Several reasons make NFV an attractive paradigm for IT security: lowers costs, agile operations and better isolation as well as fast security updates, improved incident responses and better level of automation. At the same time, the network threats tend to be increasingly complex and distributed, implying huge traffic scale to be monitored and increasingly strict mitigation delay requirements. Considering the current trend of the networking and the requirements to counteract to the evolution of cyber-threats, it is expected that also network monitoring will move towards NFV based solutions. In this paper, we present Distributed StreaMon (D-StreaMon) an orchestration framework for distributed monitoring on NFV network architectures. D-StreaMon has been designed to face the above described challenges. It relies on the StreaMon platform, a solution for network monitoring originally designed for traditional middleboxes. Changes that allow Streamon to be deployed on NFV network architectures are described. The paper reports a performance evaluation of the realized NFV based solutions and discusses potential benefits in monitoring tenants' VMs for Service Providers.
Palmisano, D., Ventre, P., Caponi, A., Siracusano, G., Salsano, S., Bonola, M., et al. (2017). D-STREAMON - NFV-capable distributed framework for network monitoring. In 2017 29th International Teletraffic Congress (ITC 29) (pp.30-35). 345 E 47TH ST, NEW YORK, NY 10017 USA : IEEE [10.23919/ITC.2017.8065707].
D-STREAMON - NFV-capable distributed framework for network monitoring
PALMISANO, DAVIDE;Ventre, PL;Caponi, A;Siracusano, G;Salsano, S;Bonola, M;Bianchi, G
2017-01-01
Abstract
Several reasons make NFV an attractive paradigm for IT security: lowers costs, agile operations and better isolation as well as fast security updates, improved incident responses and better level of automation. At the same time, the network threats tend to be increasingly complex and distributed, implying huge traffic scale to be monitored and increasingly strict mitigation delay requirements. Considering the current trend of the networking and the requirements to counteract to the evolution of cyber-threats, it is expected that also network monitoring will move towards NFV based solutions. In this paper, we present Distributed StreaMon (D-StreaMon) an orchestration framework for distributed monitoring on NFV network architectures. D-StreaMon has been designed to face the above described challenges. It relies on the StreaMon platform, a solution for network monitoring originally designed for traditional middleboxes. Changes that allow Streamon to be deployed on NFV network architectures are described. The paper reports a performance evaluation of the realized NFV based solutions and discusses potential benefits in monitoring tenants' VMs for Service Providers.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.