Chandramouli, R.
(2015),
Analysis of Network Segmentation Techniques in Cloud Data Centers, The 11th International Conference on Grid & Cloud Computing and Applications , Las Vegas, NV, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=918440
(Accessed September 22, 2025)
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Analysis of Network Segmentation Techniques in Cloud Data Centers
Published
Author(s)
Abstract
Cloud Data centers are predominantly made up of Virtualized hosts. The networking infrastructure in a cloud (virtualized) data center, therefore, consists of the combination of physical IP network (data center fabric) and the virtual network residing in virtualized hosts. Network Segmentation (Isolation), Traffic flow control using firewalls and IDS/IPS form the primary network-based security techniques with the first one as the foundation for the other two. In this paper, we describe and analyze three generations of network segmentation techniques--Virtual Switches & Physical NIC-based, VLAN-based & Overlay-based. We take a detailed look at the overlay-based virtual network segmentation and its characteristics such as scalability and ease of configuration.Conference Dates
July 27-30, 2015
Conference Location
Las Vegas, NV
Conference Title
The 11th International Conference on Grid & Cloud Computing and Applications
Pub Type
Conferences
Download Paper
Keywords
Virtual Machine, Virtual Network, Hypervisor, VLAN, Overlay-based Network, Network Segmentation
Citation
Issues
If you have any questions about this publication or are having problems accessing it, please contact [email protected].
Created July 30, 2015, Updated February 19, 2017