Software Defined Networks And Network Function Virtualization - Overview, Implementation, And Security

Open Flow Technology

Discuss about the Software Defined Networks And Network Function Virtualization.

Virtualization technology in early times was based on computational and storage of resources. Hence most of the researchers were focused on computing and storage of resources. Networking and data virtualization was not the main subject of the research (Wen, Tiwary, & Le, 2013). Today, systems infrastructure are emerging as key concept in cloud computing.  Storages, computing resource and networking are now being defined by software. The software defining these resources are monitored and controlled centrally. In general, SDN will not be limited to applications, platforms or even infrastructures of the systems, they will instead categorize their needs and hence precisely outline their virtual environment on which they would operates on. An in-depth on how SDN is implemented is that the system is incorporated in underutilized servers that information technology organizations already operate and own (Wen, Tiwary, & Le, 2013). In summary, the firmware of routers and network switches that has for a long time remained under the control of the companies that manufacture this equipment is been changed by making this remotely modifiable and remotely accessible through third-party software clients, making use of open flow an example an open protocol (IEEE Staff, 2016). SDN allows for external access to the innards of routers and switches that were formally proprietary and closed and also for quick optimization and experimenting of routing or switching policies.

  The switching fabric of conventional Layer 2/3 networks serves as routing and switching material for the blade center server chassis. These switches have the capability of layer two switching and layer three routing providing security and flexible traffic management in the frame (Abro, 2015). The layer 2/3 fiber GbE and Copper switching modules offers full layer two switching making capabilities available such as link aggregation control, Cisco Ether channel, advanced spanning tree protocols and 802.1Q VLANs, Internet Group Management Protocol (IGMP), performance features and application delivery such as granular QoS, multicasting and snooping.

The open flow technology showcases network programmability through the remote control application which is all about remotely and directly programming a network switch to handle traffic dynamically in a particular way making use of the CLI type of commands (Zhang & Chen, 2016). An example, to achieve the forward flow to a specific switch port, ensure other streams are blocked, while the switch is programmed to make such actions alternate in a predefined manner, i.e. time interval of say 40 seconds. Use this demonstration using some servers that are to listen to the same multicast address while the switch is being programmed to allow a single server to give airplay to an individual client in the case of video servers. This application is applicable in the context of software-defined networking as it empowers the operator, user, and administrator to have an own definition of treating traffic (Artmann & Khondoker, 2018).  This, in a way, resembles the activities and operations of a TV remote control where one can switch through channels only that in this case, it is automatic. This is transparent to the end host in that clients and video servers are unaware of the switch managing or controlling the traffic.

Command Line Interface

A command-line interface (CLI) is a dialog or an interface where two programs or the user and the program pass a command line in SDN it is an essential critical aspect. Such command lines used in software-defined networks are some of the windows shell and OS/2 presentation manager these graphical interfaces help programs and users communicate with their execution strategies such as opening applications and documents. The registry or the graphical shell is where these commands are stored (Azodolmolky, 2013). In SDN standard input/output interface (stdin $ stdout) can be employed to look for console hacks allowed to store and edit commands in software. In network management, a configuration is regarded as one of the most vital functions. Especially, with a new device added to the existing network, an appropriate setting necessary to accomplish a consistent network operation.

Securing the SDN is a critical area that should be taken care of since it offers a global view and also programmability to control (Zhang & Chen, 2016). Thus, three future risks may be encountered in SDN. First, the controller is one of the most critical components in the SDN architecture as it defines the overall data flow that occurs in the traffic flow manager (data plane).  If it is compromised, the attacker may disrupt the data path of the network. Thus, to cope with such a threat, the Current Research on Security initiated a significant amount of virtualization scenario on the SDN layers to ensure that the attackers are unable to figure out the actual physical network.  It will provide a prominent security mechanism for the SDN (Bombal, 2017).

Secondly, the OpenFlow may present limitations regarding security contexts. Even though the SDN control languages and protocols, such as Frenetic and Procera, have been designed, the OpenFlow gains the dominant position in the network. In fact, the OpenFlow evolves, enhancing the processing of more protocol headers. In this process, it exhibits some drawbacks since it is associated with stringent definition fields used by the forwarding rules, and they may be altered (Tantayakul, Dhaou, & Paillassa, 2017). For instance, the area used in IPv6 protocol was introduced when OpenFlow version 1.3 emerged. Thus, there is a possibility of changing the protocol field in the OpenFlow and switching in the network becomes more complicated.

Lastly, lack of middle-boxes in SDN may cause a future security problem. The current operating network is implemented in the form of additional devices called middleboxes, such as firewalls, routers, NAT devices or switches. Therefore, when a system lacks such tools, it implies that there is a deficiency in security (Castaldi & Tobia, 2015). It facilitates end-to-end connectivity that is required for some network applications in the existing network. As a result, a legacy problem on applying and tuning the traffic rules or the encrypted data streams.

