{"title":"SD-WAN架构中网络安全机制的比较分析:初步结果","authors":"Jorge Rodríguez Bustamante, D. Avila-Pesantez","doi":"10.1109/EIRCON52903.2021.9613418","DOIUrl":null,"url":null,"abstract":"Software-defined network in a wide area network (SD-WAN) has become a trend applied by large companies with geographically separated branches. The primary objective is based on a software solution that provides a cost-benefit balance, given the high cost of WAN connections. The growth of SD-WAN has brought numerous solutions by various vendors, but that has also increased the number of threats and vulnerabilities to this technology. This article aims to compare the commercial mechanisms versus opensource solutions implement within a specific architecture. It describes the cyber-attack vectors within SD-WAN and how to respond them within a simulation using the GNS3 software. The topology presented is based on a design with two branches and a headquarters, connected by two links that provide redundancy, one by MPLS and the other by broadband internet. The results of this research report that the commercial solution (Fortigate) provides better security mechanisms that focus on confidentiality, integrity, and availability. However, the open-source solution (Flexiwan) offers tools for adaptability to future threats thanks to the community's efforts.","PeriodicalId":403519,"journal":{"name":"2021 IEEE Engineering International Research Conference (EIRCON)","volume":"72 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-10-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"Comparative analysis of Cybersecurity mechanisms in SD-WAN architectures: A preliminary results\",\"authors\":\"Jorge Rodríguez Bustamante, D. Avila-Pesantez\",\"doi\":\"10.1109/EIRCON52903.2021.9613418\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Software-defined network in a wide area network (SD-WAN) has become a trend applied by large companies with geographically separated branches. The primary objective is based on a software solution that provides a cost-benefit balance, given the high cost of WAN connections. The growth of SD-WAN has brought numerous solutions by various vendors, but that has also increased the number of threats and vulnerabilities to this technology. This article aims to compare the commercial mechanisms versus opensource solutions implement within a specific architecture. It describes the cyber-attack vectors within SD-WAN and how to respond them within a simulation using the GNS3 software. The topology presented is based on a design with two branches and a headquarters, connected by two links that provide redundancy, one by MPLS and the other by broadband internet. The results of this research report that the commercial solution (Fortigate) provides better security mechanisms that focus on confidentiality, integrity, and availability. However, the open-source solution (Flexiwan) offers tools for adaptability to future threats thanks to the community's efforts.\",\"PeriodicalId\":403519,\"journal\":{\"name\":\"2021 IEEE Engineering International Research Conference (EIRCON)\",\"volume\":\"72 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-10-27\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2021 IEEE Engineering International Research Conference (EIRCON)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/EIRCON52903.2021.9613418\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 IEEE Engineering International Research Conference (EIRCON)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/EIRCON52903.2021.9613418","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Comparative analysis of Cybersecurity mechanisms in SD-WAN architectures: A preliminary results
Software-defined network in a wide area network (SD-WAN) has become a trend applied by large companies with geographically separated branches. The primary objective is based on a software solution that provides a cost-benefit balance, given the high cost of WAN connections. The growth of SD-WAN has brought numerous solutions by various vendors, but that has also increased the number of threats and vulnerabilities to this technology. This article aims to compare the commercial mechanisms versus opensource solutions implement within a specific architecture. It describes the cyber-attack vectors within SD-WAN and how to respond them within a simulation using the GNS3 software. The topology presented is based on a design with two branches and a headquarters, connected by two links that provide redundancy, one by MPLS and the other by broadband internet. The results of this research report that the commercial solution (Fortigate) provides better security mechanisms that focus on confidentiality, integrity, and availability. However, the open-source solution (Flexiwan) offers tools for adaptability to future threats thanks to the community's efforts.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
