Software Defined Networking / Attacker Defined Networking

SecTor 2015

Presented by: Rob VandenBrink
Date: Wednesday October 21, 2015
Time: 13:25 - 14:25
Location: 801A
Track: Tech

In this session, the topic of Software Defined Networking (SDN) will be explored from a security perspective. What SDN means today will be covered, using a lab setup using an OpenDaylight controller with networking gear from multiple vendors. Openflow, Netconf and Yang protocols will all be discussed, explored and exploited.

Security and reliability issues that result from the current state of SDN and today’s development methods will be discussed. Changes in the structure of IT groups that will be needed when deploying SDN will be outlined. How these factors will affect security operations will be discussed, as well as how SDN will affect audit, compliance and the use of IPS and SEIM solutions.

While the basics are all covered, this is not a “”what is SDN”” presentation - we’re all here to talk about security. With the groundwork laid, we’ll discuss the nuts and bolts of securing an SDN architecture, especially if it’s deployed as currently recommended. This will involve a discussion of what attack surfaces are exposed and how to defend them. Practical attacks will be used to demonstrate why ignoring security when deploying SDN will be a costly mistake!

Links

Rob VandenBrink

Rob VandenBrink is a consultant with Metafore in Canada, specializing in Networking, Security and Virtualization. He has clients in manufacturing, finance and entertainment with locations in almost every time zone. He holds several industry certifications, as well as a Master’s degree with the SANS Technology Institute. He co-authors SANS SEC579 - Virtualization and Private Cloud Security. Rob is also an Incident Handler with the Internet Storm Center - look for his posts at http://isc.sans.edu!


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats