• Convergence Security Journal
• /
• v.16 no.2
• /
• pp.19-23
• /
• 2016

The design, management, and operation of network infrastructure have evolved during the last few years, leveraging on innovative technologies and architectures. With such a huge trend, due to the flexibility and significant economic potential of these technologies, software defined networking (SDN) and network functions virtualization (NFV) are emerging as the most critical key enablers. SDN/NFV enhancing the infrastructure agility, thus network operators and service providers are able to program their own network functions (e.g., gateways, routers, load balancers) on vendor independent hardware substrate. They facilitating the design, delivery and operation of network services in a dynamic and scalable manner. In NFV, the management and orchestration (MANO) orchestrates other specific managers such as the virtual infrastructure manager (VIM) and the VNF Manager (VNFM). In this paper, we examine the contents of these NFV MANO systematically and proposes a security system in a virtualized environment.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.26 no.9
• /
• pp.1320-1329
• /
• 2022

Currently, advanced national research network groups are continuously conducting R&D for the requirement to provide SDN/NFV-based network automation and intelligence technology for R&E users. In addition, the requirement for providing large-scale data transmission with the high performance networking facility, compared to general network environments, is gradually increasing in the advanced national research networks. Accordingly, in this paper, we propose an open API-based virtual network provisioning automation platform for large data transmission researched and developed to respond to the networking requirements of the national research network and present the implementation results. The platform includes the KREONET-S VDN system that provides SDN-based network virtualization technology, and the Kubernetes system that provides container-oriented server virtualization technology, and the Globus Online, a high-performance data transmission system. In this paper, the environment configurations, the system implemetation results for the interworking between the heterogeneous systems, and the automated virtual network provisioning implementation results are presented.

• Convergence Security Journal
• /
• v.16 no.7
• /
• pp.3-11
• /
• 2016

With repid development of optical networking technology, Software-Defined Network (SDN) and Network Function Virtualization (NFV), high performance networking service, collaboration platform that enables collaborative research globally, drastically National Research Network (NRN) including Internet Service has changed. Therefore we compared and analyzed several world-class NRNs and took a view of future development strategy of the NRN. Also we suggest high speed security environment in super high bandwidth network with 40Gbps and 100Gbps optical transmission technology, network separation of NRN with Science DMZ to support high performance network transmission for science big data, building security environment for last-mile in campus network that supports programmability of IDS using BRO framework.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2020.01a
• /
• pp.235-236
• /
• 2020

본 논문에서는 기존의 SDN(Software Defined Network)의 특징 및 활용 등에 대해 살펴보고 이를 활용한 네트워크의 고도화 및 보안 측면에서의 장단점 연구를 통해 향후 SDN이 보다 고도화 되어야 하는 방향을 제시한다. SDN은 소프트웨어 앱을 사용하여 네트워크를 지능화 하고 중앙에서 제어하거나 프로그래밍 할 수 있는 네트워크 아키텍처 접근법이다. 사업자는 기본 네트워크 기술에 상관없이 전체 네트워크를 일관적으로 전체적으로 관리할 수 있다. 물리적인 네트워크를 소프트웨어 기술을 이용하여 제어하는 네트워크 기술이다. SDN은 네트워크의 제어 플레인을 네트워크 트래픽을 전달하는 데이터 플레인과 분리한다는 개념이다. 이런 분리의 목적은 중앙에서 관리하고 프로그래밍이 가능한 네트워크를 만드는 것이다. 일부 SDN 구현 솔루션은 범용 네트워크 하드웨어를 통제하는 소프트웨어 기반 관리 플랫폼을 사용한다. 또 다른 접근법은 통합된 소프트웨어와 하드웨어를 사용하기도 한다. 하지만 이러한 SDN에도 많은 취약점이 존재하며 이를 보완할 수 있어야 하며 본 논문에서 이러한 방향을 제한하도록 한다.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.19 no.4
• /
• pp.13-19
• /
• 2019

SDN is one of the most actively researched topics to solve traffic problems in communication. SDN implements multiple networks in a single physical network by virtualizing network resources through an advanced API. Network Function Virtualized (NFV) distributes network functions from hardware using software instant, virtualization technology to VNF. These features make network management easier and improve performance by virtualizing IP, routers, and so on. In this paper, we propose a method to control the traffic and provide the distributed controller effect of SDN through SDN distribution in the virtualized industrial network. It is expected that SDN distribution will be able to manage traffic more efficiently when using the proposed scheme.

