Can SDN Switches Replace the Firewall?
by Scott Hogg, on Apr 28, 2015 3:00:08 PM
One of my 2015 technology predictions was that more companies would start to deploy Software Defined Networking (SDN). Although the concept originated in the mid-1990s, SDN is finding an eager audience today as organizations seek a more dynamic, adaptable and cost-effective solution for their intensive data transfer requirements.
If you're thinking of deploying SDN, you should investigate and fully understand the security capabilities of the system you're looking at. For example, you may have heard that SDN switches can be used in place of firewalls because of the way they handle packets. Unfortunately it's not that straightforward.
In a recent article for Network World, I answer the question, "Is an SDN Switch a New Form of a Firewall?" My analysis includes an overview of how current SDN products implement packet security, including Cisco's ACI, VMware's NSX, Open vSwitch and Project Floodlight.
By the way, if you're interested in SDN security I hope you can make it to my presentation, “SDN Security: Two Sides of the Same Coin," at the Rocky Mountain Information Security Conference (RMISC) in May.