Skip to Main content Skip to Navigation
Journal articles

A Survey of Network Isolation Solutions for Multi-Tenant Data Centers

Valentin del Piccolo 1 Ahmed Amamou 1 Kamel Haddadou 1 Guy Pujolle 2
2 Phare
LIP6 - Laboratoire d'Informatique de Paris 6
Abstract : The Infrastructure-as-a-Service (IaaS) model is one of the fastest growing opportunities for cloud-based service providers. It provides an environment that reduces operating and capital expenses while increasing agility and reliability of critical information systems. In this multitenancy environment, cloud-based service providers are challenged with providing a secure isolation service combining different vertical segments, such as financial or public services, while nevertheless meeting industry standards and legal compliance requirements within their data centers. In order to achieve this, new solutions are being designed and proposed to provide traffic isolation for a large numbers of tenants and their resulting traffic volumes. This paper highlights key challenges that cloud-based service providers might encounter while providing multi-tenant environments. It also succinctly describes some key solutions for providing simultaneous tenant and network isolation, as well as highlights their respective advantages and disadvantages. We begin with Generic Routing Encapsulation (GRE) introduced in 1994 in "RFC 1701", and will conclude with today's latest solutions. We detail fifteen of the newest architectures and then compare their complexities, the overhead they induce, their VM migration abilities, their resilience, their scalability, and their multi data center capacities. This paper is intended for, but not limited to, cloud-based service providers who want to deploy the most appropriate isolation solution for their needs, taking into consideration their existing network infrastructure. This survey provides details and comparisons of various proposals while also highlighting possible guidelines for future research on issues pertaining to the design of new network isolation archi-tectures.
Complete list of metadatas

Cited literature [86 references]  Display  Hide  Download

https://hal.sorbonne-universite.fr/hal-01430684
Contributor : Gestionnaire Hal-Upmc <>
Submitted on : Tuesday, January 10, 2017 - 10:45:10 AM
Last modification on : Friday, December 13, 2019 - 11:50:05 AM
Document(s) archivé(s) le : Tuesday, April 11, 2017 - 2:07:06 PM

File

Del_Piccolo_2016_A_Survey_of_N...
Files produced by the author(s)

Identifiers

Citation

Valentin del Piccolo, Ahmed Amamou, Kamel Haddadou, Guy Pujolle. A Survey of Network Isolation Solutions for Multi-Tenant Data Centers. Communications Surveys and Tutorials, IEEE Communications Society, Institute of Electrical and Electronics Engineers, 2016, 18 (4), pp.2787 - 2821. ⟨10.1109/COMST.2016.2556979⟩. ⟨hal-01430684⟩

Share

Metrics

Record views

587

Files downloads

1341