Software-defined networking (SDN)

With software-defined networking (SDN), the control plane, the part of the network that controls the traffic of data packets, is separated from the data plane, the infrastructure layer of the network responsible for processing data to perform tasks. In other words, the control plane is the wits and the data plane is the power.

The control plane is then governed by an SDN controller—software that takes over the job of managing the network infrastructure, thus becoming the wits of the network—while the data plane remains part of the hardware.

Decoupling the control plane from the data plane allows for one SDN controller to control the entire network. This is different from traditional networking where individual routers and switches make their own decisions and need to be configured separately.

SDN allows for more flexibility when making any changes to network infrastructure, such as deploying patches and updates to various devices, since individual pieces of hardware don’t need to be manually configured. There’s also less of a need to purchase additional hardware in the SDN model because network infrastructure can easily be changed through the SDN controller, allowing businesses to effortlessly scale their networks without the need for new routers.

While the SDN model has a lot of benefits, it also comes with its drawbacks. If an attacker gains unauthorized access to an SDN controller, they can take over a whole network and control it like a network administrator to perform malicious activities (e.g., dropping traffic).