Saturday, December 7, 2019

Software Defined Networking for Literature Review- MyAssignmenthelp

Question: Discuss about theSoftware Defined Networking for Literature Review. Answer: Introduction At a general view, Software-defined networking (SDN) outlines an architectural revolution in networking devices where unlike before, network components are decoupled to form the general elements of control and the data plane. As a result of this segmentation, the control plane is then centrally controlled using quality applications which boost administration and other network management operations [1]. Now, SDN tries to solve the issues faced by conventional networking architecture that lack the adaptability features to cope with the demands of today more so, in the fields of data centres, campus networks and other carrier platforms. This report focuses on SDN as a new networking technology and highlights the security issues that currently faces and those that are set to affect it in the future. Moreover, its offers suitable recommendations to meet these security challenges. Literature Review SDN promises a completely new paradigm in the way networking configurations and traffic management is done by introducing new functions to all the networking topologies available today. This outcome is necessitated by the state of technological advancements which demands agile and dynamic systems that can adjust to immediate needs. In the past, this has been accomplished through traditional systems however, their deployment inflexibility limits the implementation of new technologies such as cloud computing [2]. Now, the concept of SDN has been in existence for a long time but has just been recently refined to the design it currently holds. In all, the idea is to diversify network functionalities by abstracting the underlying network resources to offer both application and networking services. SDN Features Now, this objective of abstracting the underlying resources enhances control where centralised administration and management is offered which improves the performance and increases the overall control over networking systems/functionalities. Although still in its infancy stages, the ONF (Open Networking Foundation) an organisation responsible for furthering SDN objectives, outlines SDN as a technology that separates the networking control plane from the forwarding plane [3]. In this model, the control plane manages and regulates devices in the said networks. Furthermore, the SDN architecture allows the data plane to be completely programmable while being separated from the control system. Through this regime network functionalities are directly distributed to the devices without manual input from the administrators. Therefore, in the end, the network design takes an autonomous system where control is centrally managed and underlying hardware configurations are made using an applicati on accessed by the end user. SDN operational efficiencies surpass those of networking functionalities as its application spans multiple fields including application development. For instance, Software developers can optimise their operations through the high-level networking abstraction offered by the control plane to define more sophisticated application used as networking resources. Furthermore, in tune with the demands of emerging technologies such as IoT and cloud computing, the underlying networking fabric can be adjusted to fit any new operational or service requirements, an outcome that cannot be met by conventional networking architectures [4]. SDN Architecture Similar to the software implementation procedures, SDN architecture will utilise modularity principles where abstraction of resources is used to meet operation requirements. Therefore, all networking processes, from configuration to resource allocation and prioritisation will be divided into three major components data, control and application [2]. Through this outline, all layers or plane are well defined with their appropriate boundaries and roles. Moreover, plane specific APIs are provided to manage them including the communication of adjacent planes. The planes: Data plane This plane is characterised by the networking components such as routers, switches, firewalls and virtualization tools. In all, the role of this plane is to forward traffic efficiently based on the regulations set by the controlling plane. Furthermore, SDN eliminates the configurations used for isolation as well as the intelligence tools for forwarding. Control plane the plane that makes the decisions pertaining to the network and traffic control. Its central component is the SDN controller that translates users and business objectives into traffic controls such as access, bandwidth and traffic regulation. Furthermore, programmability is introduced in the same plane which enables real-time manipulation of networking resources. Application plane front end systems that outline business application and networking systems. The overall networking architecture is presented to the end user through northbound APIs. These application link with the SDN controller which facilitates the configuration of networking components to regulate traffic and other resources located in the data plane. Fig: SDN Architecture Requirements for SDN While this new architecture or network design offers a wide range of applications including network programmability and virtualization, the current framework of networking systems must be completely changed to fit the needs of SDN. For one, the protocols in use must change to have a distributed outlook that coordinates changes across all existing conventional networks. This outlook requires complex protocols implementations that offer services on the underlying networking infrastructure to facilitate the regular services offered by networks i.e. routeing traffic, switching, authentication and offering the quality of service (QoS). Now, fulfilling these requirements outlines the complex challenges facing the technology as will be outlined in the next stage of this paper. Nevertheless, these