Securing Network Automation
If you have operational experience in running large networks then you’re probably yearning to replace the traditional way of managing individual network devices via SSH with something better and more reliable. Software Defined Networking (SDN) was touted as the all-encompassing solution, but what we got instead is a heap of academic ideas, several platforms that require as much investment as an SAP deployment, and a bunch of proprietary products focused more on increasing lock-in and vendor revenue than solving operational problems.
It’s time we learn from the Unix playbook and start building our network automation solutions from small reusable components… but can we make such a solution secure and reliable? Can we still protect the network from misconfiguration, management-plane attacks, or automation-caused failures? This presentation will discuss the security and reliability challenges of network automation, and describe a few potential solutions.