Showing results for 
Search instead for 
Do you mean 

How to use SDN to improve the security posture of the network

on ‎10-07-2013 09:37 AM

By Newsha Sharifzadeh, Global Product Marketing Manager


ns.jpgWe’ve been following Jim Meltzer SDN Journey series for the past few months- learning about what organizations should know and consider about Software-defined Networking (SDN). Now in this video we look into how to use SDN to improve the security posture of the network.






Treating network and security as two separate silos


One of the existing practices for security is to manage the network and security as two separate silos. The IT organizations deploy several security appliances that are configured at deployment and then re-configured when only absolutely critical.


Given how networks expand, this method of implementing security is unsustainable.  As the number of security appliances increases, managing them becomes yet another challenge for the IT organization to handle. SDN solves this problem as it has a central point of control, where security policies can be automated and deployed from a single point, bringing more flexibility to the network, and eliminating device by device configuration.



HP Sentinel security application brings security to the edge


HP Sentinel security, winner of the best “SDN solution” at 2013 Innovation award, is an SDN application that enables automated network posture assessment and provides real-time security across the  network.  With the proliferation of BYOD, I believe automating security measures becomes even more crucial. ns_1.jpg


HP Sentinel always-on security feature-set can be deployed across the campus and datacenter network infrastructure and delivers an exceptional protection against 1million malicious botnet, malware and spyware threats.  


HP Sentinel leverages the HP Virtual Application Networks (VAN) SDN Controller and OpenFlow to program the network infrastructure with security intelligence from the TippingPoint RepDV Labs database. This feature effectively turns the entire network infrastructure into security-enforcement devices, providing unprecedented threat protection and visibility.



How does the Sentinel security application work?


I thought a step by step example would clarify how HP Sentinel works.  Let’s assume an employee brings his tablet to work and tries to check out a site. Here is what Sentinel does in the background:


  1. A Domain Name System (DNS) query would be sent to the local OpenFlow-enabled devices.
  2.  The switch forwards the traffic to the HP VAN SDN controller.
  3. HP Sentinel checks the hostname against the HP TippingPoint DVLabs RepDV database of known threats.
  4. The DVLabs database has a reputation score for each domain name.  You can set different thresholds each score and by comparing the threshold with the score, Sentinel determines:

          a. If the site is legitimate -> allow access.

          b. If the site is not legitimate -> block the user.




I thought to share a quote from one of our customers on Sentinel:


“The Sentinel SDN application takes away a lot of the manual labor that we used to do….we can detect threats and respond in a proactive manner.  That saves us hours of work every week.”

 Gregory Bell, Head of Technical Services, Ballarat Grammar


The HP Sentinel SDN application is an example of how SDN brings agility and automation to the network and enables you to be proactive in reposnding to your network threats.


I look forward to Jim’s next video as he will be discussing Northbound API and how HP is implementing that. 



>> For more information visit

>> Follow HP Networking on Twitter and Google+| Join HPN LinkedIn Community | Like us HPN Facebook 


>> Register to receive the HP Networking newsletter



About the Author

Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the Community Guidelines.

Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
January 2016
Software Expert Days - 2016
Join us online to talk directly with our Software experts during the online Expert Days - see details below. Software experts do not monitor this foru...
Read more
See board event postings
Vivit Events - 2016
Learn about upcoming Vivit webinars and live events in 2016.
Read more
View all