ABSTRACT
Software-defined networking (SDN) is a new approach to networking. It was invented by Nicira Networks based on their earlier work at Stanford University, University of California at Berkeley, Princeton University, and CMU. The goal of SDN is to provide an open, usercontrolled management of the forwarding hardware in a network. SDN exploits the ability to split the data plane from the control plane in routers and switches. The control plane is open and controlled centrally with SDN while having the commands and logic sent back down to the data planes of the hardware (routers or switches). This paradigm provides a view of the entire network and helps make changes centrally without a device-centric configuration on each hardware. The OpenFlow (OF) standard and other open protocols help manage the
Introduction 415 SDN Security Concerns 416 Enabling Fast Failure Recovery in OF Networks 418 Network Intrusion Detection and Countermeasure Selection (NICE) in Virtual Network Systems 420 FRESCO: Modular Composable Security Services for SDNs 423 Revisiting Traffic Anomaly Detection Using SDN 425 Language-Based Security for SDNs 427 Scalable Fault Management for OF 429 A Dynamic Algorithm for Loop Detection in SDNs 432 Discussion 433 Conclusion 433 References 434
control planes and allow for precise changes to networks or devices. SDN works by creating virtual networks that are independent of physical networks. To achieve this, it separates the control plane from the data plane and allows the user to control the flow of traffic in the network. Figure 16.1 illustrates the difference between the traditional network and the OF-based SDN.
