Network Security in Data Centre

Data Centre is the usage infrastructure for supporting Internet services. Cloud computing is rapidly changing the face of Web Internet service infrastructure, enabling even small organizations to quickly create Web and mobile applications for millions of users by taking advantage of the scale and flexibility of the shared physical infrastructures provided by cloud providers. In this case, multiple users store their data and application in the same data centre with avirtual boundary between each occupant. As every occupant uses their own different security policies, it needs to create different security policies for them. Network virtualization is to compile a diverse set of occupant-specific requirements into a single configuration of the underlying physical cloud network, enabling multi-occupants data centres to automatically address a large and diverse set of occupants’ requirements. Mechanism design and system implementation of vCNSMS, a collaborative network security prototype system in multiple occupants’ data centre network. A security level based protection policy is proposed for simplifying the security rule management for vCNSMS. Different security level has different packet inspection scheme and enforced with different security plugins. A smart packet verdict scheme is also integrated into vCNSMS for intelligence flow processing to defence possible network attack inside data centre network.