A firewall reacts as a barrier to provide security by filtering traffics. Firewalls are an important part of the security of any network that can be divided into two types, namely, 1. Network Firewall 2. Host-based Firewall.

SDN-based Firewall is a programmable controller application on top of the controller to interconnect with the controller and make a real-time judgment on the destiny of incoming and outgoing traffic. SDN-based Firewall is a software application that runs inside the controller unless the median exists for the design of an SDN controller.

Standard firewall functionalities include adding, updating and deleting firewall rules to interact with a controller through which flows can be matched and judged. The SDN firewall functionality is implemented as four conspire units such as,

 •  Main module
 •  Filtering module
 •  Application identification module
 •  Security enforcement module

The firewalls are vulnerable to many issues:

 •  Denial of Services (DoS) attack
 •  Firewall Explosion
 •  Buffer Overload

The SDN-based Firewall has plausible to be a holistic network security solution by leveraging the centralization, high scalability and abstraction at the control plane. It also estimates the readiness for securing an SDN network, such as,

 •  Stateful Support
 •  Multi-Tenant Support
 •  Conflict Resolution
 •  Scalability and Concurrency
 •  Centralized Policy Enforcement
 •  Automatic Priority Handling
 •  Centralized Flow Tracking