Obviously, a network controller is a potentially high-value target for attackers, because if they get control of the controller, then they manage your network. However, an OpenFlow controller really doesn't present more of a target than any other critical network, system or hypervisor management system.
The controller needs to be protected from attack and needs to have strong authentication built in, rights management to control who can do what, an audit log to track and roll back changes, and all the other features you'd expect to protect a controller. Not having those features is a non-starter.
Mike Fratto is a principal analyst at Current Analysis, covering the Enterprise Networking and Data Center Technology markets. Prior to that, Mike was with UBM Tech for 15 years, and served as editor of Network Computing. He was also lead analyst for InformationWeek Analytics ... View Full Bio