Security Risks in SDN

Security is a problematic issue that affects SDN networks. The ability to protect the controller which controls other data planes is a significant challenge that needs to be looked at. Another problem is service denial attacks which reside in networks that are defined by software. Intrusions inversions are also common in systems defined networks. A net fuse mechanism was proposed by researchers to protect data that is stored in the cloud from an overload of traffic. The net fuse was placed between the controller and switches in the networks of SDN (Comer, 2015). In recent times, data centers have been significantly affected by the wrong configurations, cyber-attacks workload changes in a network. Open flow regulated messages are indirectly collected to identify and detects streams in a network. To control the rate of traffic in a network, network overloading changes are looked at to determine multidimensional flows in a system. Various mechanisms are applied to control and monitor traffic which poses a threat in. The controlling component is implemented with passive and active listening mechanisms to check the network information (Cooklev, 2015). It interferes with control of messages on the network. The logic controller receives back information that has failed to match with the assigned switch after it gets, the feedback is sent to the switch using forwarding rules that outline flow method of the message or information.

The ability to provide services is known as quality of service Quality of Service. It is difficult to attain the desired excellent quality of service in SDN networks.  The SDN systems at sometimes fail to offer the users of good and quality services; this is because the users are limited to resources that are stored in data centers (Stallings, Jelassi, & Agboma, 2015). The center controlled system in case of a break down lead to denial of services to all users of the system. The primary quality of service is essential to achieve and guaranteed bandwidth, reduce the loss of data, reduce congestion and minimize the delay time when service is requested from the database. In the review, the research work was represented to solve the challenges that come with the quality of service in SDN. The report proposed a protocol which was based on the controller to achieve the end to end excellent and affordable services for applications based on media (Doherty, 2016).

Quality of services provided by SDN was measured through the failures of redundant links. Complicated algorithms were introduced to address optimization of assets. Load balancing formulae were added to control traffic on networks. The mechanisms developed was to support one big class that entails, infrastructure virtualization and network mechanism security which would help to curb or control attacks on the networks. Quality and robust policies were introduced to minimize incidents of network attacks (Duan & Toy, 2017). Software technology and continuous hardware evaluation were leveraged thirty years ago with feature switching of the art. To achieve good network implementations, the survey found that, automation and virtualization requires a rapid change from closed, extensible, vendor specific, proper system for networking and external operating should be easily be upgraded or programmed. This requirement is open and extensible and is monitored and guided by laid down policies that regulate and control resources in data centers should be dynamically managed as one system which has many integrated components made up of the network, computational data and storage devices (Robertazzi, 2017). Networks that are software-defined are coming up a new technique, those clear ways for network shared resources and virtualization that are increasing demand. The SDN technique hides the functional operations of the system, by providing an obstruction to applications that reside in the upper layer of the system to the underlying network system. Generally, the devices that are used for networking such as routers, switches have their data plane, Management plane, and control plane while the networks software definitions apply control logic and data planes which are separately decoupled (Galán-Jiménez, 2018). The logic control plane is employed as a component of software where it is kept in the server of the networking system. The data centers are found or held in the devices that connect to the internet.

Issues Associated with SDN

Security is a significant concern when it comes to software-defined networks. A lot of efforts should be taken to ensure data center in the cloud is secured.  Security means that hardware, network and applications systems using SDN networks are secured. Therefore hardware such computers should be well kept and secured. The servers where the controller of SDN system should have highly trained experts to monitor and control it, this will minimize cyber-attacks which may lead to system failure either due to service denial (Goransson, Black, & Culver, 2017). Proper policies that govern SDN networks should be employed to ensure quality and standard of networks that are recognized globally. Frequent checks of network should frequently be done to assist in identifying loopholes that may be used by hackers to penetrate the servers where data resides. In conclusion, security is a significant threat to SDN network. Hence more effort on research should be carried out to curb this arising issue.   

The review has shown that SDN, is effectively managing and virtualizing environment to meet the demands of network resources. They are now focusing on how to attain scalability, minimum load balance, security and excellent quality of services in a network (Qi & Li, 2016). The main idea behind this review is to establish and recognize the efforts applied to address challenges that were and still facing networks that which are defined by networks. Cloud computing is grouped into 3, one of the group is infrastructure as a service that is implemented through virtualization of the environment. The second category is “platform as a service” and third is where the platform is regarded as a service (Kadiyala & Cobb, 2017). The virtualization of technology has acted as the primary method of service delivery, through the provision of resources stored in the cloud. However, in recent years, many of researchers have focused on computing and storage resources of SDN using a technique of technology virtualization such as kernel virtual machine and other applications such as XEN APP which is used in cloud computing (Nadeau & Gray, 2013). The main thing that is pushing researchers to expand their knowledge on traditional networks is environment virtualization and cloud computing which rapidly increasing and easily incorporated to the enterprises.  The operators are not fixed to automation of network and data centers which are connected by LAN and WLAN.

