LATEST UPDATE - Beta 7 (February 2015)


Security Enhanced (SE) Floodlight - the first reference implementation of an OpenFlow security mediation service for enforcing network security policies at the Control Layer.  SE-Floodlight is an extension and improvement of our original FortNOX system

Security Actuator - an example OpenFlow security directive actuation service, enabling network security tools to invoke advanced security remediation logic , essentially rewriting the network flow paths of attack sources and infected hosts

OpenFlow BotHunter - BotHunter is a network-based passive analysis system that detects when systems inside your network are producing communication patterns consistent with coordination centric malware (botnets, spam,  infection, spyware, worms, adware, etc.) . 


Lets make intelligent contextual flow policy enforcement easy to express and enforce on any OpenFlow network

  FlowBoss:   Our second SE-Floodlight-hosted SDN security application will be a dynamic network access control service that does for network flow analysis what Snort did for  packet inspection.

  Using FlowBoss, one may specify a wide range of unique network security policies, including policies to prevent unauthorized data exfiltration, handling policies for IP reputation violations, specification-based policies that limit a network to "approved flows only", define evening an  weekend flow policies, definite Geo-specific flow policies,  conditional flow policies that depend on current overall network statistics, and policies capable of detecting a wide range of malicious or prohibited network flows.

Video (4min):  What is SE-Floodlight?