Part I
Foundations of Virtual Networking and Security
This book focuses on Network Functions Virtualization (NFV), Software Defined Networking (SDN), and security models built into/on SDN/NFV technologies. In this part, we will provide preliminary foundations of computer networking and NFV/SDN, which will help readers to understand advanced topics in this book. Moreover, the first part can be used as learning and teaching materials for students starting to learn computer and network security. Before moving forward, several important and highly related terms need to be clearly understood.
What is Software?
The Institute of Electrical and Electronics Engineers (IEEE) defines software as “The complete set of computer programs, procedures, and possibly associated documentation and data designated for delivery to a user” [225]. It possesses no mass, no volume, and no color, which makes it a non-degradable entity over a long period. Software does not wear out or get tired. In short, software can be simply defined as a collection of programs, documentation and operating procedures.
Software controls, integrates, and manages the hardware components of a computer system. It also instructs the computer what needs to be done to perform a specific task and how it is to be done. In general, software characteristics are classified into six major components:
1.Functionality, which refers to the degree of performance of the software against its intended purpose.
2.Reliability, which refers to the ability of the software to provide desired functionality under the given conditions.
3.Usability, which refers to the extent to which the software can be used with ease.
4.Efficiency, which refers to the ability of the software to use system resources in the most efficient manner, with the least waste of time and effort.
5.Maintainability, which refers to the ease with which modifications can be made in a software system to extend its functionality, improve its performance, or correct errors.
6.Portability, which refers to the ease with which software developers can transfer software from one platform to another, without (or with minimum) changes. In simple terms, it refers to the ability of software to function properly on different hardware and software platforms without making any changes in it.
In addition to the above characteristics, robustness and integrity are also important. Robustness refers to the degree to which the software can keep on functioning in spite of being provided with invalid data, while integrity refers to the degree to which unauthorized access to the software or data can be prevented.
Computers work only in response to instructions provided externally. For example, software instructs the hardware how to print a document, take input from the user, and display the output. Usually, the instructions to perform some intended tasks are organized into a program using a programming language like C, C++, Java, etc., and submitted to computer. The computer interprets and executes these instructions and provides response to the user accordingly. The set of programs intended to provide users with a set of interrelated functionalities is known as a software package.
What is Software-Defined?
The term Software-Defined is the ability to abstract the management and administrative capabilities of the technology. In terms of computer networking, it is the ability to control the provisioning of network devices, Virtual LANs (VLANs), Firewall rules, traffic engineering and Quality of Services (QoS), etc. In summary, a system regarded as Software-Defined should rely on software to achieve the following interrelated and supported Abstraction, Automation and Adjustment (AAA) features:
Abstraction of Physical Resources: A software-defined system usually provides a set of Application Platform Interfaces (APIs) to abstract their physical resources to simplify its resource management and allocation.
Automation of Actions/Controls: Actions and controls can be executed based on the incorporated complex application logics by examining software running conditions or being triggered by software monitored systems with a certain level of adaptability and intelligence.
Adjustment of Configurations (Reconfiguration): Adjustments of system resource can be achieved through predictive configuration or control of workloads, which can be performed by changing past administrator defined rule sets.
Definitions of Software-Defined Systems
Software-Defined Networking (SDN) is an emerging architecture that is dynamic, manageable, cost-effective, and adaptable, making it ideal for the high-bandwidth, dynamic nature of today’s applications. This architecture decouples the network control and forwarding functions enabling the network control to become directly programmable and the underlying infrastructure to be abstracted for applications and network services. The OpenFlow protocol is a foundational element for building SDN solutions.
Software-Defined Storage (SDS) is a computer program that manages data storage resources and functionality and has no dependencies on the underlying physical storage hardware. SDS is most often associated with software products designed to run on commodity server hardware. It enables users to upgrade the software separately from the hardware. Common characteristics of SDS products include the ability to aggregate storage resources, scale out the system across a server cluster, manage the shared storage pool and storage services through a single administrative interface, and set policies to control storage features and functionality.
Software-Defined Data Centers ...