A CASE FOR SOFTWARE-DEFINED NETWORKING IN THE UNITED STATES MARINE CORPS: AUTOMATING DISTRIBUTED FIREWALLS
Logan, Brent E.
Xie, Geoffrey G.
Rohrer, Justin P.
MetadataShow full item record
Software Defined Networking (SDN) is a field in computer science that has seen rapid adoption in industry and academia. SDN reduces network administration and cost, empowers fine grain network control, and enables programmability and innovation in a relatively stagnant area of computer science. In this research, we make a case for more rapid adoption of software defined network (SDN) technology in the DoD by demonstrating that distributed firewall operation can be virtualized, automated, and assured of security properties with SDN. Specifically, we have developed and evaluated a distributed firewall application within the standard ONOS SDN control platform. The application enforces access control between arbitrary end points and intelligently distributes processing of filter rules across network devices, even after the network topology changes. The test bed evaluation results confirm the reachability control performance and show that the application and virtual switches built upon commodity computers are capable of handling more than 50,000 filter rules. The automated distributed firewall is a viable proof of concept that provides flexibility and improved security in a world where ubiquitous, ad hoc, and zero-trust networking are becoming the new normal. Lastly, we provide an acquisition heuristic for purchasing and fielding SDN solutions to the Marine Corps’ operating forces.
Approved for public release. distribution is unlimited
Showing items related by title, author, creator and subject.
Bordetsky, Alex; Brown, Kevin; Christianson, Leann (2001-07);Advances in Internet Protocol (IP) multicasting provide a rich background for support of IP multipoint collaborative communications. IP multicast applications have traditionally been deployed over wired networks, however, ...
Sullivan, Jeffrey Edward (Monterey, California. Naval Postgraduate School, 1996-06);The military is heavily reliant on the transfer of information among various networks in its day-to-day operations. With fewer defense dollars available for the development of new systems, the use of commercial- off-the-shelf ...
Johnson, Bonnie Worth; Green, John M. (2002-04);The benefits of implementing a network-centric Navy lie in the new capabilities made possible by enhanced information sharing between Navy platforms. Foremost is the potential to enable, enhance, and automate dispersed ...