Software defined networking sdn holds the promise of fast and flat business agility. Software defined networking a new network weakness. Security issues in software defined networking sdn. Advanced networking and security clemson university. As more and more data is exchanged, networks are growing in. Enterprises want to know how sdn products will assure them that their applications, data and infrastructure will not be vulnerable. Improving network security with softwaredefined networking. This paper presents a survey on the security issues in softwaredefined networking and the challenges faced by admins and providers in order to guarantee a secure environment with a resume about.
Pdf sdn security issue and resolution researchgate. Principles and practices for securing software defined networks. Network virtualization, under the umbrella of software defined networking sdn, presents an opportunity for network innovation but at the same time introduces a new weakness. Software defined networking sdn challenges netscout. In recent years, softwaredefined networking sdn has been a focus of research. Included in this category are security issues arising with software defined networking and the permanent high demand from the enduser combined with the fear of changing traditional networks. Softwaredefined networking sdn is an umbrella term encompassing several kinds of network technology aimed at making the network as agile and flexible as the virtualized server and storage. Software defined networking sdn and its security issues ieee. Sdn is an enabler of network virtualization, or the ability to run multiple virtual network topologies on a shared physical network. Todays successful enterprise requires a fast and flat network that can provide the business agility to quickly spinup compute and storage resources to deliver applications.
Overcoming the security challenges of software defined networking sdwans potentially offer many compelling benefits. In sdn environments, sdn network security needs to be everywhere within a software defined network sdn. Softwaredefined networking is capable of abstracting the vast array of networking nodes into one convenient platform. This makes maintaining connections, delivering critical updates, and quarantining crucial security issues simple and effective. As a promising network architecture, sdn will possibly replace traditional networking, as it brings promising.
It is the decoupling of the data plane from the control plane. Yifan liu 1, bo zhao 1, pengyuan zhao 1,2, peiru fan 1, hui liu 1. In particular, sdn allows network administrators to manage network services through abstraction of lowerlevel functionality. As a promising network architecture, sdn will possibly replace traditional networking, as it brings promising opportunities for network management in terms of simplicity, programmability, and elasticity. Network virtualization technology takes softwaredefined networking sdn to the next level by truly decoupling network resources from underlying hardware. In fact, before the technology goes mainstream, the industry will have to address some sdn security issues and assure network engineers of the integrity of the basic sdn stack.
Typical security issues of softwaredefined networking abstract. Department of defense dod operates one of the largest and most complex networks on the planet, which poses unique security challenges. If you dont plan correctly, you can expect sdn to not only pose the same risks as traditional networks, but to add in new controllerrelated risks, as well. As enterprises look to adopt software defined networking sdn, the top of mind issue is the concern for security. Lets take a look at a few security related issues to be aware of when implementing sdn.
Many security issues related to the traditional network architecture also apply to the sdn architecture. Currently, she is a phd student at faculty of engineering and architecture at aub under the supervision of prof. The majority of software defined networking security concerns are going to evolve around the controller itself. How it affects network security by michael kassner in it security, in security on april 8, 20, 12. It is a softwaremanaged, policydriven and governed security where most of the security controls such as intrusion detection, network segmentation and access. Therefore, it is critical to be clear about your network security priorities, how you understand sdn technology, and how you implement your sdn plans. In order to overcome the problems with traditional networking techniques, software defined networking sdn was introduced as an emerging. Software defined networking sdn separates network control from network data forwarding, allowing networks to be programmed and centrally managed with standard protocols. This decoupling enables both planes to evolve independently, and brings about numerous advantages such as high flexibility, being. In much the same way that server virtualization emulates a physical server within software, network virtualization emulates the components of network and security services in software. Sdn security attack vectors and sdn hardening network world. Software defined networking sdn is an umbrella term encompassing several kinds of network technology aimed at making the network as agile and flexible as the virtualized server and storage infrastructure of the modern data center.
