Virtual Security Functions and Their Placement in Software Defined Networks: A Survey


Creative Commons License

Demirci M. S. , Demirci M. , Sağıroğlu Ş.

GAZI UNIVERSITY JOURNAL OF SCIENCE, vol.32, no.3, pp.833-851, 2019 (Journal Indexed in ESCI) identifier identifier

  • Publication Type: Article / Review
  • Volume: 32 Issue: 3
  • Publication Date: 2019
  • Doi Number: 10.35378/gujs.422000
  • Title of Journal : GAZI UNIVERSITY JOURNAL OF SCIENCE
  • Page Numbers: pp.833-851

Abstract

Software Defined Networking (SDN) and Network Functions Virtualization (NFV) are two important technologies gaining prominence thanks to their benefits for improving the flexibility and cost efficiency in networks. These technologies have been utilized extensively for providing new age security solutions in recent years. Through the use of SDN and NFV, network security functions are virtualized and deployed in a hardware-independent manner, thus reducing costs as well as enabling faster innovations and developments. Functions virtualized with NFV such as firewall, deep packet inspection, intrusion detection systems etc. can reside as applications in the SDN architecture. The issue of where to place these functions in the network is an important problem discussed in the literature. When placing these functions, objectives such as efficient use of network resources, energy consumption, cost, network load, delay etc. must be considered for each function, in addition to ensuring that network security requirements are met. This paper provides a critical survey on the placement of virtualized network security functions in software defined networks and identifies open problems in this field. We briefly describe SDN and NFV technologies, touch upon the relationship between them, exemplify and review the most common virtual security functions in SDN. We also examine and compare the studies on the optimal placement of virtual security functions. Finally, we identify several open research challenges in this area and suggest potential future directions to be considered by researchers.