Hands on SDN and BRO
|
|
- Gervase Heath
- 6 years ago
- Views:
Transcription
1 Hands on SDN and BRO Malware Research Conference 2016 Ian Welch, School of Engineering and Computer Science Victoria University of Wellington 11th July 2016
2 Who am I? Lecturer at Victoria University of Wellington Victoria University
3 Who am I Drive-by-download detection & javascript deobfuscation (unpacking?) Machine learning applied to malware detection A new project called trusting strangers... Teach cloud computing, programming and a general security course
4 Motivation Not everyone has a big security team. Might be one security person/system admin/developer They don't want to be woken at 2am when the IDS goes off. Could it be possible to buy some more time to allow later response?
5 DIY Solution Net Control Framework
6 Bro-IDS Domain specific programming language Network Traffic Event driven programming model Protocol Parsing Built in protocol parsing Low level context free events Scalable deployment model Scripting Language Work here!
7 Active Response Bro is passive, how implement active response? Place it in-line Performance costs Reliability Control channel from IDS to gateway Tied to network configuration Ad-hoc solution
8 Netcontrol Developed in 2015 by Johanna Amann (Berkley) Generic framework for control channels to variety of network devices Based on traffic observed by Bro Simple to use by flexible API including high-level commands
9 High-level commands Dynamically block/allow addresses. Flow shunt large data transfers (GridFTP). Quarantine hosts from each other and direct all web requests to a you have been compromised site.
10 Architecture port mirroring active response
11 Architecture port mirroring Current backends Command line applications Iptables Bro packet filter Openflow
12 Openflow Open Specification for protocol between control and forwarding layers of a software defined network Allows Software to insert rules into switch flow tables Match (and change) characteristics like IPv4/6 addresses, ports, etc. Vlans
13 Netcontrol & Openflow
14 Problems Can we use current system out of the box? #1 Ryu simple switch is too simple: Layer 2 learning Not tested operationally #2 Quarantine is too heavy handed: Stops any communication. Obvious to the attacker.
15 Problem #1: Use Faucet Layer 2 switching with vlans, ACLs, port mirroring, static routing Small enterprise, focus on easy deployability Focus on testability (unit tests) Deployed by ONF Menlo Park, REANNZ and VUW
16 #1 Hardware Support Open vswitch v Open source available at Lagopus OpenFlow Switch - Open source available at Allied Telesis x510 and x930 series NoviFlow 1248 Northbound Networks Zodiac FX Aruba 3810
17 Waikato, REANNZ, ONF, Anarchkiwi and VUW
18
19 #1 Solution Faucet has a different table structure Implement a OpenFlow module aware of structure Integrate port mirroring into Faucet (redefine at runtime to redirect flows) VLAN ACL ETH SRC ETH DST FLOOD
20 #2 Enhanced NetControl Quarantine is black and white. What if we want to capture malware traffic? What if behavioural based and might be false positive? Allow device to keep functioning but limit outgoing traffic while storing it for later analysis?
21 #2 Solution Extend NetControl functions. Add observe and delay functions. Implement observe by mirroring to storage. Delay implemented using QoS support in switches (maybe?).
22 Where from here? We have a roadmap established. Port mirroring implemented (June). Aim to have integration with Faucet complete by end of December. Will be eating own dog food throughout as my own office runs off Faucet.
23 Links
24 Example Table MAC src Switch Port MAC dst Eth type 00:1f:.. port3 00: :1f VLAN ID IP Src IP Dst IP Prot vlan TCP sport TCP dport port6 80 port6 22 drop More exact matches have priority. Table miss sends packet to controller over secure TLS connection. Table entries have idle and hard timeouts. O-65,535 seconds (0 = no timeouts). Action
25 OpenFlow Switch Performs packet lookup and forwarding Flow 1. Rule (exact & wildcard) Action Statistics Flow 2. Rule (exact & wildcard) Action Statistics Flow 3. Rule (exact & wildcard) Action Statistics Flow N. Rule (exact & wildcard) Default Action Statistics Figures from Chao HC & Y. Liang with permissions.
