As software-defined technology continues to gain traction in the federal space, agencies can expect to see a significant, positive impact on their own security posture. Those who embrace software-defined and other next-generation technologies will benefit from three key improvements that only a shift towards software can provide: automation, virtualization and a holistic security architecture.

Automation

Setting up a new application is an involved process. Servers, storage, applications and networking equipment must be set up and configured — all with security integrated throughout.

This is often a time-consuming, manual process of determining what equipment is needed, writing commands, typing them into the computer and testing. And it’s inevitable, with humans doing these very complex tasks, that at least one mistake will be made. Such errors can create dangerous holes in an agency’s security posture.

Misconfiguration, in fact, is one of the biggest cybersecurity threats. For example, engineers might install a firewall but forget to configure it to stop malicious traffic by leaving an ALLOW ANY rule. Or, they might set up an admin or development account to conduct testing and then forget to delete the account. Using automation to reduce misconfiguration will take cybersecurity to the next level.

Software-defined networking can create scripts that set up resources, conduct testing automatically and then report the test results. Because humans configure these scripts, there may still be an error or two at first, but, after running the same script a few times, it will be error free. That’s the key to the cybersecurity’s future.
Virtualization

Although virtualization has been around for about 20 years, the virtualization of security appliances is relatively new. Only recently have we been able buy security products as software for virtual machines that deliver the same level of performance.

For many years, security experts were focused on the ingress and egress from the Internet, so there wasn’t a huge push for virtualized security within the data center.

Similarly, many data center professionals were reluctant to install security appliances in data centers where they are trying to run applications.

IT administrators now realize that we have to protect the inside as well as the outside of the data center. And we now have the opportunity to build security into the virtualization layer. When creating a network, the system now asks what kind of firewall and security measures this data flow requires. The ability to drive that virtualized security layer in the data center will pay huge dividends in terms of improved cybersecurity.

Holistic security architecture

To date, most security professionals have been satisfied with thinking that, so long as we prevent most bad guys from getting into our networks and catch the ones that do, that’s good enough. One of the biggest security benefits of SDN is the ability to make security part of the lifecycle, instead of bolting it on at the end.

SDN and other next-gen technologies will help us reimagine a robust security architecture for federal agencies. With SDN and virtualization coming together and the ability to build automated networks, appliances and support systems, we can sit down and think about cybersecurity’s future and to change the way we do things to improve it.

Security professionals will have the opportunity to get away from being the “No” police, which has been their traditional role. Now they can be a stakeholder, working more closely with federal employees to understand their goals and to helping them achieve them securely. When security no longer gets in the way of business getting done, federal employees will quit looking for the work-arounds that expose their agencies to unnecessary risk.

With the benefits of a more holistic approach, improved virtualization and increased automation, SDN and other technologies emerging today will exponentially improve cybersecurity.

Article is also available at – https://gcn.com/articles/2015/11/30/sdn-next-gen-security.aspx

Related Blog Posts

See All Blogs

TechTarget: Hyper-Converged Infrastructure Solutions Boost Channel

Enterprises are turning to hyper-converged infrastructure solutions because of their simple deployment model and high levels of automation. Some channel partners are cashing in on the technology shift, but traditional storage products still represent an enormous market. In this article…

Cisco Live 2018: Vendor Opens Management Console to Partners

In this article for TechTarget, Force 3's VP of Client Solutions Jason Parry weighs in on the new opportunities arising from Cisco DNA Center. In Cisco's latest nod to software, the company has opened its Cisco DNA Center to developers,…

GCN: Building a Better Agency Through Software Orchestration

In federal IT, there is sometimes fear that software orchestration will render the technology professional’s role obsolete. This mindset, however, is misguided. In reality, the exact opposite is true: Orchestration has the potential to not only make federal IT workers’…

3 Use Cases for Harnessing Next-Gen HCI

These days, between budgeting shortfalls and the unending data explosion, federal IT organizations face significant pressure to do more with less. This decline affected all areas of IT including software, hardware, networks and outsourced IT services. But even as funding…

NextGov: No Better Time for Software Orchestration

As agencies look to modernize, software orchestration offers an opportunity to make sure all their software is working together. It makes sense: All of your software should work together. And, once implemented, software automation and orchestration can help IT systems…

Hyper-Converged Infrastructure (HCI): Scalability and QoS

For federal agencies, hyper-converged infrastructure (HCI) offers scalability, quality of service. Federal agencies today face extensive pressure to move faster. Nowhere is this truer than in the IT realm, where teams are expected not only drive operational efficiency and reduce…

IoT & The Intelligent Edge: Defending Outside The Firewall

The Internet of Things, though still evolving, has pushed its way into the workplace. The result? CSOs are working overtime to keep up. What’s the protocol for these connected devices, and how do they fit into the existing security infrastructure?…

GCN: The Hidden Challenges of Federal IT Modernization

In the next three years, an estimated $3 billion worth of federal IT equipment will reach end-of-life status, according to former U.S. Federal CIO Tony Scott. It’s an intimidating number, and one that indicates just how far-reaching the need is…

IoT in Federal: From Concept to Reality and Risk

The way we reconcile our security concerns with IoT’s inevitable integration will determine whether the revolution upgrades our lives or creates chaos.  Remember when the Internet of Things was more concept than reality? Those days are long gone. Demand for…

NextGov: How Can Agencies Prepare for a Software Future?