As iorl integrates various networking technologies, i. Softwaredefined networking sdn is designed to make a network flexible and agile. Typical security issues of softwaredefined networking. Sdn security challenges implementing sdn network security. Principles and practices for securing software defined. In recent years, the rapid development of cloud computing and software defined networking. Softwaredefined networking adoption has grown among enterprises looking to deploy more felxible network infrastructure. Lets take a look at a few securityrelated issues to be aware of when implementing sdn. Sdn enables the creation of cloudbased networks using the virtualized equivalents to physical routers, firewalls, and other networking devices used in on. Softwaredefined networking makes networks more flexible and better able to respond to new business needs by separating the data and control planes. This section cover the latest issues, trends and insights about sdn. Software defined networking sdn and its security issues abstract. A quick guide to important sdn security issues searchnetworking.
In fact, before the technology goes mainstream, the industry will have to address some sdn. Network threats mitigation using softwaredefined networking. Software defined networking sdn challenges, issues and. It is one of the most promising area in which you easily depend on networking. The demand of network infrastructure and services is ever increasing. As more and more data is exchanged, networks are growing in complexity and functionality at an exponential rate, leading to constant state of evolution of network technologies. When it comes to securing the department of defenses massive networks, softwaredefined networking sdn can help protect vulnerable legacy and customdeveloped network infrastructure. However, apart from obvious benefits that such a system can offer to the users some challenges and issues must be addressed first. Lately, software defined networks sdn has received a lot of attention as a new technology which provides more flexibility than conventional network. Traditionally, organizations increase their network bandwidth by focusing on buying more hardware.
The good, bad and the ugly of softwaredefined networking. Oct 30, 2017 sdn has both its advantages and its disadvantages. Todays successful enterprise requires a fast and flat. Feb 14, 2014 software defined networking sdn must look like a nice squishy target to spies and crooks.
Software defined networking sdn is a network architecture designed to allow virtualized networking functionality that can be centrally managed, configured, and modified through software. Sdn solves a lot of network problems, but security isnt. Security issues in software defined networking sdn thesai org. Overcoming the security challenges of software defined networking. They would just work, pushing traffic down the road. Reduce complexity and increase connectivity with software defined networking. For software defined networking sdn, multiple vulnerability analyses have been performed 16, and several of these focus on the openflow protocol. The network architecture and related technology must be flexible enough to accommodate the evergrowing number of users. Software defined networking the real benefit for enterprise. Security issues in software defined networking scis,uoh. Software defined networking adoption has grown among enterprises looking to deploy more felxible network infrastructure. Sdn is a networking innovation which offers centralized, programmable control planes and data plane abstraction, where control and data planes. She was employed as a parttime instructor in private universities. This paper presents a survey on the security issues in software defined networking and the challenges faced by admins and providers in order to guarantee a secure environment with a resume about.
While the security concerns are real, there are also many benefits to security when it comes to software defined networking sdn. Sdn and its security issues sardar ali alias shah department of computer engineering melbourne institute of technology abstract nowadays, sdn is most emerging technology. Software defined networking sdn holds lots of promises. Softwaredefined networking sdn separates network control from network data forwarding, allowing networks to be programmed and centrally managed with standard protocols. Benefits and the security risk of softwaredefined networking. Softwaredefined networking and its implications for security. Use this compilation of expert advice to learn about potential vulnerabilities, approaches to. Software defined mobile networking sdmn is an approach to the design of mobile networks where all protocolspecific features are implemented in software, maximizing the use of generic and commodity hardware and software in both the core network and radio access network. The security benefits behind the software defined network. We will also discuss corresponding security issues in sdn, nfv and iot. Leaving routers and switches alone used to be an okay thing.
Softwaredefined networking sdn is an emerging paradigm that promises to change the state of affairs of current networks, by breaking vertical integration, separating the networks control logic. Control plane scalability issues and approaches in. Identifying and addressing the vulnerabilities and security issues of. In this course, we will discuss emerging networking techniques, inducing software defined networking sdn, network function visualization nfv, and internet of things iot. Jan 12, 2016 in recent years, software defined networking sdn has been a focus of research. Many sdn vendors typically offer layer 3 encryption technology as part of their sdwan service offerings. Her main interests are in software defined networks, networking and security, and machine learning. Softwaredefined networking security depends more on planning than gluedon security elements or it should. Aug 25, 2016 software defined networking sdn is the separation of the control functions from the forwarding functions, which enables greater automation and programmability in the network. Security challenges for softwaredefined networks differ in some respects from those of a classical network due to the specific network implementation and sdns inherent control and programmability characteristics. The majority of softwaredefined networking security concerns are going to evolve around the controller itself. Use this topic to learn about the software defined networking sdn technologies that are provided in windows server, system center, and microsoft azure.
