Encrypted VXLAN

This proposal has been accepted as a session.


One Line Summary

ideas for providing per tenant encryption of virtualized networks in the cloud


Physical and virtual network break-ins are two largest security threats in the cloud. Large datacenters with multiple geographical locations are the most vulnerable. Encrypting traffic at datacenter boundary might not be enough. Per tenant encryption of inner packets encapsulated in tunnel protocol like vxlan provides desired level of security. This talk describes this new protocol and proposes generalization of tunnel+encryption.