main

DDoSSDNSecurityWAF

Orchestrating Flows for Cyber

January 24, 2018 — by Edward G. Amaroso0

There is a great scene in the movie Victor, Victoria, where the character played by James Garner decides it’s time to mix things up a bit. So, he strolls into an old gritty bar wearing a tuxedo, walks up to the bartender, and orders milk. Within minutes, the other men in the bar decide they’ve had enough of this, and they start an intense bar fight. Garner is soon throwing and taking punches, getting tossed across the floor, and loving every minute of it.

I know this sounds funny, but sometimes I feel exactly like that with technology. I’ll spend a couple of days talking with Boards and senior executives, never going more than two microns deep on any technology, and then feel like I need to get back to my office and mix things up a bit. But rather than start a bar fight (and, yes, I grew up on the Jersey Shore), I prefer to do this by diving head first into something seriously technical.

So, my afternoon with Radware a few weeks ago was just what the bartender ordered: Super technical material, interesting applications of complex SDN infrastructure, and detailed explanations of new flow orchestration tools that don’t pause for Luddites. I sat down at my desk, feeling like James Garner, and read every word.

Now, we all know that the current method of moving traffic around manually using BGP from an operations center is non-scalable to multiple, intense, parallel, non-stop denial of service attacks (If you don’t know that, then I recommend you contact your DDOS Security vendor to discuss). It’s been bothering me recently that many technology companies and enterprise teams are not more effectively using the power of software defined networking (SDN) to orchestrate security controls. SDN, you will recall, is centered on the notion of dynamically orchestrating networked entities, such as virtual routers, using software.

[You might also like: Has Cyber Security Reached Its Limits?]

An innovative solution uses the northbound interface on the SDN controller to monitor a customer’s network for volumetric increases, and to then dynamically task redirection of flow on the southbound interface to handle the attack. Vendors like Radware, with experience in load balancing, WAF, and anti-DDoS provide the perfect backdrop to building such an elegant approach to the problem.

Visualize this in your mind: External traffic is being managed inbound through your software defined data center with the usual assortment of internal destinations: websites, apps, endpoints, and so on. A DDoS attack suddenly builds up toward one of your targets, probably the website, and the SDN controller immediately flow-orchestrates the increased volume to a collection of sinks or scrubbers, while maintaining proper traffic flow to non-targeted entities.

It’s important to provide detection and orchestration of security at scale, because we know that with the speed of attacks were seeing on the Internet, enterprise teams will need to rely on proper automation to keep their applications and systems up and running.

One positive implication of software-defined flow orchestration in the enterprise is that the sinks and scrubbers used for traffic redirection can be pretty much anything you like. Radware builds, for example, a cloud WAF service can be integrated into your operation in much the same as your DDoS solution: The WAF becomes a dynamic target for traffic that requires real-time application protection. It’s a nice idea.

If you’ve had it just-about-up-to-here with compliance, or audit, or Boards, or whatever yanks your chain, then try taking a deep dive into some nice, complex API specifications – You’ll feel better immediately.

Read “2017-2018 Global Application & Network Security Report” to learn more.

Download Now

Edward G. Amaroso

Dr. Edward G. Amoroso is Chief Executive Officer of TAG Cyber LLC, a global cyber security advisory, training, consulting, and media services company supporting hundreds of major organizations across the world. Ed recently retired from AT&T after thirty-one years of service, beginning in Unix security R&D at Bell Labs and culminating as Senior Vice President and Chief Security Officer of AT&T from 2004 to 2016. He was elected an AT&T Fellow in 2010. Ed has been Adjunct Professor of Computer Science at the Stevens Institute of Technology for the past twenty-nine years, where he has introduced over three thousand graduate students to the topic of information security. He is also a Research Professor in the Computer Science Department at the NYU Tandon School of Engineering, and a Senior Advisor at the Applied Physics Laboratory at Johns Hopkins University. He is author of six books on cyber security, and dozens of major research and technical papers in peer-reviewed journals and conference proceedings. Ed holds the BS degree in Physics from Dickinson College, the MS/PhD degrees in Computer Science from the Stevens Institute of Technology, and is a graduate of the Columbia Business School. He holds ten patents in cyber security technology, and he served previously on the Board of Directors for M&T Bank and the NSA Advisory Board. Ed’s work has been highlighted on CNN, the New York Times, and the Wall Street Journal. He has worked directly with four Presidential administrations on issues related to national security, critical infrastructure protection, and cyber policy. He and his wife Lee live in New Jersey and are the proud parents of three wonderfully successful Millennials.

Leave a Reply

Your email address will not be published. Required fields are marked *