An official website of the United States government
Here’s how you know
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Analysis of Network Segmentation Techniques in Cloud Data Centers
Published
Author(s)
Ramaswamy Chandramouli
Abstract
Cloud Data centers are predominantly made up of Virtualized hosts. The networking infrastructure in a cloud (virtualized) data center, therefore, consists of the combination of physical IP network (data center fabric) and the virtual network residing in virtualized hosts. Network Segmentation (Isolation), Traffic flow control using firewalls and IDS/IPS form the primary network-based security techniques with the first one as the foundation for the other two. In this paper, we describe and analyze three generations of network segmentation techniques--Virtual Switches & Physical NIC-based, VLAN-based & Overlay-based. We take a detailed look at the overlay-based virtual network segmentation and its characteristics such as scalability and ease of configuration.
Conference Dates
July 27-30, 2015
Conference Location
Las Vegas, NV
Conference Title
The 11th International Conference on Grid & Cloud Computing and Applications
Chandramouli, R.
(2015),
Analysis of Network Segmentation Techniques in Cloud Data Centers, The 11th International Conference on Grid & Cloud Computing and Applications , Las Vegas, NV, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=918440
(Accessed October 8, 2024)