SDN Security Design Challenges
|
|
- Lorin Parks
- 8 years ago
- Views:
Transcription
1 Nicolae Paladi SDN Security Design Challenges SICS Swedish ICT! Lund University In Multi-Tenant Virtualized Networks
2 Multi-tenancy Multiple tenants share a common physical infrastructure.
3 Multi-tenancy A tenant corresponds to a customer using a particular virtual network. Organization A
4 Multi-tenancy Tenants may belong to different administrative domains. Organization A Organization B
5 Multi-tenancy Tenants expect network isolation of their domain. Domain B Domain A
6 Multi-tenancy Physical resource sharing is fully abstracted, with tenants unaware of other neighbours. Tenant A Tenant B Tenant C
7 Multi-tenancy Tenants may create multiple distinct virtual network instances and topologies.
8 Network Slicing A. Bandwidth B. Topology C. Traffic D. Device CPU E. Forwarding tables (aka forwarding information base)
9 Software Defined Networking A network architecture which decouples the network forwarding functionality from the control and management logic!
10 SDN System Model Management applications are used by network administrators to express their network configuration goals using a set of high-level comments. May include components such as firewalls, intrusion detection systems, traffic shapers, etc. Control plane is a logically distributed abstraction layer that transforms high-level network operator goals into discrete routing policies based on a global network view. Southbound API is a vendor-agnostic set of instructions implemented by the routing equipment on the data plane. The data plane contains both hardware and software rout- ing equipment. This component implements the routing policies that satisfy the goals of the network administrator. Management Applications Network Hypervisor Global network view Network Operating System (e.g. NOX, Rosemary, etc.) Southbound API
11 Scenario
12 Scenario Large-scale enterprise network infrastructure (e.g. one or multiple datacenters)! Multiple tenants share the virtualised infrastructure! Tenants set up their own topology! Provider allocates quotas, manages routing, handles conflicts and service disruptions
13 SDN Adversarial Model Who is the adversary?! What are the capabilities of the adversary?! What are the threat vectors?
14 Security of SDN infrastructure! vs.! Security capabilities enabled by SDN
15 Security of SDN infrastructure! vs.! Security capabilities enabled by SDN
16 Adversarial Model Assumptions Assume hardware integrity Assume physical security Assume cryptographic security
17 Adversary Capabilities Overhear, intercept, and synthesise messages. Analyse the traffic patterns in the network Disrupt or degrade network connectivity. Send valid tenant packages with an arbitrary content and frequency to the components it can reach. Attempt to impersonate other tenants. Install arbitrary management applications and issue policies within its network domain. Attempt to decrypt intercepted network traffic that is sent and received by other tenants. Attack the network communication of the SDN-based infrastructure. Attempt to impersonate network infrastructure components. Issue malicious policies aiming to either monitor, distort or disrupt network traffic. Attempt to decrypt intercepted network traffic that is sent and received by other network infrastructure components.
18 Attack Vectors A.Vulnerabilities in the control plane B. Attacks on control plane communications C. Lack of a trust chain between the management applications and the data plane D. Attacks on policies and rules in programmable networks E. Resource limit violations F. Attacks on virtual switches and network gateways G. Weak bandwidth isolation as attack vehicle Management Applications Network Hypervisor Global network view Network Operating System (e.g. NOX, Rosemary, etc.) Southbound API C E A/B/C D F/G
19 Security Requirements A: Access control model to limit effect of vulnerabilities in controllers. A: Policy verification prior to deployment. B: Authenticated communication between control plane components; secure enrolment mechanism for management applications and data plane devices. C: Traceability and non-repudiation for all configuration commands and policies issued by network management applications. D: A mechanism for network policy isolation, such that the effects of policies in a certain tenant domain have no effect on other domains. Management Applications Network Hypervisor Global network view Network Operating System (e.g. NOX, Rosemary, etc.) Southbound API C E A/B/C D F/G
20 Security Requirements (continued) D: New network management policies must run through an integration verification engine prior to deployment. E: Mechanism to ensure that network management applications do not allocate resources beyond the assigned quota. F: Verified integrity of virtual network components prior to deployment; keys protected with a hardware root of trust. G: Policy-based routing decisions immune to vulnerabilities in bandwidth isolation between tenants. G: Software and hardware network components must offer equally strong bandwidth isolation properties. Management Applications Network Hypervisor Global network view Network Operating System (e.g. NOX, Rosemary, etc.) Southbound API C E A/B/C D F/G
21 Upcoming Work (Setting up the infrastructure) 1. Integrity verification of virtual network components prior to deployment.! 2. Authenticated communication between control plane components.! 3. Secure enrolment mechanism for management applications and data plane devices.! 4. Configuration policy grammar suitable for integration verification.
