HATS
HATS

SDN Data Center Study

Download a PDF version of these web pages
Structural Models
2 of 5
  • End-host virtualization allows an operator to retain control over the end. This is very important since it allows complexity to be moved out of the network. For instance, an isolation or a denial-ofservice prevention mechanisms can be both implemented inside of a hypervisor (push-back filters) and the network (VLANs). Although functionally equivalent, they have varying effects on performance, scalability, cost and security.
  • Network virtualization allows a tenant to gain control over its network. The meaning of control is somewhat ambiguous, since it can refer to multitude of things including resource control, routing control, and other things.
Organizational Models
  • Multi-Tenant data centers may have hundreds of thousands of customers all utilizing the same resources. Competitors may be using the same infrastructure posing difficult issues with separation. Denial of Service attacks are exacerbated as a significant 'insider' threat. As the infrastructure is available for any customer, an attacker may have privileged access if it can be collocated with their victim. Stakeholders not only include the tenants of data centers but also their customers. A security incident effecting a multi-tenant data center may not only affect the direct tenants but all of the data of the customers of applications running on the infrastructure.
  • Private/Enterprise data centers may seem to have fewer stakeholders than a multi-tenant data center but there are still issues for their customers and the threat of data loss and security. Individual enterprises may have specific requirements dependent on their business (financial, medical, etc.). Many businesses, especially small or mid-sized enterprises, do not have experienced personnel capable of understanding the security implications of a network change. In short, enterprise data centers are very similar to the multi-tenant ones, however, more emphasis is put towards cost and/or security.
  • Content Providers may have millions of customers using their services. What differentiates a content provider is that is has no notion of tenant, and consequently, security is shifted towards availability and resource allocation. Any disruption to the service can have widely reaching effects. Content providers such as social networks and cloud storage deliver increasingly large volumes of data. The loss of a day's service by (say) a video rental firm can have a major business impact.
Previous Continue
© 2015-2024 HATS. All Rights Reserved.


Back to top