Abstract image of a woman sitting on books and studying on a laptop

SDN-ppt-new

G
Gifty Susan Mani

This document summarizes the key aspects of software defined networking (SDN) and discusses associated security issues. SDN separates the control plane and data plane to allow for centralized network control and programmability. While SDN enables more effective security through visibility and automation, it also introduces new vulnerabilities related to the centralized control plane, virtualized environment, and application access. The document outlines security challenges in SDN infrastructure and potential attack vectors, as well as recommendations for protecting the data, control, and application layers through measures like role-based access policies and in-line security functions.

1 of 23
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
A survey: Security issues of Software defined networking Gifty Susan Mani Faculty Advisor: Dr. Ahmed Awad Master of Science in Information, Network and Computer Security New York Institute of technology, Vancouver
What is SDN? Why we need SDN? Does it ensure security for the future?
Introduction •  Challenging task in the traditional networks: Maintaining the changing environments according to the predefined policies. •  Configuration of each network device separately: Requirement of high-level policies considering the fundamental nature of network. •  In traditional networks, Control Plane: determines the traffic to be sent. Data Plane: forwards the traffic at very high speed but lower latency.
Router A Router D Router C 1 2 Router B 1 2 4 6 8 3 4 1 Traffic Flow: 1 -> Router A -> Router D -> 2 Conventional Routing
Ideal Re-Routing Router A Router D Router C 1 2 Router B 1 2 4 6 8 3 4 1 Traffic Flow: 1 -> Router A -> Router C -> 2 Failure
What is SDN •  Active programming approach with a paradigm that separates the control plane and data plane that allows easy optimization between the control plane and network devices. •  State Variability and Reusability. •  Key attributes are: - Programmability - Openness - Heterogeneity -  Maintainability
SDN Explained… •  Instead of putting the hardware together to form the network, it focus on the services that run on the network. •  It adds a software layer in between the hardware dealing with the data and controls it. •  Co-existence of Dissimilar networks on the same physical hardware. •  Encourage the network innovation and deploys agile network capabilities.
Comparison with traditional network
SDN Components •  Control Plane: abstract view of the network. •  North-bound Application Protocols: Represents the software interface between the controller and applications. •  East-West Protocols: Acts as control that manages the interaction between the multi-controller environments. •  Data Plane and south-bound protocols: forwards the communication from the controller to the network infrastructure. •  Open flow: Protocol to manage the southbound interface of the SDN architecture.
SDN: Basic Architecture
Significance of SDN streamline •  Respond faster to the changing environments with low cost. •  80/20 rule of applications:80% should be the programmable solution assembled in the infrastructure using the 20% commands that request the high level request. •  Service chaining sequence application specific procedures to a client’s job. •  Dynamic load management and implement bandwidth calendaring.
SDN in Network Security •  SdN is considered to the disruptive technology in the network security. •  SDN creates security opportunities and security challenges. •  35% of the network organizations believe that SDN will enable to implement more effective security. •  12% of the organizations believe the concerns of the security vulnerabilities is a significant inhibitor to SDN deployment.
Deepening crisis and threats
Deepening crisis and threats •  Mass customization: The use of unknown malware and infections – increased malware campaigns. •  Increased data loss across the industries and data types. •  The server network is the most compromised asset by far over the past 5 years. •  Only 15% security breaches have a reliable count, 85% of the breaches are incomplete.
Opportunities of SDN •  Better utilization of the network access-55%. •  Perform end-to-end view of the network-54% •  Scale the network functionality and effective security functionality- 45%. •  The deployment cycle has drastically reduced. •  Defense in depth: Heterogeneity and decentralized nature of the control plane. •  Separation of monitoring and security enforcement elements
SDN Principles of Security •  Availability and Performance. •  Integrity and Confidentiality. •  Authorization and authentication. •  Resiliency. •  Multi-domain Isolation. •  Repudiation. •  Transparency. Security + SDN=Security Centric SDN
Security Challenges in SDN •  SDN changes the entire security model. •  SDN methodology rely on new overlay and encapsulation techniques, many of current security tools are incompatible. •  Virtualization made the SDN both more and less secure. More Secure: Abstraction Layers. Less Secure : Lack of physical access.
Security Limitation in SDN Infrastructure •  Data Layer: Insecure implementation of the management application. •  Control Layer: Centralized orchestration represents single point of failure - compromise the control of the network flow. •  Application Layer: Lack of mechanism in place to ensure the authentication of the application access to the control plane.
Attack Vectors in SDN
Countermeasures •  Protect the data layer- segregation of protocol traffic from the data flow through out-of-band network or security measures. •  Protect the control layer- Implementation of Role-based access policies by verifying the legitimacy of the host migration. •  Protect the application layer- Leverage in-line mode security function in the applications to strengthen the the end user security.
Conclusion •  Emerging approach to the network security and how it can smartly replace the traditional networks. •  SDN is not a technology but a paradigm that uses the concept of virtualization and programmable protocol. •  SDN security issues are more related to the control plane, inter- component communication and controlling the scope applications through access policies.
IoT to Internet of Everything
Questions?

