In-Network Placement of Security VNFs in Multi-Tenant Data Centers

Ali, A., Anagnostopoulos, C. and Pezaros, D. P. (2020) In-Network Placement of Security VNFs in Multi-Tenant Data Centers. In: IEEE ISCC 2020, Rennes, France, 7-10 July 2020, ISBN 9781728180861 (doi: 10.1109/ISCC50000.2020.9219711)

[img] Text
215567.pdf - Accepted Version

569kB

Abstract

Middleboxes are typically hardware-accelerated appliances such as firewalls, Proxies, WAN optimizers, and NATs that play an important role in service provisioning over today’s Data Centers. We focus on the placement of virtualised security services in multi-tenant Data Centers. Customised security services are provided to tenants as software VNF modules collocated with switches in the network. Our placement formulation satisfies the allocation constraints while maintaining efficient management of the infrastructure resources. We propose a Constraint Programming (CP) formulation and a CPLEX implementation. We also formulate a heuristic-based algorithm to solve larger instances of the placement problem. Extensive evaluation of the algorithms has been conducted, demonstrating that the VNF approach provides more than 50% reduction in resource consumption compared to other heuristic algorithms.

Item Type:Conference Proceedings
Status:Published
Refereed:Yes
Glasgow Author(s) Enlighten ID:Anagnostopoulos, Dr Christos and Pezaros, Professor Dimitrios and Ali, Abeer Farouk Tawfeek
Authors: Ali, A., Anagnostopoulos, C., and Pezaros, D. P.
College/School:College of Science and Engineering > School of Computing Science
ISSN:2642-7389
ISBN:9781728180861
Copyright Holders:Copyright © 2020 IEEE
Publisher Policy:Reproduced in accordance with the copyright policy of the publisher

University Staff: Request a correction | Enlighten Editors: Update this record