Enterprises rely on specialized network appliances or middleboxes such as load balancers, intrusion detection and prevention systems, and WAN optimizers in order to meet critical performance optimization, security, and policy compliance requirements. With the advent of cloud computing, such middlebox processing will play an increasingly critical role in cloud deployments due to two key factors: 1) As enterprises move their IT infrastructure to the cloud, they want to leverage the same performance and security benefits for applications running in the cloud; and 2) Enterprises want to reduce their infrastructure and management costs by offloading middlebox functionality to cloud providers to leverage the elastic scaling and migration benefits offered by cloud computing. Unfortunately, cloud customers and providers today lack the necessary abstractions and mechanisms for enabling this transition. At a high-level, the problem is that these workloads are drastically different from traditional computation and storage services for which cloud computing has been extremely successful. This raises fundamental challenges along several dimensions: the need for flexible composition or chaining of network services; the increased impact of network-level performance on such workloads; the inherent difficulty in identifying bottlenecked resources in multiplexed cloud deployments; and the inability to reason about correct and consistent operation of stateful network processing in dynamic deployment scenarios.
This project will bridge this disconnect by addressing foundational issues in the design and implementation of (1) policy frameworks, elastic scaling algorithms, and software-defined controllers for enterprise administrators to translate their requirements into an actual physical realization; (2) algorithms for intelligent network-level placement, traffic engineering, and topology design for cloud providers to support such workloads; and (3) new abstractions for managing and manipulating the middlebox-associated state of the network.
Broader Impact: This work will inform the critical industry evolution as enterprises and cloud providers are attempting to realize the benefits of 'network virtualization'. Furthermore, the project will enable new dimensions of flexibility for network deployments that do not exist today---democratizing the benefits of middleboxes to small businesses; providing the ability to elastically scale network-level services to meet application demands; and enabling live migration of entire enterprise deployments across physical infrastructures. The project will generate new course materials on software-defined networking and cloud computing and tightly integrate research with education to help students become experts in these emerging domains. The software tools and benchmark measurement data produced by the research will inform the industry transition and future academic work on such middleboxes-in-the-cloud deployments. Finally, while the project focuses on middleboxes in cloud deployments, the technical foundations developed therein will apply to traditional enterprise and ISP networks as well.
