LiveSec: Towards Effective Security Management in Large-Scale Production Networks

Network security has become an increasingly important yet challenging issue in present production networks. State-of-the-art solutions cannot meet the overall requirements of high-efficiency security, due to the complicated configuration demands, heavy network traffic and ever-increasing network scale. In this paper, we present Live Sec, a scalable and flexible security management architecture, which achieves holistic security protection with good scalability and flexibility in large-scale networks. Live Sec employs a new Access-Switching layer to provide: 1) interactive policy-enforcement that enables fine-grain control for the end-to-end traffic of network tenants or users, 2) distributed load-balancing that dynamically dispatches security workload over incrementally-deployed security service elements, 3) application-aware network visualization that helps to identify and locate security events, via live traffic monitoring and historical traffic replay. Live Sec has been deployed in Tsinghua University since December 2010. Currently, we are successfully supporting more than 50 users simultaneously (wireless and wired), and over 200 VM-based service elements.