More Related Content

PPT
Advanced Metering Infrastructure (AMI)
Naveena Navi
 
PPTX
Creative Mornings San Diego 2015
Anne McColl
 
PPTX
Automatic Wireless Health Monitoring System In Hospitals For Patients
Edgefxkits & Solutions
 
PPTX
Cash Flow Dashboard in Excel
Akram Hossain Siblee CPA, CA(UK)
 
PPTX
Price elasticity of demand
businesstopia
 
PPTX
Paging and segmentation
Piyush Rochwani
 
PDF
BRD Template
ShreemInstituteProfe
 
PPTX
Convolutional codes
Abdullaziz Tagawy
 
Advanced Metering Infrastructure (AMI)
Naveena Navi
 
Creative Mornings San Diego 2015
Anne McColl
 
Automatic Wireless Health Monitoring System In Hospitals For Patients
Edgefxkits & Solutions
 
Cash Flow Dashboard in Excel
Akram Hossain Siblee CPA, CA(UK)
 
Price elasticity of demand
businesstopia
 
Paging and segmentation
Piyush Rochwani
 
BRD Template
ShreemInstituteProfe
 
Convolutional codes
Abdullaziz Tagawy
 

What's hot (20)

PPTX
Ssl and tls
Rana assad ali
 
PPTX
Virtual Private Network(VPN)
Abrish06
 
PDF
Introduction to Software Defined Networking (SDN)
Bangladesh Network Operators Group
 
PPTX
Destination Sequenced Distance Vector Routing (DSDV)
ArunChokkalingam
 
PDF
Software Defined Networking (SDN) Technology Brief
Zivaro Inc
 
ODP
Https presentation
patel jatin
 
PPT
Email security
Indrajit Sreemany
 
PPTX
Cloud security ppt
Venkatesh Chary
 
PPTX
Cloud security Presentation
Ajay p
 
PPT
Secure shell ppt
sravya raju
 
PPT
Digital Signature
Adarsh Kumar Yadav
 
PPTX
TCP and UDP
Ramesh Giri
 
PPT
Network security
Gichelle Amon
 
PPTX
Cloud Security
AWS User Group Bengaluru
 
PPTX
Virtualization in cloud computing
Mohammad Ilyas Malik
 
PPT
TCP/ IP
Harshit Srivastava
 
PPT
Dsdv
Abhishek Kesharwani
 
PPTX
RSA Algorithm
Srinadh Muvva
 
PPTX
Network security model.pptx
ssuserd24233
 
PPTX
Mobile Ad hoc Networks
Jagdeep Singh
 
Ssl and tls
Rana assad ali
 
Virtual Private Network(VPN)
Abrish06
 
Introduction to Software Defined Networking (SDN)
Bangladesh Network Operators Group
 
Destination Sequenced Distance Vector Routing (DSDV)
ArunChokkalingam
 
Software Defined Networking (SDN) Technology Brief
Zivaro Inc
 
Https presentation
patel jatin
 
Email security
Indrajit Sreemany
 
Cloud security ppt
Venkatesh Chary
 
Cloud security Presentation
Ajay p
 
Secure shell ppt
sravya raju
 
Digital Signature
Adarsh Kumar Yadav
 
TCP and UDP
Ramesh Giri
 
Network security
Gichelle Amon
 
Cloud Security
AWS User Group Bengaluru
 
Virtualization in cloud computing
Mohammad Ilyas Malik
 
TCP/ IP
Harshit Srivastava
 
Dsdv
Abhishek Kesharwani
 
RSA Algorithm
Srinadh Muvva
 
Network security model.pptx
ssuserd24233
 
Mobile Ad hoc Networks
Jagdeep Singh
 
Ad

Viewers also liked (14)

PPTX
Software Defined Network - SDN
Venkata Naga Ravi
 
PPTX
Sdn ppt
Pallavi Chhikara
 
PDF
Evaluation of Authentication Mechanisms in Control Plane Applications for Sof...
Siyabonga Masuku
 
PDF
Route flow autoconf demo 2nd sdn world congress 2013
FIBRE Testbed
 
PPTX
Understanding SDN
Saurabh Agarwal
 
PDF
Attacking SDN infrastructure: Are we ready for the next gen networking
Priyanka Aash
 
