Flexible network monitoring at 100Gbps. and beyond

Size: px
Start display at page:

Download "Flexible network monitoring at 100Gbps. and beyond"

Transcription

1 Nadpis 1 Nadpis 2 Nadpis 3 Flexible network monitoring at 100Gbps Lukáš Kekely, Viktor Puš {kekely,pus}@cesnet.cz and beyond Jméno Příjmení Vysoké učení technické v Brně, Fakulta informačních technologií v Brně Božetěchova 2, Brno jmeno@fit.vutbr.cz 2nd SIG-PMV meeting 17 th May

2 CESNET Czech NREN with over 400,000 connected users L. Kekely: Flexible network monitoring at 100Gbps and beyond 2

3 CESNET monitoring (Liberouter group) 7 metering points guarding the 40/100 Gbps L. Kekely: Flexible network monitoring at 100Gbps and beyond 3

4 Monitoring point TAPed network link commodity Linux server(s) production and testing FPGA accelerated NICs L. Kekely: Flexible network monitoring at 100Gbps and beyond 4

5 Monitoring overview L. Kekely: Flexible network monitoring at 100Gbps and beyond 5

6 Monitoring overview L. Kekely: Flexible network monitoring at 100Gbps and beyond 6

7 Family of accelerated NICs L. Kekely: Flexible network monitoring at 100Gbps and beyond 7

8 NFB-100G2Q Virtex7 H580T FPGA 2x QSFP28 transciever cage 100GE or 4x 10GE PCIe x16 gen3 (100Gbps to RAM) 3x QDRIIIe (3x72Mb) precise timestamp input Intel DPDK support L. Kekely: Flexible network monitoring at 100Gbps and beyond 8

9 NetCOPE platform rapid development of network applications on our NICs multi-card support (porting) made easy commonly usable IP cores (network modules, parsers ) generic data transfer protocol towards used accelerators fast DMA transfers of packets into host memory L. Kekely: Flexible network monitoring at 100Gbps and beyond 9

10 DMA bus-master: proprietary SZE2 the fastest DMAs available full-duplex 100GE line-rate L. Kekely: Flexible network monitoring at 100Gbps and beyond 10

11 DMA bus-master: Intel DPDK DPDK performance record set in April L. Kekely: Flexible network monitoring at 100Gbps and beyond 11

12 P4 language high-level language for description of packet processing protocol stack independent header parsing of incoming packets decision making and related actions (match-action tables) modification and assembly of outgoing packets development of unique P4-to-VHDL translator (generator) parsing & de-parsing done; match-action underway live demonstration today at P4 Stanford P4 generated 100GE In-Band Network Telemetry (INT) sink delay heatmap of the whole network visualized as a result L. Kekely: Flexible network monitoring at 100Gbps and beyond 12

13 Hardware accelerated NIC (HaNIC) accelerated packet capture solution with extra features flow-aware (hash-based) traffic distribution packet filtering/classification IP prefixes, ports, protocol bi-directional flows, sampling, trimming, headers L. Kekely: Flexible network monitoring at 100Gbps and beyond 13

14 Software Defined Monitoring (SDM) new concept of hardware accelerated flow monitoring extensible application-specific processor for stateful flow processing SW applications can offload processing of bulk traffic to HW aimed to enable high-speed application layer monitoring L. Kekely: Flexible network monitoring at 100Gbps and beyond 14

15 Software Defined Monitoring (SDM) L. Kekely: Flexible network monitoring at 100Gbps and beyond 15

16 Flow exporter we use FlowMonExp from our partner Flowmon Technologies highly optimized implementation (hugepages, NUMA aware ) comfigurable management of flow cache records flexible architecture supporting user defined plugins input PCAP, DPDK, our SZE2 format, preprocessed packets processing DNS & HTTP analyzers, Heartbleed detector export CSV, NetFlow, IPFIX L. Kekely: Flexible network monitoring at 100Gbps and beyond 16

17 DDoS scrubber separate DDoS packets from legitimate traffic HaNIC firmware with extra features (rate limit, VLAN tag) measurement of statistics and mitigation of detected attacks 100 Gbps (10x10GE) prototype already deployed in network L. Kekely: Flexible network monitoring at 100Gbps and beyond 17

18 Monitoring overview L. Kekely: Flexible network monitoring at 100Gbps and beyond 18

19 IPFIXcol collector fully supporting IPFIX including enterprise elements include tools for subsequent data processing and mediation high-performance sufficient for 100GE environment extensible by various plugins (input, intermediate, storage) open-source in C L. Kekely: Flexible network monitoring at 100Gbps and beyond 19

20 SecurityCloud distributed flow-based collector in development master-slaves and proxy architecture based on IPFIXcol to store and distribute data fdistdump to execute queries on slaves L. Kekely: Flexible network monitoring at 100Gbps and beyond 20

21 NEtwork MEasurements Analysis (NEMEA) framework for automated real-time analysis of flow data build as a user-defined collection of various modules TRAP + UniRec = high-performance and easy distribution detected threads reported to CERTS/CSIRT systems open-source - L. Kekely: Flexible network monitoring at 100Gbps and beyond 21

22 NETCONF and YANG development of tools for full remote control of our devices in cooperation with IETF s NETCONF & NETMOD groups libyang - YANG parser and validator with API in C libnetconf - NETCONF protocol implementation for Linux generic client-server communication API written in C device data modeling - v1 uses XML, v2 uses YANG Netopeer - set of applications with NETCONF protocol implementations of server, clients (webgui or CLI) and more L. Kekely: Flexible network monitoring at 100Gbps and beyond 22

