Firewall-as-a-Service for Campus Networks Based on P4-SFC

Authors

  • Marco Häberle University of Tuebingen
  • Benjamin Steinert University of Tuebingen
  • Michael Menth University of Tuebingen

DOI:

https://doi.org/10.14279/tuj.eceasst.80.1185

Abstract

Taking care of security is a crucial task for every operator of a campus network. One of the most fundamental security-related network functions that can be found in most networks for this purpose are stateful firewalls. However, deploying firewalls in large campus networks, e.g., at a university, can be challenging. Hardware appliances that can cope with today's high data rates at the border of a campus network are not cost-effective enough for most deployments. Shifting the responsibility to run firewalls to single departments at a university is not feasible because the expertise to manage these devices is not available there. For this reason, we propose a cloud-like infrastructure based on service function chaining (SFC) and network function virtualization (NFV) that allows users to deploy network functions like firewalls at a central place while hiding most technical details from the users.

Downloads

Published

2021-09-08

How to Cite

[1]
M. Häberle, B. Steinert, and M. Menth, “Firewall-as-a-Service for Campus Networks Based on P4-SFC”, eceasst, vol. 80, Sep. 2021.

Issue

Vol. 80 (2021): Conference on Networked Systems 2021 (NetSys 2021)

Section

Articles

License

Copyright (c) 2021 Electronic Communications of the EASST

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.