On June 28, the Linux Foundation announced the Open Security Controller Project for the orchestration and automation of software-defined network security functions used to protect east-west traffic within data centers. It's not a new project, Intel has been working on it for some time, and made it the subject of a presentation at February's security focused RSA Conference in San Francisco. What is new is that it's now an open source project under the care and guidance of the Linux Foundation, sponsored by Huawei, McAfee, Nokia's Nuage Networks, Palo Alto Networks, and of course, Intel.
Right now, to quote Gertrude Stein out of context, "there is no there there." The problem? There doesn't seem to be much support.
I'd keep an eye on this one, however, because it's going to get off the ground, and likely pretty quickly. Why? Because it's necessary, and the Linux Foundation has the funds and moxie to spur development -- which is why Intel donated the project.
"Our contribution of the Open Security Controller to the Linux Foundation will help accelerate the adoption of software-defined security, as demonstrated by the participation of the other founding members who are among leaders in the delivery of security solutions," Rick Echevarria, vice president of Intel's software and services group explained.
Then there's Red Hat, which would probably welcome a vendor neutral and relatively easy-to-use SDS orchestration feature to customize for its hybrid cloud stack.
The project offers DevOps a single pane of glass approach for orchestrating software-defined security services in SDNs. Being vendor neutral, IT teams will be able to choose whatever SDN and security vendors they like. The initial code from Intel is available now, but unless I'm missing something, it only seems to support deployment on OpenStack at present.
When it's ready for prime time, administrators will be able to use it to orchestrate deployment of virtual network security policies and apply different policies for different workloads.
"Software-defined networks are becoming a standard for businesses, and open source networking projects are a key element in helping the transition, and pushing for a more automated network," said Arpit Joshipura, the Linux Foundation's general manager of networking and orchestration said. "Equally important to automation in the open source community is ensuring security. The Open Security Controller Project touches both of these areas."
At RSA, Intel's Manish Dave and Tarun Viswanathan did something of a proof of concept live demonstration of OSC protecting a VM from an east-west attack from another VM. It went well, of course, but that was the only trick this pony did. We'll see what develops.