For federal agencies and their IT teams, change is inevitable. After all, it’s the nature of IT to change and grow alongside rapid innovation. Today, agencies must adapt as we shift from a hardware-centric model to an increasingly software-defined world.…

InformationWeek: Containerization Gains Traction & We’re Better for it

Cloud-based application development has taken big strides, and it's delivering benefits for enterprises such as federal agencies. Application development has forever been a thorn in the side of federal agencies. It’s tough, after all, to innovate when hampered by the…

TechTarget: Tech Launch Shakes Up Cisco Campus Network Design

Channel executives said Cisco's new campus networking approach offers software-defined networking, management and security capabilities, but will face a customer adoption test. Channel partners are absorbing a new take on Cisco campus network design in light of the vendor's revised…

GCN: Building a Better Backup

For public sector employees who work in national security, emergency response or disease control, data access can literally mean life or death. In the event of data loss, the consequences can be substantial, even when the immediate implications seem less…

GCN: Keeping Pace with SDN Means Embracing its Benefits

With the introduction of any new networking technology, two things are inevitable: First comes the hype, with organizations everywhere discussing whether to invest in it. Second is the panic -- particularly among the professionals tasked with implementing and adopting it.…

Channel: Cost, speed as hyper-converged infrastructure benefits

Channel partners active in hyper-converged infrastructure see an expanding set of use cases, although mission-critical applications may lag behind other HCI candidates. In this article from TechTarget, Force 3's next-generation networking director Jon Kim discusses recent developments in the hyper-converged infrastructure…

Cisco IoT Strategy Will Unleash Services Opportunities, Forge Ties With Technology Vendors

In this article from CRN, Force 3 CEO Mike Greaney joins other industry channel partners to weigh in on Cisco’s IoT Strategy featured at this year’s Cisco Global Partners SummitCisco Systems is putting its Internet of Things strategy into higher…

Programmability: How Federal Agencies Can Embrace Programmable Networks

In a professional climate that demands nonstop productivity, organizations everywhere depend on their technology to keep pace. More than ever, federal agencies want systems and processes that reduce complexity and waste. Even so, adopting and implementing new technology comes with…

SDX Central: Enhancing Network Security With SDN Automation

When it comes to software-defined networking (SDN) automation, certain benefits frequently get more attention than others. Take, for instance, the simultaneous provisioning of network functions and servers, which allows applications to become available in minutes instead of days or weeks.…

CRN: The benefits of pairing Cisco and VMware for software-defined networking

Until recently, many IT customers approached software-defined networking purchases as an either-or decision between Cisco and VMware. But, as software-defined networking grows in popularity, companies are increasingly deploying both Cisco and VMware solutions. Check out CRN’s article, “Partners: Enterprises are…

Force 3 Perspective: As software-defined networking gains traction, so do its visionaries

Jon Kim directs Force 3's Next Generation Networking division, which focuses in particular on software-defined networking (SDN) and other emerging technologies. Here, he weighs in on what the recent departures of SDN leaders for the venture capital world might mean…

For Customers, Software-Defined WAN Offers Automation, Savings, Efficiency

With benefits like automation, speed and increased efficiency, software-defined WAN promises to reduce the cost and complexity of wide area networks (WAN), while boosting real-time application performance. In TechTarget's feature SD-WAN technology offers channel partner opportunities, Force 3’s vice president…

Boosting Security in Software-Defined Networks

With the growing popularity of technologies such as software-defined networks (SDN), hyper-converged infrastructure and the Internet of Things, IT professionals must constantly prepare for new vulnerabilities in their efforts to bolster network security. In this recent guide from TechTarget, Software-defined…

Force 3 at VMworld: What’s New and Next in Virtualized Computing

What was the overall atmosphere of VMworld? There was a lot of excitement around NSX, especially what the next big use case will be and what are further drivers of the technology. I think attendees were really looking for that…

‘No Respect’ for Critical Communication Infrastructures

"That’s the story of my life, no respect! I don't get no respect I tell ya!" - Rodney Dangerfield Much like the late Rodney Dangerfield, business phones tend to not get much respect. Considering the mission critical role that communications…

Webcast Recap: Next-Generation Data Center Security Webcast hosted by FCW.com

On May 28th Force 3, Palo Alto and VMware sponsored a webcast hosted by FCW.com. The webcast focused on Next-Generation Data Center Security and featured a presentation by Air Force CTO, Frank Konieczny, with a roundtable discussion featuring Jason Parry,…

Wireless Deployments: The Cost Question?

Wireless Deployments: The Cost Question? Radio Frequency engineers have a peculiar dilemma when it comes to standing up new deployments at facilities that are looking to implement Wi-Fi services. A frequent dilemma centers on the customer’s request for a pricing…

Agencies set building blocks of the software-defined enterprise

http://gcn.com/Articles/2014/07/22/Software-defined-data-center.aspx?Page=1

Catch up to your employee’s demands: Go beyond the desktop!

Take note, workforce. We have entered a new era: The Post-PC Era. No longer does the PC tie employees down with its chains. Studies show that sales of PCs are down 30% and it's not because we're in a bad…

VDI at Home: Building a 10-user Environment for $500 (Part 1)

Setting up VMware View Security Server Now that I have the base VMware View setup, I really wanted to watch videos on my iPad from Starbucks. To access the VMware View environment from outside, the VMware View security server must…

VDI at home: building a 10-user environment for $500 (Part 3: creation of a desktop master virtual machine)

We've got VMware View installed, so now what? The key technology of VMware View is the use of VMware View composer with linked clone. Since users will not have the mechanism to make changes to the OS drive (or even…

How can we help your agency achieve its mission?

Maximize your IT investments. Learn more about solutions and services from Force 3.