Download or read book Moving Towards Software defined Security in the Era of NFV and SDN written by Montida Pattaranantakul and published by . This book was released on 2019 with total page 0 pages. Available in PDF, EPUB and Kindle. Book excerpt: This thesis is intended to explore security issues in the virtualized and software-defined world, and starts with two important hypotheses: (1) SDN and NFV offer plenty of opportunities for us to rethink security management in the new networking paradigms; (2) both legacy and new security threats and vulnerabilities in NFV/SDN enabled environments need to be sufficiently addressed in order to pave the way for their further development and deployment. To validate the hypotheses, we carry out an in-depth study on NFV/SDN from security perspective, including its architecture, management and orchestration (MANO) framework, and use cases, leading to two major contributions, (1) a security management and orchestration framework (called SecMANO) based on NFV MANO, which has the potential to manage a set of policy-driven security mechanisms, such as access control, IDS/IPS, network isolation, data protection; (2) a comprehensive threat analysis on five NFV use cases and the state-of-the-art security countermeasures, resulting in a NFV layer-specific threat taxonomy and a set of security recommendations on securing NFV based services.We believe that both of the two contributions lay down a foundation for security research in NFV/SDN domain. In particular, based on the two contributions, we further develop a security orchestrator as an extension of available NFV orchestrator, with an objective to enabling the basic security functions to be effectively orchestrated and provided as on-demand services to the customers, meanwhile allowing high-level security policies to be specified and enforced in a dynamic and flexible way. Specifically, a software-defined access control paradigm is implemented and prototyped with OpenStack and Tacker (a NFV orchestrator using TOSCA model), which allows the security administrators to dynamically customize the access control models and policies for different tenant domains, eventually achieving flexible and scalable protection across different layers and multiple cloud data centers. Both prototype of concept and real-life experiments on testbed have been carried out, clearly demonstrating the feasibility and effectiveness of our security orchestrator.In addition, as our NFV cross-layer threat taxonomy indicates, a large set of novel threats will be introduced, among which VNF (Virtualized Network Function) is a unique and important asset that deserves careful protection. The fourth contribution of this thesis is therefore devoted to achieving secure and dependable SFC (Service Function Chaining) in NFV and SDN environment. Specifically, an identity-based ordered multisignature scheme called SecSFC is designed and applied to ensure that, (1) each service function involved in a particular service chain is authenticated and legitimate; (2) all the service functions are chained in a consistent, optimal, and reliable way, meeting with the pre-defined high-level specifications like VNF Forwarding Graph. Both theoretical security analysis and experimental results demonstrate that our scheme can effectively defend against a large set of destructive attacks like rule modification and topology tempering, moving an important step towards secure and dependable SFC. Importantly, the signature construction and validation process is lightweight, generating compact and constant-size keys and signatures, thereby only incurring minimal computational overhead and latency.

Download or read book Software Defined Networking and Security written by Dijiang Huang and published by CRC Press. This book was released on 2018-12-07 with total page 357 pages. Available in PDF, EPUB and Kindle. Book excerpt: Discusses virtual network security concepts Considers proactive security using moving target defense Reviews attack representation models based on attack graphs and attack trees Examines service function chaining in virtual networks with security considerations Recognizes machine learning and AI in network security

Download or read book Guide to Security in SDN and NFV written by Shao Ying Zhu and published by Springer. This book was released on 2017-11-10 with total page 342 pages. Available in PDF, EPUB and Kindle. Book excerpt: This book highlights the importance of security in the design, development and deployment of systems based on Software-Defined Networking (SDN) and Network Functions Virtualization (NFV), together referred to as SDNFV. Presenting a comprehensive guide to the application of security mechanisms in the context of SDNFV, the content spans fundamental theory, practical solutions, and potential applications in future networks. Topics and features: introduces the key security challenges of SDN, NFV and Cloud Computing, providing a detailed tutorial on NFV security; discusses the issue of trust in SDN/NFV environments, covering roots of trust services, and proposing a technique to evaluate trust by exploiting remote attestation; reviews a range of specific SDNFV security solutions, including a DDoS detection and remediation framework, and a security policy transition framework for SDN; describes the implementation of a virtual home gateway, and a project that combines dynamic security monitoring with big-data analytics to detect network-wide threats; examines the security implications of SDNFV in evolving and future networks, from network-based threats to Industry 4.0 machines, to the security requirements for 5G; investigates security in the Observe, Orient, Decide and Act (OODA) paradigm, and proposes a monitoring solution for a Named Data Networking (NDN) architecture; includes review questions in each chapter, to test the reader’s understanding of each of the key concepts described. This informative and practical volume is an essential resource for researchers interested in the potential of SDNFV systems to address a broad range of network security challenges. The work will also be of great benefit to practitioners wishing to design secure next-generation communication networks, or to develop new security-related mechanisms for SDNFV systems.

