Networking major Juniper says it is betting big on Software-defined Networking and Intrusion Deception
There’s a new buzzword on the network, and yes, it has to do with scale. A lot like the virtualisation of computing and storage, the network is now at a threshold where increasing traffic is forcing a rethink of network architecture.
Given that most predictions for the future, starting with the much-hyped ‘Internet of things’, entails what they’re calling an explosion in the number of devices and traffic logged on to existing networks, scaling up in a linear way is out of the question. And it’s the scaling out that’s creating ripples in the world of network technology, says Sridhar Sarathy, Managing Director, India Excellence Centre, Juniper Networks, the second-biggest global networking company.
The networking major, which finished 10 years of its operations in India this month, has an R&D centre here, where Mr. Sarathy says some of the biggest and most advanced challenges in SDN (software-defined networking) or network virtualisation are being solved.
What is SDN?
But what is SDN, and why is it the future of networks? To put it simply, SDN is a way of virtualising our networks — that is the nodes and routers that today comprise our communications system that transmits data and traffic — and managing it in a more efficient manner. So, while computing virtualisation, and the cloud has revolutionised the way we can access and store our data, the role of networks (that transmit this data from these remote locations) has become critical. “It is the need of the hour,” says Mr. Sarathy. He explains that though SDN hasn’t come as far as virtualisation has in the server and storage sector, it’s well on it’s way into becoming an industry standard.
Layer of intelligence
SDN, as the name suggests, adds a layer of intelligence through software to the hardware-heavy world of routers. What it does is abstracts certain tasks (or planes) such as the control (which controls traffic flow using look-up tables) and data plane (that forwards the data) from the overall functions of the network routers. The functions are then centralised, thereby lightening the task of the router as the command and control part of the network functionality is taken away from the router. This makes the routers faster, more efficient and capable of taking more loads. Currently, all these tasks are performed by firmware on the routers or switches that do everything from receive data, look up destinations, decide where it will go and forward it. The other benefit of SDN is that it is open source and vendor-neutral, making it an ideal fit for most vendors.
Mr. Sarathy says that Juniper is betting big on SDN as it feels that this is where the future of the network lies. “Everyone’s talking about how there’s going to be an explosion in traffic and what’s going to come is going to be past anybody’s imagination. We’ve heard of scale up or scale out, and scaling up in a linear manner (by simply adding more nodes) is just not a feasible option for the network, which is now a critical component given where virtualisation and the cloud stand. Simply throwing in hardware into the network isn’t enough… which is why the industry is looking at SDN as the thing of the future.”
The other aspect of the network that’s drawing a lot of attention, and is at the centre of some cutting-edge research is security.
Mr. Sarathy explains that Juniper is putting all its eggs in one basket: Intrusion Deception. Juniper got hold of this sophisticated technology when it acquired Mykonos Software Inc. last February for $80 million. Myknonos’ David Koretz, who came up with this technology, compared it to ‘tripwires’, that are laid out for the bad guys to trip over so you get the extra time to track them down. That Juniper is seeing huge opportunities with this technology is evident in the fact that the U.S.-headquartered company has been reportedly lobbying with financial institutions and the Indian government for its adoption.
So how do these tripwires work? It’s simple: the technique is as old as your detective novels.
The sophisticated system is somewhat a decoy where hackers or malcode writers are given reasonably easy access into any network or even the outer layer of a database. Once the hacker enters, they’re allowed access to a dummy set of data, which is mostly false information dressed up to look vital and important such as a stockpile of credit card info or bank passwords. The network owner or administrator then gets an address or cyber fingerprint of the hacker, which can later be used to track them or simply create an inventory of these ‘problem IDs or addresses’ that can later be denied entry.
A global list can then be made and shared everywhere — with government agencies, large establishments or banks — so these access lines can be cut. Juniper also has a cloud-based threat intelligence system that enables them to fingerprint devices (and this, the company claims is not just about IP addresses that can be easily proxied) and share it worldwide.
Mr. Sarathy explains that the trick is in laying this trap and fooling attackers.
“It is a highly sophisticated system, and a lot better than the traditional safeguard methods the industry has. At present, what we’ve figured out is that most websites have nothing to go by. At a conference when asked, 80 per cent of CEOs said they had no idea if their website was hacked, and another 20 per cent said that when they did know they found out from logs. This has to change, and Intrusion Deception is a quick and robust way to do so.”