Endpoints have evolved to include a diverse array of smart mobile devices, each with a different operating system and interface. Securing them each individually is a daunting proposition, and the traditional approach to network security is proving to be insufficient. Yet, in ever increasing numbers, employees are using mobile devices to access the corporate network, and security threats have risen exponentially.
The network is the key as the foundation for a sound mobile security strategy, and software-defined networking (SDN) is emerging to play a key role in the mobile strategy. Of late, SDN is seen as a fundamental improvement in the way modern IT architectures are provisioned, managed and secured, and it represents a major step forward for network security, and therefore mobile security.
And for most enterprises, it couldn’t come at a better time. As business data and IT services play a more direct role in an organization's success, there is a lower tolerance for security failures – a single breach can be catastrophic.
It’s clear the network itself must be secured in an end-to-end and pervasive manner.
A network infrastructure smarter than the threats it faces
By employing SDN, what had been a static and diversified network infrastructure becomes unified, accelerated and secure. Instead of implementing and managing a broad array of network devices like routers and switches on a case-by-case basis, SDN allows you to oversee all network configuration and operations from a single point of command.
SDN also provides IT with a way to optimize network responsiveness through policies. For instance, if Service A requires more bandwidth than Service B, the software can recognize that fact and allocate more bandwidth on-demand to Service A. Because of its ability to easily adapt, SDN offers a powerful defense against mobile security threats.
SDN’s impressive agility fortifies the overall IT infrastructure in ways never before possible.
- When network traffic rapidly scales up, it can be monitored far more easily and completely. Data itself can be assessed at any point in the network for key indicators of a breach – similar to the current concept of intrusion detection/prevention, but on a much higher level.
- Once threats (from any source, including mobile) are detected, they can be quarantined rapidly and comprehensively. This happens via network segmentation — a software-defined network can simply shut down connectivity between any given points on the network. This limits the impact of a breach to a small fraction of the IT infrastructure, precluding the cascade effect that might otherwise occur.
- These and other tasks can be dramatically optimized and accelerated through policy implementation, and threats have a much smaller period of time to manifest, meaning their impact is reduced in proportion.
Going forward, for these it’s likely that SDN is likely to be a key factor in shoring up IT security and a central, transformative technology in the defense of the organization’s most-critical assets.