SDN Brings a "Deny All" Approach to OT

Image of a padlock with a cyber-esque background

David Smit, Systems Analyst | April 14, 2021

Software-defined networking (SDN) has typically been used to protect and manage IT networks, but its device-based, zero-trust security and administration benefits can provide real value for operational technology (OT) spaces as well.

SDN creates an abstract version of your physical network to control and manage switches. Moving the control plane from individual switches to a central controller. Instead of changing policies individually at each switch, the entire network can be managed from one screen.

Why SDN Makes Sense for OT

SDN can provide OT networks with zero-trust security, easier management and maintenance, and increased flexibility.

  • Security. One of SDN’s main advantages is the additional visibility and control provided through the controller. It protects above and beyond traditional firewalls and allows protection of East/West traffic in addition to North/South traffic.
  • Management and Maintenance. Instead of looking at multiple tools for firewalls, network servers, etc., SDN consolidates those tasks into one product. On the maintenance side, SDN inherently takes the fastest path available. This means if a network or connection breaks, SDN will automatically take a different path on its own as long as there’s a physical connection.
  • Flexibility. A good SDN product should be able to interact with many different switch vendors. You can apply SDN to an existing network or a new network – how you roll it out depends on your specific needs and budget.

Who Needs to Be Convinced?

The specific benefits of SDN in OT spaces are different depending on who is concerned. To get total buy-in from each group, you need to understand what SDN can do for them.

  • Plant-level Controls Engineers. SDN’s policy-based rules are attractive to people who constantly have to engage IT to reconfigure devices to different switches or ports.
  • IT/OT Administrators. While these groups may have a history of conflict, SDN allows them to work together. Both groups can have visibility and control of networks.
  • C-Suite/CISO. High-level management roles will be most interested in SDN’s security offerings, which will go beyond what they already have in place. Implementing zero-trust gives a cybersecurity executive job security.

As more SDN products reach the market, prices will even out, and companies of any size can adopt them and reap benefits. If you’re searching for a complete zero-trust network, SDN could be the answer. Reach out to a trusted systems integrator with OT experience to explore the specific benefits SDN can bring to your operations.

This article was originally published by Automation World.