Network Security Function Virtualization: Challenges and Solutions
Network Security Function Virtualization: Challenges and Solutions
By: Dr. Hongxin Hu
Traditional network security functions, such as firewall and Intrusion Detection System (IDS), are mostly implemented as the vendor proprietary appliances or middleboxes, which usually lack a general programming interface and is also characterized by very poor versatility and flexibility. Two emerging networking paradigms, Network Function Virtualization (NFV) and Software-Defined Networking (SDN), have accelerated the development of a new breed of network security functions, virtual Network Security Functions (vNSFs), which are flexible and elastic, and are well-suited for protecting programmable and virtualizable environments. However, to fully take advantage of the benefits of vNSFs, there are great challenges in the management, development, deployment, and execution of vNSFs. In this talk, I will discuss those research challenges and potential solutions for addressing those challenges.
Traditional network security functions, such as firewall and Intrusion Detection System (IDS), are mostly implemented as the vendor proprietary appliances or middleboxes, which usually lack a general programming interface and is also characterized by very poor versatility and flexibility. Two emerging networking paradigms, Network Function Virtualization (NFV) and Software-Defined Networking (SDN), have accelerated the development of a new breed of network security functions, virtual Network Security Functions (vNSFs), which are flexible and elastic, and are well-suited for protecting programmable and virtualizable environments. However, to fully take advantage of the benefits of vNSFs, there are great challenges in the management, development, deployment, and execution of vNSFs. In this talk, I will discuss those research challenges and potential solutions for addressing those challenges.