26 Flow Entry (OF 1.x) A flow entry consists of Match fields Match against packets Action Modify the action set or pipeline processing Stats Update the matching packets In Port Src MAC Dst MAC Eth Type Layer 2 1.Forward packet to port(s) 2.Encapsulate and forward to controller 3.Drop packet 4.Send to normal processing pipeline 5.Modify MAC and IP addresses Vlan Id IP Tos 1. Packet 2. Byte counters Match Fields IP Proto IP Src Layer 3 Action IP Dst TCP Src Port Stats TCP Dst Port Layer 4 Figures from Chao HC & Y. Liang with permissions.
27 Traditional network node: Router Changing protocols is hard, monolithic implementation, vendor specific protocols Adjacent Router Router Management/Policy plane Configuration / CLI / GUI Adjacent Router Routing Control plane Control plane OSPF OSPF Neighbor table Switching Data plane Static routes Data plane Link state database s OSPF IP routing table Forwarding table Shamelessly copied from ONF, J Rexford and Chao HC with permissions. Data plane
28 Software Defined Networking Applications deal with abstract logically centralised network view Decides where packets should be forwarded Data plane does forwarding and metering Figure from ONF White Paper: Software Defined Networking The New Norm for Networks (2011)
CSC 4900 Computer Networks: Network Layer
CSC 4900 Computer Networks: Network Layer Professor Henry Carter Fall 2017 Chapter 4: Network Layer 4. 1 Introduction 4.2 What s inside a router 4.3 IP: Internet Protocol Datagram format 4.4 Generalized
More informationChapter 5 Network Layer: The Control Plane
Chapter 5 Network Layer: The Control Plane A note on the use of these Powerpoint slides: We re making these slides freely available to all (faculty, students, readers). They re in PowerPoint form so you
More informationSDN AND NFV SECURITY DR. SANDRA SCOTT-HAYWARD, QUEEN S UNIVERSITY BELFAST COINS SUMMER SCHOOL, 23 JULY 2018
SDN AND NFV SECURITY DR. SANDRA SCOTT-HAYWARD, QUEEN S UNIVERSITY BELFAST COINS SUMMER SCHOOL, 23 JULY 2018 Queen s University Belfast Lanyon Building Est. 1845 Centre for Secure Information Technologies
More informationSoftware Defined Networks and OpenFlow. Courtesy of: AT&T Tech Talks.
MOBILE COMMUNICATION AND INTERNET TECHNOLOGIES Software Defined Networks and Courtesy of: AT&T Tech Talks http://web.uettaxila.edu.pk/cms/2017/spr2017/temcitms/ MODULE OVERVIEW Motivation behind Software
More informationSoftware Defined Networking
CSE343/443 Lehigh University Fall 2015 Software Defined Networking Presenter: Yinzhi Cao Lehigh University Acknowledgement Many materials are borrowed from the following links: https://www.cs.duke.edu/courses/spring13/compsc
More informationNetwork Virtualization Based on Flows
TERENA NETWORKING CONFERENCE 2009 June 9, 2009 Network Virtualization Based on Flows Peter Sjödin Markus Hidell, Georgia Kontesidou, Kyriakos Zarifis KTH Royal Institute of Technology, Stockholm Outline
More informationOverview of the Cisco OpenFlow Agent
About OpenFlow, page 1 Information About Cisco OpenFlow Agent, page 2 About OpenFlow OpenFlow is an open standardized interface that allows a software-defined networking (SDN) controller to manage the
More informationDesign and development of the reactive BGP peering in softwaredefined routing exchanges
Design and development of the reactive BGP peering in softwaredefined routing exchanges LECTURER: HAO-PING LIU ADVISOR: CHU-SING YANG (Email: alen6516@gmail.com) 1 Introduction Traditional network devices
More informationSlicing a Network. Software-Defined Network (SDN) FlowVisor. Advanced! Computer Networks. Centralized Network Control (NC)
