In this chapter, we have looked at network security and ways in which security practices need to evolve to meet the demands of modern software-defined networks, as the industry has started to move away from flat layer 2 networks and instead utilize virtualized overlay networks.
This chapter has also hopefully debunked some of the fear and uncertainty associated with securing software-defined networks, while tackling hot topics such as the separation of test and production environments and the use of virtual firewalling for micro-segmentation as opposed to physical firewalls.
The focus of the chapter then shifted to strategies that can be adopted above and beyond minimum security requirements and looked at ways to secure SDN controllers and minimize the attack vectors. This can be achieved by isolating networks, creating out of band networks for network devices, appropriate authentication, and using TLS for inter-network device communication.
The chapter has also looked at the gains...