23 Cooperation (National) technology transfer (since 2003) spin-off company (since 2007) L. Kekely: Flexible network monitoring at 100Gbps and beyond 23

24 Cooperation (National) Best Cooperation of the Year project TA : Distributed System for Complex Monitoring of High-Speed Networks highest national research award Czech Head, Industry award world s first 100 Gbps Ethernet interface card L. Kekely: Flexible network monitoring at 100Gbps and beyond 24

25 Cooperation (International) University of Twente, DACS group network monitoring and intrusion detection University of Cambridge, NetOS group packet classification/filtering and dynamic reconfiguration part of GÉANT network and projects PROTECTIVE, Firewall on Demand L. Kekely: Flexible network monitoring at 100Gbps and beyond 25

26 Cooperation (International) BEBA (BEhavioural BAsed forwarding) H2020 EU project finished last week with Excellent rating L. Kekely: Flexible network monitoring at 100Gbps and beyond 26

27 Summary direct access to a lot of high-speed network data high-performance production and test monitoring probes reconfigurable FPGA acceleration cards and extensible SW collection, analysis and storage of flow data flexible and modifiable open-source tools large database of collected IPFIX flow records close connections with university and industry environment years of experience with national and EU research projects We are open to new cooperation possibilities! L. Kekely: Flexible network monitoring at 100Gbps and beyond 27

28 Thank you for your attention! More info: L. Kekely: HANIC 28

Hardware-Accelerated Flexible Flow Measurement

Hardware-Accelerated Flexible Flow Measurement Hardware-Accelerated Flexible Flow Measurement Pavel Čeleda celeda@liberouter.org Martin Žádník zadnik@liberouter.org Lukáš Solanka solanka@liberouter.org Part I Introduction and Related Work Čeleda, Žádník,

More information

Case study: NBA as a Service at GÉANT

Case study: NBA as a Service at GÉANT Case study: NBA as a Service at GÉANT Part of project NSHaRP Artur Kane kane@flowmon.com Our starts-liberouter Liberouter project 2002 (www.liberouter.org) acceleration of high-speed network application

More information

Jakub Cabal et al. CESNET

Jakub Cabal et al. CESNET CONFIGURABLE FPGA PACKET PARSER FOR TERABIT NETWORKS WITH GUARANTEED WIRE- SPEED THROUGHPUT Jakub Cabal et al. CESNET 2018/02/27 FPGA, Monterey, USA Packet parsing INTRODUCTION It is among basic operations

More information

FPGA accelerated application monitoring in 40 and 100G networks

FPGA accelerated application monitoring in 40 and 100G networks FPGA accelerated application monitoring in 40 and 100G networks Campus network monitoring and security workshop CESNET workshop, 24.4.2014 Petr Kastovsky kastovsky@invea.com Company Introduction Czech

More information

Hardware Acceleration in Computer Networks. Jan Kořenek Conference IT4Innovations, Ostrava

Hardware Acceleration in Computer Networks. Jan Kořenek Conference IT4Innovations, Ostrava Hardware Acceleration in Computer Networks Outline Motivation for hardware acceleration Longest prefix matching using FPGA Hardware acceleration of time critical operations Framework and applications Contracted

More information

100% PACKET CAPTURE. Intelligent FPGA-based Host CPU Offload NIC s & Scalable Platforms. Up to 200Gbps

100% PACKET CAPTURE. Intelligent FPGA-based Host CPU Offload NIC s & Scalable Platforms. Up to 200Gbps 100% PACKET CAPTURE Intelligent FPGA-based Host CPU Offload NIC s & Scalable Platforms Up to 200Gbps Dual Port 100 GigE ANIC-200KFlex (QSFP28) The ANIC-200KFlex FPGA-based PCIe adapter/nic features dual

More information

Flows at Masaryk University Brno

Flows at Masaryk University Brno Flows at Masaryk University Brno Jan Vykopal Masaryk University Institute of Computer Science GEANT3/NA3/T4 meeting October 21st, 2009, Belgrade Masaryk University, Brno, Czech Republic The 2nd largest

More information

Improving DPDK Performance

Improving DPDK Performance Improving DPDK Performance Data Plane Development Kit (DPDK) was pioneered by Intel as a way to boost the speed of packet API with standard hardware. DPDK-enabled applications typically show four or more

More information

NETWORK PROBE FOR FLEXIBLE FLOW MONITORING

NETWORK PROBE FOR FLEXIBLE FLOW MONITORING NETWORK PROBE FOR FLEXIBLE FLOW MONITORING Martin Žádník, Jan Kořenek, Faculty of Information Technology Brno University of Technology Brno, Czech Republic email: {izadnik,korenek}@fit.vutbr.cz Petr Kobierský

More information

Building a Feedback Loop to Capture Evidence of Network Incidents

Building a Feedback Loop to Capture Evidence of Network Incidents Building a Feedback Loop to Capture Evidence of Network Incidents Zdeněk Rosa, Tomáš Čejka, Martin Žádník and Viktor Puš CESNET, a.l.e. CTU in Prague, FIT Zikova 4 Thákurova 9 16 Prague 6, Czech Republic

More information

MODERN network engineering and security heavily rely

MODERN network engineering and security heavily rely IEEE TRANSACTIONS ON COMPUTERS, VOL. 65, NO. 2, FEBRUARY 2016 615 Software Defined Monitoring of Application Protocols Lukas Kekely, Jan Kucera, Viktor Pus, Jan Korenek, and Athanasios V. Vasilakos Abstract

