SDN Security Tools?

asked 2017-07-19 12:40:03 -0500

mark72 gravatar image

Hey all! I'm brand new here so hopefully this is the right place to post, or if not, hopefully someone can guide me to the right place to ask.

My co-worker and I are currently trying to utilize SDN for security; in short, the goal is to have a tool that allows an administrator to redirect attacker traffic to a controlled clone of a target. In other words, the attacker will be fooled into thinking they are on a target system but they are on a controlled clone so that it is easier to identify attacker behavior without their knowledge. To start, we developed a prototype using Floodlight and Open vSwitch. This works but is also very kludgy as you must specify OVS ports and MAC addresses of all players explicitly. This is not a scalable solution. Since then, we have switched gears to more market research. Midonet seems to fit the bill but are there other solutions that can provide similar functionality? I can provide more information if there are still questions. Thanks in advance for your input!

edit retag flag offensive close merge delete

Comments

Hi Mark72, May be you can check with OpenDayLight for your prototype since it offers greater flexibility with several apps yet OpenFlow/Netconf provides several advantages. --Regards Praveen

Praveen N gravatar imagePraveen N ( 2017-07-20 01:22:20 -0500 )edit