摘要
数据中心作为网络资源和计算资源的核心,其运行效率和安全影响着数据中心对用户的服务水平.传统数据中心网络中,由于控制面和转发面的集中,面对新的业务需求不能灵活应变,且在安全部署方面存在一定的局限性.本文分析了传统网络结构数据中心运行效率及安全部署方面存在的问题,提出以解耦网络控制面和转发面的软件定义网络方式,由控制器控制底层硬件,实现数据中心资源的按需分配,设计安全服务链,使数据安全检测更加灵活,实现数据中心南北向和东西向全方位安全防护.
As the core of network and computing resources,data centers'operation efficiency and security affect their service level for users.In traditional data center networks,due to the centralization of control and forwarding aspects,there is inflexibility to meet new business demands and some limitations in security deployment.This paper analyses the problems in the operation efficiency and security deployment of data centers with traditional network structure,and puts forward a method of defining network by decoupling the software of network control and forwarding aspects.The controller controls the underlying hardware and realizes the allocation by demand of the resources in data centers.The paper designs the security service chain,and makes the data security detection more flexible,thus realizing all-round(north-south and east-west)security protection in data centers.
作者
李振刚
林永良
LI Zhengang;LIN Yongliang(Information Center,TCU,Tianjin 300384,China)
出处
《天津城建大学学报》
2019年第5期360-364,共5页
Journal of Tianjin Chengjian University
基金
天津市教育信息化协会项目(2017005)
天津市教委科研计划项目(2016CJ20)