More information

Tools for Security Analysis of Traffic on L7 Practical course

Tools for Security Analysis of Traffic on L7 Practical course www.liberouter.org Tools for Security Analysis of Traffic on L7 Practical course 50th TF-CSIRT meeting and FIRST Regional Symposium for Europe Security Tools as a Service Flow monitoring overview Flow

More information

DDoS Protection in Backbone Networks

DDoS Protection in Backbone Networks DDoS Protection in Backbone Networks The Czech Way Pavel Minarik, Chief Technology Officer Holland Strikes Back, 3 rd Oct 2017 Backbone DDoS protection Backbone protection is specific High number of up-links,

More information

DDoS Protection in Backbone Networks Deployed at Trenka Informatik AG (www.trenka.ch)

DDoS Protection in Backbone Networks Deployed at Trenka Informatik AG (www.trenka.ch) DDoS Protection in Backbone Networks Deployed at Trenka Informatik AG (www.trenka.ch) Pavel Minarik, Chief Technology Officer SwiNOG meeting, 9 th Nov 2017 Backbone DDoS protection Backbone protection

More information

ntop Users Group Meeting

ntop Users Group Meeting ntop Users Group Meeting ntop Visibility, Security Awareness 1 meeting About ntop Private company devoted to development of Open Source network traffic monitoring applications. ntop (circa 1998) is the

More information

Hardware Acceleration for Measurements in 100 Gb/s Networks

Hardware Acceleration for Measurements in 100 Gb/s Networks Hardware Acceleration for Measurements in 100 Gb/s Networks Viktor Puš To cite this version: Viktor Puš. Hardware Acceleration for Measurements in 100 Gb/s Networks. Ramin Sadre; Jiří Novotný; Pavel Čeleda;

More information

Programming Netronome Agilio SmartNICs

Programming Netronome Agilio SmartNICs WHITE PAPER Programming Netronome Agilio SmartNICs NFP-4000 AND NFP-6000 FAMILY: SUPPORTED PROGRAMMING MODELS THE AGILIO SMARTNICS DELIVER HIGH- PERFORMANCE SERVER- BASED NETWORKING APPLICATIONS SUCH AS

More information

INT G bit TCP Offload Engine SOC

INT G bit TCP Offload Engine SOC INT 10011 10 G bit TCP Offload Engine SOC Product brief, features and benefits summary: Highly customizable hardware IP block. Easily portable to ASIC flow, Xilinx/Altera FPGAs or Structured ASIC flow.

More information

Network Security Monitoring with Flow Data

Network Security Monitoring with Flow Data Network Security Monitoring with Flow Data IT Monitoring in Enterprises NPMD (Network Performance Monitoring & Diagnostics) SNMP basics Flow data for advanced analysis and troubleshooting Packet capture

More information

Driving Network Visibility

Driving Network Visibility Flowmon Price List EUR Driving Network Visibility Flowmon Hardware Appliances... 2 Flowmon Virtual Appliances... 3 Flowmon Cloud... 3 Flowmon ADS Anomaly Detection System... 4 Flowmon DDoS Defender...

More information

Affordable High-Speed Sensors Everywhere. ntop Meetup Flocon 2016, Daytona Beach Jan 13th 2016

Affordable High-Speed Sensors Everywhere. ntop Meetup Flocon 2016, Daytona Beach Jan 13th 2016 Affordable High-Speed Sensors Everywhere ntop Meetup Flocon 2016, Daytona Beach Jan 13th 2016 Welcome to the ntop Meetup Meeting Goals: Meet ntop users Describe our ideas and plans for 2016 Hear your comments

More information

Title Text. What s New? Since Last Sharkfest

Title Text. What s New? Since Last Sharkfest Title Text What s New? Since Last Sharkfest ntopng Grafana datasource plugin officially released Device discovery to find unknown active and silent devices plugged to the network ARP scanning, SSDP, MDNS,

More information

Flow Measurement. For IT, Security and IoT/ICS. Pavel Minařík, Chief Technology Officer EMITEC, Swiss Test and Measurement Day 20 th April 2018

Flow Measurement. For IT, Security and IoT/ICS. Pavel Minařík, Chief Technology Officer EMITEC, Swiss Test and Measurement Day 20 th April 2018 Flow Measurement For IT, Security and IoT/ICS Pavel Minařík, Chief Technology Officer EMITEC, Swiss Test and Measurement Day 20 th April 2018 What is Flow Data? Modern method for network monitoring flow

More information

NEMEA: A Framework for Network Traffic Analysis

NEMEA: A Framework for Network Traffic Analysis NEMEA: A Framework for Network Traffic Analysis Tomas Cejka, Vaclav Bartos, Marek Svepes, Zdenek Rosa and Hana Kubatova CESNET, a.l.e. Zikova 4, 160 00 Prague 6, Czech Republic {cejkat,bartos,svepes,rosa}@cesnet.cz

More information

Flow-based Traffic Visibility

Flow-based Traffic Visibility Flow-based Traffic Visibility Operations, Performance, Security Pavel Minařík, Chief Technology Officer What is Flow Data? Modern method for network monitoring flow measurement Cisco standard NetFlow v5/v9,

