Orchestrating Flows for Cyber
There is a great scene in the movie Victor, Victoria, where the character played by James Garner decides it’s time to mix things up a bit. So, he strolls into an old gritty bar wearing a tuxedo, walks up to the bartender, and orders milk. Within minutes, the other men in the bar decide they’ve had enough of this, and they start an intense bar fight. Garner is soon throwing and taking punches, getting tossed across the floor, and loving every minute of it.
I know this sounds funny, but sometimes I feel exactly like that with technology. I’ll spend a couple of days talking with Boards and senior executives, never going more than two microns deep on any technology, and then feel like I need to get back to my office and mix things up a bit. But rather than start a bar fight (and, yes, I grew up on the Jersey Shore), I prefer to do this by diving head first into something seriously technical.
So, my afternoon with Radware a few weeks ago was just what the bartender ordered: Super technical material, interesting applications of complex SDN infrastructure, and detailed explanations of new flow orchestration tools that don’t pause for Luddites. I sat down at my desk, feeling like James Garner, and read every word.
Now, we all know that the current method of moving traffic around manually using BGP from an operations center is non-scalable to multiple, intense, parallel, non-stop denial of service attacks (If you don’t know that, then I recommend you contact your DDOS Security vendor to discuss). It’s been bothering me recently that many technology companies and enterprise teams are not more effectively using the power of software defined networking (SDN) to orchestrate security controls. SDN, you will recall, is centered on the notion of dynamically orchestrating networked entities, such as virtual routers, using software.
An innovative solution uses the northbound interface on the SDN controller to monitor a customer’s network for volumetric increases, and to then dynamically task redirection of flow on the southbound interface to handle the attack. Vendors like Radware, with experience in load balancing, WAF, and anti-DDoS provide the perfect backdrop to building such an elegant approach to the problem.
Visualize this in your mind: External traffic is being managed inbound through your software defined data center with the usual assortment of internal destinations: websites, apps, endpoints, and so on. A DDoS attack suddenly builds up toward one of your targets, probably the website, and the SDN controller immediately flow-orchestrates the increased volume to a collection of sinks or scrubbers, while maintaining proper traffic flow to non-targeted entities.
It’s important to provide detection and orchestration of security at scale, because we know that with the speed of attacks were seeing on the Internet, enterprise teams will need to rely on proper automation to keep their applications and systems up and running.
One positive implication of software-defined flow orchestration in the enterprise is that the sinks and scrubbers used for traffic redirection can be pretty much anything you like. Radware builds, for example, a cloud WAF service can be integrated into your operation in much the same as your DDoS solution: The WAF becomes a dynamic target for traffic that requires real-time application protection. It’s a nice idea.
If you’ve had it just-about-up-to-here with compliance, or audit, or Boards, or whatever yanks your chain, then try taking a deep dive into some nice, complex API specifications – You’ll feel better immediately.