Slicing a Network Advanced! Computer Networks Sherwood, R., et al., Can the Production Network Be the Testbed? Proc. of the 9 th USENIX Symposium on OSDI, 2010 Reference: [C+07] Cascado et al., Ethane:
More informationCloud Networking (VITMMA02) Software Defined Networking (SDN) in the Cloud
Cloud Networking (VITMMA02) Software Defined Networking (SDN) in the Cloud Markosz Maliosz PhD Faculty of Electrical Engineering and Informatics Budapest University of Technology and Economics Traditional
More informationCSC 401 Data and Computer Communications Networks
CSC 401 Data and Computer Communications Networks Network Layer ICMP (5.6), Network Management(5.7) & SDN (5.1, 5.5, 4.4) Prof. Lina Battestilli Fall 2017 Outline 5.6 ICMP: The Internet Control Message
More informationChapter 4 Network Layer: The Data Plane
Chapter 4 Network Layer: The Data Plane A note on the use of these Powerpoint slides: We re making these slides freely available to all (faculty, students, readers). They re in PowerPoint form so you see
More informationSDN Lecture 2. Layer I: Infrastructure Layer II: Southbound Interfaces
SDN Lecture 2 Layer I: Infrastructure Layer II: Southbound Interfaces IV. SOFTWARE-DEFINED NETWORKS: BOTTOM-UP An SDN architecture can be depicted as a composition of different layers, as shown in Figure
More informationSoftware-Defined Networking (Continued)
Software-Defined Networking (Continued) CS640, 2015-04-23 Announcements Assign #5 released due Thursday, May 7 at 11pm Outline Recap SDN Stack Layer 2 Learning Switch Control Application Design Considerations
More informationOpenFlow: What s it Good for?
OpenFlow: What s it Good for? Apricot 2016 Pete Moyer pmoyer@brocade.com Principal Solutions Architect Agenda SDN & OpenFlow Refresher How we got here SDN/OF Deployment Examples Other practical use cases
More informationSwitching and Routing projects description
Switching and Routing 2012-2013 projects description Outline Introduction to OpenFlow A case study The projects Additional information What s OpenFlow An open standard, which defines: An abstraction of
More informationUsing SDN and NFV to Realize a Scalable and Resilient Omni-Present Firewall
Institute of Computer Science Chair of Communication Networks Prof. Dr.-Ing. P. Tran-Gia Using SDN and NFV to Realize a Scalable and Resilient Omni-Present Firewall comnet.informatik.uni-wuerzburg.de SarDiNe
More informationCOMP211 Chapter 4 Network Layer: The Data Plane
COMP211 Chapter 4 Network Layer: The Data Plane All material copyright 1996-2016 J.F Kurose and K.W. Ross, All Rights Reserved Computer Networking: A Top Down Approach 7 th edition Jim Kurose, Keith Ross
More informationXen*, SDN and Apache Cloudstack. Sebastien Goasguen, Apache CloudStack Citrix EMEA August 28 th 2012 Xen Summit
Xen*, SDN and Apache Cloudstack Sebastien Goasguen, Apache CloudStack Citrix EMEA August 28 th 2012 Xen Summit Outline A bit about CloudStack A bit about SDN A bit about OpenVswitch Some bits about SDN
More informationOPENFLOW & SOFTWARE DEFINED NETWORKING. Greg Ferro EtherealMind.com and PacketPushers.net
OPENFLOW & SOFTWARE DEFINED NETWORKING Greg Ferro EtherealMind.com and PacketPushers.net 1 HUH? OPENFLOW. What is OpenFlow? From the bottom up. With big words. How OpenFlow does stuff. Then WHY we want
More informationCS 4226: Internet Architecture
Software Defined Networking Richard T. B. Ma School of Computing National University of Singapore Material from: Scott Shenker (UC Berkeley), Nick McKeown (Stanford), Jennifer Rexford (Princeton) CS 4226:
