Introducing Virtual Security Functions into Latency-aware Placement for NFV Applications

Research paper by Ibrahim Tamim, Manar Jammal, Hassan Hawilo, Abdallah Shami

Indexed on: 27 Apr '20Published on: 23 Apr '20Published in: arXiv - Computer Science - Networking and Internet Architecture


The shift towards a completely virtualized networking environment is triggered by the emergence of software defined networking and network function virtualization (NFV). Network service providers have unlocked immense capabilities by these technologies, which have enabled them to dynamically adapt to user needs by deploying their network services in real-time through generating Service Function Chain (SFCs). However, NFV still faces challenges that hinder its full potentials, including availability guarantees, network security, and other performance requirements. For this reason, the deployment of NFV applications remains critical as it should meet different service level agreements while insuring the security of the virtualized functions. In this paper, we tackle the challenge of securing these SFCs by introducing virtual security functions (VSFs) into the latencyaware deployment of NFV applications. This work insures the optimal placement of the SFC components including the security functions while considering the performance constraints and the VSFs' operational rules such as, functions' alliance, proximity, and anti-affinity. This paper develops a mixed integer linear programming model to optimally place all the requested SFCs while satisfying the above constraints and minimizing the latency of every SFC and the intercommunication delay between the SFC components. The simulations are evaluated against a greedy algorithm on the virtualized Evolved Packet Core use case and have shown promising results in maintaining the security rules while achieving minimum delays.