More information

Next Generation Network Traffic Monitoring and Anomaly Detection. Petr Springl

Next Generation Network Traffic Monitoring and Anomaly Detection. Petr Springl Next Generation Network Traffic Monitoring and Anomaly Detection Petr Springl springl@invea-tech.com INVEA-TECH University spin-off company 10 years of development, participation in EU funded projects

More information

SCRIPT: An Architecture for IPFIX Data Distribution

SCRIPT: An Architecture for IPFIX Data Distribution SCRIPT Public Workshop January 20, 2010, Zurich, Switzerland SCRIPT: An Architecture for IPFIX Data Distribution Peter Racz Communication Systems Group CSG Department of Informatics IFI University of Zürich

More information

ntop Users Group Meeting

ntop Users Group Meeting ntop Users Group Meeting PF_RING Tutorial Alfredo Cardigliano Overview Introduction Installation Configuration Tuning Use cases PF_RING Open source packet processing framework for

More information

Gateware Defined Networking (GDN) for Ultra Low Latency Trading and Compliance

Gateware Defined Networking (GDN) for Ultra Low Latency Trading and Compliance Gateware Defined Networking (GDN) for Ultra Low Latency Trading and Compliance STAC Summit: Panel: FPGA for trading today: December 2015 John W. Lockwood, PhD, CEO Algo-Logic Systems, Inc. JWLockwd@algo-logic.com

More information

Flow-Based Network Monitoring using nprobe and ntopng

Flow-Based Network Monitoring using nprobe and ntopng Flow-Based Network Monitoring using nprobe and ntopng Simone Mainardi, PhD @simonemainardi mainardi@ntop.org Agenda About ntop Flow-based network monitoring, beyond SNMP nprobe: NetFlow/IPFIX/sFlow probe

More information

TLDK Overview. Transport Layer Development Kit Keith Wiles April Contributions from Ray Kinsella & Konstantin Ananyev

TLDK Overview. Transport Layer Development Kit Keith Wiles April Contributions from Ray Kinsella & Konstantin Ananyev TLDK Overview Transport Layer Development Kit Keith Wiles April 2017 Contributions from Ray Kinsella & Konstantin Ananyev Notices and Disclaimers Intel technologies features and benefits depend on system

More information

NFV Infrastructure for Media Data Center Applications

NFV Infrastructure for Media Data Center Applications NFV Infrastructure for Media Data Center Applications Today s Presenters Roger Sherwood Global Strategy & Business Development, Cisco Systems Damion Desai Account Manager for Datacenter, SDN, NFV and Mobility,

More information

SIMULINK AS A TOOL FOR PROTOTYPING RECONFIGURABLE IMAGE PROCESSING APPLICATIONS

SIMULINK AS A TOOL FOR PROTOTYPING RECONFIGURABLE IMAGE PROCESSING APPLICATIONS SIMULINK AS A TOOL FOR PROTOTYPING RECONFIGURABLE IMAGE PROCESSING APPLICATIONS B. Kovář, J. Schier Ústav teorie informace a automatizace AV ČR, Praha P. Zemčík, A. Herout, V. Beran Ústav počítačové grafiky

More information

It s Flow Time! The Role and Importance of Flow Monitoring in Network Operations and Security

It s Flow Time! The Role and Importance of Flow Monitoring in Network Operations and Security It s Flow Time! The Role and Importance of Flow Monitoring in Network Operations and Security Pavel Minařík, Chief Technology Officer Neutral Peering Days 2018, The Hague Your customers depend on your

More information

High-Speed Forwarding: A P4 Compiler with a Hardware Abstraction Library for Intel DPDK

High-Speed Forwarding: A P4 Compiler with a Hardware Abstraction Library for Intel DPDK High-Speed Forwarding: A P4 Compiler with a Hardware Abstraction Library for Intel DPDK Sándor Laki Eötvös Loránd University Budapest, Hungary lakis@elte.hu Motivation Programmability of network data plane

More information

Research on DPDK Based High-Speed Network Traffic Analysis. Zihao Wang Network & Information Center Shanghai Jiao Tong University

Research on DPDK Based High-Speed Network Traffic Analysis. Zihao Wang Network & Information Center Shanghai Jiao Tong University Research on DPDK Based High-Speed Network Traffic Analysis Zihao Wang Network & Information Center Shanghai Jiao Tong University Outline 1 Background 2 Overview 3 DPDK Based Traffic Analysis 4 Experiment

More information

Enterprise Network Compute System (ENCS)

Enterprise Network Compute System (ENCS) Enterprise Network Compute System (ENCS) Cisco vbranch Architecture Per Jensen, per@cisco.com Sept 2017 Agenda: Tech Update september-2017 1. ENCS update + demo v/per 2. Viptela update + demo v/dr Søren

More information

It's kind of fun to do the impossible with DPDK Yoshihiro Nakajima, Hirokazu Takahashi, Kunihiro Ishiguro, Koji Yamazaki NTT Labs

It's kind of fun to do the impossible with DPDK Yoshihiro Nakajima, Hirokazu Takahashi, Kunihiro Ishiguro, Koji Yamazaki NTT Labs It's kind of fun to do the impossible with DPDK Yoshihiro Nakajima, Hirokazu Takahashi, Kunihiro Ishiguro, Koji Yamazaki NTT Labs 0 Agenda Motivation for fun Fun with Lagopus SDN switch Fun with speed

More information

ANIC Host CPU Offload Features Overview An Overview of Features and Functions Available with ANIC Adapters

