Skip to main content
Open Access Publications from the University of California

UC Berkeley

UC Berkeley Electronic Theses and Dissertations bannerUC Berkeley

Middleboxes as a Cloud Service


Today's networks do much more than merely deliver packets. Through the deployment of middleboxes, enterprise networks today provide improved security -- e.g., filtering malicious content -- and performance capabilities -- e.g., caching frequently accessed content. Although middleboxes are deployed widely in enterprises, they bring with them many challenges: they are complicated to manage, expensive, prone to failures, and challenge privacy expectations.

In this thesis, we aim to bring the benefits of cloud computing to networking.

We argue that middlebox services can be outsourced to cloud providers in a

similar fashion to how mail, compute, and storage are today outsourced. We begin

by presenting APLOMB, a system that allows enterprises to outsource middlebox

processing to a third party cloud or ISP. For enterprise networks, APLOMB can

reduce costs, ease management, and provide resources for scalability and

failover. For service providers, APLOMB offers new customers and business

opportunities, but also presents new challenges. Middleboxes have tighter

performance demands than existing cloud services, and hence supporting APLOMB

requires redesigning software at the cloud. We re-consider classical cloud

challenges including fault-tolerance and privacy, showing how to implement

middlebox software solutions with throughput and latency 2-4 orders of magnitude

more efficient than general-purpose cloud approaches. %Some of the technologies discussed in this thesis are presently being adopted by industrial systems used by cloud providers and ISPs.

Main Content
For improved accessibility of PDF content, download the file to your device.
Current View