Download or read book Security in Network Functions Virtualization written by Zonghua Zhang and published by Elsevier. This book was released on 2017-11-20 with total page 274 pages. Available in PDF, EPUB and Kindle. Book excerpt: The software and networking industry is experiencing a rapid development and deployment of Network Functions Visualization (NFV) technology, in both enterprise and cloud data center networks. One of the primary reasons for this technological trend is that NFV has the capability to reduce CAPEX and OPEX, whilst increasing networking service efficiency, performance, agility, scalability, and resource utilization. Despite such well-recognized benefits, security remains a major concern of network service providers and seriously impedes the further expansion of NFV. This book is therefore dedicated to investigating and exploring the potential security issues of NFV. It contains three major elements: a thorough overview of the NFV framework and architecture, a comprehensive threat analysis aiming to establish a layer-specific threat taxonomy for NFV enabled networking services, and a series of comparative studies of security best practices in traditional networking scenarios and in NFV, ultimately leading to a set of recommendations on security countermeasures in NFV. This book is primarily intended for engineers, engineering students and researchers and those with an interest in the field of networks and telecommunications (architectures, protocols, services) in general, and particularly software-defined network (SDN) and network functions virtualization (NFV)-based security services. Extensively studies security issues in NFV Presents a basis or guideline for both academia researchers and industry practitioners to work together to achieve secure and dependable lifecycle management of NFV based network services

Download or read book Software Defined Networks written by Paul Goransson and published by Morgan Kaufmann. This book was released on 2016-10-25 with total page 438 pages. Available in PDF, EPUB and Kindle. Book excerpt: Software Defined Networks: A Comprehensive Approach, Second Edition provides in-depth coverage of the technologies collectively known as Software Defined Networking (SDN). The book shows how to explain to business decision-makers the benefits and risks in shifting parts of a network to the SDN model, when to integrate SDN technologies in a network, and how to develop or acquire SDN applications. In addition, the book emphasizes the parts of the technology that encourage opening up the network, providing treatment for alternative approaches to SDN that expand the definition of SDN as networking vendors adopt traits of SDN to their existing solutions. Since the first edition was published, the SDN market has matured, and is being gradually integrated and morphed into something more compatible with mainstream networking vendors. This book reflects these changes, with coverage of the OpenDaylight controller and its support for multiple southbound protocols, the Inclusion of NETCONF in discussions on controllers and devices, expanded coverage of NFV, and updated coverage of the latest approved version (1.5.1) of the OpenFlow specification. Contains expanded coverage of controllers Includes a new chapter on NETCONF and SDN Presents expanded coverage of SDN in optical networks Provides support materials for use in computer networking courses

Download or read book SECURITY IN SOFTWARE DEFINED NETWORKING AN ANALYSIS OF NEW ATTACK AND DEFENSE VECTORS written by Stefan Achleitner and published by . This book was released on 2018 with total page pages. Available in PDF, EPUB and Kindle. Book excerpt: Software Defined Networking (SDN) is a novel concept in computer networks that enables a central controlling platform to dynamically program the data-plane of a network with the usage of flow rules. This separation of the control- and data-plane provides a framework for the implementation of novel network applications.This dissertation investigates the potential of Software Defined Networking in the security domain of computer networks. By considering two aspects, "Security through SDN" and "Security of SDN", we demonstrate the ability to implement novel defense systems on the basis of SDN as well as discuss how advanced adversaries are able to attack the core parts of an SDN. This analysis motivates the development of a novel security framework which is able to generate network configurations for SDNs that meet defined security properties.In particular, we investigate network reconnaissance which is performed by malicious insiders and is a pre-phase of advanced targeted cyber attacks. Network virtualization techniques, such as SDN, provide the ability to deploy novel defense mechanisms which hide crucial system information from attackers, while maintaining a high quality of system performance for legitimate users. We discuss the development and implementation process of such a system in this dissertation.Attacks such as denial of service, that are launched on SDN-enabled networks may affect current flows traversing the network and disrupt the provided services. For a quick and successful reconfiguration of an SDN-enabled network to reestablish the network services after a cyber attack a deep analysis of the process to deploy a flow rule based network configuration on the data-plane is necessary. We analyze the dominating factors of the network configuration time in SDN and propose optimization models and algorithms to minimize the required time to compute and deploy flow rule based network configurations. We demonstrate that our approach is able to minimize the time required to recover after a cyber attack causing certain network resources to suddenly become unavailable.While SDN provides a platform for the development of novel defense approaches, weaknesses arise if attackers apply advanced techniques, such as network forensics, to exploit the configuration details of SDN-based applications.To demonstrate that network virtualization, with the use of SDN, extends the attack surface of traditional networks, we show that adversaries are able to reconstruct the details of SDN flow rules on the data-plane and exploit the collected information to launch targeted cyber attacks.Adversaries performing advanced network forensics as well as numerous other attack strategies on SDN, pursue different goals but are all based on a small set of attack techniques. Once untrusted nodes are in the perimeter of a network, actions such as probing and transmission of spoofed packets can be performed, which often lead to severe security issues. While novel network architectures such as Software Defined Networking (SDN) are sensitive to attacks involving lateral movement and spoofed traffic they also provide a framework to enforce flow isolation between and across network devices with a fine granularity. To ensure secure information flow between entities a framework that guarantees flow isolation has to implement a proven security policy such as multilevel security (MLS). To achieve secure information flow in a network we introduce a framework, MLSNet, that will find a network configuration given a security lattice, a network topology and a labeling of nodes that guarantees an assignment of flows in the network compliant with an MLS policy. To automatically generate such a configuration we provide two optimization models to compute a network configuration that meets the defined security constraints.We further identify a set of principles for the construction of secure SDN flow rules to deploy a policy compliant configuration on the data-plane.The security issues pointed out in this work motivate the requirement for agile and advanced defense approaches which are able to dynamically react to cyber attacks not addressed by traditional defense mechanisms. The analysis of attack and defense techniques presented in this dissertation are going beyond traditional mechanisms, and additionally consider the impact, in terms of performance, on the provided services and virtualized resources.

Download or read book The Wiley 5G REF written by and published by John Wiley & Sons. This book was released on 2021-07-26 with total page 340 pages. Available in PDF, EPUB and Kindle. Book excerpt: THE WILEY 5G REF Explore cutting-edge subjects in 5G privacy and security In The Wiley 5G REF: Security, a team of distinguished researchers delivers an insightful collection of articles selected from the online-only The Wiley 5G Reference. The editors introduce the security landscape of 5G, including the significant security and privacy risks associated with 5G networks. They also discuss different security solutions for various segments of the 5G network, like the radio, edge, access, and core networks. The book explores the security threats associated with key network softwarization technologies, like SDN, NFV, NS, and MEC, as well as those that come with new 5G and IoT services. There is also a detailed discussion on the privacy of 5G networks. The included articles are written by leading international experts in security and privacy for telecommunication networks. They offer learning opportunities for everyone from graduate-level students to seasoned engineering professionals. The book also offers: A thorough introduction to the 5G mobile network security landscape and the major risks associated with it Comprehensive explorations of SDMN security, the complex challenges associated with 5G security, and physical-layer security for 5G and future networks Practical discussions of security for Handover and D2D communication in 5G HetNets, authentication and access control for 5G, and G5-Core network security In-depth examinations of MEC and cloud security, as well as VNF placement and sharing in NFV-based cellular networks Perfect for researchers and practitioners in the fields of 5G security and privacy, The Wiley 5G REF: Security is an indispensable resource for anyone seeking a solid educational foundation in the latest 5G developments.

Download or read book Foundations of Modern Networking written by William Stallings and published by Addison-Wesley Professional. This book was released on 2015-10-27 with total page 775 pages. Available in PDF, EPUB and Kindle. Book excerpt: Foundations of Modern Networking is a comprehensive, unified survey of modern networking technology and applications for today’s professionals, managers, and students. Dr. William Stallings offers clear and well-organized coverage of five key technologies that are transforming networks: Software-Defined Networks (SDN), Network Functions Virtualization (NFV), Quality of Experience (QoE), the Internet of Things (IoT), and cloudbased services. Dr. Stallings reviews current network ecosystems and the challenges they face–from Big Data and mobility to security and complexity. Next, he offers complete, self-contained coverage of each new set of technologies: how they work, how they are architected, and how they can be applied to solve real problems. Dr. Stallings presents a chapter-length analysis of emerging security issues in modern networks. He concludes with an up-to date discussion of networking careers, including important recent changes in roles and skill requirements. Coverage: Elements of the modern networking ecosystem: technologies, architecture, services, and applications Evolving requirements of current network environments SDN: concepts, rationale, applications, and standards across data, control, and application planes OpenFlow, OpenDaylight, and other key SDN technologies Network functions virtualization: concepts, technology, applications, and software defined infrastructure Ensuring customer Quality of Experience (QoE) with interactive video and multimedia network traffic Cloud networking: services, deployment models, architecture, and linkages to SDN and NFV IoT and fog computing in depth: key components of IoT-enabled devices, model architectures, and example implementations Securing SDN, NFV, cloud, and IoT environments Career preparation and ongoing education for tomorrow’s networking careers Key Features: Strong coverage of unifying principles and practical techniques More than a hundred figures that clarify key concepts Web support at williamstallings.com/Network/ QR codes throughout, linking to the website and other resources Keyword/acronym lists, recommended readings, and glossary Margin note definitions of key words throughout the text

Download or read book SDN and NFV Simplified written by Jim Doherty and published by Addison-Wesley Professional. This book was released on 2016-02-24 with total page 612 pages. Available in PDF, EPUB and Kindle. Book excerpt: A Visual Guide to Understanding Software Defined Networks and Network Function Virtualization The simple, visual, at-a-glance guide to SDN and NFV: Core concepts, business drivers, key technologies, and more! SDN (Software Defined Networks) and NFV (Network Function Virtualization) are today’s hottest areas of networking. Many executives, investors, sales professionals, and marketers need a solid working understanding of these technologies, but most books on the subject are written specifically for network engineers and other technical experts. SDN and NFV Simplified fills that gap, offering highly visual, “at-a-glance” explanations of SDN, NFV, and their underlying virtualizations. Built around an illustrated, story-telling approach, this answers the questions: Why does this technology matter? How does it work? Where is it used? What problems does it solve? Through easy, whiteboard-style infographics, you’ll learn: how virtualization enables SDN and NFV; how datacenters are virtualized through clouds; how networks can also be virtualized; and how to maximize security, visibility, and Quality of Experience in tomorrow’s fully-virtualized environments. Step by step, you’ll discover why SDN and NFV technologies are completely redefining both enterprise and carrier networks, and driving the most dramatic technology migration since IP networking. That’s not all: You’ll learn all you need to help lead this transformation. Learn how virtualization establishes the foundation for SDN and NFV Review the benefits of VMs, the role of hypervisors, and the management of virtual resources Discover how cloud technologies enable datacenter virtualization Understand the roles of networking gear in virtualized datacenters See VMWare VMotion and VXLAN at work in the virtualized datacenter Understand multitenancy and the challenges of “communal living” Learn how core network functions and appliances can be virtualized Ensure performance and scalability in virtualized networks Compare modern approaches to network virtualization, including OpenFlow, VMWare Nicera, Cisco Inseieme, and OpenStack Walk through the business case for SDN, NFV, and the Cloud Discover how the Software Defined Network (SDN) solves problems previously left unaddressed Understand SDN controllers–and who’s fighting to control your network Use SDN and NFV to improve integration and say goodbye to “truck rolls” Enforce security, avoid data leakage, and protect assets through encryption Provide for effective monitoring and consistent Quality of Experience (QoE) Learn how SDN and NFV will affect you–and what’s next

Download or read book SDN and NFV Security written by Rahamatullah Khondoker and published by Springer. This book was released on 2018-01-29 with total page 141 pages. Available in PDF, EPUB and Kindle. Book excerpt: This book provides security analyses of several Software Defined Networking (SDN) and Network Functions Virtualization (NFV) applications using Microsoft’s threat modeling framework STRIDE. Before deploying new technologies in the production environment, their security aspects must be considered. Software Defined Networking (SDN) and Network Functions Virtualization (NFV) are two new technologies used to increase e.g. the manageability, security and flexibility of enterprise/production/cloud IT environments. Also featuring a wealth of diagrams to help illustrate the concepts discussed, the book is ideally suited as a guide for all IT security professionals, engineers, and researchers who need IT security recommendations on deploying SDN and NFV technologies.

Download or read book Data Centric Security in Software Defined Networks SDN written by Marek Amanowicz and published by Springer Nature. This book was released on with total page 133 pages. Available in PDF, EPUB and Kindle. Book excerpt:

Download or read book Software defined Security for Network Function Virtualization written by Manel Smine and published by . This book was released on 2022 with total page 0 pages. Available in PDF, EPUB and Kindle. Book excerpt: Network Function Virtualization (NFV) technology has been proposed to improve the deployment flexibility and cost effectiveness of network services and allows for better information sharing between their components. Despite the aforementioned benefits, existing NFV infrastructures suffer from several security issues. The objective of this thesis is to improve the security of NFV services. To achieve this goal, we proposed a number of contributions. First, we studied the existing and potential security problems and threats in NFV infrastructures. Then, we classified them according to the components that are affected by these threats. Then, we studied the different security mechanisms that can be used to reduce these risks. This study allowed us to realize that the deployment of access control policies at the NFV service level can mitigate several security issues. This realization led us to examine existing solutions for deploying access control policies in NFV infrastructures. Third, we provide a comprehensive comparative overview of existing solutions based on several properties, including the adversary model considered, effectiveness, veracity, and optimality.

Download or read book Software Defined Mobile Networks SDMN written by Madhusanka Liyanage and published by John Wiley & Sons. This book was released on 2015-06-17 with total page 440 pages. Available in PDF, EPUB and Kindle. Book excerpt: This book describes the concept of a Software Defined Mobile Network (SDMN), which will impact the network architecture of current LTE (3GPP) networks. SDN will also open up new opportunities for traffic, resource and mobility management, as well as impose new challenges on network security. Therefore, the book addresses the main affected areas such as traffic, resource and mobility management, virtualized traffics transportation, network management, network security and techno economic concepts. Moreover, a complete introduction to SDN and SDMN concepts. Furthermore, the reader will be introduced to cutting-edge knowledge in areas such as network virtualization, as well as SDN concepts relevant to next generation mobile networks. Finally, by the end of the book the reader will be familiar with the feasibility and opportunities of SDMN concepts, and will be able to evaluate the limits of performance and scalability of these new technologies while applying them to mobile broadb and networks.

Download or read book Network Functions Virtualization NFV with a Touch of SDN written by Rajendra Chayapathi and published by Addison-Wesley Professional. This book was released on 2016-11-14 with total page 543 pages. Available in PDF, EPUB and Kindle. Book excerpt: Network Functions Virtualization (NFV) will drive dramatic cost reductions while also accelerating service delivery. Using NFV with SDN, network owners can provision new functions rapidly on demand, improve scalability, and leverage microservices. Benefits like these will make NFV indispensable for service providers, mobile operators, telcos, and enterprises alike. Network Functions Virtualization (NFV) with a Touch of SDN is the first practical introduction to NFV’s fundamental concepts, techniques, and use cases. Written for wide audiences of network engineers, architects, planners, and operators, it assumes no previous knowledge of NFV architecture, deployment, or management. The authors first explain how virtualization, VMs, containers, and related technologies establish the foundation for the NFV transformation. Next, they show how these concepts and technologies can be applied to virtualize network functions in the cloud, data centers, routing, security, and the mobile packet core. You’ll discover new tools and techniques for managing and orchestrating virtualized network devices, and gain new clarity on how SDN and NFV interact and interrelate. By the time you’re done, you’ll be ready to assess vendor claims, evaluate architectures, and plan NFV’s role in your own networks. Understand NFV’s key benefits and market drivers Review how virtualization makes NFV possible Consider key issues associated with NFV network design and deployment Integrate NFV into existing network designs Orchestrate, build, and deploy NFV networks and cloud services Maximize operational efficiency by building more programmable, automated networks Understand how NFV and SDN work together Address security, programmability, performance, and service function chaining Preview evolving concepts that will shape NFV’s future

Download or read book Software Defined WAN for the Digital Age written by David W. Wang and published by CRC Press. This book was released on 2018-10-26 with total page 128 pages. Available in PDF, EPUB and Kindle. Book excerpt: SD-WAN is an advanced networking approach that creates hybrid networks to integrate broadband or other network services into the corporate WAN, not only just handling general business workloads and traffic, but also being capable of maintaining the performance and security of real-time and sensitive applications. This book posits that Software Defined (SD) WAN is the answer to questions such as what changes can be made to the networking sector? What innovations can make WAN, which plays a vital integrated part of the cloud ecosystem, more cost effective, performance robust, provisioning efficient, and operation intelligent?

