Open Access Journal

ISSN : 2456-1304 (Online)

International Journal of Engineering Research in Electronics and Communication Engineering(IJERECE)

Monthly Journal for Electronics and Communication Engineering

Open Access Journal

International Journal of Science Engineering and Management (IJSEM)

Monthly Journal for Science Engineering and Management
Call For Paper : Vol 11, Issue 08, August 2024

ISSN : 2456-1304 (Online)

Call for Paper

Vol 11, Issue 08, August 2024

Indexing

Network Security Virtualization

Author : Vrushali N. Huchhe 1

PDF

Date of Publication :14th February 2018

Abstract: Network security management became more complex in recent years due to the necessity of deploying more network security devices at different positions/sites inside the already complex networks. The flexible transition and maximum usage of correct security devices at right places at a required time with minimal management price is very difficult. NSV presents a concept of network security virtualization which virtualizes security resources to network administrators’ users and thus maximally uses pre-installed security devices. It’s also able to provide security protection to required networks with minimum management price. For verification of the concept, there is a prototype system NETSECVISOR which do the maximum use of existing fixed position security devices and maximally uses software-defined networking technology to virtualize network security functions. NETSECVISOR contains- (1) a simple script language to record security services and policies (2) a set of routing algorithms to decide shortest routing paths for different security policies based on different requirement and (3) a set of security response functions to handle security incidents. NETSECVISOR can be deploys in both virtual test networks and a commercial switch networks to evaluate its performance and feasibility The evaluation results show that the prototype only adds a very small overhead while providing required network security virtualization to network users/administrators.

Reference :

    1. J. R. Ballard; I Rae, and A. Akella, “Extensible and Scalable network monitoring using openSAFE” in Proc. USENIX Internet Netw. Manage Conf. Res. Enterprise Netw 2010,p.8.
    2. V. Heorhiadi, V. Sekar, and M. K. Reiter, “New opportunities for load balancing in network-wide intrusion detection systems,” in Proc. ACM CoNEXT, 2012, pp. 361– 372.
    3. R. Wang, D. Butnariu, and J. Rexford, “OpenFlowbased server load balancing gone wild,” in Proc. 11th HotICE, 2011, p. 12.
    4. S. Shin, P. Porras, V. Yegneswaran, M. Fong, G. Gu, and M. Tyson, “FRESCO: Modular composable security services for software-defined networks,” in Proc. 20th Annu. Netw. Distrib. Syst. Secur. Symp. (NDSS), Feb. 2013, pp. 1– 16.
    5. S. Shin, V. Yegneswaran, P. Porras, and G. Gu, “AVANT-GUARD: Scalable and vigilant switch flow management in software-defined networks,” in Proc. 20th ACM Conf. Comput. Commun. Secur. (CCS), 2013, pp. 413– 424

Recent Article