What’s next
Software-Defined Networking (SDN) and Network Functions Virtualization (NFV) will provide the next evolution in securing both the network and the in-flight data across the network.
With SDN, various points in the cyber event chain—breach, reconnaissance, and exploitation—become both an indicator of events and a response mechanism. The flexibility and responsiveness of the network actively defend and combat denial-of-service-type attacks, especially as these attacks evolve toward cloud-type services.
Supplemental network capabilities—and sensors coupled with dynamic provisioning capabilities—open the door to an extremely resilient active defense focused at the lower layers. Additionally, the network resource allocation mix can be adjusted in accordance with the threat environment, while flow table policies can be adapted. This creates, in essence, policy-based programmable network defense.
NFV is the ability to virtualize a number of network appliances (e.g., firewalls, DPI, and routers) that were previously instantiated in separate hardware platforms, and to realize these functions using generic x86-based compute hardware. By leveraging NFV, a network operator can instantly distribute and manage these virtual appliances to any location, via the network. This not only saves space, power, and hardware costs, but it also evolves service delivery and ensures consistent security levels across the enterprise.