The decoupling of logic data and control has changed the networking resources to be automated, controlled and programmed to meets increasingly needs by business corporates and enterprises. In addition to that, networks which are defined by software, are replacing the networking device functionalities to forwarding network devices (Marschke, Doyle, & Moyer, 2015). The ability to decide how and where to make a forwarding is outlined and explained on the control plane. In a software called controller is where the logic control of the network is implemented. Protocol or procedure of open flow is used to link the networking devices with the controller to enhance effective communication between them. Some of most known network system controllers in the market are a beacon, floodlight, and Nixes. The networking controller, after receiving the packets of data, it sends them to the switches that are based on open flow to control and maintain flaws of data in the switches. The controller then tries to match the flow entry of data and decide to send the packet of data to the right port; it may also choose to discard the packet of data. In a situation where the data received is not matching the available data, encapsulations are done, and data packets are sent back to where they came from, i.e. controller receives back data packet (Nadeau & Gray, 2013).

Quality of Service (QoS)

Conclusion 

In conclusion, the controller of networks has the mandate to decide packet data; it can signal a switch to drop a particular packet of data or create new entries into the flow of data in support of packet flow. Even though the software-defined networks has overwhelming advantages over the conventional, traditional networks, it has sprouted out its negative affecting issues. In a survey, four problems challenging of SDN were identified such as load balancing, quality of the service, scalability, and security. Ongoing efforts have been presented and summarized to curb or control the challenging issues that are facing software-defined networks. In conclusion, the survey found out techniques that would be used to address problems facing or challenging network established networks; the issues are looked at on the last page of this assessment. SDN provides better performance, higher flexibility as well as an efficient configuration that accommodate innovative network designs. The openness of SDN also encourages network operators to write control programs. However, future risks such as malicious attacks, lack of middleboxes causing problems on applying and tuning the traffic rules, and complications of the dominant OpenFlow in SDN.

References

Abro, A. B. (2015). Software Defined Mobile Network Security. Software Defined Mobile Networks (SDMN), 315-329. doi:10.1002/9781118900253.ch17

Artmann, D., & Khondoker, R. (2018). Security Analysis of SDN WiFi Applications. SDN and NFV Security, 57-71. doi:10.1007/978-3-319-71761-6_4

Azodolmolky, S. (2013). Software defined networking with OpenFlow: Get hands-on with the platforms and development tools used to build OpenFlow network applications. Birmingham, UK: Packt Publishing.

Bombal, D. (2017). Software Defined Networking (SDN): Understanding the types, terms, protocols, processes, and implications of SDN networks.

Castaldi, & Tobia. (2015). Dynamic management of real-time multimedia services in SDN-enabled cloud infrastructures.

Comer, D. (2015). Computer networks and Internets.

Cooklev, T. (2015). Making Software-defined Networks Semantic. Proceedings of the 12th International Conference on Wireless Information Networks and Systems. doi:10.5220/0005558700480052

Doherty, J. (2016). SDN and NFV simplified: A visual guide to understanding software defined networks and network function virtualization.

Duan, Q., & Toy, M. (2017). Virtualized software-defined networks and services.

Galán-Jiménez, J. (2018). Exploiting the control power of SDN during the transition from IP to SDN networks. International Journal of Communication Systems, 31(5), e3504. doi:10.1002/dac.3504

Goransson, P., Black, C., & Culver, T. (2017). Software defined networks: A comprehensive approach.

IEEE Staff. (2016). 2016 Fifth European Workshop on Software Defined Networks (EWSDN). Piscataway: IEEE.

Kadiyala, K. P., & Cobb, J. A. (2017). Inter-AS traffic engineering with SDN. 2017 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN). doi:10.1109/nfv-sdn.2017.8169847

Marschke, D., Doyle, J., & Moyer, P. (2015). Software Defined Networking (SDN): Anatomy of OpenFlow. s.l.: Lulu.com.

Nadeau, T. D., & Gray, K. (2013). SDN: Software defined networks.

Qi, H., & Li, K. (2016). Software Defined Networking Applications in Distributed Datacenters. Cham: Springer International Publishing.

Robertazzi, T. G. (2017). Software-Defined Networking. Introduction to Computer Networking, 81-87. doi:10.1007/978-3-319-53103-8_7

Stallings, W., Jelassi, S., & Agboma, F. (2015). Foundations of modern networking: SDN, NFV, QoE, IoT, and Cloud.

Tantayakul, K., Dhaou, R., & Paillassa, B. (2017). Mobility management with caching policy over SDN architecture. 2017 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN). doi:10.1109/nfv-sdn.2017.8169830

Wen, H., Tiwary, P. K., & Le, N. T. (2013). Wireless virtualization.

Zhang, Y., & Chen, M. (2016). Cloud based 5G wireless networks. Cham, Switzerland: Springer.