Tampere University of Technology

TUTCRIS Research Portal

IPsec and IKE as Functions in SDN Controlled Network

Research output: Chapter in Book/Report/Conference proceedingConference contributionScientificpeer-review


Original languageEnglish
Title of host publicationNetwork and System Security
Subtitle of host publication11th International Conference, NSS 2017, Helsinki, Finland, August 21–23, 2017, Proceedings
ISBN (Electronic)978-3-319-64701-2
ISBN (Print)978-3-319-64700-5
Publication statusPublished - Jul 2017
Publication typeA4 Article in a conference publication
EventInternational Conference on Network and System Security -
Duration: 1 Jan 2000 → …

Publication series

NameLecture Notes in Computer Science
ISSN (Electronic)1611-3349


ConferenceInternational Conference on Network and System Security
Period1/01/00 → …


Currently IPsec performance in high-speed networks is problematic. Traditionally the connections are established between some multifunction network devices which are typically inefficient already in 10 Gbps packet delivery and do not have high-availability nor scalability features. In the Software-Defined Networking, packets only travel through the desired dedicated networking devices. However, few high-speed stand-alone IPsec solutions exists that can be hooked up with the SDN. In this paper we propose a design which will utilize the IPsec in SDN fashion by separating IKE and packet encryption. Experimental results show that high-availability and scalability goals are reached and per-client throughput is increased. The IPsec protocol suite can thus face the on-going need for faster packet processing rate.

Publication forum classification

Field of science, Statistics Finland