Abstract
In this paper, we propose and implement a firewalling service for cloud system using OpenStack. The service, called FWaaS - Firewall as a Service, is offloaded from and loosely coupled with Openstack cloud system. It can be utilised to provision firewall functions and it supports a rich set of packet filtering capabilities, from link layer up to application layer. The service is lightweight but shows that it could prevent efficiently threats from outside of the networks with low level of resource consumption.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
OpenStack: OpenStack Docs: Firewall-as-a-Service (FWaaS), 04 March 2020. https://docs.openstack.org/neutron/pike/admin/fwaas.html. Accessed 05 Mar 2020
OpenStack: neutron-fwaas/README.rst, 01 June 2013. https://github.com/openstack/neutron-fwaas/blob/master/README.rst. Accessed 05 Mar 2020
OpenStack: OpenStack Docs: Firewall as a Service API 2.0, 10 April 2016. https://specs.openstack.org/openstack/neutron-specs/specs/newton/fwaas-api-2.0.html. Accessed 05 Mar 2020
OpenStack: OpenStack Docs: Manage project security, 14 February 2020. https://docs.openstack.org/nova/rocky/admin/security-groups.html. Accessed 06 Mar 2020
OpenStack: OpenStack Docs: Configure access and security for instances, 23 August 2019. https://docs.openstack.org/ocata/user-guide/cli-nova-configure-access-security-for-instances.html. Accessed 06 Mar 2020
Santoso, B.I., Idrus, M.R.S., Gunawan, I.P.: Designing network intrusion and detection system using signature-based method for protecting OpenStack private cloud. Informatics Department, Bakrie University Jakarta, Indonesia 12920 (2016)
Xu, C., Zhang, R., Xie, M., Yang, L.: Network intrusion detection system as a service. In: 2019 IEEE 27th International Conference on Network Protocols (ICNP), pp. 1–2 (2019)
Rash, M.: Linux Firewalls: Attack Detection and Response with iptables, psad, and fwsnort. No Starch Press, San Francisco (2007)
Schubert, D., Jaeger, B., Helm, M.: Network emulation using Linux network namespaces. Network 57 (2019)
Aggarwal, S.: Modern web-development using ReactJS. Int. J. Recent Res. Aspects 5, 2349–7688 (2018)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Hoang, X.T., Bui, N.D. (2021). An Implementation of Firewall as a Service for OpenStack Virtualization Systems. In: Tran, DT., Jeon, G., Nguyen, T.D.L., Lu, J., Xuan, TD. (eds) Intelligent Systems and Networks . ICISN 2021. Lecture Notes in Networks and Systems, vol 243. Springer, Singapore. https://doi.org/10.1007/978-981-16-2094-2_12
Download citation
DOI: https://doi.org/10.1007/978-981-16-2094-2_12
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-16-2093-5
Online ISBN: 978-981-16-2094-2
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)