22 Upcoming Work (Ramping up security guarantees) 1. Access control model for network operating systems.! 2. Additional mechanisms for quota enforcement and monitoring.! 3. Scalable model-based policy integration verification prior to deployment on data plane. Bodiam Castle
23 Recommended Reading A. Greenberg, G. Hjalmtysson, D. A. Maltz, A. Myers, J. Rexford, G. Xie, H. Yan, J. Zhan, and H. Zhang, A clean slate 4D approach to network control and management, ACM SIGCOMM Computer Communication Review, vol. 35, no. 5, pp , M. Casado, M. J. Freedman, J. Pettit, J. Luo, N. McKeown, and S. Shenker, Ethane: taking control of the enterprise, in ACM SIGCOMM Computer Communication Review, vol. 37, pp. 1 12, ACM, M. Casado, N. Foster, and A. Guha, Abstractions for software-defined networks, Communications of the ACM, vol. 57, no. 10, pp , N. Gude, T. Koponen, J. Pettit, B. Pfaff, M. Casado, N. McKeown, and S. Shenker, NOX: towards an operating system for networks, ACM SIGCOMM Computer Communication Review, vol. 38, no. 3, pp , T. Koponen, M. Casado, N. Gude, J. Stribling, L. Poutievski, M. Zhu, R. Ramanathan, Y. Iwata, H. Inoue, T. Hama, et al., Onix: A Distributed Control Platform for Large-scale Production Networks., in OSDI, vol. 10, pp. 1 6, P. Porras, S. Shin, V. Yegneswaran, M. Fong, M. Tyson, and G. Gu, A security enforcement kernel for OpenFlow networks, in Proceedings of the first workshop on Hot topics in software defined networks, pp , ACM, S. Shin, Y. Song, T. Lee, S. Lee, J. Chung, P. Porras, V. Yegneswaran, J. Noh, and B. B. Kang, Rosemary: A Robust, Secure, and High- Performance Network Operating System, in Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pp , ACM, D. Kreutz, F. Ramos, and P. Verissimo, Towards secure and dependable software-defined networks, in Proceedings of the second ACM SIGCOMM workshop on Hot topics in software defined networking, pp , ACM, Lasserre, M., et al. Framework for Data Center (DC) Network Virtualization. No. RFC Hartman, S., Zhang, D., Wasserman, M., Qiang, Z., Mingui, Z. Security Requirements of NVO3, draft-ietf-nvo3-security-requirements-04.
Towards Secure Multi-tenant Virtualized Networks
Towards Secure Multi-tenant Virtualized Networks Nicolae Paladi SICS Swedish ICT nicolae@sics.se Christian Gehrmann SICS Swedish ICT chrisg@sics.se Abstract Network virtualization enables multi-tenancy
More informationSDN. What's Software Defined Networking? Angelo Capossele
SDN What's Software Defined Networking? Angelo Capossele Outline Introduction to SDN OpenFlow Network Functions Virtualization Some examples Opportunities Research problems Security Case study: LTE (Mini)Tutorial
More informationOperationCheckpoint: SDN Application Control
OperationCheckpoint: SDN Application Control Workshop on Secure Network Protocols (NPSec 14) 19 October 2014 Sandra Scott-Hayward, Christopher Kane and Sakir Sezer s.scott-hayward@qub.ac.uk Centre for
More informationSoftware Defined Networking Architecture
Software Defined Networking Architecture Brighten Godfrey CS 538 October 8 2013 slides 2010-2013 by Brighten Godfrey The Problem Networks are complicated Just like any computer system Worse: it s distributed
More informationVirtualizing the Network Forwarding Plane
Virtualizing the Network Forwarding Plane Martín Casado Nicira Teemu Koponen Nicira Rajiv Ramanathan Google Scott Shenker UC Berkeley 1 Introduction Modern system design often employs virtualization to
More informationHow To Design A Secure, Robust, And Resilient Network Control System (Network) Controller
Design and deployment of secure, robust, and resilient SDN Controllers SDNRG @ IETF 93 Wednesday, 22 July 2015 Sandra Scott-Hayward s.scott-hayward@qub.ac.uk Centre for Secure Information Technologies
More informationTraffic-based Malicious Switch Detection in SDN
, pp.119-130 http://dx.doi.org/10.14257/ijsia.2014.8.5.12 Traffic-based Malicious Switch Detection in SDN Xiaodong Du 1, Ming-Zhong Wang 1, Xiaoping Zhang 2* and Liehuang Zhu 1 1 Beijing Engineering Research
More informationCloudWatcher: Network Security Monitoring Using OpenFlow in Dynamic Cloud Networks
CloudWatcher: Network Security Monitoring Using OpenFlow in Dynamic Cloud Networks (or: How to Provide Security Monitoring as a Service in Clouds?) Seungwon Shin SUCCESS Lab Texas A&M University Email:
More informationScalability of Control Planes for Software Defined Networks:Modeling and Evaluation
of Control Planes for Software Defined Networks:Modeling and Evaluation Jie Hu, Chuang Lin, Xiangyang Li, Jiwei Huang Department of Computer Science and Technology, Tsinghua University Department of Computer
More informationEnabling Software Defined Networking using OpenFlow
Enabling Software Defined Networking using OpenFlow 1 Karamjeet Kaur, 2 Sukhveer Kaur, 3 Vipin Gupta 1,2 SBS State Technical Campus Ferozepur, 3 U-Net Solutions Moga Abstract Software Defined Networking
More informationNetwork Management through Graphs in Software Defined Networks
Network Management through Graphs in Software Defined Networks Gustavo Pantuza, Frederico Sampaio, Luiz F. M. Vieira, Dorgival Guedes, Marcos A. M. Vieira Departament of Computer Science Universidade Federal
More informationCan Software Defined Networks (SDN) manage the dependability of the service provided to selected customers?
