Date of Award

3-24-2016

Document Type

Thesis

Degree Name

Master of Science

Department

Department of Electrical and Computer Engineering

First Advisor

Barry E. Mullins, PhD.

Abstract

Virtualization is a powerful and fast growing technology that is widely accepted throughout the computing industry. The Department of Defense has moved its focus to virtualization and looks to take advantage of virtualized hardware, software, and networks. Virtual environments provide many benefits but create both administrative and security challenges. The challenge of monitoring virtual networks is having visibility of inter-virtual machine (VM) traffic that is passed within a single virtual host. This thesis attempts to gain visibility and evaluate performance of inter-VM traffic in a virtual environment. Separate virtual networks are produced using VMWare ESXi and Citrix XenServer platforms. The networks are comprised of three virtual hosts containing a Domain Controller VM, a Dynamic Host Configuration Protocol server VM, two management VMs, and four testing VMs. Configuration of virtual hosts, VMs, and networking components are identical on each network for a consistent comparison. Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) traffic is generated to test each network using custom batch files, Powershell scripts, and Python code. Results show standard virtual networks require additional resources (e.g., local Intrusion Detection System) and more hands-on administration for real-time traffic visibility than a virtual network using a distributed switch. Traffic visibility within a standard network is limited to using a local packet capture program such as pktcap-uw, tcpdump, or windump. However, distributed networks offer advanced options, such as port mirroring and NetFlow, that deliver higher visibility but come at a higher latency for both TCP and UDP inter-VM traffic.

AFIT Designator

AFIT-ENG-MS-16-M-006

DTIC Accession Number

AD1053782

Download

Share

COinS