Performance Analysis of Firewall based on SDN and OpenFlow

Recently, there has been a significant increase in Internet penetration by the virtue of high speed broadband services, social networking and cloud environments. Owing to which there is a substantial increase in the amount of users' data (personal, enterprise, financial, etc.) flowing over Internet, thereby, attracting serious threats from the malicious users. Various security solutions have been proposed and implemented to protect users' data from unknown threats. Majority of these solutions are realized employing traditional networking techniques that are complex and extremely difficult to manage. These techniques rely on manual configuration of devices resulting in policy conflicts, which may compromise the network security. This issue can be addressed by adopting Software Defined Networking (SDN) paradigm which provides a network-wide visibility, centralized control, flexible network architecture and ease of management, by separating control plane (network controller) and the data plane (forwarding devices). The controller monitors, manages and controls the behaviour of the forwarding devices using OpenFlow protocol. In this paper, we propose and validate an SDN based network-wide firewall by exploiting the capabilities of OpenFlow, as one of the security solutions to restrict the suspicious traffic entering in a network.