Can Software Defined Networks (SDN) manage the dependability of the service provided to selected customers? Gianfranco Nencioni Dipartimento di Ingegneria dell Informazione Università di Pisa Mini-seminar
More informationNetwork Virtualization in the Data Center
EDIC RESEARCH PROPOSAL 1 Network Virtualization in the Data Center Sam Whitlock EB Group, I&C, EPFL Abstract Modern data centers are abstracted into different pools of resources: compute, storage, and
More informationSoftware-Defined Networks: on the road to the softwarization of networking
Software-Defined Networks: on the road to the softwarization of networking Fernando M. V. Ramos LaSIGE/FCUL, University of Lisboa, Portugal fvramos@ciencias.ulisboa.pt Diego Kreutz, Paulo Verissimo SnT/University
More informationProviding Elasticity to Intrusion Detection Systems in Virtualized Software Defined Networks
IEEE ICC 215 - Communication and Information Systems Security Symposium Providing Elasticity to Intrusion Detection Systems in Virtualized Software Defined Networks Martin Andreoni Lopez, Otto Carlos M.
More informationSoftware Defined Networks (SDN): Leveraging network state for rendezvous services
Software Defined Networks (SDN): Leveraging network state for rendezvous services Vijay K. Gurbani, Michael Scharf, T.V. Lakshman and Volker Hilt Bell Laboratories, Alcatel-Lucent Email: {vijay.gurbani,michael.scharf,t.v.lakshman,volker.hilt}@alcatel-lucent.com
More informationA collaborative model for routing in multi-domains OpenFlow networks
A collaborative model for routing in multi-domains OpenFlow networks Xuan Thien Phan, Nam Thoai Faculty of Computer Science and Engineering Ho Chi Minh City University of Technology Ho Chi Minh city, Vietnam
More informationA Study on Software Defined Networking
A Study on Software Defined Networking Yogita Shivaji Hande, M. Akkalakshmi Research Scholar, Dept. of Information Technology, Gitam University, Hyderabad, India Professor, Dept. of Information Technology,
More informationReview On Architecture & Security Issues of SDN
Review On Architecture & Security Issues of SDN Gagandeep Garg 1, Roopali Garg 2 Research Scholar, Dept. Of IT, U.I.E.T., PU, Chandigarh, India 1 Coordinator, Dept. Of IT, U.I.E.T., PU, Chandigarh, India
More informationTowards Secure and Dependable Software-Defined Networks
Towards Secure and Dependable Software-Defined Networks Diego Kreutz, Fernando Ramos, Paulo Veríssimo kreutz@lasige.di.fc.ul.pt, fvramos@fc.ul.pt, pjv@di.fc.ul.pt LASIGE - Large-Scale Informatics Systems
More informationDistributed Software-Defined Networking: The ACM PODC 2014 Workshop DSDN
Distributed Software-Defined Networking: The ACM PODC 2014 Workshop DSDN Petr Kuznetsov 1 Stefan Schmid 2 1 Télécom ParisTech petr.kuznetsov@telecom-paristech.fr 2 TU Berlin & T-Labs stefan.schmid@tu-berlin.de
More informationOpenFlow Vulnerability Assessment
OpenFlow Vulnerability Assessment Kevin Benton School of Informatics and Computing Indiana University Bloomington, Indiana, USA KTBenton@Indiana.edu L. Jean Camp School of Informatics and Computing Indiana
More informationHyperFlow: A Distributed Control Plane for OpenFlow
HyperFlow: A Distributed Control Plane for OpenFlow Amin Tootoonchian University of Toronto amin@cs.toronto.edu Yashar Ganjali University of Toronto yganjali@cs.toronto.edu Abstract OpenFlow assumes a
More informationSecurity improvement in IoT based on Software Defined Networking (SDN)
Security improvement in IoT based on Software Defined Networking (SDN) Vandana C.P Assistant Professor, New Horizon College of Engineering Abstract With the evolving Internet of Things (IoT) technology,
More informationRyuo: Using High Level Northbound API for Control Messages in Software Defined Network
