Title :
A dynamic IPS allocation scheme using openflow for economical secure networking
Author :
Kietkaroon, Pichaya ; Watanabe, Yusuke ; Murayama, Junichi ; Hamada, Takahiro ; Igarashi, Yuminobu
Author_Institution :
Sch. of Inf. & Telecommun. Eng., Tokai Univ., Tokai, Japan
Abstract :
OpenFlow is attractive as a base of the data center network. IPS is also attractive as a security appliance. Then combining Openflow with IPS is an important issue. The simple solution is to screening all flow in an OpenFlow network using IPS. However, it may degrade throughput performance or increase equipment cost. In order to solve this problem, we propose a novel IPS allocation scheme. In this scheme, at first, security level is checked on each flow. Then a forwarding path is selected from IPS-involved path or cut-through path. From the result of the experiments, we can increase the number of cutthrough flows when the number of secure flows is large. Consequently, we can increase the whole network throughput without any additional equipment cost.
Keywords :
Internet; computer centres; computer network security; IPS allocation scheme; IPS-involved path; Internet; OpenFlow; cut-through path; data center network; economical secure networking; intrusion prevention system; network throughput; Control systems; Dynamic scheduling; Internet; Ports (Computers); Resource management; Security; Throughput; IPS; OpenFlow; cut-through; flow control; security;
Conference_Titel :
Information and Telecommunication Technologies (APSITT), 2015 10th Asia-Pacific Symposium on
Conference_Location :
Colombo
DOI :
10.1109/APSITT.2015.7217112
