SDN is a concept of programmable networking. A network manager can process each network flow through software programs. In this dissertation, the SDN network environment security will be separated as client-side risk security research and core network switches group security research. The client-side risk security research is focus on vulnerabilities auditing and assessment mechanism. Information security audit has become more and more important to the organizations. However, human is usually the most vulnerable part about information security in the organization. In this part, we proposed a dynamic risk assessment mechanism to help the information security manager realizing the human security awareness and vulnerability assessment in end client devices. A practical implementation demonstrates that the proposed mechanism is available. In the core network switches group part, there is a hypothesis that all switches are trusted and follow programmed commands to handle packets on SDN. That is, once a switch is compromised by an attacker and does not follow the order of the network manager, this will bring a huge network disaster. In this dissertation, some attack models through compromised switches had been defined and a detection mechanism to find these compromised devices has been designed. Briefly of this dissertation, we proposed fully security sector considerations of SDN network environment from the client-side to the core network, from the policy consideration to the technical network topology, and also from software vulnerabilities of application layer to network package flow of physical layer.