Rec. ITU-T X.1042 (01/2019) - Security services using software-defined networking
Summary
History
FOREWORD
Table of Contents
1 Scope
2 References
3 Definitions
     3.1 Terms defined elsewhere
     3.2 Terms defined in this Recommendation
4 Abbreviations and acronyms
5 Conventions
6 Overview of the SDN functional architecture
7 Classification of network resources
8 Security services based on SDN
     8.1 Centralized firewall service
          8.1.1 Basic concept of centralized firewall service
          8.1.2 Service scenario of centralized firewall service
          8.1.3 Service scenario of a collaborated firewall service
     8.2 Centralized honeypot service
          8.2.1 Basic concept of a centralized honeypot service
          8.2.2 Service scenario of a centralized honeypot
     8.3 Centralized DDoS attack mitigation service
          8.3.1 Basic concept of a centralized DDoS attack mitigation service
          8.3.2 Centralized DDoS attack mitigation service for stateless servers
          8.3.3 Centralized DDoS attack mitigation service for stateful servers
     8.4 Centralized illegal device management service
          8.4.1 Basic concept of a centralized illegal device management service
          8.4.2 Service scenario of a centralized illegal device management service
     8.5 Access control management service
          8.5.1 Basic concept of an access control management service
          8.5.2 Service scenario of an access control management service
Appendix I  Criteria for security services based on SDN
     I.1 Criteria for security services in intra-domain networks
          I.1.1 Centralized firewall service
          I.1.2 Centralized honeypot service
     I.2 Criteria for security services in inter-domain networks
          I.2.1 Centralized DDoS attack mitigation service
          I.2.2 Centralized illegal device management service
          I.2.3 Access control management service
Appendix II  An example of packet data scan detection
Appendix III  Implementation architecture for security services based on SDN
     III.1 Interface to the network security function framework with SDN in IETF
          III.1.1 Overview
          III.1.2 Comparison of IETF and ITU-T architectures
     III.2 SDN architecture in the ONF
          III.2.1 Overview
          III.2.2 Comparison of ONF and ITU-T architectures
Bibliography