SECURITY ENHANCEMENTS FOR A SOFTWARE-DEFINED NETWORK WITH NETWORK FUNCTIONS VIRTUALIZATION
First Claim
Patent Images
1. A network device, comprising:
- a processor; and
a memory that stores executable instructions that, when executed by the processor, facilitate performance of operations, comprising;
monitoring components of a communication network configured according to a software-defined networking protocol that defines first rules relating to a separation of a control layer associated with the communication network from a forwarding layer associated with the communication network and according to a network functions virtualization protocol that defines second rules relating to functions of the communication network being provided in a virtual environment comprising a virtualized network device;
in response to the monitoring, determining an information security issue based on a set of security protocols; and
generating, in the virtual environment according to the first rules or the second rules, a virtualized resource for the communication network that facilitates mitigation of the information security issue based on the set of security protocols.
1 Assignment
0 Petitions
Accused Products
Abstract
A communication network can be constructed to support software-defined networking (SDN) protocols and network functions virtualization (NFV) protocols. Such a communication network can advantageously be operated at lower costs, increased flexibility and control, and with simplified management to name but a few. In addition to these advantages, various networking security aspects can be enhanced by leveraging the SDN/NFV architecture.
71 Citations
20 Claims
-
1. A network device, comprising:
-
a processor; and a memory that stores executable instructions that, when executed by the processor, facilitate performance of operations, comprising; monitoring components of a communication network configured according to a software-defined networking protocol that defines first rules relating to a separation of a control layer associated with the communication network from a forwarding layer associated with the communication network and according to a network functions virtualization protocol that defines second rules relating to functions of the communication network being provided in a virtual environment comprising a virtualized network device; in response to the monitoring, determining an information security issue based on a set of security protocols; and generating, in the virtual environment according to the first rules or the second rules, a virtualized resource for the communication network that facilitates mitigation of the information security issue based on the set of security protocols. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method, comprising:
-
controlling, by a device comprising a processor, a virtual environment comprising a virtualized device of a communication network configured according to a software-defined networking protocol that defines first rules relating to a separation of a control layer associated with the communication network from a forwarding layer associated with the communication network and according to a network functions virtualization protocol that defines second rules relating to functions of the communication network being provided in the virtual environment; monitoring, by the device, a set of network devices associated with the communication network and the virtualized device; determining, by the device, an information security threat based on a set of security protocols; and generating, by the device, a virtualized resource in the virtual environment that mitigates the information security threat according to the set of security protocols. - View Dependent Claims (14, 15, 16, 17)
-
-
18. A computer readable storage device comprising executable instructions that, in response to execution, cause a system comprising a processor to perform operations, comprising:
-
controlling a virtual environment of a communication network comprising a virtualized network device configured according to a software-defined networking protocol that defines first rules relating to a separation of a control layer associated with the communication network from a forwarding layer associated with the communication network and according to a network functions virtualization protocol that defines second rules relating to functions of the communication network being provided in the virtual environment; monitoring the virtualized device and a set of network devices associated with the communication network; determining an information security issue based on a set of security protocols; and generating a virtualized resource in the virtual environment to reduce an effect of the information security issue according to the set of security protocols. - View Dependent Claims (19, 20)
-
Specification