5037143
doi
10.1109/NOMS47738.2020.9110402
oai:zenodo.org:5037143
user-eu
Marchetto, Guido
Politecnico di Torino
Sisto, Riccardo
Politecnico di Torino
Valenza, Fulvio
Politecnico di Torino
Yusupov, Jalolliddin
Politecnico di Torino
Automated optimal firewall orchestration and configuration in virtualized networks
Bringhenti, Daniele
Politecnico di Torino
info:eu-repo/semantics/openAccess
Creative Commons Attribution 4.0 International
https://creativecommons.org/licenses/by/4.0/legalcode
NFV
network security
firewall
optimization
<p>Emerging technologies such as Software-Defined Networking and Network Functions Virtualization are making the definition and configuration of network services more dynamic, thus making automatic approaches that can replace manual and error-prone tasks more feasible. In view of these considerations, this paper proposes a novel methodology to automatically compute the optimal allocation scheme and configuration of virtual firewalls within a user-defined network service graph subject to a corresponding set of security requirements. The presented framework adopts a formal approach based on the solution of a weighted partial MaxSMT problem, which also provides good confidence about the solution correctness. A prototype implementation of the proposed approach based on the z3 solver has been used for validation, showing the feasibility of the approach for problem instances requiring tens of virtual firewalls and similar numbers of security requirements.</p>
Zenodo
2021-06-28
info:eu-repo/semantics/conferencePaper
5037142
user-eu
award_title=AddreSsing ThReats for virtualIseD services; award_number=786922; award_identifiers_scheme=url; award_identifiers_identifier=https://cordis.europa.eu/projects/786922; funder_id=00k4n6c32; funder_name=European Commission;
1624931299.242902
288882
md5:20e2dc2b5b290e48688b7ace229ffd92
https://zenodo.org/records/5037143/files/Bringhenti_NOMS_2020.pdf
public