SDN/NFV-enabled Security Architecture for fine-grained Policy Enforcement and Threat Mitigation for Enterprise Networks
Demo at SIGCOMM 2017
Today, network security in enterprises is mainly enforced by firewalls guarding the perimeter of the network against an ever-increasing number of cyber threats. However, once the perimeter is breached attackers and malware can easily compromise additional hosts as we have seen in the recent outbreak of the WannaCry worm.
A complimentary approach to alleviate these threats is to quarantine malicious hosts on a network level. To accomplish this, a fine-grained flow selection and security control is needed which can be provided by architectures like Software-Defined Networking (SDN) and Network Function Virtualization (NFV).
As one of the authoring partners of this demo at the renown ACM SIGCOMM conference, we demonstrate the prospects of seamlessly integrating SDN and NFV based security operations into the existing enterprise network infrastructure to provide state-of-the-art stateful firewalling for advanced packet filtering as well as on-demand fine-grained flow separation and isolation for the exterior and interior network.
StableNet® provided by Infosim® and the extensions made to it play one of the key roles in this demo. Not only does StableNet® monitor all critical systems within the demonstrator, but the shown scenarios also demonstrate how our solution is capable of consolidating modern SDN and NFV environments as well as legacy network infrastructures.
Research Partners: University of Würzburg, TU Munich, genua GmbH, Infosim®
Without any doubt, multi-faceted automation tasks cannot be uniformally covered with a “one size fits it all” solution. In other words, each firm must establish focused priorities and functional compromises in order to develop the foundation for a successful network automation solution.
We face three primary types of competition, for various possible customers in the NMS arena. The customer types range from enterprises that need to secure the health of their network for production purposes to Telcos that require service assurance for the network services that they provide to their clients, and anything in-between.
As it has been nearly a year since Dr. David Toumajian first joined Infosim® as the Director of Marketing, we wanted to ask him a few questions about his experience at the company and some of the key initiatives that the marketing department has been working on during that time.