On Thu, Dec 20, 2012 at 10:03 AM, Xitao Wen <xitaowen2...@u.northwestern.edu> wrote: > I'm not sure if anyone has the same concern. But basically, NOX, same as > other controllers, provides applications ***UNLIMITED ACCESS*** to the > entire network configuration (flow entries, configuration, statistics, > etc.). Do you guys think it is a potential security issue, or at least a > compatibility issue? Because people might want to use third party > applications to build their own customized functionality, and nobody can > guarantee what weird things the module author is going to do to your > network. Or what if one application gets hacked by bad guys? They might be > able to have full control over the network. > > It might sound weird at this moment. But it is probably becoming more > serious when people want to achieve more complicated goals through combining > NOX applications.
If you log into a Cisco router and type the enable password, you can load new modules etc. and also have [sic] ***UNLIMITED ACCESS***. The controller is logical equivalent of the control plane of the router and should be secured accordingly. Does that help? - Rob . _______________________________________________ openflow-discuss mailing list openflow-discuss@lists.stanford.edu https://mailman.stanford.edu/mailman/listinfo/openflow-discuss
