user

Network-wide Virtual Firewall using SDN/OpenFlow

被引:0
|
作者
Bakker, Jarrod N. [1 ]
Welch, Ian [1 ]
Seah, Winston K. G. [1 ]
机构
[1] Victoria Univ Wellington, Sch Engn & Comp Sci, Wellington, New Zealand
来源
2016 IEEE CONFERENCE ON NETWORK FUNCTION VIRTUALIZATION AND SOFTWARE DEFINED NETWORKS (NFV-SDN) | 2016年
关键词
D O I
暂无
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
Traditional firewalls are used to enforce network security policies at boundaries within a network. However, this can leave hosts vulnerable to attacks that originate from within the network they are part of. We leverage the flexibility of Software Defined Networking to turn the network infrastructure into a virtual firewall thus improving security across an entire network. We present ACLSwitch, a network-wide virtual firewall that utilises the OpenFlow protocol to filter traffic across a network comprised of OpenFlow switches. We also define "policy domains" that allow different filtering configurations to be applied to different switches of the network. The solution allows rules to be distributed across a network without the need for a human operator to send the rules to switches separately, yet it is flexible enough to allow subsets of the switches to enforce different security policies.
引用
收藏
页码:62 / 68
页数:7
相关论文
共 50 条
  • [1] Firewall as a service in SDN OpenFlow network
    Arins, Andis
    PROCEEDINGS OF THE 2015 IEEE 3RD WORKSHOP ON ADVANCES IN INFORMATION, ELECTRONIC AND ELECTRICAL ENGINEERING (AIEEE 2015), 2015,
  • [2] Cloud based firewall on OpenFlow SDN network
    Mahesh, A.
    Chandrasekaran, Adhiyan
    ArunKumar, R.
    SivaKumar, K.
    Vigneshwaran, N.
    2017 INTERNATIONAL CONFERENCE ON ALGORITHMS, METHODOLOGY, MODELS AND APPLICATIONS IN EMERGING TECHNOLOGIES (ICAMMAET), 2017,
  • [3] ChainGuard - A Firewall for Blockchain Applications using SDN with OpenFlow
    Steichen, Mathis
    Hommes, Stefan
    State, Radu
    2017 PRINCIPLES, SYSTEMS AND APPLICATIONS OF IP TELECOMMUNICATIONS (IPTCOMM), 2017,
  • [4] Performance Analysis of Firewall based on SDN and OpenFlow
    Phatak, Ashutosh
    Kadikar, Ruturaj
    Vijayan, K.
    Amutha, B.
    PROCEEDINGS OF THE 2018 IEEE INTERNATIONAL CONFERENCE ON COMMUNICATION AND SIGNAL PROCESSING (ICCSP), 2018, : 611 - 615
  • [5] Network-Wide Traffic Visibility in OF@TEIN SDN Testbed using sFlow
    Rehman, Shafqat Ur
    Song, Wang-Cheol
    Kang, Mingoo
    2014 16TH ASIA-PACIFIC NETWORK OPERATIONS AND MANAGEMENT SYMPOSIUM (APNOMS), 2014,
  • [6] BigMaC: Reactive Network-Wide Policy Caching for SDN Policy Enforcement
    Yan, Bo
    Xu, Yang
    Chao, H. Jonathan
    IEEE JOURNAL ON SELECTED AREAS IN COMMUNICATIONS, 2018, 36 (12) : 2675 - 2687
  • [7] Soft Failure Localization Using Machine Learning with SDN-based Network-wide Telemetry
    Mayer, Kayol S.
    Soares, Jonathan A.
    Pinto, Rossano P.
    Rothenberg, Christian E.
    Arantes, Dalton S.
    Mello, Darli A. A.
    2020 EUROPEAN CONFERENCE ON OPTICAL COMMUNICATIONS (ECOC), 2020,
  • [8] vNetRadar: Lightweight and Network-Wide Traffic Measurement in Virtual Networks
    Ma, Tie
    Zhang, Jin
    Luo, Long
    Yu, Hongfang
    Sun, Gang
    Sun, Jian
    2022 IEEE GLOBAL COMMUNICATIONS CONFERENCE (GLOBECOM 2022), 2022, : 5741 - 5746
  • [9] Predicting Attack Pattern via Machine Learning by Exploiting Stateful Firewall as Virtual Network Function in an SDN Network
    Prabakaran, Senthil
    Ramar, Ramalakshmi
    Hussain, Irshad
    Kavin, Balasubramanian Prabhu
    Alshamrani, Sultan S.
    AlGhamdi, Ahmed Saeed
    Alshehri, Abdullah
    SENSORS, 2022, 22 (03)
  • [10] Network-Wide Configuration Synthesis
    El-Hassany, Ahmed
    Tsankov, Petar
    Vanbever, Laurent
    Vechev, Martin
    COMPUTER AIDED VERIFICATION (CAV 2017), PT II, 2017, 10427 : 261 - 281
12345