Loading...

Application of Software-Defined Networking In Network Management

Kohani, Fereshteh | 2014

758 Viewed
  1. Type of Document: M.Sc. Thesis
  2. Language: Farsi
  3. Document No: 47417 (05)
  4. University: Sharif University of Technology
  5. Department: Electrical Engineering
  6. Advisor(s): Pakravan, Mohammad Reza
  7. Abstract:
  8. Software-Defined Networking is a new approach in networking which provides a great opportunity to improve network management. Network policy decisions and reachability policies are one of the main concerns of the network administrators. These policies are traditionally configured in different network devices. The configurations are manually implemented using ACLs in routers, firewalls, VLANs, etc. Network engineers configure every single device on the network with its vendor-specific low level language. As a result, access control policies of the network lie in the configuration files of the network devices or even only in the minds of the network engineers. Moreover, access control policies repetitively change to provide new security conditions. It is necessary to recognize the implemented policies before enforcing the new ones. But this is very time-consuming and prone to error. As a result, the importance of finding a method to extract the policies from the network state is identified. In this project we propose a new approach to the extraction of access control policies in a network based on Header Space Analysis and Software Defined Networking. This method uses three stages to extract policies. Based on the suggested method, an application software is designed which can be put on the application layer on top of the network controller. This program inputs the network forwarding state from the network controller to extract its access control policies and give a comprehensive view of the network to the network administrators. Access policies can be fully extracted based on VLANs, IP access and TCP/UDP access and be supplied to the network administrators in two textual and graphical formats. This application is also applicable to traditional networks. Extraction of access control policies can simplify configuration and implementation of policies in network devices and facilitate the recognition and analysis of network policies for network engineers
  9. Keywords:
  10. Software Defined Networking (SDN) ; Header Space Analysis (HSA) ; Access Control Lists (ACL) ; Policy Extraction

 Digital Object List

 Bookmark

No TOC