alphaspirit - Fotolia
Should the Netdump flaw deter enterprise ODL SDN use?
The benefits of the ODL SDN platform are promising, but what about the recent Netdump flaw it experienced? Expert Kevin Beaver discusses why you may not want to pass on OpenDayligh just yet.
We've been closely following the OpenDaylight open source software-defined networking (SDN) initiative as a primary platform for a future SDN implementation, but the critical vulnerability found in it a few months ago (and the long time it took to get patched) has given us pause. From a security perspective, how does OpenDaylight compare to a vendor-specific platform like those from Cisco or VMware?
Security vulnerabilities -- such as Netdump -- and their associated response initiatives can affect any organization, at anytime and anywhere. There is a bit of irony in the fact that -- of all things -- an open source SDN platform has a flaw that doesn't get resolved in a timely manner. These are not necessarily what enterprise IT and security managers are looking for in this area. Of course, in OpenDaylight's defense, every security flaw uncovered by researchers these days is labeled "critical" while reality is showing us that is not necessarily the case across the board.
While I have not yet had the opportunity to evaluate or witness OpenDaylight in an enterprise setting, the good thing is the project is supported by many of the big players in the business, including Cisco, Dell and HP to name a few.
But rather than answer which open source SDN platform is better, your organization needs to step back and ask itself:
- What is it that we're trying to accomplish?
- What are our high-level goals with SDN?
- What are our current security risks?
- What are our current security requirements?
- How does our existing network architecture tie in?
- What about business continuity, do we have any unique needs in that area?
I remember -- not that long ago -- when Mac computers were considered impenetrable -- super secure alternatives to Windows. Now it seems that more and more exploits and malware are impacting that platform.
Simply put, every platform and environment is going to get hit. If anything, the ODL SDN vulnerability shows that it has some visibility in the market. I suspect it will only become a more resilient platform for those looking to go with an open source technology moving forward.
Ask the Expert:
Have a question about network security? Send it via email today. (All questions are anonymous.)