Ryuo: Using High Level Northbound API for Control Messages in Software Defined Network Shaoyu Zhang, Yao Shen, Matthias Herlich, Kien Nguyen, Yusheng Ji, Shigeki Yamada Department of Computer Science and
More informationSDN Rootkits: Subverting Network Operating Systems of Software-Defined Networks
SDN Rootkits: Subverting Network Operating Systems of Software-Defined Networks Christian Röpke and Thorsten Holz Horst Görtz Institute for IT-Security (HGI) Ruhr-University Bochum christian.roepke@rub.de,
More informationOpenFlow and Onix. OpenFlow: Enabling Innovation in Campus Networks. The Problem. We also want. How to run experiments in campus networks?
OpenFlow and Onix Bowei Xu boweixu@umich.edu [1] McKeown et al., "OpenFlow: Enabling Innovation in Campus Networks," ACM SIGCOMM CCR, 38(2):69-74, Apr. 2008. [2] Koponen et al., "Onix: a Distributed Control
More informationSDN AND SECURITY: Why Take Over the Hosts When You Can Take Over the Network
SDN AND SECURITY: Why Take Over the s When You Can Take Over the Network SESSION ID: TECH0R03 Robert M. Hinden Check Point Fellow Check Point Software What are the SDN Security Challenges? Vulnerability
More informationSoftware Defined Networking
Software Defined Networking Richard T. B. Ma School of Computing National University of Singapore Material from: Scott Shenker (UC Berkeley), Nick McKeown (Stanford), Jennifer Rexford (Princeton) CS 4226:
More informationAn Introduction to Software-Defined Networking (SDN) Zhang Fu
An Introduction to Software-Defined Networking (SDN) Zhang Fu Roadmap Reviewing traditional networking Examples for motivating SDN Enabling networking as developing softwares SDN architecture SDN components
More informationPushing Enterprise Security Down the Network Stack
Pushing Enterprise Security Down the Network Stack Ankur Nayak, Alex Reimers, Russ Clark, Nick Feamster School of Computer Science, Georgia Tech ABSTRACT Network security is typically reactive: Networks
More informationMitigating DDoS Attacks using OpenFlow-based Software Defined Networking
Mitigating DDoS Attacks using OpenFlow-based Software Defined Networking Mattijs Jonker and Anna Sperotto Design and Analysis of Communication Systems (DACS) Centre for Telematics and Information Technology
More informationFormal Specification and Programming for SDN
Formal Specification and Programming for SDN relevant ID: draft-shin-sdn-formal-specification-01 Myung-Ki Shin, Ki-Hyuk Nam ETRI Miyoung Kang, Jin-Young Choi Korea Univ. Proposed SDN RG Meeting@IETF 84
More informationTowards an Elastic Distributed SDN Controller
Towards an Elastic Distributed SDN Controller Advait Dixit, Fang Hao, Sarit Mukherjee, T.V. Lakshman, Ramana Kompella Purdue University, Bell Labs Alcatel-Lucent ABSTRACT Distributed controllers have been
More informationImplementation of Address Learning/Packet Forwarding, Firewall and Load Balancing in Floodlight Controller for SDN Network Management
Research Paper Implementation of Address Learning/Packet Forwarding, Firewall and Load Balancing in Floodlight Controller for SDN Network Management Raphael Eweka MSc Student University of East London
More informationDDoS Attack Protection in the Era of Cloud Computing and Software-Defined Networking
DDoS Attack Protection in the Era of Cloud Computing and Software-Defined Networking Bing Wang Yao Zheng Wenjing Lou Y. Thomas Hou Virginia Polytechnic Institute and State University, Blacksburg, VA, USA
More informationFuture of DDoS Attacks Mitigation in Software Defined Networks
Future of DDoS Attacks Mitigation in Software Defined Networks Martin Vizváry, Jan Vykopal Institute of Computer Science, Masaryk University, Brno, Czech Republic {vizvary vykopal}@ics.muni.cz Abstract.
