Software-defined security (SDSec) is the new concept in data protection on the IT scene. And judging from the buzz this technology is generating, it could soon play an important part in your information management systems.
SDxCentral — the news site covering “software defined everything” — explains SDSec: It separates control of security systems from the processing and forwarding functions, similar to network functions virtualization (NFV), which is a key component of software-defined networking (SDN).
Specific to SDSec, operations such as firewalling and intrusion detection are decoupled from hardware. “The result is a dynamic, distributed system that … scales like virtual machines and is managed as a single, logical system,” SDxCentral says.
Principle Logic security consultant Kevin Beaver says SDSec has a number of benefits. For example, the technology makes it easier to organize security systems throughout the enterprise, crossing physical boundaries that would be difficult to manage with security appliances.
SDSec also lets companies create dynamic security domains for mobile and cloud networks, ensuring their enterprise security policies apply even to temporary systems used for testing or short-term projects.
Software versus hard realities
But Beaver admits that SDSec has problems, too. For one thing, the technology is expensive, especially now, when it’s new. And although it simplifies security and network management, SDSec effectively complicates the underlying architecture.
“The who, what, when, where and why of policies will have to be well defined” before your organization implements the technology, Beaver says. He suggests using it to target specific security trouble spots such as access control and event monitoring when starting out.
Despite these challenges, the IT industry certainly is moving toward SDSec, with some technology vendors buying SDSec-specialist shops and other vendors modifying their security products to operate in software rather than hardware.
This may be the next logical next step in the march toward virtualization. If the technology can deliver on the promises associated with it, namely scalability and agility, SDSec should play a big role in many IT systems, especially as companies turn to cloud computing and virtual servers for increased flexibility.
As a technology decision maker, keep an eye on the SDSec market and its technical developments so you can decide if or when this soft-security solution makes sense for your organization.
Image courtesy of Free Digital Photos