Securing Edge Networks with Securebox
share
The number of mobile and IoT devices connected to home and enterprise networks is growing fast. These devices offer new services and experiences for the users; however, they also present new classes of security threats pertaining to data and device safety and user privacy. In this article, we first analyze the potential threats presented by these devices connected to edge networks. We then propose Securebox: a new cloud-driven, low cost Security-as-a-Service solution that applies Software-Defined Networking (SDN) to improve network monitoring, security and management. Securebox enables remote management of networks through a cloud security service (CSS) with minimal user intervention required. To reduce costs and improve the scalability, Securebox is based on virtualized middleboxes provided by CSS. Our proposal differs from the existing solutions by integrating the SDN and cloud into a unified edge security solution, and by offering a collaborative protection mechanism that enables rapid security policy dissemination across all connected networks in mitigating new threats or attacks detected by the system. We have implemented two Securebox prototypes, using a low-cost Raspberry-PI and off-the-shelf fanless PC. Our system evaluation has shown that Securebox can achieve automatic network security and be deployed incrementally to the infrastructure with low management overhead.
READ FULL TEXT
