Middleboxes as a Cloud Service
- Author(s): Sherry, Justine Marie
- Advisor(s): Ratnasamy, Sylvia
- et al.
Today's networks do much more than merely deliver packets. Through the deployment of middleboxes, enterprise networks today provide improved security -- e.g., filtering malicious content -- and performance capabilities -- e.g., caching frequently accessed content. Although middleboxes are deployed widely in enterprises, they bring with them many challenges: they are complicated to manage, expensive, prone to failures, and challenge privacy expectations.
In this thesis, we aim to bring the benefits of cloud computing to networking.
We argue that middlebox services can be outsourced to cloud providers in a
similar fashion to how mail, compute, and storage are today outsourced. We begin
by presenting APLOMB, a system that allows enterprises to outsource middlebox
processing to a third party cloud or ISP. For enterprise networks, APLOMB can
reduce costs, ease management, and provide resources for scalability and
failover. For service providers, APLOMB offers new customers and business
opportunities, but also presents new challenges. Middleboxes have tighter
performance demands than existing cloud services, and hence supporting APLOMB
requires redesigning software at the cloud. We re-consider classical cloud
challenges including fault-tolerance and privacy, showing how to implement
middlebox software solutions with throughput and latency 2-4 orders of magnitude
more efficient than general-purpose cloud approaches. %Some of the technologies discussed in this thesis are presently being adopted by industrial systems used by cloud providers and ISPs.