More informationIntroduction to Software-Defined Networking UG3 Computer Communications & Networks (COMN)
Introduction to Software-Defined Networking UG3 Computer Communications & Networks (COMN) Myungjin Lee myungjin.lee@ed.ac.uk Courtesy note: Slides from course CPS514 Spring 2013 at Duke University and
More informationSoftware-Defined Networking (SDN) Now for Operational Technology (OT) Networks SEL 2017
Software-Defined Networking (SDN) Now for Operational Technology (OT) Networks SEL 2017 Traditional Ethernet Challenges Plug-and-play Allow all ROOT D D D D Nondeterministic Reactive failover Difficult
More informationCSC358 Week 6. Adapted from slides by J.F. Kurose and K. W. Ross. All material copyright J.F Kurose and K.W. Ross, All Rights Reserved
CSC358 Week 6 Adapted from slides by J.F. Kurose and K. W. Ross. All material copyright 1996-2016 J.F Kurose and K.W. Ross, All Rights Reserved Logistics Assignment 2 posted, due Feb 24, 10pm Next week
More informationSoftware Defined Networks (SDN)
Software Defined Networks (SDN) Understanding Basic Concepts Bruno Chatras December 2018 1 Agenda Software Defined Networks Introduction Architectural Framework The Open Flow protocol Some other protocols
More informationSDN in TETRA Group Communication - Voice Switching
SDN in TETRA Group Communication - Voice Switching Author: Saumya Paulose Supervisor: Prof. Jukka Manner Instructor: M.Sc. Antti Tuominen Place of Work: Airbus Defence and Space, Helsinki Contents Need
More informationRule Caching in Software- Define Networkings. Supervisor: Prof Weifa Liang Student: Zhenge Jia, u Date of presentation: 24 th May 2016
Rule Caching in Software- Define Networkings Supervisor: Prof Weifa Liang Student: Zhenge Jia, u5433077 Date of presentation: 24 th May 2016 Background Related Work System Model CONTENT Wildcard Rule Caching
More informationCS 5114 Network Programming Languages Data Plane. Nate Foster Cornell University Spring 2013
CS 5114 Network Programming Languages Data Plane http://www.flickr.com/photos/rofi/2097239111/ Nate Foster Cornell University Spring 2013 Based on lecture notes by Jennifer Rexford and Michael Freedman
More informationOpenFlow Ronald van der Pol
OpenFlow Ronald van der Pol Outline! Goal of this project! Why OpenFlow?! Basics of OpenFlow! Short Demo OpenFlow Overview! Initiative of Stanford University! Run network research experiments
More informationThe 2008 publication of OpenFlow: Enabling. Faucet. Deploying SDN in the Enterprise. Using OpenFlow and DevOps for rapid development
1 OF 15 TEXT ONLY Faucet Deploying SDN in the Enterprise JOSH BAILEY AND STEPHEN STUART Using OpenFlow and DevOps for rapid development The 2008 publication of OpenFlow: Enabling Innovation in Campus Networks
More informationSoftware-Defined Networking (SDN) Overview
Reti di Telecomunicazione a.y. 2015-2016 Software-Defined Networking (SDN) Overview Ing. Luca Davoli Ph.D. Student Network Security (NetSec) Laboratory davoli@ce.unipr.it Luca Davoli davoli@ce.unipr.it
More informationSoftware Defined Networks
Software Defined Networks A quick overview Based primarily on the presentations of Prof. Scott Shenker of UC Berkeley The Future of Networking, and the Past of Protocols Please watch the YouTube video
More informationCentec V350 Product Introduction. Centec Networks (Suzhou) Co. Ltd R
Centec V350 Product Introduction Centec Networks (Suzhou) Co. Ltd R1.6 2016-03 V350 Win the SDN Idol@ONS V350 win the SDN Idol@ONS award in ONS 2013 2016 Centec Networks (Suzhou) Co., Ltd. All rights reserved.
