Cloud computing has grown in importance in recent years which has led to a significant increase in Data Centre (DC) network requirements. A major driver of this change is virtualisation, which allows computing resources to be deployed on a large scale. However, traditional DCs, with their network topology and proliferation of network endpoints, are struggling to meet the flexible, centrally managed requirements of cloud computing applications. Software-Defined Networks (SDN) promise to offer a solution to these growing networking requirements by separating control functions from data routing. This shift adds more flexibility to networks but also introduces new security issues. This article presents a framework for evaluating security of SDN architectures. In addition, through an experimental study, we demonstrate how this framework can identify the threats and vulnerabilities, calculate their risks and severity, and provide the necessary measures to mitigate them. The proposed framework helps administrators to evaluate SDN security, address identified threats and meet network security requirements.
View on arXiv