BYOD (Bring Your Own Device) and SDN (Software Defined Networking) are two of the biggest trends (and buzzwords) in IT today. HP is now bringing the two together to enable a new era of security and agility for enterprise networking.
In an SDN approach, the underlying network intelligence can be abstracted from the physical hardware. Enabling SDN is the OpenFlow protocol, which can run across networking infrastructure from multiple vendors, including HP. In order to control an SDN network, a controller is required, which is something that HP has not had until now.
HP is announcing its own SDN OpenFlow controller called the Virtual Application Network SDN controller. HP’s OpenFlow contoller goes beyond what has been available in the current generation of open source OpenFlow controllers.
“We also provide a series of extensions to OpenFlow that further enables HP hardware,” Mike Banic, global marketing vice president for Networking at HP, told Enterprise Networking Planet.
An OpenFlow controller on its own isn’t all that interesting. What makes a controller interesting is the network applications that it can enable. To that end, HP is also introducing an SDN security applications called Sentinet that runs on top of the Virtual Application Network SDN controller.
Banic explained that Sentinel automates the detection of vulnerabilities across an SDN network and then automates that reporting to HP’s Arcsight SIEM product. The reporting then helps to enable remediation and compliance reporting as well.
“The SDN controller programs the access devices in a converged wired and wireless network through OpenFlow,” Banic explained. “Sentinel then as a program redirects domain name service requests.”
The SDN approach is critical for BYOD environments according to Banic, since users have both personal and work content on their devices. When a user clicks on a link, the device will send out a DNS request. Since Sentinel has access to those requests, it can compare the request to an HP TippingPoint threat management center database. If the request goes to a potentially malicious site, Sentinel blocks access to the site across the entire network, not just one access point.
HP is also updating its User Access Manager (UAM) server on the company’s Intelligent Management Center (IMC) to version 5.2 to further enable the convergence of BYOD and SDN on both wired and wireless networks. UAM 5.2 provides self-registration for users bringing their own devices, which can then be correlated against information that Sentinel sends to HP Arcsight for logging and compliance.