PDF
Forecast 2014: Software Defined Networking - What's New?
Open Data Center Alliance
 
PDF
Tutorial on SDN and OpenFlow
Kingston Smiler
 
PPTX
Software-Defined Networking , Survey of HotSDN 2012
Jason TC HOU (侯宗成)
 
PPTX
SDN and NFV: Friends or Enemies
Justyna Bak
 
PPTX
SDN Basics – What You Need to Know about Software-Defined Networking
SDxCentral
 
PDF
Introduction to Software Defined Networking (SDN)
rjain51
 
PPTX
Software-Defined Networking SDN - A Brief Introduction
Jason TC HOU (侯宗成)
 
PPTX
Cyber crime and security ppt
Lipsita Behera
 
Software Defined Network - SDN
Venkata Naga Ravi
 
Sdn ppt
Pallavi Chhikara
 
Evaluation of Authentication Mechanisms in Control Plane Applications for Sof...
Siyabonga Masuku
 
Route flow autoconf demo 2nd sdn world congress 2013
FIBRE Testbed
 
Understanding SDN
Saurabh Agarwal
 
Attacking SDN infrastructure: Are we ready for the next gen networking
Priyanka Aash
 
Forecast 2014: Software Defined Networking - What's New?
Open Data Center Alliance
 
Tutorial on SDN and OpenFlow
Kingston Smiler
 
Software-Defined Networking , Survey of HotSDN 2012
Jason TC HOU (侯宗成)
 
SDN and NFV: Friends or Enemies
Justyna Bak
 
SDN Basics – What You Need to Know about Software-Defined Networking
SDxCentral
 
Introduction to Software Defined Networking (SDN)
rjain51
 
Software-Defined Networking SDN - A Brief Introduction
Jason TC HOU (侯宗成)
 
Cyber crime and security ppt
Lipsita Behera
 
Ad

Similar to SDN-ppt-new (20)

PDF
Software Defined Networks - Unit -1- class lecture notes.pdf
softwaretrainer2elys
 
PPTX
Software defined network
Deeptiman Mallick
 
PPTX
Lqsqsssssssssssssssssssssssssssssssssssq18.pptx
pfeprojet
 
PDF
SDN Security Talk - (ISC)2_3
Wen-Pai Lu
 
PPTX
Simplifying SDN Networking Across Private and Public Clouds
5nine
 
PDF
Performance Analysis of Wireless Trusted Software Defined Networks
IRJET Journal
 
DOCX
Software Defined Networking Attacks and Countermeasures .docx
rosemariebrayshaw
 
PPTX
Sdn
Mike Aro
 
PPTX
SDN
ABHAY PRATAP SINGH JAMWAL
 
PPTX
Software_Defined_Networking.pptx
AsfawGedamu
 
PPTX
SDN NOTES (2).pptx for engineering students
SabarigiriVason
 
PPTX
Simplifying Wired Network Deployments with Software-Defined Networking (SDN)
Aruba, a Hewlett Packard Enterprise company
 
PDF
Final_Report
Tlhologelo Mphahlele
 
PDF
SDN Security: Two Sides of the Same Coin
Zivaro Inc
 
PPTX
Software defined network-- SDN
Aadarsh Sharma
 
PDF
Introduction to SDN
NetCraftsmen
 
PPTX
Foundation of Modern Network- william stalling
JonathanWallace46
 
PPTX
Software-Defined Networking Layers presentation
Abdullah Salama
 
PPTX
Introduction to SDN: Software Defined Networking
Ankita Mahajan
 
PPT
Security of software defined networking (sdn) and cognitive radio network (crn)
Ameer Sameer
 
Software Defined Networks - Unit -1- class lecture notes.pdf
softwaretrainer2elys
 
Software defined network
Deeptiman Mallick
 
Lqsqsssssssssssssssssssssssssssssssssssq18.pptx
pfeprojet
 
SDN Security Talk - (ISC)2_3
Wen-Pai Lu
 
Simplifying SDN Networking Across Private and Public Clouds
5nine
 
Performance Analysis of Wireless Trusted Software Defined Networks
IRJET Journal
 
Software Defined Networking Attacks and Countermeasures .docx
rosemariebrayshaw
 
Sdn
Mike Aro
 
SDN
ABHAY PRATAP SINGH JAMWAL
 
Software_Defined_Networking.pptx
AsfawGedamu
 
SDN NOTES (2).pptx for engineering students
SabarigiriVason
 
Simplifying Wired Network Deployments with Software-Defined Networking (SDN)
Aruba, a Hewlett Packard Enterprise company
 
