SDN-Based Securing Solution for Multi-Tenancy NFV
Network function virtualization (NFV) and Software Defined Networks (SDN) are two distinct technologies that promise to enhance service delivery and reduce cost for service providers to meet diverse and frequently changing customer requests. NFV uses cloud technology to deploy network functions as software instances in Virtual machines. This opens a new business model for cloud operators to offer network-as-a-service to multiple tenants. It is therefore the responsibility of the operator to ensure security of all hosted functions against colleague tenants and external intruders. SDN on the other hand introduces network programmability, which makes it possible to dynamically control, change, and manage network behaviour using software. A centralised controller in SDN can be used to automate and simplify management of the dynamic NFV architecture. This paper designs a use-case that demonstrates how the integration of SDN and NFV can simplify implementation and management of security solutions in a multi-tenancy NFV deployment. The solution concentrates on tenant isolation and network access control. The design is based on the integration of two open-source tools: OpenDayLight and OpenStack