Compared with traditional networking, Software-Defined Networking (SDN) enables to solve the scalability, flexibility and other aspects of the problems. However, there still have some questions about previous relevant works for security control. Thus, in this paper, we analyze the new challenges and then propose a SDN security control architecture to strengthen security control. In such a structure, security control is separated from SDN controller as a separate security controller. The security controller is used to actualize security control through both flow-based protection and agency-based protection. The method of flow monitoring in SDN networks as well as the agency deployed in nodes helps the developers to implement the security functions. We then implement this architecture and verify its scalability and robustness.
展开▼
