Secure SDN is an approach aimed to simplify the cybersecurity within Enterprises. Company information and other confidential data are part of the key assets of any modern company and need to be protected. This requires looking at the security aspects from different perspectives, considering the physical protection, the video surveillance, and the cyber protection as part of the same security system. There's just no point in protecting your network from cyber attack without protecting your company building.

Within this global security approach, protecting the network is one of the most complex tasks. The threat technology evolves rapidly and each day dozens of new attack attempts hit the network.

It's A Complex Approach

Protecting a network is not a trivial task. At the beginning of the internet age a firewall was enough, but today that is not the case. Attacks can come from the inside of the most diffused application like Java or Flash. They require a new generation of firewall (NGFW) able to inspect the content inside the applications itself. Moreover, the NGFW can protect the boundary of the network, but can't protect from threats coming from inside the company. A USB key with a virus, infected laptop or hacked smartphones can easily transmit a virus to the whole network without passing through your boundary firewall. To avoid this attack other firewalls need to be positioned in the network to control the situation, resulting in a big headache for IT departments.

Secure SDN to Simplify the Security

Software Defined Networking (SDN) is the right approach to prevent this kind of problem, and Allied Telesis designed a SDN solution, Secure Enterprise SDN (SES) that easily addresses this subject. The objective is to have a system able to act as a single contact point for the security tools on one side and to configure the IT network parameters and drive the data flows in the right way on the other side. This is the native role of the Allied Telesis SES controller.

Using the Secure SDN approach, the security tools can configure each switch to capture the first packet of any new data flow and send it up to the security engine for analysis. Once analyzed, it can decide to take no action, block the data flow, move the device to a quarantine area of the network, or any other action that can help in the recovery of the situation. The SDN controller is able to easily implement this action. The security tool does not need to know the devices characteristics and configuration language, a generic command to block a device is automatically translated by the SDN controller.

Learn more about the solutions that Allied Telesis has to offer in secure SDN here.