IPsec and IKE as Functions in SDN Controlled Network
Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Scientific › peer-review
Details
| Original language | English |
|---|---|
| Title of host publication | Network and System Security |
| Subtitle of host publication | 11th International Conference, NSS 2017, Helsinki, Finland, August 21–23, 2017, Proceedings |
| Publisher | Springer |
| Pages | 521-530 |
| ISBN (Electronic) | 978-3-319-64701-2 |
| ISBN (Print) | 978-3-319-64700-5 |
| DOIs | |
| Publication status | Published - Jul 2017 |
| Publication type | A4 Article in a conference publication |
| Event | International Conference on Network and System Security - Duration: 1 Jan 2000 → … |
Publication series
| Name | Lecture Notes in Computer Science |
|---|---|
| Volume | 10394 |
| ISSN (Electronic) | 1611-3349 |
Conference
| Conference | International Conference on Network and System Security |
|---|---|
| Period | 1/01/00 → … |
Abstract
Currently IPsec performance in high-speed networks is problematic. Traditionally the connections are established between some multifunction network devices which are typically inefficient already in 10 Gbps packet delivery and do not have high-availability nor scalability features. In the Software-Defined Networking, packets only travel through the desired dedicated networking devices. However, few high-speed stand-alone IPsec solutions exists that can be hooked up with the SDN. In this paper we propose a design which will utilize the IPsec in SDN fashion by separating IKE and packet encryption. Experimental results show that high-availability and scalability goals are reached and per-client throughput is increased. The IPsec protocol suite can thus face the on-going need for faster packet processing rate.