More informationImproving Network Management with Software Defined Networking
Improving Network Management with Software Defined Networking Hyojoon Kim and Nick Feamster, Georgia Institute of Technology 2013 IEEE Communications Magazine Presented by 101062505 林 瑋 琮 Outline 1. Introduction
More informationHow OpenFlow-based SDN can increase network security
How OpenFlow-based SDN can increase network security Charles Ferland, IBM System Networking Representing the ONF ferland@de.ibm.com +49 151 1265 0830 Important elements The objective is to build SDN networks
More informationTrusting SDN. Brett Sovereign Trusted Systems Research National Security Agency 28 October, 2015
Trusting SDN Brett Sovereign Trusted Systems Research National Security Agency 28 October, 2015 Who I am 18 years experience in Cryptography, Computer and Network Security Currently work at Trust Mechanisms,
More informationControl-Plane Slicing Methods in Multi-Tenant Software Defined Networks
Control-Plane Slicing Methods in Multi-Tenant Software Defined Networks C. Argyropoulos, S. Mastorakis, K. Giotis, G. Androulidakis, D. Kalogeras, V. Maglaris Network Management & Optimal Design Laboratory
More informationScalable Network Virtualization in Software-Defined Networks
Scalable Network Virtualization in Software-Defined Networks Dmitry Drutskoy Princeton University Eric Keller University of Pennsylvania Jennifer Rexford Princeton University ABSTRACT Network virtualization
More informationA Collaborative Network Security Management System in Metropolitan Area Network
A Collaborative Network Security Management System in Metropolitan Area Network Beipeng Mu and Xinming Chen Department of Automation Tsinghua University Beijing, China Email: {mbp7, chen-xm}@mails.tsinghua.edu.cn
More informationlibnetvirt: the network virtualization library
libnetvirt: the network virtualization library Daniel Turull, Markus Hidell, Peter Sjödin KTH Royal Institute of Technology, School of ICT Stockholm, Sweden Email: {danieltt,mahidell,psj}@kth.se Abstract
More informationSoftware Defined Networking for Security Enhancement in Wireless Mobile Networks
1 Software Defined Networking for Security Enhancement in Wireless Mobile Networks Aaron Yi Ding, Jon Crowcroft, Sasu Tarkoma, Hannu Flinck University of Helsinki University of Cambridge Nokia Solutions
More informationOn Bringing Software Engineering to Computer Networks with Software Defined Networking
On Bringing Software Engineering to Computer Networks with Software Defined Networking Alexander Shalimov Applied Research Center for Computer Networks, Moscow State University Email: ashalimov@arccn.ru
More informationASIC: An Architecture for Scalable Intra-domain Control in OpenFlow
ASIC: An Architecture for Scalable Intra-domain Control in Pingping Lin, Jun Bi, Hongyu Hu Network Research Center, Department of Computer Science, Tsinghua University Tsinghua National Laboratory for
More informationSoftware Defined Networks
Software Defined Networks Inspired from the article Software-defined Networking: A Comprehensive Survey by Diego Kreutz, Fernando M. V. Ramos, Paulo Verissimo, Christian Esteve Rothenberg, Siamak Azodolmolky
More informationSoftware Defined Networks
Software Defined Networks Dr. Uttam Ghosh, CDAC, Bangalore uttamg@cdac.in Outline Networking Planes OpenFlow Software Defined Network (SDN) SDN Origin What is SDN? SDN Architecture SDN Operation Why We
More informationEnabling Practical SDN Security Applications with OFX (The OpenFlow extension Framework)
Enabling Practical SDN Security Applications with OFX (The OpenFlow extension Framework) John Sonchack, Adam J. Aviv, Eric Keller, and Jonathan M. Smith Outline Introduction Overview of OFX Using OFX Benchmarks
More informationHybNET: Network Manager for a Hybrid Network Infrastructure
HybNET: Network Manager for a Hybrid Network Infrastructure Hui Lu, Nipun Arora, Hui Zhang, Cristian Lumezanu, Junghwan Rhee, Guofei Jiang Purdue University NEC Laboratories America lu220@purdue.edu {nipun,huizhang,lume,rhee,gfj}@nec-labs.com
More informationSDN Interfaces and Performance Analysis of SDN components
Institute of Computer Science Department of Distributed Systems Prof. Dr.-Ing. P. Tran-Gia SDN Interfaces and Performance Analysis of SDN components, David Hock, Michael Jarschel, Thomas Zinner, Phuoc
More informationEventBus Module for Distributed OpenFlow Controllers