functionalities and networking consideration will eventually be sorted by the management tools that will coordinate traffic and data flow through agile and automated configurations [5]. Therefore, all the SDN requirements will be fulfilled by the wide range of operational and functional requirements that will ease programmability, deployment and resource provisions. SDN Security Issues While many advantages are presented by the technology, the new architecture does pose some serious security threats. For one, SDN being a new technology will be continuously targeted by intruders in an attempt to highlight its faults. Therefore, appropriate security measures should be implemented on all the vulnerabilities it presents. The Controller Weakness A central control provides many administrative functionalities that improve the overall functionality of the networks. However, it being a hub outline serious security concerns as an access to it could bring down the entire network. Isolation has always been a key concept in threat mitigations as it minimises the fields attacked. Therefore, in case of weak authentication or encryption procedures, the entire system is disclosed and can be manipulated by a third party member [6]. Programmability of the Network Network developers can easily configure and install security systems into networking infrastructure. Moreover, they can make adjustments based on the immediate needs. However, the same functionality can be used to re-configure or re-program the network to fit the needs of a malicious individual. Therefore, similar to the open systems seen today where users are tricked to install compromised applications, hackers can target networks by tricking administrators to install compromised network applications. In the end, the networks are left vulnerable and the intruder accesses the networking resources. OpenFlow Switches Unlike regular switches which may have the appropriate security considerations, OpenFlow switches operate using OpenFlow standards which are yet to be verified in the industry. Moreover, all OpenFlow switches operate as root devices i.e. they have absolute access to the underlying infrastructure which predisposes them to many security issues if compromised. For instance, if intruders were to gain access to an OpenFlow switch, they could alter the configuration made on an entire network so long as the switch is connected to it. In essence, anyone who accesses these switches gains administrative rights for the affiliated network [1]. Possible Solutions Securing the controller and the control layer This starts with hardening the hosts operating systems for instance through the use of Linux. Secondly, implement strong authentication procedures for the controller using regularly updated logging details and trails. In addition to this, the network should be maintained using the regulatory procedures and security compliance requirements. Implement uniform SDN security policy unlike the current model, the SDN functionalities and security policies should be integrated into its rules and regulations i.e. the SDN policies. This will help regulate security across all components including switches. Security controls Similar to the controller, SDN should implement security control such as firewalls, access control and packet filters. Moreover, these functionalities can be embedded into the controller themselves to boost their security as well [6]. Authentication and access control SDN should apply authentication and encryption procedures on all the connections associated with it. This will protect the architecture from attacks such as eavesdropping, sniffing and snooping. Conclusion Recent technological trends have led to the increased requirements for computing resources which among other components include networking resources. In the past, these resource requirements have been met using virtualization technologies that lease out functionalities and operations. Although efficient, these resources still face issues in rolling out dynamic solutions. SDN plays a key role in meeting these challenges of increased demands for computing resources by implementing revolutionary architectures that assigns new roles to all networking elements. This form of delegation improves the functionalities of the networks by enhancing systems flexibility and deployment outcomes through advent control as well as resource programmability. References [1] Cisco. (2013). Software-Defined Networking: Why We Like It and How We Are Building On It. White paper. (Online). Available FTP: https://www.cisco.com/c/dam/en_us/solutions/industries/docs/gov/cis13090_sdn_sled_white_paper.pdf [2] Horvath. R, Nedbal. D Stieninger. M. (2015). A Literature Review on Challenges and Effects of Software Defined. Conference on ENTERprise Information Systems / International Conference on Project MANagement / Conference on Health and Social Care Information Systems and Technologies, CENTERIS / ProjMAN / HCist 2015. (Online). Available FTP: https://www.researchgate.net/publication/283170852_A_Literature_Review_on_Challenges_and_Effects_of_Software_Defined_Networking [3] Bakhshi. T. (2017). State of the Art and Recent Research Advances in Software Defined Networking. Wireless Communications and Mobile Computing. (Online). Available FTP: https://www.hindawi.com/journals/wcmc/2017/7191647/ [4] Gong. Y, Huang. W, Wang. W Lei. Y (2015). A survey on software defined networking and its applications. Frontiers of Computer Science. Available FTP: https://link.springer.com/article/10.1007/s11704-015-3448-z [5] Dubey. A Khanna. B (2016). Security in software defined networking: a review. International Journal of Computer Engineering Technology (IJCET). Available FTP: https://www.iaeme.com/MasterAdmin/uploadfolder/IJCET_07_04_007/IJCET_07_04_007.pdf [6] Lim. A. (2013). Security Risks in SDN and Other New Software Issues. RSA conference 2015. Available FTP: https://www.rsaconference.com/writable/presentations/file_upload/sec-r01_security-risks-in-sdn-and-other-new-software-apps_copy1.pdf

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.