Several reasons make NFV an attractive paradigm for IT security: lowers costs, agile operations and better isolation as well as fast security updates, improved incident responses and better level of automation. At the same time, the network threats tend to be increasingly complex and distributed, implying huge traffic scale to be monitored and increasingly strict mitigation delay requirements. Considering the current trend of the networking and the requirements to counteract to the evolution of cyber-threats, it is expected that also network monitoring will move towards NFV based solutions. In this paper, we present Distributed StreaMon (D-StreaMon) an orchestration framework for distributed monitoring on NFV network architectures. D-StreaMon has been designed to face the above described challenges. It relies on the StreaMon platform, a solution for network monitoring originally designed for traditional middleboxes. Changes that allow Streamon to be deployed on NFV network architectures are described. The paper reports a performance evaluation of the realized NFV based solutions and discusses potential benefits in monitoring tenants' VMs for Service Providers.

Palmisano, D., Ventre, P., Caponi, A., Siracusano, G., Salsano, S., Bonola, M., et al. (2017). D-STREAMON - NFV-capable distributed framework for network monitoring. In 2017 29th International Teletraffic Congress (ITC 29) (pp.30-35). 345 E 47TH ST, NEW YORK, NY 10017 USA : IEEE [10.23919/ITC.2017.8065707].

D-STREAMON - NFV-capable distributed framework for network monitoring

PALMISANO, DAVIDE;Ventre, PL;Caponi, A;Siracusano, G;Salsano, S;Bonola, M;Bianchi, G
2017

Abstract

Several reasons make NFV an attractive paradigm for IT security: lowers costs, agile operations and better isolation as well as fast security updates, improved incident responses and better level of automation. At the same time, the network threats tend to be increasingly complex and distributed, implying huge traffic scale to be monitored and increasingly strict mitigation delay requirements. Considering the current trend of the networking and the requirements to counteract to the evolution of cyber-threats, it is expected that also network monitoring will move towards NFV based solutions. In this paper, we present Distributed StreaMon (D-StreaMon) an orchestration framework for distributed monitoring on NFV network architectures. D-StreaMon has been designed to face the above described challenges. It relies on the StreaMon platform, a solution for network monitoring originally designed for traditional middleboxes. Changes that allow Streamon to be deployed on NFV network architectures are described. The paper reports a performance evaluation of the realized NFV based solutions and discusses potential benefits in monitoring tenants' VMs for Service Providers.
29th International Teletraffic Congress, ITC 2017
Rilevanza internazionale
Settore ING-INF/03 - Telecomunicazioni
English
Network Function Virtualization; Network Monitoring; Threat Detection; Network Programmability
Intervento a convegno
Palmisano, D., Ventre, P., Caponi, A., Siracusano, G., Salsano, S., Bonola, M., et al. (2017). D-STREAMON - NFV-capable distributed framework for network monitoring. In 2017 29th International Teletraffic Congress (ITC 29) (pp.30-35). 345 E 47TH ST, NEW YORK, NY 10017 USA : IEEE [10.23919/ITC.2017.8065707].
Palmisano, D; Ventre, P; Caponi, A; Siracusano, G; Salsano, S; Bonola, M; Bianchi, G
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: http://hdl.handle.net/2108/200508
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 2
  • ???jsp.display-item.citation.isi??? 1
social impact