HP is beta-testing its Security SDN-based solution: Sentinel.
The article describes a School implementing HP still to come SDN Security solution. The school implemented a hybrid OpenFlow solution – the most likely usual implementation in this initial SDN phase – where “intelligent” switchs are used running all usual old-school networking protocols simultaneously with OpenFlow enabled. OpenFlow is used to forward all DNS request to HP Security Controller – Sentinel. Sentinel uses HP’s IPS DB – Tipping Point’s Reputation DB – which is updated every 2 hours with spoted Internet suspicious threats. Sentinel accepts or rejects traffic forwarding to a certain IP, based on what network administrator choose to do. The network admin can configure Sentinel to follow all Tipping Point recommendations, or rather specify his prefered alternatives. Thus when an OpenFlow switch requests what to do with a certain DNS querry, the controller simply “tells” what to do with related packets by populating its OpenFlow table.
This might be a very simplistic security implementation. However the most interesting is the promising margin for development. As this solution gains increasing intelligent, this may well start suiting as low-cost IPS/firewall solutions, using a distributed computing model with already existing OpenFlow switchs. I find this model very appealing for instance for ROBO sites.
Another alternative use-case is HP’s Beta-testing example in the article: BYOD. Securing devices at the edge perimeter greatly simplifies network security.
SDN might be a simple reengineering of the way things are done. Still, it’s a cool one in deed…
Disclamer: note that these are my own notes. HP is not responsable for any of the content here provided.