4 Benefits SDN Brings to Government Network Security
Cybersecurity has become the number one topic in both the situation room and the boardroom. In April of this year, the U.S. Department of Defense published their new 2015 Cyber Strategy; among other details, the new cyber strategy outlines an initiative to develop a unified platform for cyber operations that will bring together various disparate cyber platforms and capabilities in place today. This will require significant investments in building interoperable and scalable architectures and tools that can be deployed in a range of different operational environments.
Integrating these cyber capabilities will require improvements in command and control technologies for cyber operations, as well as network modeling and predictive analytics to test, evaluate, and improve cyber plans before execution. DOD will also likely focus development efforts on technologies designed to improve the early detection of cyber threats, network resilience, and data recovery.
While the underlying network infrastructure will be a key component of any multi-faceted approach to cyber security, traditional techniques such as firewalls and intrusion detection systems no longer offer enough protection.
Because today’s conventional networks are not designed to support the security required in the cyber age, Software Defined Networking (SDN) is quickly becoming the single best way for defense and intelligence organizations to achieve greater network situational awareness, accelerate the pace of implementing new services, and reduce ongoing operational costs.
By making network control programmable, SDN allows the underlying infrastructure to be abstracted from applications and network services. This then creates flexible networks that are easier to manage, which simplifies and automates labor-intensive network management functions.
SDN offers distinct advantages for defense and intelligence organizations, including:
1.) Highly available bandwidth on demand.
SDN can orchestrate user- or application-driven network connectivity on demand, creating a virtualized connectivity environment.
2.) Cost-effective operations.
SDN leverages Commercial Off-The-Shelf (COTS) technology rather than traditional, proprietary network solutions, which tend to lock users in.
3.) True, multivendor interoperations/connectivity.
SDN allows customers to write a common interface to manage multiple devices without having to learn the intricate features of every type of device currently in use on the network.
4.) Improved Command and Control.
SDN can allow for greater visibility into where information flows through the network, enhancing network security and optimizing network management and control.
In an SDN network environment, security appliances placed on key points of the network allow for periodic or continuous monitoring to check information flow, as well as pinpoint and/or detect any anomalous behavior on the network. In military intelligence operations, this improved visibility would deter unauthorized users from transmitting or downloading information.
Additionally, Ciena has demonstrated that integration of multiple COTS solutions can properly secure SDN, ensuring operator authentication, machine-to-machine authentication, encryption of classified traffic, and command and control functions – all without impacting the flexibility of SDN operations.
Just as compute, storage, and I/O operations have already been virtualized in most data centers today, defense and intelligence organizations may eventually virtualize all network functions to deliver more flexible and efficient performance. Virtualization of the network will in turn enable the creation of an ecosystem of compute, store, and connect unbounded by geography, while also enabling new options to protect, detect, and respond to increasingly frequent and sophisticated cyber threats.
Ultimately, the key to mission success will be the implementation of high-performance packet-optical networks that can support military and intelligence organizations as they strive to shore up cyber resilience, increase the efficiency of network operations, and create a deterministic and resilient platform to enable virtualization of network functions.
By implementing SDN, military organizations stand to gain the open, agile network performance needed to migrate away from the rigid, inflexible CAPEX investments that do not currently allow for the rapid and cost-effective delivery of new services. Furthermore, this advanced architecture will enable defense organizations to readily leverage platforms that are immediately responsive to new loads, demands, and capabilities.