ANIC Host CPU Offload Features Overview An Overview of Features and Functions Available with ANIC Adapters ANIC Host CPU Offload Features Overview An Overview of Features and Functions Available with ANIC Adapters ANIC Adapters Accolade s ANIC line of FPGA-based adapters/nics help accelerate security and networking

More information

P51: High Performance Networking

P51: High Performance Networking P51: High Performance Networking Lecture 6: Programmable network devices Dr Noa Zilberman noa.zilberman@cl.cam.ac.uk Lent 2017/18 High Throughput Interfaces Performance Limitations So far we discussed

More information

Agilio OVS Software Architecture

Agilio OVS Software Architecture WHITE PAPER Agilio OVS Software Architecture FOR SERVER-BASED NETWORKING THERE IS CONSTANT PRESSURE TO IMPROVE SERVER- BASED NETWORKING PERFORMANCE DUE TO THE INCREASED USE OF SERVER AND NETWORK VIRTUALIZATION

More information

P4-based VNF and Micro-VNF chaining for servers with SmartNICs

P4-based VNF and Micro-VNF chaining for servers with SmartNICs P4-based VNF and Micro-VNF chaining for servers with SmartNICs David George david.george@netronome.com 1 Session Agenda Introduction Design overview A look under the hood P4, SandboxC and rules Run-through

More information

High Performance Packet Processing with FlexNIC

High Performance Packet Processing with FlexNIC High Performance Packet Processing with FlexNIC Antoine Kaufmann, Naveen Kr. Sharma Thomas Anderson, Arvind Krishnamurthy University of Washington Simon Peter The University of Texas at Austin Ethernet

More information

NetFPGA Update at GEC4

NetFPGA Update at GEC4 NetFPGA Update at GEC4 http://netfpga.org/ NSF GENI Engineering Conference 4 (GEC4) March 31, 2009 John W. Lockwood http://stanford.edu/~jwlockwd/ jwlockwd@stanford.edu NSF GEC4 1 March 2009 What is the

More information

Automatic Generation of 100 Gbps Packet Parsers from P4 Description

Automatic Generation of 100 Gbps Packet Parsers from P4 Description Automatic Generation of 100 Gbps acket arsers from 4 Description avel Benáček 1 Viktor uš 1 Hana Kubátová 2 1 Liberouter CESNET 2 Faculty of Information Technology Czech Technical University in rague H

More information

Configure Ethernet Physical Interface Properties on page 82. Configure 802.1Q VLANs on page 83. Configure the Management Ethernet Interface on page 84

Configure Ethernet Physical Interface Properties on page 82. Configure 802.1Q VLANs on page 83. Configure the Management Ethernet Interface on page 84 Chapter 8 The JUNOSg cable modem termination system (CMTS )supports the following types of Ethernet interfaces: Fast Ethernet Gigabit Ethernet Management Ethernet interface, which is an out-of-band management

More information

Improving Packet Processing Performance of a Memory- Bounded Application

Improving Packet Processing Performance of a Memory- Bounded Application Improving Packet Processing Performance of a Memory- Bounded Application Jörn Schumacher CERN / University of Paderborn, Germany jorn.schumacher@cern.ch On behalf of the ATLAS FELIX Developer Team LHCb

More information

Intel PRO/1000 PT and PF Quad Port Bypass Server Adapters for In-line Server Appliances

Intel PRO/1000 PT and PF Quad Port Bypass Server Adapters for In-line Server Appliances Technology Brief Intel PRO/1000 PT and PF Quad Port Bypass Server Adapters for In-line Server Appliances Intel PRO/1000 PT and PF Quad Port Bypass Server Adapters for In-line Server Appliances The world

More information

LegUp: Accelerating Memcached on Cloud FPGAs

LegUp: Accelerating Memcached on Cloud FPGAs 0 LegUp: Accelerating Memcached on Cloud FPGAs Xilinx Developer Forum December 10, 2018 Andrew Canis & Ruolong Lian LegUp Computing Inc. 1 COMPUTE IS BECOMING SPECIALIZED 1 GPU Nvidia graphics cards are

More information

소프트웨어기반고성능침입탐지시스템설계및구현

소프트웨어기반고성능침입탐지시스템설계및구현 소프트웨어기반고성능침입탐지시스템설계및구현 KyoungSoo Park Department of Electrical Engineering, KAIST M. Asim Jamshed *, Jihyung Lee*, Sangwoo Moon*, Insu Yun *, Deokjin Kim, Sungryoul Lee, Yung Yi* Department of Electrical

More information

Programming NFP with P4 and C

Programming NFP with P4 and C WHITE PAPER Programming NFP with P4 and C THE NFP FAMILY OF FLOW PROCESSORS ARE SOPHISTICATED PROCESSORS SPECIALIZED TOWARDS HIGH-PERFORMANCE FLOW PROCESSING. CONTENTS INTRODUCTION...1 PROGRAMMING THE

More information

Experience with the NetFPGA Program

Experience with the NetFPGA Program Experience with the NetFPGA Program John W. Lockwood Algo-Logic Systems Algo-Logic.com With input from the Stanford University NetFPGA Group & Xilinx XUP Program Sunday, February 21, 2010 FPGA-2010 Pre-Conference

More information

Monitoring and diagnostics of data infrastructure problems in power engineering. Jaroslav Stusak, Sales Director CEE, Flowmon Networks

Monitoring and diagnostics of data infrastructure problems in power engineering. Jaroslav Stusak, Sales Director CEE, Flowmon Networks Monitoring and diagnostics of data infrastructure problems in power engineering Jaroslav Stusak, Sales Director CEE, Flowmon Networks 35,000 kilometers of electric power, which feeds around 740,000 clients...

