Some rambling brainstorming on software defined networks….
My sense is that most cloud service providers and enterprises will likely gravitate their preference to the hardware or hypervisor infrastructure provider rather than a third party software provider. My position stems from a belief that a strong relative background in networking or a closely tied hypervisor is likely to be preferred by customers over a third party software defined network provider that has limited deployment time in the networking industry. Personally when I receive inquiry on the topic of proper zoning within a virtualization infrastructure. I generally gravitate towards the infrastructure provider over third parties as the provider of network segmentation (see Gartner’s Burton research on “Zones”). I lean towards the traditionalist path with physical versus software based zoning for sensitive security zones rather than deployment within a single hypervisor environment. This is likely also why the recent FedRamp program does not intend to move sensitive workloads into Fedramp certified entities. In general I question the ability of a third-party software packages to deliver all of the adequate network technologies within a virtualization infrastructure one step removed from the traditional network infrastructure providers or the hypervisor provider as they likely have divergent business goals for product stickiness and meeting contractual obligations of providing high stability. I’m interested in hearing from you, what do you feel are the security risks or operational risks of relying on a third party software defined network provider and what would you prefer?
Category: Security Tags: