Cnds-syn flood prevention using distributed firewall in software-defined wan architecture

Bambang Wahyuaji, Kalamullah Ramli

Research output: Contribution to journalArticlepeer-review

1 Citation (Scopus)

Abstract

SD-WAN adopts the SDN concept in the WAN area, which provides a dynamic WAN selection to route applications over the best virtual path. In this paper, a case of SD-WAN deployment in a company with a headquarters (data center) and 39 branch offices with redundant WAN MPLS connections is examined. It was expressed that the SYN flood has become a major problem in the company’s traditional WAN. The SD-WAN architecture equipped with a virtual distributed firewall was implemented to overcome this problem. The firewall was configured at the company headquarters and pushed to all branch offices. The measurement results indicate that the implementation of the distributed firewall decreases the SYN flood from mitigated subnet to zero percent, while it maintains network latency and throughput. From an economic perspective, the company will reduce its operational expenditure by 63.77 percent for the next five years by deploying the SD-WAN architecture.

Original languageEnglish
Pages (from-to)182-186
Number of pages5
JournalInternational Journal of Advanced Trends in Computer Science and Engineering
Volume8
Issue number1.4 S1
DOIs
Publication statusPublished - 1 Jan 2019

Keywords

  • Distributed firewall
  • SD-WAN
  • SDN
  • SYN flood
  • WAN MPLS

Fingerprint

Dive into the research topics of 'Cnds-syn flood prevention using distributed firewall in software-defined wan architecture'. Together they form a unique fingerprint.

Cite this