Stony Brook Computer Science Dept.
Networks today rely on middle-boxes to provide critical performance, security, and policy compliance functions. Today, however, achieving these benefits and ensuring that the traffic traverses the desired sequence of middle-boxes requires significant manual effort and operator expertise. In this respect, Software-Defined Networking (SDN) offers a promising alternative. However, middle-boxes introduce new aspects (e.g., policy composition, resource management, packet modifications) that fall outside the purvey of traditional L2/L3 functions that SDN supports (e.g., access control or routing).