Conventional internet architecture facilitating users for different services and applications but facing number of challenges like network management, QoS management for network virtualization, IP multicasting, deployment of IPV6, crucial security measures, end to end connectivity, inter and inter domain routing. To meet the demand of these services due to rapid growth of technologies and traffic, an emerging network architecture termed as Software Defined Network (SDN) with programmable technology has brought unprecedented management to control networks. Due to separation of data, control and application planes software defined network provides cost effective, openness, centralized automation, programmable features as per users own demands and high resilience to network administrators. OpenFlow evolved as a first standard protocol for software defined network control and data planes communication to meet changing business requirements. Although, Software Defined Network brings enormous advancements in networks to support business applications but it is severely affected with cyber-attacks at data, control and application planes. Middle boxes plays a significant role to manage network effectiveness and provide adequate security control from external and internal security threats but require proper management and configuration otherwise it leads to devastating effect. The main contribution of this paper are: (1) It explores various potential security attacks at SDN layers and inconsistent policies, (2) It provides various security concerns in SDN planes and preventive measures against these prevailing attacks, (3) It discusses security threats challenges and research opportunities in software defined network keeping in view critical security controls like spam detector, IDS/IPS, Firewall and policy management. This article assists researchers to comprehend security concerns and state of the art development and challenges explored by scientific community in SDN.
Read full abstract