181x Filetype PPTX File size 1.67 MB Source: profsandhu.com
Outline • Market and SDN • Conventional Networks v.s SDN • OpenFlow-enabled SDN devices • SDN Security Applications • SDN Security Challenges • Community Debate regarding Security in SDN World-Leading Research with Real- 2 World Impact! Market and SDN • In 2016, the market research firm IDC predicted that the market for SDN network applications would reach US$3.5 billion by 2020. • Leading IT companies such as Nokia, Cisco, Marc C. Dacier, Hartmut Cwalinski , Frank Kargl , Sven Dietrich, Security Challenges and Dell, HP, Juniper, IBM, and VMware have Opportunities of Software-Defined Networking, Apr 3, 2017 developed their own SDN strategies. • In 2015, AT&T reduced provisioning cycle by “We have taken a process from low automation and weeks to 95% with SDN. complete to high automation and minutes to complete. We’re turning the industry on its head in an unprecedented way.” John Donovan AT&T’s analyst conference in August 2015, John Donovan World-Leading Research with Real- 3 World Impact! Conventional Networks vs. SDN Control Plane Smart Network Traffic mngmnt,QoS Applications Policy Imp. Security services Decoupling Control Plane Open Abstract North-bound API view Data Plane Data Plane Dumb, fast Control Plane Policy mngmnt •Limited visibility OpenFlow Global •Vendor-specfic South-bound API view Decentralized Control •Missconfiguration •Poor responses S •Policy conflicts S S •Security breaches •Decentralized. S Data Plane •Complex •Static architecture Customization •Innovation is difficult Programmability •Costly * •Yes costly Conventional Networks Software Defined Networks World-Leading Research with Real- 4 *Figure: Kreutz, Diego, et al. "Software-defined networking: A comprehensive survey." Proceedings of the IEEE 103.1 (2015): 14-76. World Impact! OpenFlow-enabled SDN devices OpenFlow is: Enabler of SDN • Protocol between the control plan and data plane • Describes how controller and a network forwarding device should communicate Packet+ byte Counters Match Fields 00:2E port3 300 Switching * * * * * * * * port3 300 Routing 4.5.6.7 port5 250 * * * * * * * * port5 250 Firewall 10 drop 500 * * * * * * * * drop 500 World-Leading Research with Real- 5 World Impact! SDN security applications examples •Load Balancer: send each HTTP request over Routing, Load Balancer, Access Control, monitoring, lightly loaded path to lightly loaded server. firewall, DDoS Mitigation, •Firewall: inform Central Controller about IDS/IPS malware’s packets, controller pushes new rules Application plane to drop packets. Abstract Network View Network Virtualization Up-to-date Global Network View Control Plane Server AB drop S S S S S Incoming packets S S S S R 6 World-Leading Research with Real- 6 World Impact!
no reviews yet
Please Login to review.