Loading [MathJax]/extensions/MathMenu.js
Kubernetes-Driven Network Security for Distributed ACL Management | IEEE Conference Publication | IEEE Xplore
Subscribe
ADVANCED SEARCH
Conferences >2024 8th Cyber Security in Ne...

Kubernetes-Driven Network Security for Distributed ACL Management

PDF
Tushar Gupta
All Authors

Abstract:

Access Control List (ACL) management in complex, distributed network environments poses significant challenges for organizations relying on heterogeneous infrastructures....Show More

Metadata

Abstract:

Access Control List (ACL) management in complex, distributed network environments poses significant challenges for organizations relying on heterogeneous infrastructures. This paper proposes a novel architecture leveraging Infrastructure as Code principles, containerization, and Kubernetes orchestration to automate and streamline ACL management at scale. Our solution incorporates a CI/CD pipeline for ACL generation, utilizing Capirca for platform-agnostic policy definition and Docker for consistent packaging. A Kubernetes Deployment Controller manages the safe rollout of ACLs across diverse network devices, employing a phased approach with canary deployments. A Drift Detection Controller ensures continuous compliance by monitoring and rectifying unauthorized changes. The architecture integrates with external systems like NetBox for efficient device inventory management. By automating the entire ACL lifecycle, our approach significantly reduces manual errors, enhances security posture, and improves operational efficiency. Performance evaluation reveals strong scalability, with optimization opportunities for large-scale deployments. This work contributes to the evolving field of network security automation, offering a framework for managing network security policies in modern, complex infrastructures.
Published in: 2024 8th Cyber Security in Networking Conference (CSNet)
Date of Conference: 04-06 December 2024
Date Added to IEEE Xplore: 28 January 2025
ISBN Information:

ISSN Information:

DOI: 10.1109/CSNet64211.2024.10851730
Conference Location: Paris, France
Contents

I. Introduction

Network ACLs are fundamental components of network security, serving as a critical line of defense in protecting digital resources. Network ACLs management refers to the process of defining, implementing, and maintaining rules that govern traffic flow within and between network segments. These ACLs operate at the network layer (Layer 3) and transport layer (Layer 4) of the OSI model, controlling access based on IP addresses, protocols, and port numbers. At its core, Network ACL management involves specifying permit or deny rules for various types of network traffic. These rules determine whether packets are allowed to enter or exit a network segment, providing a stateless packet filtering mechanism. By implementing granular control over network traffic, organizations can enforce the principle of least privilege at the network level, ensuring that only authorized communication flows are permitted.

Contact IEEE to Subscribe
More Like This
Application of Square Matrix Set Type Full Arrangement Optimization Method in Pipeline Job Scheduling

2022 IEEE 17th Conference on Industrial Electronics and Applications (ICIEA)

Published: 2022

PASS: a package for automatic scheduling and sharing pipelined data paths

1991 IEEE International Symposium on Circuits and Systems (ISCAS)

Published: 1991

Show More

References

References is not available for this document.

IEEE Account

Purchase Details

Profile Information

Need Help?

A not-for-profit organization, IEEE is the world's largest technical professional organization dedicated to advancing technology for the benefit of humanity.
© Copyright 2025 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.