Placement of Security Devices in Cloud Data Centre Network: Analysis and Implementation

Due to extensive use of Cloud services and newly evolving security threats, most cloud service providers (CSP) deploy varieties of security devices such as, firewalls, IPSec, IDS, etc. for controlling resource accesses based on the data centre security requirements. Today CSPs are looking for systematically hardening the security by incorporating multiple security devices in the network in a cost-effective way. In this paper, we present an automated framework for synthesizing data centre security configurations. We take a dummy data centre topology, CSP security (connectivity and isolation) requirements and business constraints (usability and cost) as input; and then synthesizes the correct and optimal data centre security. It determines the optimal placement of different security devices in the data centre.