| In recent years,with the rise of cloud computing,big data,mobile Internet,the daily life and work life of people have been impacted greatly,but at the same time,the limitations of traditional network services began to affect the development of IT business in the upper layer is gradually emerging,how to use the modern network in accordance with the requirements,flexible application,saving resources is now a major issue.In the data center based on cloud computing,due to the characteristics of its multi-tenant,massive data,and the limitation of the traditional security devices and architectures.Such as the traditional VLAN can provide only tenants of 4096 in the multi-tenant network architecture.In multi-tenant network architecture,different tenants need to be separated from each other,while the specific application of a specific tenant is open to other tenants,the tenants need to adjust the network security policy dynamically.The complex configuration of the traditional network greatly influences the tenants.Based on the above background,and the development of SDN technology,this paper designs a firewall system based on the SDN and openflow,which solves the problem of complex security configuration and multi-tenant security in cloud computing center,and provides a third party interface.This paper is divided into four parts,the theoretical basis of the firewall system,the design of the module,the implementation of the system and the test of the system are described in detail.In this paper,the design of firewall realized the center control of the whole network architecture,which take all equipment in the network as as a firewall,and can better support multi tenant virtual machine isolation and communication,update the security policy when the virtual machine moved,and provides service interface for developers to achevie application of other network security services. |
PDF Full Text Request