EventBus Module for Distributed OpenFlow Controllers Igor Alekseev Director of the Internet Center P.G. Demidov Yaroslavl State University Yaroslavl, Russia aiv@yars.free.net Mikhail Nikitinskiy System
More informationHERCULES: Integrated Control Framework for Datacenter Traffic Management
HERCULES: Integrated Control Framework for Datacenter Traffic Management Wonho Kim Princeton University Princeton, NJ, USA Email: wonhokim@cs.princeton.edu Puneet Sharma HP Labs Palo Alto, CA, USA Email:
More informationFabric: A Retrospective on Evolving SDN
Fabric: A Retrospective on Evolving SDN Martín Casado Nicira Teemu Koponen Nicira Scott Shenker ICSI, UC Berkeley Amin Tootoonchian University of Toronto, ICSI Abstract MPLS was an attempt to simplify
More informationSurvey: Software Defined Networks with Emphasis on Network Monitoring
Survey: Software Defined Networks with Emphasis on Network Monitoring Prashanth prashanth@cse.iitb.ac.in Indian Institute of Technology, Bombay (IIT-B) Powai, Mumbai, Maharastra India 31 Oct 2015 Abstract
More informationKandoo: A Framework for Efficient and Scalable Offloading of Control Applications
Kandoo: A Framework for Efficient and Scalable Offloading of Control s Soheil Hassas Yeganeh University of Toronto soheil@cs.toronto.edu Yashar Ganjali University of Toronto yganjali@cs.toronto.edu ABSTRACT
More informationOrion: A Hybrid Hierarchical Control Plane of Software-Defined Networking for Large-Scale Networks
2014 IEEE 22nd International Conference on Network Protocols Orion: A Hybrid Hierarchical Control Plane of Software-Defined Networking for Large-Scale Networks Yonghong Fu 1,2,3, Jun Bi 1,2,3, Kai Gao
More informationA Presentation at DGI 2014 Government Cloud Computing and Data Center Conference & Expo, Washington, DC. September 18, 2014.
A Presentation at DGI 2014 Government Cloud Computing and Data Center Conference & Expo, Washington, DC September 18, 2014 Charles Sun www.linkedin.com/in/charlessun @CharlesSun_ 1 What is SDN? Benefits
More informationSoftware Defined Networking - a new approach to network design and operation. Paul Horrocks Pre-Sales Strategist 8 th November 2012
Software Defined Networking - a new approach to network design and operation Paul Horrocks Pre-Sales Strategist 8 th November 2012 Agenda What is Software Defined Networking What is the value of Software
More informationMichael Jarschel, Thomas Zinner, Tobias Hoßfeld, Phuoc Tran Gia University of Würzburg, Institute of Computer Science, Würzburg, Germany.
2014 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising
More informationFlexible Building Blocks for Software Defined Network Function Virtualization (Invited Paper)
Flexible Building Blocks for Software Defined Network Function Virtualization (Invited Paper) Aryan TaheriMonfared, Chunming Rong Department of Electrical Engineering and Computer Science, University of
More informationWE consider an emerging class of challenging Internet
Using Software-Defined ing for Real-Time Internet Applications Tim Humernbrum, Frank Glinka, Sergei Gorlatch Abstract We consider an emerging class of challenging Internet applications called Real-Time
More informationSecurity Challenges & Opportunities in Software Defined Networks (SDN)
Security Challenges & Opportunities in Software Defined Networks (SDN) June 30 th, 2015 SEC2 2015 Premier atelier sur la sécurité dans les Clouds Nizar KHEIR Cyber Security Researcher Orange Labs Products
More informationLecture 02b Cloud Computing II
Mobile Cloud Computing Lecture 02b Cloud Computing II 吳 秀 陽 Shiow-yang Wu T. Sridhar. Cloud Computing A Primer, Part 2: Infrastructure and Implementation Topics. The Internet Protocol Journal, Volume 12,
More informationSDN/Virtualization and Cloud Computing
SDN/Virtualization and Cloud Computing Agenda Software Define Network (SDN) Virtualization Cloud Computing Software Defined Network (SDN) What is SDN? Traditional Network and Limitations Traditional Computer
More informationSimplify IT. With Cisco Application Centric Infrastructure. Barry Huang bhuang@cisco.com. Nov 13, 2014
Simplify IT With Cisco Application Centric Infrastructure Barry Huang bhuang@cisco.com Nov 13, 2014 There are two approaches to Control Systems IMPERATIVE CONTROL DECLARATIVE CONTROL Baggage handlers follow
More informationSoftware Defined Cloud Security Architectures
