Software-defined networking (SDN) is becoming a new paradigm for computer networks, gaining popularity in industry and academia alike. While SDN introduces new capabilities to traditional networking, it also adds complexity. Among many other capabilities that SDN provides to traditional networks, it makes tracking and detecting network attacks much easier via a centralized controller. However, the presence of a centralized controller also leads to a single point of failure in the network, which attackers can exploit to bring down the network, thus making the network vulnerable.

This paper summarizes a Dagstuhl seminar, held in September 2016, regarding the positives and negatives of SDN with regard to network security. It presents some significant outcomes related to SDN and its effect on network security. It also briefly reviews research directions to achieve secure SDN architectures and configurations. To get a complete picture of the discussions--and the outcomes of those discussions--one must go through the Dagstuhl Reports issue [1], which consists of papers on SDN and network security by seminar participants. Both Dacier et al.’s paper and [1] present expert opinions regarding SDN and its effect on network security.

It is interesting to read the points made by experienced participants from industry and academia, both in favor and against SDN. This paper and the related report [1] are highly recommended for anyone interested in SDN. It is important to know how SDN can improve network security while at the same time making the network vulnerable, as well as research directions to improve SDN and thus attain secure and efficient networks.