HP Networking
Discover how the new HP Networking combines the technologies and alliances of 3Com, ProCurve and TippingPoint into the next networking leader.

How to use SDN to improve the security posture of the network

By Newsha Sharifzadeh, Global Product Marketing Manager

 

ns.jpgWe’ve been following Jim Meltzer SDN Journey series for the past few months- learning about what organizations should know and consider about Software-defined Networking (SDN). Now in this video we look into how to use SDN to improve the security posture of the network.

 

 

SDNJourneyVideo11.PNG

 

 

Treating network and security as two separate silos

 

One of the existing practices for security is to manage the network and security as two separate silos. The IT organizations deploy several security appliances that are configured at deployment and then re-configured when only absolutely critical.

 

Given how networks expand, this method of implementing security is unsustainable.  As the number of security appliances increases, managing them becomes yet another challenge for the IT organization to handle. SDN solves this problem as it has a central point of control, where security policies can be automated and deployed from a single point, bringing more flexibility to the network, and eliminating device by device configuration.

 

 

HP Sentinel security application brings security to the edge

 

HP Sentinel security, winner of the best “SDN solution” at 2013 Innovation award, is an SDN application that enables automated network posture assessment and provides real-time security across the  network.  With the proliferation of BYOD, I believe automating security measures becomes even more crucial. ns_1.jpg

 

HP Sentinel always-on security feature-set can be deployed across the campus and datacenter network infrastructure and delivers an exceptional protection against 1million malicious botnet, malware and spyware threats.  

 

HP Sentinel leverages the HP Virtual Application Networks (VAN) SDN Controller and OpenFlow to program the network infrastructure with security intelligence from the TippingPoint RepDV Labs database. This feature effectively turns the entire network infrastructure into security-enforcement devices, providing unprecedented threat protection and visibility.

 

 

How does the Sentinel security application work?

 

I thought a step by step example would clarify how HP Sentinel works.  Let’s assume an employee brings his tablet to work and tries to check out a site. Here is what Sentinel does in the background:

 

  1. A Domain Name System (DNS) query would be sent to the local OpenFlow-enabled devices.
  2.  The switch forwards the traffic to the HP VAN SDN controller.
  3. HP Sentinel checks the hostname against the HP TippingPoint DVLabs RepDV database of known threats.
  4. The DVLabs database has a reputation score for each domain name.  You can set different thresholds each score and by comparing the threshold with the score, Sentinel determines:

          a. If the site is legitimate -> allow access.

          b. If the site is not legitimate -> block the user.

 

SentinelSecurityApp.png

 

I thought to share a quote from one of our customers on Sentinel:

 

“The Sentinel SDN application takes away a lot of the manual labor that we used to do….we can detect threats and respond in a proactive manner.  That saves us hours of work every week.”

 Gregory Bell, Head of Technical Services, Ballarat Grammar

 

The HP Sentinel SDN application is an example of how SDN brings agility and automation to the network and enables you to be proactive in reposnding to your network threats.

 

I look forward to Jim’s next video as he will be discussing Northbound API and how HP is implementing that. 

 

 

>> For more information visit http://www.hp.com/networking/sdn

>> Follow HP Networking on Twitter and Google+| Join HPN LinkedIn Community | Like us HPN Facebook 

 

>> Register to receive the HP Networking newsletter

 

discover_banner.jpg

Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the community guidelines.

Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
Search
Showing results for 
Search instead for 
Do you mean 
About the Author


Follow Us
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation