Cnds-syn flood prevention using distributed firewall in software-defined wan architecture

Bambang Wahyuaji, Kalamullah Ramli

Research output: Contribution to journalArticlepeer-review

1 Citation (Scopus)


SD-WAN adopts the SDN concept in the WAN area, which provides a dynamic WAN selection to route applications over the best virtual path. In this paper, a case of SD-WAN deployment in a company with a headquarters (data center) and 39 branch offices with redundant WAN MPLS connections is examined. It was expressed that the SYN flood has become a major problem in the company’s traditional WAN. The SD-WAN architecture equipped with a virtual distributed firewall was implemented to overcome this problem. The firewall was configured at the company headquarters and pushed to all branch offices. The measurement results indicate that the implementation of the distributed firewall decreases the SYN flood from mitigated subnet to zero percent, while it maintains network latency and throughput. From an economic perspective, the company will reduce its operational expenditure by 63.77 percent for the next five years by deploying the SD-WAN architecture.

Original languageEnglish
Pages (from-to)182-186
Number of pages5
JournalInternational Journal of Advanced Trends in Computer Science and Engineering
Issue number1.4 S1
Publication statusPublished - 1 Jan 2019


  • Distributed firewall
  • SD-WAN
  • SDN
  • SYN flood


Dive into the research topics of 'Cnds-syn flood prevention using distributed firewall in software-defined wan architecture'. Together they form a unique fingerprint.

Cite this