INTRODUCTIONAs the nature of threats to organizations continues to evolve, so must the defenseposture of the organizations. In the past, threats from both internal and externalsources were relatively slow-moving and easy to defend against. In todaysenvironment, where Internet worms spread across the world in a matter of minutes,security systems - and the network itself - must react instantaneously.The foundation for a self-defending network is integrated security - security that isnative to all aspects of an organization. Every device in the network - fromdesktops through the LAN and across the WAN - plays a part in securing thenetworked environment through a globally distributed defense. Such systems helpto ensure the privacy of information transmitted and to protect against internal andexternal threats, while providing corporate administrators with control over accessto corporate resources. SDN shows that the approach to security has evolved froma point product approach to this integrated security approachThese self-defending networks will identify threats, react appropriately to theseverity level, isolate infected servers and desktops, and reconfigure the networkresources in response to an attack. The vision of the Self-Defending Networkbrings together Secure Connectivity, Threat Defense and Trust and IdentityManagement System with the capability of infection containment and rouge deviceisolation in a single solution.SELF DEFENDING NETWORKSTo defend their networks, IT professionals need to be aware of the new nature ofsecurity threats, which includes the following:Shift from internal to external attacks Before 1999, when key applications ran onminicomputers and mainframes, threats typically were perpetrated by internal userswith privileges. Between 1999 and 2002, reports of external events rose 250percent, according to CERT.Shorter windows to react. When attacks homed in on individual computers ornetworks, companies had more time to understand the threat. Now that viruses canpropagate worldwide in 10 minutes, that "luxury" is largely gone. Antivirussolutions are still essential but are not enough: by the time the signature has beenidentified, it is too late. With self-propagation, companies need networktechnology that can autonomously take action against threats.
More difficult threat detection. Attackers are getting smarter. They used to attackthe network, and now they attack the application or embed the attack in the dataitself, which makes detection more difficult.An attack at the network layer, forexample, can be detected by looking at the header information. But an attackembedded in a text file or attachment can only be detected by looking at the actualpayload of the packet--something a typical firewall doesnt do.The burden of threatdetection is shifting from the firewall to the access control server and intrusiondetection system.Rather than single-point solutions, companies need holisticsolutions.A lowered bar for hackers. Finally, a proliferation of easy-to-use hackers tools andscripts has made hacking available to the less technically-literate. The advent ofpoint-and-click hacking means the attacker doesnt have to know whats going onunder the hood in order to do damage.These trends in security are what have lead to the advent of SDNs or SelfDefending Networks as the latest version in security control.