Final_Report
Tlhologelo Mphahlele
 
SDN Security: Two Sides of the Same Coin
Zivaro Inc
 
Software defined network-- SDN
Aadarsh Sharma
 
Introduction to SDN
NetCraftsmen
 
Foundation of Modern Network- william stalling
JonathanWallace46
 
Software-Defined Networking Layers presentation
Abdullah Salama
 
Introduction to SDN: Software Defined Networking
Ankita Mahajan
 
Security of software defined networking (sdn) and cognitive radio network (crn)
Ameer Sameer
 

SDN-ppt-new

  • 1. A survey: Security issues of Software defined networking Gifty Susan Mani Faculty Advisor: Dr. Ahmed Awad Master of Science in Information, Network and Computer Security New York Institute of technology, Vancouver
  • 2. What is SDN? Why we need SDN? Does it ensure security for the future?
  • 3. Introduction •  Challenging task in the traditional networks: Maintaining the changing environments according to the predefined policies. •  Configuration of each network device separately: Requirement of high-level policies considering the fundamental nature of network. •  In traditional networks, Control Plane: determines the traffic to be sent. Data Plane: forwards the traffic at very high speed but lower latency.
  • 6. What is SDN •  Active programming approach with a paradigm that separates the control plane and data plane that allows easy optimization between the control plane and network devices. •  State Variability and Reusability. •  Key attributes are: - Programmability - Openness - Heterogeneity -  Maintainability
  • 7. SDN Explained… •  Instead of putting the hardware together to form the network, it focus on the services that run on the network. •  It adds a software layer in between the hardware dealing with the data and controls it. •  Co-existence of Dissimilar networks on the same physical hardware. •  Encourage the network innovation and deploys agile network capabilities.
  • 9. SDN Components •  Control Plane: abstract view of the network. •  North-bound Application Protocols: Represents the software interface between the controller and applications. •  East-West Protocols: Acts as control that manages the interaction between the multi-controller environments. •  Data Plane and south-bound protocols: forwards the communication from the controller to the network infrastructure. •  Open flow: Protocol to manage the southbound interface of the SDN architecture.
  • 11. Significance of SDN streamline •  Respond faster to the changing environments with low cost. •  80/20 rule of applications:80% should be the programmable solution assembled in the infrastructure using the 20% commands that request the high level request. •  Service chaining sequence application specific procedures to a client’s job. •  Dynamic load management and implement bandwidth calendaring.
  • 12. SDN in Network Security •  SdN is considered to the disruptive technology in the network security. •  SDN creates security opportunities and security challenges. •  35% of the network organizations believe that SDN will enable to implement more effective security. •  12% of the organizations believe the concerns of the security vulnerabilities is a significant inhibitor to SDN deployment.
  • 14. Deepening crisis and threats •  Mass customization: The use of unknown malware and infections – increased malware campaigns. •  Increased data loss across the industries and data types. •  The server network is the most compromised asset by far over the past 5 years. •  Only 15% security breaches have a reliable count, 85% of the breaches are incomplete.
  • 15. Opportunities of SDN •  Better utilization of the network access-55%. •  Perform end-to-end view of the network-54% •  Scale the network functionality and effective security functionality- 45%. •  The deployment cycle has drastically reduced. •  Defense in depth: Heterogeneity and decentralized nature of the control plane. •  Separation of monitoring and security enforcement elements
  • 16. SDN Principles of Security •  Availability and Performance. •  Integrity and Confidentiality. •  Authorization and authentication. •  Resiliency. •  Multi-domain Isolation. •  Repudiation. •  Transparency. Security + SDN=Security Centric SDN
  • 17. Security Challenges in SDN •  SDN changes the entire security model. •  SDN methodology rely on new overlay and encapsulation techniques, many of current security tools are incompatible. •  Virtualization made the SDN both more and less secure. More Secure: Abstraction Layers. Less Secure : Lack of physical access.
  • 18. Security Limitation in SDN Infrastructure •  Data Layer: Insecure implementation of the management application. •  Control Layer: Centralized orchestration represents single point of failure - compromise the control of the network flow. •  Application Layer: Lack of mechanism in place to ensure the authentication of the application access to the control plane.
  • 20. Countermeasures •  Protect the data layer- segregation of protocol traffic from the data flow through out-of-band network or security measures. •  Protect the control layer- Implementation of Role-based access policies by verifying the legitimacy of the host migration. •  Protect the application layer- Leverage in-line mode security function in the applications to strengthen the the end user security.
  • 21. Conclusion •  Emerging approach to the network security and how it can smartly replace the traditional networks. •  SDN is not a technology but a paradigm that uses the concept of virtualization and programmable protocol. •  SDN security issues are more related to the control plane, inter- component communication and controlling the scope applications through access policies.
  • 22. IoT to Internet of Everything