More informationOpenFlow DDoS Mitigation
OpenFlow DDoS Mitigation C. Dillon, M. Berkelaar February 9, 2014 University of Amsterdam Quanza Engineering Introduction Distributed Denial of Service attacks Types of attacks Application layer attacks
More informationOpenFlow. Finding Feature Information. Prerequisites for OpenFlow
Finding Feature Information, page 1 Prerequisites for, page 1 Restrictions for, page 2 Information About Open Flow, page 3 Configuring, page 8 Monitoring, page 12 Configuration Examples for, page 12 Finding
More informationSummary Chapter 4. Smith College, CSC 249 March 2, q IP Addressing. q DHCP dynamic addressing
Smith College, CSC 49 March, 08 Summary Chapter 4 q IP Addressing Network prefixes and Subnets IP datagram format q DHCP dynamic addressing Obtain: own IP address Subnet mask, DNS serer & first-hop router
More informationSDN Applications and Use Cases. Copyright 2015 ITRI
SDN Applications and Use Cases Copyright 20 ITRI Bachelor B Ph.D (IR) (ITRI) Engineer 20 Copyright 20 ITRI 2 Outline SDN Basics SDN Use Cases & Applications Google B WAN NEC VTN OpenDefenseFlow Firewall
More informationDevoFlow: Scaling Flow Management for High Performance Networks
DevoFlow: Scaling Flow Management for High Performance Networks SDN Seminar David Sidler 08.04.2016 1 Smart, handles everything Controller Control plane Data plane Dump, forward based on rules Existing
More informationOpenFlow. Finding Feature Information. Prerequisites for OpenFlow
Finding Feature Information, page 1 Prerequisites for, page 1 Restrictions for, page 2 Information About Open Flow, page 3 Configuring, page 8 Monitoring, page 12 Configuration Examples for, page 12 Finding
More informationSoftware Defined Networks and OpenFlow
Tecnologie e Protocolli per Internet 1 Prof. Stefano Salsano e-mail: stefano.salsano@uniroma2.it AA2012/13 Blocco 5 v1 1 Software Defined Networks and OpenFlow 2 Acknowledgements Next slides are taken
More informationCentralization of Network using Openflow Protocol
Indian Journal of Science and Technology, Vol 8(S2), 165 170, January 2015 ISSN (Print) : 0974-6846 ISSN (Online) : 0974-5645 DOI : 10.17485/ijst/2015/v8iS2/61217 Centralization of Network using Openflow
More informationScalable Multipath Routing (towards)
Scalable Multipath Routing (towards) 71st Meeting of the IFIP WG 10.4 Working Group on Dependability and Security Ian Welch, School of Engineering and Computer Science; Victoria University of Wellington
More informationCS-580K/480K Advanced Topics in Cloud Computing. Software-Defined Networking
CS-580K/480K Advanced Topics in Cloud Computing Software-Defined Networking 1 An Innovation from Stanford Nick McKeown In 2006, OpenFlow is proposed, which provides an open protocol to program the flow-table
More informationLesson 9 OpenFlow. Objectives :
1 Lesson 9 Objectives : is new technology developed in 2004 which introduce Flow for D-plane. The Flow can be defined any combinations of Source/Destination MAC, VLAN Tag, IP address or port number etc.
