Hi. Welcome to Ingram Micro.

Please choose your role, so we can direct you to what you’re looking for.

If you’d like to learn more about Ingram Micro global initiatives and operations, visit ingrammicro.com.

The Most Common Use Cases for Software Defined Security

February 01, 2017

The Most Common Use Cases for Software Defined Security

Networks require security; do software defined networks (SDNs) require software-defined security? Nearly all (87 percent) of enterprises in one survey plan to use SDNs by 2015, and the SDN market is expected to grow to $8 billion in 2018. Gartner named software defined security one of the top 10 information security technologies in 2014, and software-defined applications and infrastructure in general, including software-defined security, were on the research firm’s list of top 10 strategic technology trends in 2015.

Software defined security (SDS or SDSec) lets companies implement network segmentation, intrusion detection, and other security controls through software. It’s popular because traditional security tools, which rely on static network and machine configurations, are not well suited to the dynamic environment of virtual machines (VMs) and virtual networks. Unlike those tools, SDS relies on logical policies rather than physical configurations. Its benefits come from its use of abstraction, automation, orchestration, scaling and application programming interfaces (APIs).

Abstraction

Abstraction makes security independent of physical devices like firewalls. Instead, the security relies on policies that are applied across all assets, regardless of their physical or virtual nature. This device independence allows security and compliance requirements to be applied to cloud deployments as well as local data centers, ensuring required security measures are implemented everywhere consistently.

Automation

SDS allows deployment and configuration of security controls with little human interaction. Security policies travel with devices and applications, so security measures don't need to be redefined if an asset is relocated to another data center or to the cloud. New devices can be automatically covered by the base security policy. SDS detects and automatically responds to security events, generating alerts and isolating devices depending on policy specifications. As a result, human error is reduced. SDS also lets network administrators focus on complex tasks like planning and understanding future threats, rather than on more routine tasks like configuring firewalls.

Orchestration

Rather than managing every network security control separately, SDS integrates intrusion detection, network segmentation and monitoring into a single platform that oversees all those security functions. This integration of controls makes it easier for companies to satisfy the control requirements of various compliance standards and provides security administrators with much greater visibility into the network. In addition, the orchestration features of SDS streamline the process of adding new devices by integrating security management with hypervisors and other platforms.

Scalability

Modern data centers and cloud computing are designed to be scalable, with VMs that can be spun up on demand. As a result, security needs to spin up on demand as well. Because SDS implements security through software, it is easily and automatically applied as needed.

API-Enabled

SDS provides access to its security monitoring and control functions through APIs that allow the SDS functionality to integrate with any other tools that the security team requires. APIs enable SDS to be aware in real time of infrastructure changes that affect the way policies are applied and allow access to fine-grained features in order to modify individual security controls as well as the functionality of the orchestration platform. Through APIs, SDS offers companies flexibility to adapt their security to new demands rather than locking them into a specific model of protection.

The benefits from these SDS features are especially relevant to environments that rely on VMs and cloud deployments. Traditional security measures rely on firewalls in order to secure the perimeter, which doesn't match the needs of environments where VMs increase internal network flows and increase the challenge of segregating and managing this east-west traffic. Using SDS, virtual firewalls can provide visibility and protection.

Ingram Micro can help you achieve network security, whether implemented through physical devices or virtually through software. Learn more about partnering with Ingram Micro for all your big data solutions.