Proposing and evaluating the performance of a firewall implemented as a virtualized network function

Abstract

The virtualization technology provides many advantages to datacenters such as: reduction of power, cooling, and hardware costs. Moreover, virtualization simplifies administration and maintenance. On the other hand, for assuring security policies, a virtualized datacenter may require a large Access Control List (ACL) that can overload current commercial Top of Rack (ToR) equipment. This paper proposes and evaluates the performance of a firewall implemented as a virtualized network function in the Open source Platform for Network Functions Virtualization (OPNFV) using commercial off-the-shelf servers. Results show that the function provides elastic capacity that can scale up, meeting the current ingress traffic demands.