Advances, Systems and Applications
Table 1 Datacenter network virtualization security
From: Towards full network virtualization in horizontal IaaS federation: security issues
Datacenter | Features | Security components | Network virtualization | Security implementation |
|---|---|---|---|---|
CloudNAS [25] | Network | Middlebox (Deep | Full NVE | Optional tunnelling |
| Â | Specification | Packet Insepction | Â | Â |
| Â | and embedding | - DPI or IDS) | Â | Â |
Diverter [26] | Multi-tenant | VNET | Layer-3 distributed | Anti-spoofing and |
| Â | virtual networks | Â | virtual routing | visibility filters |
VICTOR [27] | Dynamic VM migration | FE and CC | Set of distributed FEs | Policy enforcement |
SEC2 [4] | Multi-tenancy network isolation | FE and CC | Set of distributed FEs | Policy enforcement, |
| Â | Â | Â | Â | VPLS and MPLS |
Gatekeeper [28] | Bandwidth performance isolation | - | Set of vNIC | - |
NetShare [29] | Bandwidth guarantees and | - | Topology-driven | - |
| Â | high utilization | Â | Â | Â |
NetLord [30] | Flexible network abstraction | - | L2 and L3 encapsulation | - |
Oktopus [31] | Virtual network | - | Assumption - physical | - |
| Â | abstractions | Â | mapping to virtual and | Â |
| Â | provision | Â | oversubscribed cluster | Â |
PortLand [32] | VM migration, automatic | - | L2 switching using | - |
| Â | switch configuration | - | hierarchical Pseudo MAC | Â |
SPAIN [33] | Multipath forwarding | - | Datacenter topology-driven | - |
VL2 [34] | Performance isolation | - | AA(Application) and | - |
| Â | Â | Â | LA(Local) addressing | Â |