the physical cabling and limitations of what has often been the traditional network, we’re now able to move forward with secure, segmented network virtualization. Now that we have applications that can see underlying ubiquity between environments, we can use technology in a way that serves a mission – whether that be for a Department of Defense customer, a civilian agency or for someone creating a new application in response to a disaster–SDN is changing the way we deliver information.
For more information on how SDN is changing the way government works, check out this whitepaper on embracing software-defined networking.