Middleboxes as a Cloud Service

Justine Sherry

EECS Department
University of California, Berkeley
Technical Report No. UCB/EECS-2016-165
November 19, 2016

http://www2.eecs.berkeley.edu/Pubs/TechRpts/2016/EECS-2016-165.pdf

Today's networks do much more than merely deliver packets. Through the deployment of middleboxes, enterprise networks today provide improved security -- e.g., filtering malicious content -- and performance capabilities -- e.g., caching frequently accessed content. Although middleboxes are deployed widely in enterprises, they bring with them many challenges: they are complicated to manage, expensive, prone to failures, and challenge privacy expectations.

In this thesis, we aim to bring the benefits of cloud computing to networking. We argue that middlebox services can be outsourced to cloud providers in a similar fashion to how mail, compute, and storage are today outsourced. We begin by presenting APLOMB, a system that allows enterprises to outsource middlebox processing to a third party cloud or ISP. For enterprise networks, APLOMB can reduce costs, ease management, and provide resources for scalability and failover. For service providers, APLOMB offers new customers and business opportunities, but also presents new challenges. Middleboxes have tighter performance demands than existing cloud services, and hence supporting APLOMB requires redesigning software at the cloud. We re-consider classical cloud challenges including fault-tolerance and privacy, showing how to implement middlebox software solutions with throughput and latency 2-4 orders of magnitude more efficient than general-purpose cloud approaches.

Advisor: Sylvia Ratnasamy


BibTeX citation:

@phdthesis{Sherry:EECS-2016-165,
    Author = {Sherry, Justine},
    Title = {Middleboxes as a Cloud Service},
    School = {EECS Department, University of California, Berkeley},
    Year = {2016},
    Month = {Nov},
    URL = {http://www2.eecs.berkeley.edu/Pubs/TechRpts/2016/EECS-2016-165.html},
    Number = {UCB/EECS-2016-165},
    Abstract = {Today's networks do much more than merely deliver packets. Through the deployment of middleboxes, enterprise networks today provide improved security -- e.g., filtering malicious content -- and performance capabilities -- e.g., caching frequently accessed content. Although middleboxes are deployed widely in enterprises, they bring with them many challenges: they are complicated to manage, expensive, prone to failures, and challenge privacy expectations.

In this thesis, we aim to bring the benefits of cloud computing to networking. We argue that middlebox services can be outsourced to cloud providers in a similar fashion to how mail, compute, and storage are today outsourced. We begin by presenting APLOMB, a system that allows enterprises to outsource middlebox processing to a third party cloud or ISP. For enterprise networks, APLOMB can reduce costs, ease management, and provide resources for scalability and failover. For service providers, APLOMB offers new customers and business opportunities, but also presents new challenges. Middleboxes have tighter performance demands than existing cloud services, and hence supporting APLOMB requires redesigning software at the cloud. We re-consider classical cloud challenges including fault-tolerance and privacy, showing how to implement middlebox software solutions with throughput and latency 2-4 orders of magnitude more efficient than general-purpose cloud approaches.}
}

EndNote citation:

%0 Thesis
%A Sherry, Justine
%T Middleboxes as a Cloud Service
%I EECS Department, University of California, Berkeley
%D 2016
%8 November 19
%@ UCB/EECS-2016-165
%U http://www2.eecs.berkeley.edu/Pubs/TechRpts/2016/EECS-2016-165.html
%F Sherry:EECS-2016-165