Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Analysis of Network Segmentation Techniques in Cloud Data Centers

Published

Author(s)

Ramaswamy Chandramouli

Abstract

Cloud Data centers are predominantly made up of Virtualized hosts. The networking infrastructure in a cloud (virtualized) data center, therefore, consists of the combination of physical IP network (data center fabric) and the virtual network residing in virtualized hosts. Network Segmentation (Isolation), Traffic flow control using firewalls and IDS/IPS form the primary network-based security techniques with the first one as the foundation for the other two. In this paper, we describe and analyze three generations of network segmentation techniques--Virtual Switches & Physical NIC-based, VLAN-based & Overlay-based. We take a detailed look at the overlay-based virtual network segmentation and its characteristics such as scalability and ease of configuration.
Conference Dates
July 27-30, 2015
Conference Location
Las Vegas, NV
Conference Title
The 11th International Conference on Grid & Cloud Computing and Applications

Keywords

Virtual Machine, Virtual Network, Hypervisor, VLAN, Overlay-based Network, Network Segmentation

Citation

Chandramouli, R. (2015), Analysis of Network Segmentation Techniques in Cloud Data Centers, The 11th International Conference on Grid & Cloud Computing and Applications , Las Vegas, NV, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=918440 (Accessed February 26, 2024)
Created July 30, 2015, Updated February 19, 2017