Software Defined Cloud Security Architectures Roy Campbell October 8 th 2014, AFRL, Rome, NY Towards Assured Clouds: Our Approach Concerns Software Defined Networks Virtual Machines and Virtualization
More informationEnhancing network security with SDN
11.4.2014 Overview Security in Traditional Networks SDN Security Solutions Ethane OpenFlow Random Host Mutation Security of SDN Potential Threats Possible Solutions Enterprise and Campus Networks Networks
More informationA Security Enforcement Kernel for OpenFlow Networks
A Security Enforcement Kernel for OpenFlow Networks Phillip Porras Seungwon Shin Vinod Yegneswaran Martin Fong Mabry Tyson Guofei Gu SRI International Texas A&M University {porras, vinod, mwfong}@csl.sri.com
More informationEnabling Fast Failure Recovery in OpenFlow Networks
Enabling Fast Failure Recovery in OpenFlow Networks Sachin Sharma, Dimitri Staessens, Didier Colle, Mario Pickavet and Piet Demeester Ghent University - IBBT, Department of Information Technology (INTEC),
More informationSDN security. Nokia Research perspective. Peter Schneider 19-05-2015. Version 1.1. 1 Nokia Solutions and Networks 2015 Public
SDN security Nokia Research perspective Peter Schneider 19-05-2015 Version 1.1 1 Nokia Solutions and Networks 2015 Agenda Security at Nokia SDN in mobile networks SDN security research SDN security standardization
More informationMulCNeT: Network Management Cloud
, pp.139-150 http://dx.doi.org/10.14257/ ijgdc.2014.7.2.13 MulCNeT: Network Cloud Chen Fu 1, Yang Jia-hai 2 and Zhan shaobin 3 1 (Department of Computer Science and Technology, Beijing Foreign Studies
More informationPratyaastha: An Efficient Elastic Distributed SDN Control Plane
Pratyaastha: An Efficient Elastic Distributed SDN Control Plane Anand Krishnamurthy, Shoban P. Chandrabose, Aaron Gember-Jacobson University of Wisconsin Madison {anand,shoban,agember}@cs.wisc.edu ABSTRACT
More informationVirtual Application Networks Innovations Advance Software-defined Network Leadership
Virtual Application Networks Innovations Advance Software-defined Network Leadership Simplifying, Scaling and Automating the Network Bethany Mayer Senior Vice President and General Manager HP Networking
More informationSDN Security Considerations in the Data Center. ONF Solution Brief October 8, 2013
SDN Security Considerations in the Data Center ONF Solution Brief October 8, 2013 Table of Contents 2 Executive Summary 3 SDN Overview 4 Network Security Challenges 6 The Implications of SDN on Network
More informationResonance: Dynamic Access Control for Enterprise. networks
Resonance: Dynamic Access Control for Enterprise Networks Ankur Nayak, Alex Reimers, Nick Feamster, Russ Clark School of Computer Science, Georgia Tech ABSTRACT Enterprise network security is typically
More informationTesting Network Virtualization For Data Center and Cloud VERYX TECHNOLOGIES
Testing Network Virtualization For Data Center and Cloud VERYX TECHNOLOGIES Table of Contents Introduction... 1 Network Virtualization Overview... 1 Network Virtualization Key Requirements to be validated...
More informationLPM: Layered Policy Management for Software-Defined Networks
LPM: Layered Policy Management for Software-Defined Networks Wonkyu Han 1, Hongxin Hu 2 and Gail-Joon Ahn 1 1 Arizona State University, Tempe, AZ 85287, USA {whan7,gahn}@asu.edu 2 Clemson University, Clemson,
More informationSoftware Defined Networking Basics
Software Defined Networking Basics Anupama Potluri School of Computer and Information Sciences University of Hyderabad Software Defined Networking (SDN) is considered as a paradigm shift in how networking
More informationUsing SDN-OpenFlow for High-level Services
Using SDN-OpenFlow for High-level Services Nabil Damouny Sr. Director, Strategic Marketing Netronome Vice Chair, Marketing Education, ONF ndamouny@netronome.com Open Server Summit, Networking Applications
More informationEast-West Bridge for SDN Network Peering
East-West Bridge for SDN Network Peering Pingping Lin, Jun Bi, and Yangyang Wang Institute for Network Sciences and Cyberspace, Department of Computer Science, Tsinghua University Tsinghua National Laboratory
More informationThe Evolution of SDN and OpenFlow: A Standards Perspective
The Evolution of SDN and OpenFlow: A Standards Perspective Jean Tourrilhes, Puneet Sharma, Sujata Banerjee HP- Labs - {FirstName.LastName}@hp.com Justin Pettit VMware jpettit@vmware.com 1. Introduction
