A Cost-based Placement Algorithm for Multiple Virtual Security Appliances in Cloud using SDN: MO-UFLP(Multi-Ordered Uncapacitated Facility Location Problem)
This work addresses cost-effective security deployment for cloud applications, but it is incremental as it builds on an existing method by extending it to multiple appliances.
The paper tackles the problem of placing multiple virtual security appliances in cloud networks using SDN, extending a prior single-appliance approach to handle several appliances, and demonstrates feasibility through simulation tests and integration into OpenStack with good performance.
Software Defined Networking (SDN), has introduced many advanced platforms for managing networks and adopting different security tools with them, but the cost of these platforms should be considered as well. In this paper, we present an extension of the existing approach to the optimal placement of virtual security appliances in a pre-defined network setting. The approach proposed by Bouet [1] only considered one security appliance, we extended his approach to several virtual security appliances. We conducted several simulation tests showing good performances of our approach. To show the feasibility, we implemented our approach using SDN and virtual security appliances and integrated it into OpenStack. This extension adapts UFLP algorithm to real world situations where several middle boxes need to be deployed to satisfy security needs for the applications deployed in the cloud. We realized this approach by implementing "OpenStack on top of OpenStack" , a nested OpenStack implementation with OpenDayLight as the SDN controller .