1. Market Research
  2. > IT Services
  3. > Hosting Market Trends

The Network Security Implications of Software Defined Networks (SDN)

  • March 2014
  • 21 pages
  • Frost & Sullivan
Report ID: 2048168


Table of Contents


Software Defined Networking (SDN) is among the buzzwords of the day. SDN is a new approach to network architecture that will generate dividends to network operators. Communications Service Providers (CSPs) have set their sights on SDN and network function virtualization (NFV) as the vehicles for achieving an unprecedented, and now increasingly necessary, level of automation and programmability.
The ramifications of implementing a new network architecture are enormous. The purpose of this report is to understand the impact of SDN on network security.

What is SDN?

In a typical networking router or switch, the control plane (or software) and the data plane (or hardware) are resident within a single hardware “box.” Software Defined Networking decouples the network control and data planes of associated IP equipment such as routers and switches. SDN also provides a new centralized intelligence and control layer. Conceptually, this decoupling is similar to the abstraction and virtualization of components that has already happened extensively in data center servers. Server virtualization has transitioned server processors and storage into abstract services, providing for the dynamic allocation of resources, as needed.

The Four Planes of Networking

The SDN impact needs to be described in terms of the four planes networking. These four planes, or layers, can be found in every network router, switch or firewall. The planes include:
• Forwarding – Forwarding provides the core functionality of moving packets as fast as possible. The forwarding plane can be accomplished in software, but forwarding is more efficiently accomplished using parallel processors within dedicated semiconductor devices (hardware).
• Control – Control is the “brains” of the network. The control plane makes network traffic routing decisions, acting as a network “traffic cop.” The control plane learns the network by talking to peer devices.
• Services – Not all networking devices have a services plane, such as a simple switch. For devices such as routers and firewalls, the services plane performs the tasks that cannot be accomplished by the forwarding hardware. Services may include stateful firewalls or data loss prevention (DLP) controls. Whenever network traffic requires additional processing, the services plane is employed.
• Management – The management plane provides the basic instructions of how each network device interacts with the rest of the network. While the control plane learns from the network itself, the management plane is often manually configured on each individual networking device. This manual engagement is prone to human error; and mistakes can result in costly stoppages of network traffic.

Implications of the Four Planes

As noted earlier, the forwarding plane uses parallel processors within dedicated semiconductor devices. The control, services, and management planes typically run on standard x processors. As a result, the forwarding plane functions optimally in dedicated silicon devices residing locally on networking devices.

network to be operated as a synchronized system instead of a mass of heterogeneous nodes. Often, network security services will be implemented in these planes through virtualization.


Virtualization separates the logical from the physical components of the workload. Application code and associated operating system are packaged neatly into a virtual machine (VM). Multiple VMs, regardless of operating system, can share a physical server. A hypervisor installed on the server allocates resources and acts as a translator, making each VM believe it has full access to the server resources.
The virtualized workload is self-contained and highly portable. Like a turtle or a motor home, the virtualized workload carries all its needs on its “back”—operating system and application code—and isn’t fussy about where it sets up housekeeping. Thus, IT technicians do not have to custom-configure a server exoskeleton for a virtualized workload.

Stages of Implementing SDN

Implementing SDN is not a simple undertaking. The implementation can almost be viewed as a Herculean task, as SDN is essentially a replacement networking architecture. As a replacement, implementation should be approached in phases:
• Management Centralization – Centralize network management, analytics, and configuration functionality into a single network master that can then configure all networking devices.
• Remove Services from Dedicated Network and Security Devices – Implement services by utilizing virtual machines on centralized industry-standard x86 servers.
• Create a Centralized Controller – A centralized controller enables “SDN Service Chaining,” which, in turn, enables networks to be dynamically reconfigured to respond to changeable network conditions. SDN service chaining also reduces the time, cost, and risk for customers to design, test and deliver new services.
• Optimize performance – The performance of the network and security solutions needs to be optimized.

