While there are a lot of good reasons to adopt software-defined networks (SDNs), one of the least appreciated perhaps is IT security. To make it even easier to secure an SDN environment, PLUMgrid Networks today delivered, via an upgrade to the PLUMgrid Open Networking Suite (ONS), a CloudSecure module that makes it simpler to secure individual virtual network segments in an OpenStack environment.
Wendy Cartee, vice president of product management and marketing for PLUMgrid, says the microsegmentation of virtual networks enabled by CloudSecure is provided using a virtual tap that PLUMgrid Networks developed. Via CloudSecure, IT organizations can now also monitor and apply different security policies to individual virtual network segments, says Cartee.
“IT organizations can now secure any east-west and north-south data flow,” says Cartee.
Built on top of an open source IO Visor data plane technology that PLUMgrid Networks helped develop, Cartee says, ONS is now a platform through which a variety of security software technologies from Check Point Software, Intel and Fortinet can be deployed. In addition, Rackspace today announced that it will be making use of ONS to add SDN services on its cloud platform that it manages on behalf of customers.
As IT organizations move to embrace SDNs and network virtualization, Cartee says, one of the issues they need to cope with is the sheer number of virtual network connections being created by microservices that are made up of virtual machines and containers. As those virtual network connections multiply, Cartee says, IT organizations will find it difficult to secure connections that can now rapidly come and go. This ephemeral state of computing will drive more organizations to embrace microsegmentation at the network level to better secure microservices, says Cartee.
When it comes to virtualization, it’s clear that networking has lagged behind servers and storage for years. But as networking virtualization technologies mature, it’s starting to look like IT organizations are now ready to virtualize the entire data center from one end to another.