Download or read book Learning OpenDaylight written by Reza Toghraee and published by Packt Publishing Ltd. This book was released on 2017-05-29 with total page 329 pages. Available in PDF, EPUB and Kindle. Book excerpt: A practical guide to building programmable networks using OpenDaylight About This Book Learn and understand how SDN controllers operate and integrate with networks; this book's step-by-step tutorials will give you a strong foundation in SDN, NVF, and OpenDayLight. Learn how to map legacy Layer 2/3 networking technologies in the SDN world Add new services and capabilities to your infrastructure and quickly adopt SDN and NFV within your organization with OpenDayLight. Integrate and manage software-defined networks efficiently in your organization. Build innovative network applications with OpenDayLight and save time and resources. Who This Book Is For This book targets network engineers, network programmers and developers, administrators, and anyone with some level of networking experience who'd like to deploy OpenDayLight effectively. Familiarity with the day-to-day operations of computer networks is expected What You Will Learn Transition from legacy networking to software-defined networking Learn how SDN controllers work and manage a network using southbound and northbound APIs Learn how to deploy the OpenDayLight SDN controller and integrate it with virtual switches Understand the basic design and operation of the OpenDaylight platform Build simple MD-SAL OpenDaylight applications Build applications on top of OpenDayLight to trigger network changes based on different events Integrate OpenStack with OpenDayLight to build a fully managed network Learn how to build a software-defined datacenter using NFV and service-chaining technologies In Detail OpenDaylight is an open source, software-defined network controller based on standard protocols. It aims to accelerate the adoption of Software-Defined Networking (SDN) and create a solid foundation for Network Functions Virtualization (NFV). SDN is a vast subject; many network engineers find it difficult to get started with using and operating different SDN platforms. This book will give you a practical bridge from SDN theory to the practical, real-world use of SDN in datacenters and by cloud providers. The book will help you understand the features and use cases for SDN, NFV, and OpenDaylight. NFV uses virtualization concepts and techniques to create virtual classes for node functions. Used together, SDN and NFV can elevate the standards of your network architecture; generic hardware-saving costs and the advanced and abstracted software will give you the freedom to evolve your network in the future without having to invest more in costly equipment. By the end of this book, you will have learned how to design and deploy OpenDaylight networks and integrate them with physical network switches. You will also have mastered basic network programming over the SDN fabric. Style and approach This is a step-by-step tutorial aimed at getting you up-to-speed with OpenDayLight and ready to adopt it for your SDN (Software-Defined Networking) and NFV (Network Functions Virtualization) ecosystem.

Download or read book Data Centric Security in Software Defined Networks SDN written by Marek Amanowicz and published by Springer. This book was released on 2024-05-05 with total page 0 pages. Available in PDF, EPUB and Kindle. Book excerpt: The book focuses on applying the data-centric security (DCS) concept and leveraging the unique capabilities of software-defined networks (SDN) to improve the security and resilience of corporate and government information systems used to process critical information and implement business processes requiring special protection. As organisations increasingly rely on information technology, cyber threats to data and infrastructure can significantly affect their operations and adversely impact critical business processes. Appropriate authentication, authorisation, monitoring, and response measures must be implemented within the perimeter of the system to protect against adversaries. However, sophisticated attackers can compromise the perimeter defences and even remain in the system for a prolonged time without the owner being aware of these facts. Therefore, new security paradigms such as Zero Trust and DCS aim to provide defence under the assumption that the boundary protections will be breached. Based on experience and lessons learned from research on the application of DCS to defence systems, the authors present an approach to integrating the DCS concept with SDN. They introduce a risk-aware approach to routing in SDN, enabling defence-in-depth and enhanced security for data in transit. The book describes possible paths for an organisation to transition towards DCS, indicating some open and challenging issues requiring further investigation. To allow interested readers to conduct detailed studies and evaluate the exemplary implementation of DCS over SDN, the text includes a short tutorial on using the emulation environment and links to the websites from which the software can be downloaded.