One of the reasons why SD-WAN has become popular is because it eliminates the need to maintain lots of network hardware. Another particularly important distinction between the two is that an SDN is configured entirely by the user or administrator. You can cut out routing hardware in favor of a cloud service. See also: WAN optimization. One of the main advantages granted by SDN is the ability to manage a network from a centralized perspective. In a nutshell, SDN virtualizes both the data and network control planes allowing the user to provision physical and virtual elements from one location.
This is extremely useful as traditional infrastructure can be challenging to monitor especially if there are many disparate systems that need to be managed individually. SDN eliminates this barrier and allows an administrator to drill up and down at will.
A good side effect of centralized provisioning is that SDN gives the user more scalability. The difference in scalability is remarkable when compared to that of a traditional network setup where resources need to be purchased and configured manually. Even though the movement towards virtualization has made it more difficult for network administrators to secure their networks against external threats, it has brought with it a massive advantage. An SDN controller provides a centralized location for the administrator to control the entire security of the network.
While this comes at the cost of making the SDN controller a target, it provides users with a clear perspective of their infrastructure through which they can manage the security of their entire network. Deploying SDN allows an administrator to optimize hardware usage and work more efficiently. The user can assign active hardware with a new purpose at will. This means that resources can be shared with relative ease.
This beats a legacy-driven network where hardware is confined to a single purpose. One of the problems with virtualizing any infrastructure is the latency that arises as a result. The speed of your interaction with an appliance is dependent on how many virtualized resources you have available. Your service is at the discretion of how your hypervisor divides up your usage which can add latency.
Every active device on a network takes its toll on your network availability. This is going to be exacerbated in the future as more Internet of Things IoT devices hit the market and start to be incorporated into the mix.
While at first glance this might appear to be a trivial detail, it is very important with regards to upscaling a network. All of these devices need to be monitored, patched and upgraded frequently to stay in working operation.
As a result, it is important to bear in mind that there remains a wealth of maintenance requirements not addressed by SDN. Though traditional networks may have their limitations, there is a standardized consensus on security threats and procedures. At this point in time, no such consensus exists for SDN.
After all, your ability to prevent attacks from taking root depends on spotting threats before they occur. To do this you need a level of expertise with SDN that is hard to achieve without significant experience of using an SDN system. While those without user experience can learn about using an SDN, they need to undergo a substantial learning curve to manage the nuances of network security threats.
While SDN does offer many advantages, its deployment is hardly carefree. To make sure that an SDN operates effectively there are a number of steps that need to be taken when deploying this solution. One of the most significant benefits provided by an SDN is the ability to deploy new resources quickly. However, this capability needs to be closely managed to maintain performance. Leaving resources active when not in use takes up virtual network resources that would be better used elsewhere.
Every professional administrator recognizes the importance of network monitoring but what is surprising is that there are comparatively few SDN-compatible products. When onboarding any new piece of technology, you need to take into account new security risks.
An SDN is no exception. From the moment you deploy an SDN, you give your network new vulnerabilities that can be targeted by malicious entities. As a result, you need to have a solid awareness of current security threats and how to address them.
This includes a thorough understanding of protocol limitations and switch impersonation in particular. It also means that you have to implement new best practices to keep your service protected from external threats. Quality of Service QoS monitoring is a nightmare within any network but particular caution needs to be taken on an SDN network.
As we discussed earlier, with an SDN you have control over services but not physical hardware devices. Skip to Main Content. A not-for-profit organization, IEEE is the world's largest technical professional organization dedicated to advancing technology for the benefit of humanity. Use of this web site signifies your agreement to the terms and conditions.
Software-defined networking security: pros and cons Abstract: Software-defined networking SDN is a new networking paradigm that decouples the forwarding and control planes, traditionally coupled with one another, while adopting a logically centralized architecture aiming to increase network agility and programability.
The tremendous growth in multimedia content, the impact of increasing mobile usage, the explosion of cloud computing, and continuing business pressures to reduce costs while revenues would be remaining flat are all converging to wreak chaos on traditional business models. SDN would be enabling the programming of network behavior in a centrally controlled manner through software applications utilizing open APIs. By opening up traditionally closed network platforms and implementing a standard SDN control layer, operators could consistently manage the entire network and its devices despite the complexity of the underlying network technology.
There would be numerous reasons that people would be changing to an SDN system at their office. Separating the data plane and the control plane would give the IT department an aerial-like view of the entire network.
This would be making changes much more comfortable, as you could see the effects. The visibility would be allowing IT departments to make changes that could increase the speed of the entire network. In many ways, SDN systems which would be allowing the companies better security. The visibility would help the IT department spot any possible security breach and prevent it from shattering easily. Furthermore, the people with access to the controller could clarify safe routes without a firewall for blocking any invalid routes.
SDN systems would still be a new technology. As SDN is a new technology, there will always be areas that could use improvements.
0コメント