Cyber Security in Virtualized Communication Networks: Open Challenges for NATO

Modern multi-nation military communication and information systems demand rapid deployment and reconfiguration to enable secure information exchange between domains belonging to different nations. In order to support such a multi-nation mission scenarios NATO has been developing the concept of a federated mission network (FMN). These networks are leveraging the advantages of software-defined networking (SDN) and network function virtualization (NFV) to adapt to a wide range of security requirements using network security functions (NSF). The investigation reported in this paper discusses two use cases, namely how to automate security policy evaluation, and how to deploy a security guard (Information Exchange Function) between network segments with different classification. Both cases use network scenarios from protected core network (PCN) because the goal is to compile open challenges to automate the deployment and management of secure coalition networks.