More informationDecision Forest: A Scalable Architecture for Flexible Flow Matching on FPGA
Decision Forest: A Scalable Architecture for Flexible Flow Matching on FPGA Weirong Jiang, Viktor K. Prasanna University of Southern California Norio Yamagaki NEC Corporation September 1, 2010 Outline
More informationSDN Workshop. Contact: WSDN01_v0.1
SDN Workshop Contact: training@apnic.net WSDN01_v0.1 Issue Date: [Date] Revision: [xx] OpenFlow SDN Workshop WSDN01_v0.1 Issue Date: [Date] Revision: [xx] SDN architectural framework Application Plane
More informationOpenFlow Performance Testing
White Paper OpenFlow Performance Testing Summary While OpenFlow is a standard and the ONF has strict requirements for a switch to be considered conformant with the specification conformance testing says
More informationVirtualized Network Services SDN solution for enterprises
Virtualized Network Services SDN solution for enterprises Nuage Networks Virtualized Network Services (VNS) is a fresh approach to business networking that seamlessly links your enterprise s locations
More informationVirtualized Network Services SDN solution for service providers
Virtualized Network Services SDN solution for service providers Nuage Networks Virtualized Network Services (VNS) is a fresh approach to business networking that seamlessly links your enterprise customers
More informationVirtual Security Gateway Overview
This chapter contains the following sections: Information About the Cisco Virtual Security Gateway, page 1 Cisco Virtual Security Gateway Configuration for the Network, page 10 Feature History for Overview,
More informationProgrammableFlow: OpenFlow Network Fabric
ProgrammableFlow: OpenFlow Network Fabric Samrat Ganguly, PhD NEC Corpora)on of America Page 1 Introducing ProgrammableFlow Software Defined Network Suite First OpenFlow-enabled network fabric Design,
More informationChapter 4 Network Layer: The Data Plane
Chapter 4 Network Layer: The Data Plane Lu Su Assistant Professor Department of Computer Science and Engineering State University of New York at Buffalo Adapted from the slides of the book s authors Computer
More informationPIX-IE An SDN-based Programmable Internet exchange
PIX-IE An SDN-based Programmable Internet exchange Kazuya Okada The University of Tokyo/WIDE Project/NSPIXP Project okada@ecc.u-tokyo.ac.jp Internet2 1 Our Background Operating an academic IX (DIX-IE)
More informationEstablishing a Session Database for SDN Using 802.1X and Multiple Authentication Resources Joint Meeting of the VDE/ITG Sections & 5.2.
Communication Networks Establishing a Session Database for SDN Using 802.1X and Multiple Authentication Resources Joint Meeting of the VDE/ITG Sections 5.2.2 & 5.2.4 Frederik Hauser, Mark Schmidt, Michael
More informationWeb-Based User Interface for the Floodlight SDN Controller
3175 Web-Based User Interface for the Floodlight SDN Controller Hakan Akcay Department of Computer Engineering, Istanbul University, Istanbul Email: hknakcay@gmail.com Derya Yiltas-Kaplan Department of
More informationConfiguring ACLs. ACL overview. ACL categories. ACL numbering and naming
Contents Configuring ACLs 1 ACL overview 1 ACL categories 1 ACL numbering and naming 1 Match order 2 ACL rule numbering 3 Implementing time-based ACL rules 3 IPv4 fragments filtering with ACLs 3 Flow templates
More informationSoftware Defined Networking and the OpenDaylight Controller. GridKa-School 2015, Dr. Christoph König, Dr. Michael Bredel
Software Defined Networking and the OpenDaylight Controller GridKa-School 2015, Dr. Christoph König, Dr. Michael Bredel Profile Dr. Michael Bredel Studied electrical engineering at the Technische Universität
More informationEnabling the Next Generation of SDN
Enabling the Next Generation of SDN Brian O Connor (ONF) brian@opennetworking.org P4 Workshop on June 5, 2018 Link to slides: https://goo.gl/6hfg1h Presenting on behalf of Google and ONF Background Google
More informationHPE FlexFabric 7900 Switch Series
HPE FlexFabric 7900 Switch Series VXLAN Configuration Guide Part number: 5998-8254R Software version: Release 213x Document version: 6W101-20151113 Copyright 2015 Hewlett Packard Enterprise Development
More informationConfiguring OpenFlow 1
Contents Configuring OpenFlow 1 Overview 1 OpenFlow switch 1 OpenFlow port 1 OpenFlow instance 2 OpenFlow flow table 3 Group table 5 Meter table 5 OpenFlow channel 6 Protocols and standards 7 Configuration
More informationHuawei SX700 Switches. SDN Technology White Paper. Issue 01. Date HUAWEI TECHNOLOGIES CO., LTD.
