Microsoft PowerPoint - SDN Security - Scott Hogg - 2017-06-22.pptx

WWW.GTRI.COM SDN Security: Two Sides of the Same Coin Scott Hogg, CTO GTRI CCIE #5133, CISSP # Thursday June 22, 2017 © 2017 Glo ...

Today’s Agenda Brief Review of Software Defined Networking (SDN) Heads: o Attack Vectors for SDN Systems o Securing an SDN Sys ...

Defining SDN Software-Defined Networking is an approach to networking that separates the control plane from the forwarding pla ...

SDN High-Level Architecture Controller Network Element Network Element Network Element Network Element Network Element Network E ...

SDN Benefits Greater span of control and network analytics and response. Better intelligence with a global view of the network ...

SDN Use Cases ...

SDN Use Cases ...

Heads: Security of SDN Systems There are several attack vectors on SDN systems. The more common SDN security concerns include: ...

SDN Security Considerations Controller Network Element Network Element Network Element Network Element Network Element Network E ...

SDN Vulnerability Genome Project Source: http://sdnsecurity.org/project_SDN-Security-Vulnerbility-attack-list.html ...

SDN Penetration Testing Framework Proactively test your SDN controller prior to deployment Fingerprint the controller and test ...

Recent SDN System Vulnerabilities Some versions of SDN systems may contain other opensource software that is discovered to have ...

Hardening an SDN System Use TLS 1.3 (or UDP/DTLS) to authenticate and encrypt traffic between network device agent and control ...

Hardening an SDN System (cont.) Harden the controller and the network elements (typical host hardening) Closely monitor control ...

STIGs for SDN Security Technical Implementation Guides (STIGs) document the hardening procedures DISA Draft SDN STIG version ...

Tails: SDN Security-Specific Use Case SDN allows for creative new approaches to security We will now review 5 SDN uses cases fo ...

Traffic Filtering with SDN That which is not permitted is denied – make the SDN switches not transparent learning/forwarding Ci ...

SDN Switches As Firewalls? SDN Controller Network Element Network Element SDN Layer Northbound API Southbound API Controller Lay ...

Software Defined Perimeter (SDP) Cloud Security Alliance (CSA) SDP Working Group https://cloudsecurityalliance.org/group/softwa ...

Network Segmentation with SDN Separating the network into logically separated networks Network Slicing, Campus Slicing, Secured ...