Abstract
Current network architectures are ill suited to meet today’s enterprise and academic requirements. Software Defined Networking (SDN) is a new way to Design, Build and Operate Networks. It replaces static, inflexible and complex networks with networks that are agile, scalable and innovative. The main idea is to decouple the control and data planes, allowing the network to be programmatically controlled. A key element of SDN architectures is the controller. This logically centralized entity acts as a network operating system, providing applications with a uniform and centralized programming interface to the underlying network. But it also introduces new security challenges. The challenge of building robust firewalls is the main challenge for protection of OpenFlow networks. The main problem with traditional firewall is that Network Administrator cannot modify/extend the capabilities of traditional vendor-specific firewall. Network Administrator can only configure the firewall according to the specifications given by the firewall vendor. To solve these problems we developed stateful firewall application that runs over SDN controller to show that most of the firewall functionalities can be built on software, without the aid of a dedicated hardware.
This is a preview of subscription content, log in via an institution to check access.
References
Hu, Hongxin, Wonkyu Han, Gail-Joon Ahn, and Ziming Zhao. “FLOWGUARD: building robust firewalls for software-defined networks.” In Proceedings of the third workshop on Hot topics in software defined networking, pp. 97–102. ACM, 2014.
Hu, Hongxin, Gail-Joon Ahn, Wonkyu Han, and Ziming Zhao. “Towards a Reliable SDN Firewall.” Presented as part of the Open Networking Summit 2014 (ONS 2014)} (2014).
Mendonca, Marc, Bruno Astuto A. Nunes, Xuan-Nam Nguyen, Katia Obraczka, and Thierry Turletti. “A Survey of software-defined networking: past, present, and future of programmable networks.” hal-00825087 (2013).
Feamster, Nick, Jennifer Rexford, and Ellen Zegura. “The road to SDN: an intellectual history of programmable networks.” ACM SIGCOMM Computer Communication Review 44, no. 2 (2014): 87–98.
N. Feamster, “Software defined networking,” Coursera, 2013. [Online]. Available: https://class.coursera.org/sdn-001.
Lara, Adrian, Anisha Kolasani, and Byrav Ramamurthy. “Network innovation using openflow: A survey.” (2013): 1–20.
Suzuki, Kazuya, Kentaro Sonoda, Nobuyuki Tomizawa, Yutaka Yakuwa, Terutaka Uchida, Yuta Higuchi, Toshio Tonouchi, and Hideyuki Shimonishi. “A Survey on OpenFlow Technologies.” IEICE Transactions on Communications 97, no. 2 (2014): 375–386.
Javid, Tariq, Tehseen Riaz, and Asad Rasheed. “A layer2 firewall for software defined network.” In Information Assurance and Cyber Security (CIACS), 2014 Conference on, pp. 39–42. IEEE, 2014.
Suh, Michelle, Sae Hyong Park, Byungjoon Lee, and Sunhee Yang. “Building firewall over the software-defined network controller.” In Advanced Communication Technology (ICACT), 2014 16th International Conference on, pp. 744–748. IEEE, 2014.
Kaur, K.; Kumar, K.; Singh, J.; Ghumman, N.S., “Programmable firewall using Software Defined Networking,” Computing for Sustainable Global Development (INDIACom), 2015 2nd International Conference on, vol., no., pp. 2125, 2129, 11–13 March 2015.
Monaco, Matthew, Oliver Michel, and Eric Keller. “Applying operating system principles to SDN controller design.” In Proceedings of the Twelfth ACM Workshop on Hot Topics in Networks, p. 2. ACM, 2013.
Bianco, Andrea, Robert Birke, Luca Giraudo, and Manuel Palacin. “Openflow switching: Data plane performance.” In Communications (ICC), 2010 IEEE International Conference on, pp. 1–5. IEEE, 2010.
Botta, Alessio, Alberto Dainotti, and Antonio Pescapé. “A tool for the generation of realistic network workload for emerging networking scenarios.” Computer Networks 56, no. 15 (2012): 3531–3547.
Srivastava, Shalvi, Sweta Anmulwar, A. M. Sapkal, Tarun Batra, Anil Kumar Gupta, and Vinodh Kumar. “Comparative study of various traffic generator tools.” In Engineering and Computational Sciences (RAECS), 2014 Recent Advances in, pp. 1–6. IEEE, 2014.
Orebaugh, Angela, Gilbert Ramirez, and Jay Beale. Wireshark & Ethereal network protocol analyzer toolkit. Syngress, 2006.
Sanders, Chris. Practical Packet Analysis: Using wireshark to solve real-world network problems. No Starch Press, 2011.
Acknowledgments
We thanks Mr. Vipin Gupta of U-Net Solutions, Moga, India for his valuable help.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer India
About this paper
Cite this paper
Kaur, K., Singh, J. (2016). Building Stateful Firewall Over Software Defined Networking. In: Satapathy, S.C., Mandal, J.K., Udgata, S.K., Bhateja, V. (eds) Information Systems Design and Intelligent Applications. Advances in Intelligent Systems and Computing, vol 434. Springer, New Delhi. https://doi.org/10.1007/978-81-322-2752-6_15
Download citation
DOI: https://doi.org/10.1007/978-81-322-2752-6_15
Published:
Publisher Name: Springer, New Delhi
Print ISBN: 978-81-322-2750-2
Online ISBN: 978-81-322-2752-6
eBook Packages: EngineeringEngineering (R0)