Title :
Behavioral Security Threat Detection Strategies for Data Center Switches and Routers
Author :
Krishnan, Ram ; Krishnaswamy, Dilip ; Mcdysan, Dave
Author_Institution :
Brocade Commun. Syst., Inc., San Jose, CA, USA
fDate :
June 30 2014-July 3 2014
Abstract :
Behavioral security threats such as Distributed Denial of Service (DDoS) attacks are an ongoing problem in large scale Data Centers (DC) and pose huge performance challenges to DC operators. Typically, a dedicated Firewall/DDoS appliance is needed for Layer 2-7 behavioral security threat detection and mitigation. This solution is cost prohibitive for large scale multi-tenant DCs with high throughput performance needs. This paper examines various Layer 2-4 behavioral security threat detection methods and assists which are implement able in the switches and routers at low cost. For DCs, this complements the overall behavioral security threat detection strategy and enables operators to offer tiered services. Extensions to emerging NFV and SDN scenarios are also discussed.
Keywords :
computer centres; computer network security; DC; DDoS attack; NFV; SDN; behavioral security threat detection strategy; data center routers; data center switches; distributed denial-of-service attack; firewall; high throughput performance needs; software defined networking; Bandwidth; Computer crime; Home appliances; IP networks; Image edge detection; Servers; Data Center; Distributed Denial of Service; NFV; SDN; Security; Threat Detection;
Conference_Titel :
Distributed Computing Systems Workshops (ICDCSW), 2014 IEEE 34th International Conference on
Conference_Location :
Madrid
Print_ISBN :
978-1-4799-4182-7
DOI :
10.1109/ICDCSW.2014.19