Software defined networking sdn is a novel networking approach, which provides a programmable and logically centralised control plane, separating the network control from the forwarding devices. Software defined networking decision guide cloud adoption. Hence, mobile network operators mnos are looking forward to novel networking paradigms which could simplify the task of network management and control and allow faster deployment of. Unfortunately, the new features that provide great flexibility. In sdn environments, sdn network security needs to be everywhere within a softwaredefined network sdn. The third category describes the topic of knowhow existing for software defined networking.
Softwaredefined networking sdn has been a hot topic for future network development, which implements the. But what are the key sdn challenges that organizations will face. Software defined networking sdn provides a method to centrally configure and manage physical and virtual network devices such as routers, switches, and gateways in your datacenter. Software defined networking is capable of abstracting the vast array of networking nodes into one convenient platform. As a result, the control plane is directly programmable, and it abstracts the underlying infrastructure for applications and network services. The network architecture and related technology must. In this course, we will discuss emerging networking techniques, inducing softwaredefined networking sdn, network function visualization nfv, and internet of things iot. Therefore, it is critical to be clear about your network security priorities, how you understand sdn technology, and how you implement. Softwaredefined networking sdn architecture has emerged in response to limitations of traditional networking architectures in satisfying todays complex networking needs. Typical security issues of software defined networking. Cloud security issues are more important, we hope to use the virtualization technology of cloud to. Risks, challenges and potential solutions maham iqbal1, farwa iqbal2, fatima mohsin3, dr. This approach does not always work, and it could be a costly mistake if the additional network resources are not fully utilized.
Reduce complexity and increase connectivity with softwaredefined networking. Software defined networking sdn has been a hot topic for future network development, which implements the different layers of control plane and data plane respectively. Sdn lets you design, build, and manage networks, separating the control and forwarding planes. Softwaredefined security sds is a type of security model in which the information security in a computing environment is implemented, controlled and managed by security software. Software defined networking energy sciences network. Typical security issues of software defined networking abstract. This makes maintaining connections, delivering critical updates, and quarantining. For softwaredefined networking sdn, multiple vulnerability analyses have been performed 16, and several of these focus on the openflow protocol. A single control plane controls several forwarding devices.
Aug 14, 2017 wireless networks such as mobile networks, with their inflexible and expensive network infrastructure, are facing various challenges in efficiently handling the exponentially growing traffic demands of users. Benefits and the security risk of softwaredefined networking isaca. Virtualization and the softwaredefined data center vmware. Sdn security needs to be built into the architecture, as well as delivered as a service to.
Fahad ahmad5 department of computer science kinnaird college for women, lahore, pakistan abstractsdn software defined networking is an. Sdn may provide significant networking and security. While many efforts are currently being made to standardize this emerging paradigm, careful attention needs to. The goal of sdn is to allow network engineers and administrators to respond quickly to changing business. Softwaredefined mobile networking sdmn is an approach to the design of mobile networks where all protocolspecific features are implemented in software, maximizing the use of generic and commodity. Softwaredefined networking the real benefit for enterprise. Wireless networks such as mobile networks, with their inflexible and expensive network infrastructure, are facing various challenges in efficiently handling the exponentially growing traffic. Sdn and its security issues sardar ali alias shah department of computer engineering melbourne institute of technology abstract nowadays, sdn is most emerging. When it comes to securing the department of defenses massive networks, software defined networking sdn can help protect vulnerable legacy and customdeveloped network infrastructure. Sdns layered architecture follows the separationofconcerns principle 18, which is a fundamental security engineering requirement and is. Remember, accurate planning always reduces risk, and this is of particular importance in the case of software defined networking security. Softwaredefined security best practices news, help and. Software defined networking sdn is designed to make a network flexible and agile.
1448 347 797 1279 194 339 1618 126 1064 617 123 190 1081 1347 1662 752 1135 1612 1174 1060 836 569 404 973 958 359 1416 301 1362 1343 803 685 981 1126 642 890 396 674 1440 432 279 1417