More information

Hardware Flow Offload. What is it? Why you should matter?

Hardware Flow Offload. What is it? Why you should matter? Hardware Offload What is it? Why you should matter? Good News: Network Speed The market is moving from 10 Gbit to 40/100 Gbit At 40 Gbit frame inter-arrival time is ~16 nsec At 100 Gbit frame inter-arrival

More information

Extreme Networks Session Director

Extreme Networks Session Director Data Sheet Highlights Designed for 4G/LTE, 5G Mobile Network Operators, and IoT scale Maximizes utilization of existing monitoring solutions with subscriberaware network traffic load balancing, filtering,

More information

Large-Scale Geolocation for NetFlow

Large-Scale Geolocation for NetFlow Large-Scale Geolocation for NetFlow Pavel Čeleda, Petr Velan, Martin Rábek Rick Hofstede, Aiko Pras {celeda velan xrabek1}@ics.muni.cz, {r.j.hofstede a.pras}@utwente.nl IFIP/IEEE IM 2013, 27-31 May 2013,

More information

SmartNIC Programming Models

SmartNIC Programming Models SmartNIC Programming Models Johann Tönsing 206--09 206 Open-NFP Agenda SmartNIC hardware Pre-programmed vs. custom (C and/or P4) firmware Programming models / offload models Switching on NIC, with SR-IOV

More information

SmartNIC Programming Models

SmartNIC Programming Models SmartNIC Programming Models Johann Tönsing 207-06-07 207 Open-NFP Agenda SmartNIC hardware Pre-programmed vs. custom (C and/or P4) firmware Programming models / offload models Switching on NIC, with SR-IOV

More information

SANGFOR AD Product Series

SANGFOR AD Product Series SANGFOR Application Delivery (AD) Product Series provides customers with the global server load balance(gslb), inbound/outbound load balance, server load balance, SSL off-load and anti-ddos solutions for

More information

vnetwork Future Direction Howie Xu, VMware R&D November 4, 2008

vnetwork Future Direction Howie Xu, VMware R&D November 4, 2008 vnetwork Future Direction Howie Xu, VMware R&D November 4, 2008 Virtual Datacenter OS from VMware Infrastructure vservices and Cloud vservices Existing New - roadmap Virtual Datacenter OS from VMware Agenda

More information

Insert here your thesis task.

Insert here your thesis task. Insert here your thesis task. Czech Technical University in Prague Faculty of Information Technology Department of Computer Systems Master s thesis Control software for the COMbo Ethernet Tester and its

More information

QuickSpecs. HP Z 10GbE Dual Port Module. Models

QuickSpecs. HP Z 10GbE Dual Port Module. Models Overview Models Part Number: 1Ql49AA Introduction The is a 10GBASE-T adapter utilizing the Intel X722 MAC and X557-AT2 PHY pairing to deliver full line-rate performance, utilizing CAT 6A UTP cabling (or

More information

Master Course Computer Networks IN2097

Master Course Computer Networks IN2097 Chair for Network Architectures and Services Prof. Carle Department for Computer Science TU München Master Course Computer Networks IN2097 Prof. Dr.-Ing. Georg Carle Christian Grothoff, Ph.D. Dr. Nils

More information

Advanced Computer Networks. End Host Optimization

Advanced Computer Networks. End Host Optimization Oriana Riva, Department of Computer Science ETH Zürich 263 3501 00 End Host Optimization Patrick Stuedi Spring Semester 2017 1 Today End-host optimizations: NUMA-aware networking Kernel-bypass Remote Direct

More information

Packet Header Analysis and Field Extraction for Multigigabit Networks

Packet Header Analysis and Field Extraction for Multigigabit Networks Packet Header Analysis and Field Extraction for Multigigabit Networks Petr Kobierský Faculty of Information Technology Brno University of Technology Božetěchova 2, 612 66, Brno, Czech Republic Email: ikobier@fit.vutbr.cz

More information

BIG-IP System: Implementing a Passive Monitoring Configuration. Version 13.0

BIG-IP System: Implementing a Passive Monitoring Configuration. Version 13.0 BIG-IP System: Implementing a Passive Monitoring Configuration Version 13.0 Table of Contents Table of Contents Configuring the BIG-IP System for Passive Monitoring...5 Overview: Configuring the BIG-IP

More information

Cisco Next Generation Firewall and IPS. Dragan Novakovic Security Consulting Systems Engineer

Cisco Next Generation Firewall and IPS. Dragan Novakovic Security Consulting Systems Engineer Cisco Next Generation Firewall and IPS Dragan Novakovic Security Consulting Systems Engineer Cisco ASA with Firepower services Cisco TALOS - Collective Security Intelligence Enabled Clustering & High Availability

More information

Weiterentwicklung von OpenStack Netzen 25G/50G/100G, FW-Integration, umfassende Einbindung. Alexei Agueev, Systems Engineer

Weiterentwicklung von OpenStack Netzen 25G/50G/100G, FW-Integration, umfassende Einbindung. Alexei Agueev, Systems Engineer Weiterentwicklung von OpenStack Netzen 25G/50G/100G, FW-Integration, umfassende Einbindung Alexei Agueev, Systems Engineer ETHERNET MIGRATION 10G/40G à 25G/50G/100G Interface Parallelism Parallelism increases

More information

Author version. Flow-Based Network Management: A Report from the IRTF NMRG Workshop. Noname manuscript No. (will be inserted by the editor)

Author version. Flow-Based Network Management: A Report from the IRTF NMRG Workshop. Noname manuscript No. (will be inserted by the editor) Noname manuscript No. (will be inserted by the editor) Flow-Based Network Management: A Report from the IRTF NMRG Workshop Ricardo de O. Schmidt Ramin Sadre Luuk Hendriks the date of receipt and acceptance

More information

FPGA Augmented ASICs: The Time Has Come

FPGA Augmented ASICs: The Time Has Come FPGA Augmented ASICs: The Time Has Come David Riddoch Steve Pope Copyright 2012 Solarflare Communications, Inc. All Rights Reserved. Hardware acceleration is Niche (With the obvious exception of graphics

More information

SDN Security BRKSEC Alok Mittal Security Business Group, Cisco

SDN Security BRKSEC Alok Mittal Security Business Group, Cisco SDN Security Alok Mittal Security Business Group, Cisco Security at the Speed of the Network Automating and Accelerating Security Through SDN Countering threats is complex and difficult. Software Defined

More information

TLDK Overview. Transport Layer Development Kit Ray Kinsella February ray.kinsella [at] intel.com IRC: mortderire

TLDK Overview. Transport Layer Development Kit Ray Kinsella February ray.kinsella [at] intel.com IRC: mortderire TLDK Overview Transport Layer Development Kit Ray Kinsella February 2017 Email : ray.kinsella [at] intel.com IRC: mortderire Contributions from Keith Wiles & Konstantin Ananyev Legal Disclaimer General

More information

Implementing Multicast Using DMA in a PCIe Switch

Implementing Multicast Using DMA in a PCIe Switch Implementing Multicast Using DMA in a e Switch White Paper Version 1.0 January 2009 Website: Technical Support: www.plxtech.com www.plxtech.com/support Copyright 2009 by PLX Technology, Inc. All Rights

More information

Traffic Steering Engine OVERVIEW

Traffic Steering Engine OVERVIEW Traffic Steering Engine: Overview The Sandvine Traffic Steering Engine enables communications service providers (CSPs) to deploy service function chains in a straightforward, standards-compliant manner.

More information

Design Methodology of Configurable High Performance Packet Parser for FPGA

Design Methodology of Configurable High Performance Packet Parser for FPGA Design Methodology of Configurable High Performance Packet Parser for FPGA Viktor Puš, Lukáš Kekely CESNET a. l. e. Zikova 4, 6 Prague, Czech Republic Email: pus,kekely@cesnet.cz Abstract Packet parsing

More information

What is New in Cisco ACE 4710 Application Control Engine Software Release 3.1

What is New in Cisco ACE 4710 Application Control Engine Software Release 3.1 What is New in Cisco ACE 4710 Application Control Engine Software Release 3.1 PB478675 Product Overview The Cisco ACE Application Control Engine 4710 represents the next generation of application switches

More information

SANGFOR AD Product Series

SANGFOR AD Product Series SANGFOR Application Delivery (AD) Product Series provides customers with the global server load balance(gslb), inbound/outbound load balance, server load balance, SSL off-load and anti-ddos solutions for

More information

Cubro Packetmaster EX12

Cubro Packetmaster EX12 Cubro Packetmaster EX12 PRODUCT OVERVIEW Network Packet Broker (NPB) At a glance Definition The Packetmaster EX12 is a network packet broker and network controller switch that aggregates, filters and load

More information

Master Course Computer Networks IN2097

Master Course Computer Networks IN2097 Chair for Network Architectures and Services Prof. Carle Department for Computer Science TU München Master Course Computer Networks IN2097 Chapter 7 - Network Measurements Introduction Architecture & Mechanisms

More information

P4 Introduction. Jaco Joubert SIGCOMM NETRONOME SYSTEMS, INC.

P4 Introduction. Jaco Joubert SIGCOMM NETRONOME SYSTEMS, INC. P4 Introduction Jaco Joubert SIGCOMM 2018 2018 NETRONOME SYSTEMS, INC. Agenda Introduction Learning Goals Agilio SmartNIC Process to Develop Code P4/C Examples P4 INT P4/C Stateful Firewall SmartNIC P4

More information

Thomas Lin, Naif Tarafdar, Byungchul Park, Paul Chow, and Alberto Leon-Garcia

Thomas Lin, Naif Tarafdar, Byungchul Park, Paul Chow, and Alberto Leon-Garcia Thomas Lin, Naif Tarafdar, Byungchul Park, Paul Chow, and Alberto Leon-Garcia The Edward S. Rogers Sr. Department of Electrical and Computer Engineering University of Toronto, ON, Canada Motivation: IoT

More information

Meltdown and Spectre Interconnect Performance Evaluation Jan Mellanox Technologies

Meltdown and Spectre Interconnect Performance Evaluation Jan Mellanox Technologies Meltdown and Spectre Interconnect Evaluation Jan 2018 1 Meltdown and Spectre - Background Most modern processors perform speculative execution This speculation can be measured, disclosing information about

More information

Brocade Flow Optimizer

Brocade Flow Optimizer DATA SHEET Brocade Flow Optimizer Highlights Helps improve business agility by streamlining network operations via policy-driven visibility and control of network flows Provides distributed attack mitigation

