Technical Research Paper On Software Defined Networks (Research Paper Sample)

Software Defined Networking
Overview of Network Security
Authors Name/s per 1st Affiliation (Author)
line 1 (of Affiliation): dept. name of organization
line 2-name of organization, acronyms acceptable
line 3-City, Country
line 4-e-mail address if desired
Authors Name/s per 2nd Affiliation (Author)
line 1 (of Affiliation): dept. name of organization
line 2-name of organization, acronyms acceptable
line 3-City, Country
line 4-e-mail address if desired
Abstract— SDN outlines a technique or architecture of deploying networking resources where unlike in traditional methods, these resources are diversified to yield different functionalities. SDN is therefore not a new technology but a transformation of the existing technologies. Moreover, this transformation has been necessitated by the demands of the industrial market where more dynamic and resilient solutions are needed. This paper analyses, SDN as a concept and evaluates the security risks associated with it based on its current and future architecture.
Keywords—SDN, Virtulization, OpenFlow
Introduction
Software defined networking outlines a new approach to networking devices unlike commonly perceived in the market where people outline it as a new technology. Therefore, SDN is basically a new approach to networking tactics where the resources involved are decoupled and diversified to provide more functionalities which increase control and management [1]. Therefore, it’s accurate to think of SDN as a journey or transformation of some sort which challenges the existing build of networking systems that is very rigid and unable to adapt to new technologies effectively. This transformation will eventually increase the access to networking resources by making them dynamic in nature thus will be easier to control. Furthermore, flexibility is introduced in networking structures to facilitate the design and control of operations using external applications. This report analyses SDN as a new technology, more so, the security risks associated with it and the possible solutions that can be implemented to secure this new transformation
Literature review
While SDN may have introduced a new architecture of actualising networks, it does not present new technologies as the entire structure is designed from old concepts which are continuously combined with new practices. Essentially, the introduction of SDN stems from the demands made by the growing internet infrastructure where components such as social media, multimedia applications and smart systems are diversifying which introduces new challenges.
Moreover, these challenges are intensified by virtualization technologies where concepts such as cloud computing have varying demands that traditional and conventional networks are not able to meet [2]. Therefore, the frequent fluctuation of resources is not met through manual allocation which necessitates SDN designs. In addition to this, conventional networking devices such as switches are based on vendor specifications which make their configuration and administration a manual process.
In response to these inefficiencies comes SDN with its OpenFlow (OF) concepts which apply the OpenFlow algorithm to control networking devices and components. OF outlines all communication specifications between the network controllers and the OF devices. These devices, on the other hand, are completely different from conventional networking devices as they are built with basic systems which only include the data or forwarding parameters for networking traffic [3]. Since they lack the controls, the OF devices are easily controlled and managed using the SDN controller which is a software application/program that essentially acts as an operating system i.e. a networking OS.
Now, this NOS controls, manages and administrates networking components which increase the performance of this IT infrastructure. Furthermore, today’s networking companies do not allow business to program systems and applications on top of the existing networking infrastructure. SDN nullifies this by eliminating vendor lock-in which facilitates programming functionalities that can include the customization of networking systems e.g. access control [4].
SDN Architecture
SDN, as outlined above, uses a modularity procedure where the underlying networking infrastructure is diversified to meet the operational requirements i.e. an abstraction of facilities. In this structure, the networking process is slowly transformed to a design that closely resembles that of a software implementation process. Now, these transformations are conducted using three major SDN components data, control and application planes. These planes are clearly outlined having specific roles and boundaries. Furthermore, the proposed application that lies above the infrastructure facilitates the communication between these planes [5].
1. Data plane
The IT infrastructure resources such networking devices, firewalls and visualisation tools are found in this plane. Therefore, this plane is attributed with the forwarding of traffic from different networking nodes to the others. This plane is however regulated by the control plane which outlines the rules and regulations of traffic flow. This plane, unlike the traditional networks, eliminates systems configurations that isolated networking components thus lowering integration [6]. It also eliminates intelligent forwarding tools that automatically assigned traffic in certain instances.
2. Control plane
This plane regulates or governs the operations of the data plane by providing the networking and traffic flow decisions. This control and regulation are done using the SDN controller the major component of this plane. In essence, this controller will transform users’ requirements into traffic and networking controls that manage elements such as bandwidth, access and traffic itself. In addition to this, the programmability feature of the SDN networks is introduced at this section which enhances the performance.
3. Application plane
This plane presents the networking resource to the end user using suitable APIs known as northbound applications. These APIs integrate with the control plane using the SDN controller to enable the user to manage the networking resources such as traffic, access control and bandwidth among many others. Therefore, the application plane will control and manage the data plane using the control plane [7].
Fig: The SDN architecture
SDN Requirements and configuration
SDN configurations can be done from a centralised control which ultimately pushes the networking architecture to the goal of achieving dynamic and flexible networks. However, for this goal to be achieved the existing networking structures must be redesigned or eliminated to pave way for the SDN systems. Therefore, on top of re-evaluating the networking architecture, the functionalities presented today such as routeing, switching and quality of service (QoS) will have to be re-evaluated to fit the needs of SDN [7]. Furthermore, remember that all the existing systems are made by different vendors which make integration and collaboration difficult. These outcomes make the implementation of SDN framework challenging a factor that contributes to some of the security issues seen in the next section.
Nevertheless, the innovations offered by OpenFlow technology will facilitate the process where through the programmable platforms the challenges of control and integration will be slowly eliminated. Furthermore, the separation of the data and test plane encourages the development of new protocols that can easily manage the networking domains. Therefore, from an overall perceptive, the SDN requirements will be met through the separation of the traffic control methods and the networking hardware. This outcome will achieve a consolidated networking fabric [8].
SDN Security issues
Most of the security risks and challenges faced by SDN are facilitated by its design structure where new threat avenues are emerging. Furthermore, it's vulnerable to attacks owing to its stage of application which outlines a new technology or concept.
1. Data and control plane
SDN proposes a separation of these two layers with a controller being used to regulate their application. This outcome presents serious security challenges, for one, the data plane may lack the appropriate authentication or encryption protocols as the current measures exist as a holistic package to protect the entire networking infrastructure. Moreover, the controller itself is a security liability because if compromised it gives intruders complete access to the network. In addition to this, the controller is also a single point of failure that is when affected with faults will halt the operations of the entire network [9].
2. Programmability of the networks
The programmability feature is supposed to enhance the automation of networking components which eventually is supposed to enhance performance while optimising the functionalities of network managers and administrators. In fact, through this feature, network engineers will be able to configure and re-configure remote devices such as switches and routers at the comfort of their desks. Furthermore, these configuration parameters will be common among all the devices and only distinguished by authentication procedures i.e. OpenFlow standards. This outcome again is a serious security liability as attackers and intruders have a big environment to conduct their attacks owing to the number of potential devices using SDN principles. In addition to this, they can use the same process used to configure and re-configure networking components to introduce malicious applications into the networks [10].
3. OpenFlow devices
Although vendor specifications lower the integration of networking components, t...