Multicast is widely applied in cloud data centers. Because intermediate nodes can encode the packets, network coding improves the capacity and robustness of multicast applications. However, this system is vulnerable to pollution attacks. Existing schemes mainly focus on homomorphic cryptographic technologies against such attacks. However, the homomorphic cryptographic technology introduces complicated key management and calculation and storage overhead. This paper proposes a novel, fast, and secure network-coding multicast on software-defined networks. This scheme separates the complicated secure multicast management from fast data transmission. In the control layer, when users and switches try to join the secure multicast, they are authenticated and authorized by the controller. Only trusted nodes can join the forwarding paths. In the data layer, the trusted nodes only forward the data. The proposed scheme can use traditional cryptography without homomorphy; thus, it greatly reduces computation complexity, improves transmission efficiency, and thwarts pollution and eavesdropping attacks.