Cloud-clustered firewall with distributed SDN devices
Journal
IEEE Wireless Communications and Networking Conference, WCNC
Journal Volume
2018-April
Pages
1-5
Date Issued
2018
Author(s)
Chang, Y.
Abstract
In order to prevent network services and end hosts from Internet attacks, a firewall is an important protective component to enforce security policy on network packets. A typical firewall sits at the entry point of an Autonomous System (AS). However, it may become the congestion point because of the growing number of security policies and network traffic. Also, a SDN-based firewall can suffer from the TCAM memory limit of SDN devices and thus it can only install a limited number of security policies. This paper presents a robust algorithm to distribute security policies of a firewall into distributed SDN devices in cloud-clustered environment. While this algorithm can obtain a better performance and resolve the TCAM memory limit of SDN devices, it can also guarantee a more complete protection, by stopping insider attacks. © 2018 IEEE.
SDGs
Other Subjects
Computer system firewalls; Network architecture; Security systems; Ternary content adressable memory; Wireless telecommunication systems; Autonomous systems; Congestion points; Internet attacks; Network packets; Network services; Network traffic; Robust algorithm; Security policy; Network security
Type
conference paper