Infosec glossary entry

SDN

SDN :
Software-Defined Networking

[...] centralizes management by abstracting the control plane from the data forwarding function in the discrete networking devices. An SDN architecture delivers a centralized, programmable network and consists of the following:

  • A controller, the core element of an SDN architecture, that enables centralized management and control, automation, and policy enforcement across physical and virtual network environments
  • Southbound APIs that relay information between the controller and the individual network devices (such as switches, access points, routers, and firewalls)
  • Northbound APIs that relay information between the controller and the applications and policy engines, to which an SDN looks like a single logical network device

https://www.cisco.com/c/en/us/solutions/software-defined-networking/overview.html

[...] is a unique approach to network operation, design, and management. The concept is based on the theory that the complexities of a traditional network with on-device configuration (i.e., routers and switches) often force an organization to stick with a single device vendor, and limit the flexibility of the network to adapt to changing physical and business conditions, as well as optimize costs of acquiring new devices. SDN aims at separating the infrastructure layer (aka the data plane and the forwarding plane)—hardware and hardware-based settings—from the control layer—network services of data transmission management. The control plane uses protocols to decide where to send traffic, and the data plane includes rules that decide whether traffic will be forwarded. This form of traffic management also involves access control over what systems can communicate which protocols to whom. This type of access control is typically attribute-based access control (ABAC) focused or based. (Chapple, 20210616)

Chapple, M., Stewart, J. M., Gibson, D. (20210616). (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide, 9th Edition. [[VitalSource Bookshelf version]]. Retrieved from vbk://9781119786245

By jean-christoph

April 11, 2023

architecture
Leave a Comment

this might interest you as well

Boosting Cybersecurity in German SMEs with Gamification and Serious Play

TL;DR Gamified cybersecurity training offers an engaging and effective way to improve security awareness and practices within German SMEs. The ALARM Information Security project demonstrates the success of integrating gamification into training, enhancing retention and understanding of cybersecurity principles. By leveraging customized game scenarios, regular workshops, and participatory feedback loops, SMEs can bolster their cybersecurity

Read More

Unlock Effective Cybersecurity: Simplify Policies with the Clarity of the OSI Model

TL;DR Diving into the essence of effective cybersecurity, this article shines a light on the transformative power of simplifying policy language, inspired by the OSI model’s structured communication layers. It goes beyond theoretical insights, offering actionable strategies for CISOs to demystify complex jargon and make cybersecurity policies accessible and engaging for every team member. Highlighting

Read More

Leveraging Psychology in Cybersecurity: Strategies for SMEs

TL;DR This article delves into the intersection of psychology and cybersecurity, emphasizing the critical role of human elements in developing a resilient security culture within SMEs. Key points include the pivotal nature of psychological theories like Hofstede’s Cultural Dimensions and BJ Fogg’s Behavior-Knowledge Gap model in understanding and influencing organizational behavior towards cybersecurity. It highlights

Read More