Tualatin: Towards network security service provision in cloud datacenters

Xiang Wang, Zhi Liu, Jun Li, Baohua Yang, Yaxuan Qi
2014 2014 23rd International Conference on Computer Communication and Networks (ICCCN)  
Multi-tenant infrastructures deployed in cloud datacenters need network security protection. However, the rigid control mechanism of current security middleboxes induces inflexible orchestration, limiting the agile and on-demand security provision in virtualized datacenters. This paper presents Tualatin, a consolidated framework of delivering security services in multi-tenant datacenters. It meets security requirements of different scenarios by hardware and software co-design. Leveraging
more » ... e-Defined Networking (SDN) and OpenFlow techniques, Tualatin provides fine-grained security protection in dynamically changing network topologies, where both switches and security middleboxes are programmatically controlled by logically centralized controllers. With service-level APIs exposed, Tualatin could be easily integrated with other Cloud Management System (CMS). A proof-of-concept system has been deployed in a Tier-IV datacenter, providing customizable network security services for tenant Virtual Private Cloud (VPC) infrastructure.
doi:10.1109/icccn.2014.6911782 dblp:conf/icccn/WangLLYQ14 fatcat:fu5uu3xo5veenmss7a6374faju