More informationData Center Network Virtualisation Standards. Matthew Bocci, Director of Technology & Standards, IP Division IETF NVO3 Co-chair
Data Center Network Virtualisation Standards Matthew Bocci, Director of Technology & Standards, IP Division IETF NVO3 Co-chair May 2013 AGENDA 1. Why standardise? 2. Problem Statement and Architecture
More informationExtensible and Scalable Network Monitoring Using OpenSAFE
Extensible and Scalable Network Monitoring Using OpenSAFE Jeffrey R. Ballard ballard@cs.wisc.edu Ian Rae ian@cs.wisc.edu Aditya Akella akella@cs.wisc.edu Abstract Administrators of today s networks are
More informationSTRATEGIC WHITE PAPER. Securing cloud environments with Nuage Networks VSP: Policy-based security automation and microsegmentation overview
STRATEGIC WHITE PAPER Securing cloud environments with Nuage Networks VSP: Policy-based security automation and microsegmentation overview Abstract Cloud architectures rely on Software-Defined Networking
More informationOpen Source Network: Software-Defined Networking (SDN) and OpenFlow
Open Source Network: Software-Defined Networking (SDN) and OpenFlow Insop Song, Ericsson LinuxCon North America, Aug. 2012, San Diego CA Objectives Overview of OpenFlow Overview of Software Defined Networking
More informationApplying Software-defined Networks to Cloud Computing
Capítulo 1 Applying Software-defined Networks to Cloud Computing Bruno Medeiros de Barros (USP), Marcos Antonio Simplicio Jr. (USP), Tereza Cristina Melo de Brito Carvalho (USP), Marco Antonio Torrez Rojas
More informationSoftware-Defined Energy Communication Networks: From Substation Automation to Future Smart Grids
Software-Defined Energy Communication Networks: From Substation Automation to Future Smart Grids Adam Cahn, Juan Hoyos, Matthew Hulse, Eric Keller University of Colorado, Boulder Abstract Energy communication
More informationSimplify IT. With Cisco Application Centric Infrastructure. Roberto Barrera rbarrera@grupo-dice.com. VERSION May, 2015
Simplify IT With Cisco Application Centric Infrastructure Roberto Barrera rbarrera@grupo-dice.com VERSION May, 2015 Content Understanding Software Definded Network (SDN) Why SDN? What is SDN and Its Benefits?
More informationThe Future of Networking, and the Past of Protocols
1 The Future of Networking, and the Past of Protocols Scott Shenker with Martín Casado, Teemu Koponen, Nick McKeown (and many others.) 2 Software-Defined Networking SDN clearly has advantages over status
More informationCloud Infrastructure Services for Service Providers VERYX TECHNOLOGIES
Cloud Infrastructure Services for Service Providers VERYX TECHNOLOGIES Meeting the 7 Challenges in Testing and Performance Management Introduction With advent of the cloud paradigm, organizations are transitioning
More informationSoftware Defined Networking: Advanced Software Engineering to Computer Networks
Software Defined Networking: Advanced Software Engineering to Computer Networks Ankush V. Ajmire 1, Prof. Amit M. Sahu 2 1 Student of Master of Engineering (Computer Science and Engineering), G.H. Raisoni
More informationImproving Network Management with Software Defined Networking
SOFTWARE DEFINED NETWORKS Improving Network Management with Software Defined Networking Hyojoon Kim and Nick Feamster, Georgia Institute of Technology ABSTRACT Network management is challenging. To operate,
More informationAuthFlow: Authentication and Access Control Mechanism for Software Defined Networking
AuthFlow: Authentication and Access Control Mechanism for Software Defined Networking Diogo Menezes Ferrazani Mattos, Lyno Henrique Gonçalves Ferraz, Otto Carlos Muniz Bandeira Duarte Grupo de Teleinformática
More informationMock RFI for Enterprise SDN Solutions
Mock RFI for Enterprise SDN Solutions Written By Sponsored By Table of Contents Background and Intended Use... 3 Introduction... 3 Definitions and Terminology... 7 The Solution Architecture... 10 The SDN
More informationCLOUD NETWORKING THE NEXT CHAPTER FLORIN BALUS
CLOUD NETWORKING THE NEXT CHAPTER FLORIN BALUS COMMON APPLICATION VIEW OF THE NETWORK Fallacies of Distributed Computing 1. The network is reliable. 2. Latency is zero. 3. Bandwidth is infinite. 4. The
More informationProject 3 and Software-Defined Networking (SDN)
Project 3 and Software-Defined Networking (SDN) EE122 Fall 2011 Scott Shenker http://inst.eecs.berkeley.edu/~ee122/ Materials with thanks to Jennifer Rexford, Ion Stoica, Vern Paxson and other colleagues
More information