From: Towards full network virtualization in horizontal IaaS federation: security issues
Datacenter | Features | Security components | Network virtualization | Security implementation |
---|---|---|---|---|
CloudNAS [25] | Network | Middlebox (Deep | Full NVE | Optional tunnelling |
Specification | Packet Insepction | |||
and embedding | - DPI or IDS) | |||
Diverter [26] | Multi-tenant | VNET | Layer-3 distributed | Anti-spoofing and |
virtual networks | virtual routing | visibility filters | ||
VICTOR [27] | Dynamic VM migration | FE and CC | Set of distributed FEs | Policy enforcement |
SEC2 [4] | Multi-tenancy network isolation | FE and CC | Set of distributed FEs | Policy enforcement, |
VPLS and MPLS | ||||
Gatekeeper [28] | Bandwidth performance isolation | - | Set of vNIC | - |
NetShare [29] | Bandwidth guarantees and | - | Topology-driven | - |
high utilization | ||||
NetLord [30] | Flexible network abstraction | - | L2 and L3 encapsulation | - |
Oktopus [31] | Virtual network | - | Assumption - physical | - |
abstractions | mapping to virtual and | |||
provision | oversubscribed cluster | |||
PortLand [32] | VM migration, automatic | - | L2 switching using | - |
switch configuration | - | hierarchical Pseudo MAC | ||
SPAIN [33] | Multipath forwarding | - | Datacenter topology-driven | - |
VL2 [34] | Performance isolation | - | AA(Application) and | - |
LA(Local) addressing |