SDS & SDN work better together
One of the greatest transformations brought about by the new software-defined data center is the software-defined network (SDN). Analogous to the changes to network configuration that SDN brings, SDS is the logical evolution of security in the software-defined data center. As SDN takes hold, it demands a security architecture that complements it.
SDN simplifies network architecture, reduces network hardware costs and enables centralized network management. For enterprises where the network is the business, being able to reduce the expense of switching hardware via low-cost software-based alternatives is significant.
Taking the model one step further, SDS integrates the software network with network security controls, such as IPS or vulnerability monitoring. In this way, network and security administrators can quickly identify malicious traffic, or security gaps, and configure automated rules that can protect the whole organization. Rules can be based on policies appropriate to the various constituencies served by the network and be elastic to scale with the environment.
Traditional security devices cannot protect the software-defined network in an efficient way, nor take advantage of SDN features that dramatically improve security. A hardware device sitting out on a physical wire cannot monitor and protect a virtualized software-defined network sitting inside the virtualized host. It does not see traffic between virtualized assets travelling over the virtualized network. For these and other capabilities, the only choice for SDN protection is SDS.
Catbird is the pioneer and leader of virtualization security, developing the industry’s first software-defined security solution, vSecurity. A distributed software suite that is adaptive, automated and scalable, vSecurity is able to be part of the virtual network, protecting from within it.