IDEAS home Printed from https://ideas.repec.org/a/gam/jftint/v16y2024i8p283-d1451771.html
   My bibliography  Save this article

Overlay and Virtual Private Networks Security Performances Analysis with Open Source Infrastructure Deployment

Author

Listed:
  • Antonio Francesco Gentile

    (Institute for High-Performance Computing and Networking (ICAR), National Research Council of Italy (CNR), Via P. Bucci 8/9C, 87036 Rende, Italy)

  • Davide Macrì

    (Institute for High-Performance Computing and Networking (ICAR), National Research Council of Italy (CNR), Via P. Bucci 8/9C, 87036 Rende, Italy)

  • Emilio Greco

    (Institute for High-Performance Computing and Networking (ICAR), National Research Council of Italy (CNR), Via P. Bucci 8/9C, 87036 Rende, Italy)

  • Peppino Fazio

    (Department of Molecular Sciences and Nanosystems, Ca’ Foscari University of Venice, Via Torino 155, 30123 Venezia, Italy
    Department of Telecommunications, VSB—Technical University of Ostrava, 708 00 Ostrava, Czech Republic)

Abstract

Nowadays, some of the most well-deployed infrastructures are Virtual Private Networks (VPNs) and Overlay Networks (ONs). They consist of hardware and software components designed to build private/secure channels, typically over the Internet. They are currently among the most reliable technologies for achieving this objective. VPNs are well-established and can be patched to address security vulnerabilities, while overlay networks represent the next-generation solution for secure communication. In this paper, for both VPNs and ONs, we analyze some important network performance components (RTT and bandwidth) while varying the type of overlay networks utilized for interconnecting traffic between two or more hosts (in the same data center, in different data centers in the same building, or over the Internet). These networks establish connections between KVM (Kernel-based Virtual Machine) instances rather than the typical Docker/LXC/Podman containers. The first analysis aims to assess network performance as it is, without any overlay channels. Meanwhile, the second establishes various channels without encryption and the final analysis encapsulates overlay traffic via IPsec (Transport mode), where encrypted channels like VTI are not already available for use. A deep set of traffic simulation campaigns shows the obtained performance.

Suggested Citation

  • Antonio Francesco Gentile & Davide Macrì & Emilio Greco & Peppino Fazio, 2024. "Overlay and Virtual Private Networks Security Performances Analysis with Open Source Infrastructure Deployment," Future Internet, MDPI, vol. 16(8), pages 1-25, August.
    • Handle: RePEc:gam:jftint:v:16:y:2024:i:8:p:283-:d:1451771
    as

    Download full text from publisher

    File URL: https://www.mdpi.com/1999-5903/16/8/283/pdf
    Download Restriction: no
    File URL: https://www.mdpi.com/1999-5903/16/8/283/
    Download Restriction: no
    ---><---

    References listed on IDEAS

    as
    1. Antonio Francesco Gentile & Davide Macrì & Floriano De Rango & Mauro Tropea & Emilio Greco, 2022. "A VPN Performances Analysis of Constrained Hardware Open Source Infrastructure Deploy in IoT Environment," Future Internet, MDPI, vol. 14(9), pages 1-27, September.
    Full references (including those not matched with items on IDEAS)

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Christoph Stach & Clémentine Gritti, 2023. "Special Issue on Security and Privacy in Blockchains and the IoT Volume II," Future Internet, MDPI, vol. 15(8), pages 1-7, August.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:gam:jftint:v:16:y:2024:i:8:p:283-:d:1451771. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: MDPI Indexing Manager (email available below). General contact details of provider: https://www.mdpi.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.