A Software Defined Security Scheme Based on SDN Environment

Abstract

This paper analyzes the insufficiency of traditional network architecture in the current information era firstly, and introduces the concept of Software Defined Networking (SDN). Then it describes the problems existing in the traditional security protection by analyzing the importance of network security. On the basis of SDN, the paper analyzes the effects of the SDN technology on the traditional network security protection. Along with the idea of software defined, it puts forward the concept and the main idea of software defined security. By analyzing the classic architecture of software defined network, it is concluded that SDN technology was used to construct new network architecture to realize development and application of network virtualization. The current new network security architectures are analyzed, and it is concluded that the current security resolution schemes cannot adapt to the development of SDN. Therefore, it is necessary to build a new security architecture, which contains centralized management based on the SDN environment. The paper makes a detailed analysis of the architecture and the internal structure of security controller in the control layer. Then according to the security mechanism, the data flow process of the network security protection is described in detail. Finally, the paper analyzes the performance of the security mechanism in three security scenes and comes up with shortage of the mechanism.