SDN-Based Security Framework for the IoT in Distributed Grid

Software-defined networking (SDN), is evolving as a new paradigm for the next generation of network architecture. The separation of control plane and data plane within SDN, brings the flexibility to manage, configure, secure, and optimize network resources using dynamic software programs. From a security point of view SDN has the ability to collect information from the network devices and allow applications to program the forwarding devices, which unleashes a powerful technology for proactive and smart security policy. These functions enable the integration of security tools that can be used in distributed scenarios, unlike the traditional security solutions based on a static firewall programmed by an administrator such as Intrusion Detection and Prevention System (IDS/IPS). This network programmability may be integrated to create a new communication platform for the Internet of Things (IoT). In this paper, we present our preliminary study that is focused on the understanding of an effective approach to build a cluster network using SDN.By using network virtualization and OpenFlow technologies to generate virtual nodes, we simulate a prototype system of over 500 devices controlled by SDN, and it represents a cluster. The results show that the network devices are only able to forward the packets by predefined rules on the controller. For this reason, we propose a method to control the IP header at the application-level to overcome this problem using Opflex within SDN architecture.