Open Networking User Group (ONUG) logo


ONUG Spring 2017 April 25 & 26 ONUG Fall 2017 October 17 & 18

Implementing Network Policies in SDN: From the Enterprise to the Wide Area

Picture 7


When: May 6, 2:00-3:30PM

Instructor: Nick Feamster
Associate Professor, College of Computing, Georgia Tech



Recent developments in control programs for Software Defined Networks (SDN) make it easier for network operators to write high-level policies, ranging from access control to traffic load balance.  This tutorial will provide an overview of the burgeoning programming models and controllers for SDN that make writing these types of policies easier.  I will introduce SDN programming abstractions—including policy composition, virtual topology abstraction, and event-based control—and demonstrate how these primitives can be used to encode security and resource management policies in real-world enterprise networks.  I will also explain how these programming abstractions can be used to manage traffic in wide-area networks by allowing for a wider range of traffic management policies.  We will also discuss certain open questions, such as automated verification of network policies and resolution of policy conflicts. The tutorial will include both explanations of these concepts and demonstrations of how they can be applied in practice.


Overview of enterprise and wide-area network policies

  • What is possible today
  • What could be possible for SDN

Primitives for Implementing Network Policy

  • Topology abstractions
  • Policy composition
  • Event-based control

Applications to Real-World Networks

  • Enterprise networks. Case study: Network access control.
  • Wide-area networks. Case Study: Traffic management and interconnection.

Open questions

  • Automated verification
  • Conflict resolution