Application Layer Firewall Using OpenFlow

Alaauddin Shieha, University of Colorado at Boulder


Security is one of the most important aspects in networking. Companies and service providers spend much money on expensive firewalls to enforce security. Software-Defined Networking (SDN) is a new architecture that can save companies and service providers money, reduce provisioning time from weeks to minutes, provide centralized management, promote innovation, and allow programmability. SDN achieves this by decoupling the control plane from the data plane. This paper demonstrates the benefits of implementing an application layer firewall using OpenFlow protocol, which is one way of implementing SDN. The firewall is capable of detecting application layer traffic, such as BitTorrent and YouTube, and of preventing some Denial-of-Service Attacks. This paper discusses the implementation details and provides a performance analysis of the firewall module.