IPsec and IKE as Functions in SDN Controlled Network
Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Scientific › peer-review
Details
Original language | English |
---|---|
Title of host publication | Network and System Security |
Subtitle of host publication | 11th International Conference, NSS 2017, Helsinki, Finland, August 21–23, 2017, Proceedings |
Publisher | Springer |
Pages | 521-530 |
ISBN (Electronic) | 978-3-319-64701-2 |
ISBN (Print) | 978-3-319-64700-5 |
DOIs | |
Publication status | Published - Jul 2017 |
Publication type | A4 Article in a conference publication |
Event | International Conference on Network and System Security - Duration: 1 Jan 2000 → … |
Publication series
Name | Lecture Notes in Computer Science |
---|---|
Volume | 10394 |
ISSN (Electronic) | 1611-3349 |
Conference
Conference | International Conference on Network and System Security |
---|---|
Period | 1/01/00 → … |
Abstract
Currently IPsec performance in high-speed networks is problematic. Traditionally the connections are established between some multifunction network devices which are typically inefficient already in 10 Gbps packet delivery and do not have high-availability nor scalability features. In the Software-Defined Networking, packets only travel through the desired dedicated networking devices. However, few high-speed stand-alone IPsec solutions exists that can be hooked up with the SDN. In this paper we propose a design which will utilize the IPsec in SDN fashion by separating IKE and packet encryption. Experimental results show that high-availability and scalability goals are reached and per-client throughput is increased. The IPsec protocol suite can thus face the on-going need for faster packet processing rate.