Software-defined networking refers to an approach to building a computer network that allows for programmable network switch infrastructures, in which the rules that determine how the network switches are to process network flows can be dynamically specified and changed. Such programmability is useful, for instance, in the management of virtual computing resources that may be spawned or terminated on demand. The OPENFLOW network model is one example of a protocol that may be used to implement software-defined networking.
According to traditional notions of network perimeter defense, network security may be provided by a well-defined (e.g., static) security policy that can be instantiated for a particular network topology. In traditional network environments, the security policy often can be deployed and enforced consistently across the network infrastructure.