More information

Comparing Open vswitch (OpenFlow) and P4 Dataplanes for Agilio SmartNICs

Comparing Open vswitch (OpenFlow) and P4 Dataplanes for Agilio SmartNICs Comparing Open vswitch (OpenFlow) and P4 Dataplanes for Agilio SmartNICs Johann Tönsing May 24, 206 206 NETRONOME Agenda Contributions of OpenFlow, Open vswitch and P4 OpenFlow features missing in P4,

More information

Netaxis Solutions SIGMA

Netaxis Solutions SIGMA Netaxis Solutions SIGMA Product Description 14/04/2018 Page 1 of 13 Contact All enquiries related to the features described in this document can be emailed to support@netaxis.be. 14/04/2018 Page 2 of 13

More information

Using (Suricata over) PF_RING for NIC-Independent Acceleration

Using (Suricata over) PF_RING for NIC-Independent Acceleration Using (Suricata over) PF_RING for NIC-Independent Acceleration Luca Deri Alfredo Cardigliano Outlook About ntop. Introduction to PF_RING. Integrating PF_RING with

More information

General Firewall Configuration

General Firewall Configuration To adjust resources used by your firewall service you can change the sizing parameters in the General Firewall Configuration (CONFIGURATION > Configuration Tree > Box > Infrastructure Services) of the

More information

Subscriber Data Correlation

Subscriber Data Correlation Subscriber Data Correlation Application of Cisco Stealthwatch to Service Provider mobility environment Introduction With the prevalence of smart mobile devices and the increase of application usage, Service

More information

Design and Evaluation of HTTP Protocol Parsers for IPFIX Measurement

Design and Evaluation of HTTP Protocol Parsers for IPFIX Measurement Design and Evaluation of HTTP Protocol Parsers for IPFIX Measurement Petr Velan, Tomáš Jirsík, Pavel Čeleda {velan jirsik celeda}@ics.muni.cz 19th EUNICE Workshop on Advances in Communication Networking

More information

Scrutinizer Flow Analytics

Scrutinizer Flow Analytics Scrutinizer Flow Analytics TM Scrutinizer Flow Analytics Scrutinizer Flow Analytics is an expert system that highlights characteristics about the network. It uses flow data across dozens or several hundred

More information

A Security Orchestration System for CDN Edge Servers

A Security Orchestration System for CDN Edge Servers A Security Orchestration System for CDN Edge Servers ELAHEH JALALPOUR STERE PREDA MILAD GHAZNAVI MAKAN POURZANDI DANIEL MIGAULT RAOUF BOUTABA 1 Outline Introduction Edge Server Security Orchestration Implementation

More information

F5-Networks Application Delivery Fundamentals. Download Full Version :

F5-Networks Application Delivery Fundamentals. Download Full Version : F5-Networks 771-101 Application Delivery Fundamentals Download Full Version : http://killexams.com/pass4sure/exam-detail/771-101 QUESTION: 219 Even though F5 is an application delivery controller, it can

More information

Towards a collaborative, flow-based, distributed inter-domain Intrusion Detection System

Towards a collaborative, flow-based, distributed inter-domain Intrusion Detection System Towards a collaborative, flow-based, distributed inter-domain Intrusion Detection System Frank Tietze Institut für Technische Informatik Fakultät für Informatik frank.tietze@unibw.de 1 Structure Introduction

More information

MWC 2015 End to End NFV Architecture demo_

MWC 2015 End to End NFV Architecture demo_ MWC 2015 End to End NFV Architecture demo_ March 2015 demonstration @ Intel booth Executive summary The goal is to demonstrate how an advanced multi-vendor implementation of the ETSI ISG NFV architecture

More information

MANTICORE II: Integrated logical IP network, a step beyond point to point links

MANTICORE II: Integrated logical IP network, a step beyond point to point links MANTICORE II: Integrated logical IP network, a step beyond point to point links Victor Reijs, HEAnet NGN Workshop, TERENA, Amsterdam November 6th, 2007 victor.reijs@heanet.ie Virtualisation of network

More information

A 400Gbps Multi-Core Network Processor

A 400Gbps Multi-Core Network Processor A 400Gbps Multi-Core Network Processor James Markevitch, Srinivasa Malladi Cisco Systems August 22, 2017 Legal THE INFORMATION HEREIN IS PROVIDED ON AN AS IS BASIS, WITHOUT ANY WARRANTIES OR REPRESENTATIONS,

More information

Palo Alto Networks PCNSE7 Exam

Palo Alto Networks PCNSE7 Exam Volume: 96 Questions Question: 1 Which three function are found on the dataplane of a PA-5050? (Choose three) A. Protocol Decoder B. Dynamic routing C. Management D. Network Processing E. Signature Match

More information

Fast packet processing in the cloud. Dániel Géhberger Ericsson Research

Fast packet processing in the cloud. Dániel Géhberger Ericsson Research Fast packet processing in the cloud Dániel Géhberger Ericsson Research Outline Motivation Service chains Hardware related topics, acceleration Virtualization basics Software performance and acceleration

More information

URDMA: RDMA VERBS OVER DPDK

URDMA: RDMA VERBS OVER DPDK 13 th ANNUAL WORKSHOP 2017 URDMA: RDMA VERBS OVER DPDK Patrick MacArthur, Ph.D. Candidate University of New Hampshire March 28, 2017 ACKNOWLEDGEMENTS urdma was initially developed during an internship

More information

Compare Security Analytics Solutions

Compare Security Analytics Solutions Compare Security Analytics Solutions Learn how Cisco Stealthwatch compares with other security analytics products. This solution scales easily, giving you visibility across the entire network. Stealthwatch

More information