Bridging the Gap Between Security Tools and SDN Controllers

Authors

DOI:

https://doi.org/10.4108/eai.10-1-2019.156242

Keywords:

Software-defined networking (SDN), Network Function Virtualization (NFV), OpenFlow, SDN security application, SDN controller

Abstract

Software-Defined Networking (SDN) is a promising paradigm to improve network security protections. However, current SDN-based security solutions can hardly provide suÿcient protections in a real SDN network, due to several reasons: 1) they are implemented at either the centralized SDN controllers or the decentralized network devices, which are subject to a performance limitation; 2) their designs are confined by the SDN network characteristics and can only provide limited security functions; and 3) many solutions have deployment challenges and compatibility issues. In this paper, we propose SecControl, a practical network protection framework combining the existing security tools and SDN technologies, to produce a comprehensive network security solution in an SDN environment. We implement a SecControl prototype with OpenFlow and evaluate its effectiveness and performance. Our experiment shows that SecControl can cooperate with many mainstream security tools and provide effective defense responses over SDN-supported networks.

Downloads

Published

21-12-2018

How to Cite

Wang, L. ., & Wu, D. . (2018). Bridging the Gap Between Security Tools and SDN Controllers. EAI Endorsed Transactions on Security and Safety, 5(17), e1. https://doi.org/10.4108/eai.10-1-2019.156242