• Electronics and Telecommunications Trends
• /
• v.28 no.3
• /
• pp.115-124
• /
• 2013

모빌리티 수요의 증가, 클라우드 서비스의 급증, 트래픽 패턴의 변화, 새로운 네트워크 아키텍처에 대한 수요는 네트워크 가상화와 SDN(Software Defined Network)에 많은 관심을 불러 일으키고 있다. 네트워크 가상화란 가용 대역폭을 채널로 종합하는 하나 이상의 논리적 네트워크로 물리적인 네트워크를 세분화하는 것을 말한다. 사업자들이 직면한 많은 문제 해결의 솔루션으로 네트워크 가상화가 대두되면서 폭발적인 성장세를 보이고 있으며 산업 생태계에 많은 변화를 예고하고 있다. 사업자들은 서로의 영역을 존중하던 기조에서 벗어나 영역을 침범하기 시작하고 치열한 경쟁이 예상된다. 본 연구를 통해 네트워크 가상화의 등장 배경과 트렌드를 조망하고, 네트워크 가상화 및 SDN으로 인한 산업동향을 분석함으로써 향후 발전방향 및 대응전략을 살펴보고 시사점을 도출하고자 하였다.

• Information and Communications Magazine
• /
• v.32 no.7
• /
• pp.40-45
• /
• 2015

네트워크 장비 업체나 통신사뿐만 아니라 여러 국가들에서도 상용화를 목표로 5G 기술 확보를 위한 대규모의 연구 개발 역량을 집결하고 있다. 이 중 대다수의 연구 개발은 SDN(Software Defined Network)과 NFV(Network Function Virtualization)를 기반으로 두고 있다. 이는 5G의 아키텍처가 동적인 네트워크를 생성하는데 초점을 맞추고 있기 때문이다. 이에 본 고에서는 METIS 2020(Mobile and wireless communication Enablers for the Twenty-twenty Information Society)에서 발표한 최종 리포트를 참고하여 5G 이동통신 네트워크에서의 SDN과 NFV의 역할에 대해 알아 보고, 현재 진행 중인 개발 행태를 보기 위해 대표 기업들의 동향을 살펴본다.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37B no.10
• /
• pp.877-888
• /
• 2012

Network virtualization technology is a crucial research issue of Future Internet which pursues a service-oriented architecture so-called NaaS (Network as a Service) or SDN (Software Defined Network). Network virtualization is expected to play an important role in Future Internet researches as a network testbed technology which enables innovative protocols to be experimented independently on a common testbed environment. We propose a control framework in order to provide user defined topology and bandwidth services with network virtualization and to separate and manage multiple-user traffics in a small and medium scale - single domain research network. The proposed framework (VIMS; Virtual network Integrated control and Management System) supports testbed expansions without any changes of heterogeneous virtual network support equipments through accommodation of each equipment's control plane. The framework shows a feasibility through applied to KOREN and we describe the differences and further study directions for improvement the framework comparing with GENI control framework.

• ETRI Journal
• /
• v.39 no.4
• /
• pp.525-534
• /
• 2017

A hardware-acceleration architecture that separates virtual network functions (VNFs) and network control (called HSN) is proposed to solve the mismatch between the simple flow steering requirements and strong packet processing abilities of software-defined networking (SDN) forwarding elements (FEs) in SDN/network function virtualization (NFV) architecture, while improving the efficiency of NFV infrastructure and the performance of network-intensive functions. HSN makes full use of FEs and accelerates VNFs through two mechanisms: (1) separation of traffic steering and packet processing in the FEs; (2) separation of SDN and NFV control in the FEs. Our HSN prototype, built on NetFPGA-10G, demonstrates that the processing performance can be greatly improved with only a small modification of the traditional SDN/NFV architecture.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.9
• /
• pp.4144-4165
• /
• 2018

Software-defined networking (SDN) has emerged as a promising technology for network programmability and experiments. In this work, we focus on virtual network embedding in multiple controllers SDN network. In SDN virtualization environment, virtual SDN networks (vSDNs) operate on the shared substrate network and managed by their each controller, the placement and load of controllers affect vSDN embedding process. We consider controller placement, vSDN embedding, controller adjustment as a joint problem, together considering different quality of service (QoS) requirement for users, formulate the problem into mathematical models to minimize the average time delay of control paths, the load imbalance degree of controllers and embedding cost. We propose a heuristic method which places controllers and partitions control domains according to substrate SDN network, embeds different QoS constraint vSDN requests by corresponding algorithms, and migrates switches between control domains to realize load balance of controllers. The simulation results show that the proposed method can satisfy different QoS requirement of tenants, keep load balance between controllers, and work well in the acceptance ratio and revenue to cost ratio for vSDN embedding.