What is NFV?

In discussing SDN, Network Function Virtualization (NFV) is commonly mentioned. The difference between NFV and SDN is important to be understood.
At the most basic level, NFV is a way to leverage standard, low cost, but high-performing servers as replacements for expensive, proprietary hardware currently in use in operator networks. Too often in operators’ networks, complexity from proprietary hardware grows with each new service introduction. NFV allows routers, switches, firewalls, load balancers, content delivery systems, end-user devices, IMS nodes, and almost any other network function to be run as software in virtual machines—often on shared servers, and using shared storage.

Get Industry Insights. Simply.

  • Latest reports & slideshows with insights from top research analysts
  • 60 Million searchable statistics with tables, figures & datasets
  • More than 25,000 trusted sources
  • Single User License — provides access to the report by one individual.
  • Department License — allows you to share the report with up to 5 users
  • Site License — allows the report to be shared amongst all employees in a defined country
  • Corporate License — allows for complete access, globally.

Veronica helps you find the right report:


The research specialist advised us on the best content for our needs and provided a great report and follow-up, thanks very much we shall look at ReportLinker in the future.

Kate Merrick

Global Marketing Manager at
Eurotherm by Schneider Electric

We were impressed with the support that ReportLinker’s research specialists’ team provided. The report we purchased was useful and provided exactly what we want.

Category Manager at

ReportLinker gave access to reliable and useful data while avoiding dispersing resources and spending too much time on unnecessary research.

Executive Director at
PwC Advisory

The customer service was fast, responsive, and 100% professional in all my dealings (...) If we have more research needs, I'll certainly prioritize working with ReportLinker!

Scott Griffith

Vice President Marketing at
Maurice Sporting Goods

The research specialist provided prompt, helpful instructions for accessing ReportLinker's product. He also followed up to make sure everything went smoothly and to ensure an easy transition to the next stage of my research

Jessica P Huffman

Research Associate at
American Transportation Research Institute

Excellent customer service. Very responsive and fast.

Director, Corporate Strategy at

I reached out to ReportLinker for a detailed market study on the Air Treatment industry. The quality of the report, the research specialist’s willingness to solve my queries exceeded my expectations. I would definitely recommend ReportLinker for in-depth industry information.

Mariana Mendoza

Global Platform Senior Manager at
Whirlpool Corporation

Thanks! I like what you've provided and will certainly come back if I need to do further research works.

Bee Hin Png

CEO at
LDR Pte Ltd

The research specialist advised us on the best content for our needs and provided a great report and follow-up, thanks very much we shall look at ReportLinker in the future.

Kate Merrick

Global Marketing Manager at
Eurotherm by Schneider Electric

Purchase Reports From Reputable Market Research Publishers

Japan Software-Defined Network and Network Functions Virtualization Forecast, 2017-2021

  • $ 3960
  • Industry report
  • April 2017
  • by IDC

This IDC study is a translation of the Japanese document IDC #JPJ41774717, which provides the market forecast and prospects for the Japan software-defined network (SDN) and network functions virtualization ...

Japan SDN and NFV Vendor Trends Analysis 2017

  • $ 3960
  • Industry report
  • April 2017
  • by IDC

This IDC study primarily analyzes the current performance and future outlook of the software-defined network (SDN) and network functions virtualization (NFV) markets for datacenters, enterprise networks, ...

World Software Defined Networking Market - Opportunities and Forecasts, 2015-2022

  • $ 3840
  • Industry report
  • April 2017
  • by Allied Market Research

Software defined networking (SDN) is a technology that creates a global view of network to provide centralized, intelligence-based network control by separating the control logic from off-device compute ...

Download Unlimited Documents from Trusted Public Sources

Related Market Segments :



Reportlinker.com © Copyright 2017. All rights reserved.

ReportLinker simplifies how Analysts and Decision Makers get industry data for their business.