One of the particularly interesting ideas that the PLUMgrid OpenStack Networking Suite introduces, aside from tenant isolation using private virtual networks, is the notion that all traffic within the network is encrypted. Secure Sockets Layer (SSL)-based encryption for data in motion is widely used within OpenStack, but PLUMgrid isn’t using SSL.
Instead, Monclus said that the technology his company is using is an overlay-based encryption approach within VXLAN. VXLAN is a key SDN networking protocol that typically does not include encryption. If there is a security breach where traffic gets sent to the wrong location, the traffic is encrypted, limiting the risk, he noted.