Great article on Inside-openflow.com explains how an SDN/OpenFlow can be used to implement IP Reputation and Mitigation Cybersecurity functions for use with OpenFlow switches and add value to existing intrusion detection and prevention solutions.
The security community develops and compiles all sorts of warnings and mitigation advisory events. This can include everything from downloadable blacklists with IP addresses with reported network cracking activity to advanced IDS/IPS systems like Bro which monitor traffic in your network and can pinpoint specific connections as attacks. One of the largest issues today is not getting this information, but figuring out how to make the best use of it.
In this article, we will cover a point-solution training and research controller developed by Inside OpenFlow that can help with understanding abstract cybersecurity network pipelines including how security events can be turned into mitigation rules for every OpenFlow switch in a network. Let’s put SDN to work!