OpenFlow Sec FRESCO
Openflow is an open standard that has gained tremendous interest in the last few years within the network community. It is an embodiment of the software-defined networking paradigm, in which higher-level flow routing decisions are derived from a control layer that, unlike classic network switch implementations, is separated from the data handling layer. The central attraction to this paradigm is that by decoupling the control logic from the closed and proprietary implementations of traditional network switch infrasturcture, researchers can more easily design and distribute innovation flow handling and network control algorithms. Indeed, we also believe that OpenFlow can, in time, prove to be one of the more impacted technologies to drive a variety of innovations in network security. OpenFlow could offer a dramatic simplification to the way we design nd integrate complex network security applications into large networks. However, to date there remains a stark paucity of compelling OpenFlow security applications. In this paper, we introduce FRESCO, an OpenFlow security application development framework designed to faciliate the rapid design, and modules. FRESCO, which is itself an OpenFlow application, offers Click-inspired programming framework that enables security researchers to implement, share, and compose together, many different security detection and mitigation modules. We demonstrate the utlility of FRESCO through the implemetation of several well-known security defenses as OpenFlow security services, and use them to examine various performance nad efficienct aspects of our proposed framework.
|Author||Seugwon Shin Philip Porras Vinod Yegneswaran Martin Fong Guofei Gu Mabry Tyson|
OpenFlow Sec FortNOX
|Categories||Networking > Control & Management Software > SDN Controller and Network Virtualization Platforms|
Use of the SDxCentral service directory is governed by our Terms of Service, including without limitation those sections under the headings "CONTENT", "LICENSING AND OTHER TERMS APPLYING TO CONTENT POSTED ON THE SDXCENTRAL SITES", "INDEMNITY; DISCLAIMER; LIMITATION OF LIABILITY" AND "COPYRIGHTS". Under no circumstances will SDxCentral be liable in any way for any Content, including, but not limited to, liability for any errors or omissions in any Content or for any loss or damage of any kind incurred as a result of the use of any Content posted, emailed or otherwise transmitted via the Sites.