Improving network security with software-defined networking
Kulmala, Mikko (2016)
Kulmala, Mikko
2016
Signaalinkäsittelyn ja tietoliikennetekniikan koulutusohjelma
Tieto- ja sähkötekniikan tiedekunta - Faculty of Computing and Electrical Engineering
This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.
Hyväksymispäivämäärä
2016-05-04
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:tty-201604203841
https://urn.fi/URN:NBN:fi:tty-201604203841
Tiivistelmä
Software-defined networking (SDN) is a new technology in computer networks, which enables the management of the network and the development of new network functions in a higher level of abstraction than in traditional networks. In the SDN concept, the management of the network can be centralized to a specific SDN controller instead of managing each network device separately through a vendor-specific interface. This enables new possibilities for designing computer networks and makes the administration easier than before.
In this thesis we are considering the security improvements in computer networks achieved by the software-defined networking. The purpose of the research is to find out if the current maturity of the SDN technology allows traditional networks to be replaced by SDN and what kind of security enhancing network functions can be implemented with the SDN technology. We are also discovering existing SDN applications and solutions presented in former research.
Based on the research, the solutions providing improved network security can be divided to two categories. First is the SDN security applications and second is the solutions that are providing better network management. Many of the proposed solutions are still under development and they will need more research and development contribution before they are ready for the production use. During the research, it became clear that the SDN technology brings new security threats for consideration because of the centralized network management and the management performed by software. In particular the attacks against the management network and the usage of the third party software are possible security threats. Currently, migration from a traditional network to an SDN based network needs still much resources, but in the future the technology will definitely become more common.
In this thesis we are considering the security improvements in computer networks achieved by the software-defined networking. The purpose of the research is to find out if the current maturity of the SDN technology allows traditional networks to be replaced by SDN and what kind of security enhancing network functions can be implemented with the SDN technology. We are also discovering existing SDN applications and solutions presented in former research.
Based on the research, the solutions providing improved network security can be divided to two categories. First is the SDN security applications and second is the solutions that are providing better network management. Many of the proposed solutions are still under development and they will need more research and development contribution before they are ready for the production use. During the research, it became clear that the SDN technology brings new security threats for consideration because of the centralized network management and the management performed by software. In particular the attacks against the management network and the usage of the third party software are possible security threats. Currently, migration from a traditional network to an SDN based network needs still much resources, but in the future the technology will definitely become more common.