Issue 01 Date 2016-02-15 HUAWEI TECHNOLOGIES CO., LTD. 2016. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without prior written consent of
More informationDaoliNet A Simple and Smart Networking Technology for Docker Applications
DaoliNet A Simple and Smart Networking Technology for Docker Applications DaoliNet An Open Source Project www.daolinet.org May, 2016 Docker is Awesome! A Linux Container Engine Build, Ship and Run Any
More informationSoftware Defined Networking
Software Defined Networking Jennifer Rexford COS 461: Computer Networks Lectures: MW 10-10:50am in Architecture N101 http://www.cs.princeton.edu/courses/archive/spr12/cos461/ The Internet: A Remarkable
More informationF5 BIG-IQ Centralized Management: Local Traffic & Network. Version 5.2
F5 BIG-IQ Centralized Management: Local Traffic & Network Version 5.2 Table of Contents Table of Contents BIG-IQ Local Traffic & Network: Overview... 5 What is Local Traffic & Network?... 5 Understanding
More informationCisco Virtual Networking Solution for OpenStack
Data Sheet Cisco Virtual Networking Solution for OpenStack Product Overview Extend enterprise-class networking features to OpenStack cloud environments. A reliable virtual network infrastructure that provides
More informationNetwork Layer: Chapter 4. The Data Plane. Computer Networking: A Top Down Approach
Chapter 4 Network Layer: The Data Plane A note on the use of these Powerpoint slides: We re making these slides freely available to all (faculty, students, readers). They re in PowerPoint form so you see
More informationChapter 4 Network Layer: The Data Plane
Chapter 4 Network Layer: The Data Plane A note on the use of these Powerpoint slides: We re making these slides freely available to all (faculty, students, readers). They re in PowerPoint form so you see
More informationChapter 4 Network Layer: The Data Plane
Chapter 4 Network Layer: The Data Plane A note on the use of these Powerpoint slides: We re making these slides freely available to all (faculty, students, readers). They re in PowerPoint form so you see
More informationClassBench-ng: Recasting ClassBench After a Decade of Network Evolution
ClassBench-ng: Recasting ClassBench After a Decade of Network Evolution Jiří Matoušek 1, Gianni Antichi 2, Adam Lučanský 3 Andrew W. Moore 2, Jan Kořenek 1 1 Brno University of Technology 2 University
More informationService Graph Design with Cisco Application Centric Infrastructure
White Paper Service Graph Design with Cisco Application Centric Infrastructure 2017 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 1 of 101 Contents Introduction...
More informationH3C S9800 Switch Series
H3C S9800 Switch Series OpenFlow Configuration Guide Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Software version: Release 213x Document version: 6W101-20151130 Copyright 2015, Hangzhou H3C
More informationProject CARDIGAN An SDN Controlled Exchange Fabric. Dean Pemberton
Project CARDIGAN An SDN Controlled Exchange Fabric Dean Pemberton Contents Why What What next Why? networking is networking is boring Insanity is doing the same thing, over and over again, but expecting
More informationFirewalls. Firewall. means of protecting a local system or network of systems from network-based security threats creates a perimeter of defense
FIREWALLS 3 Firewalls Firewall means of protecting a local system or network of systems from network-based security threats creates a perimeter of defense administered network public Internet firewall
More informationBIG-IQ Centralized Management: ADC. Version 5.0
BIG-IQ Centralized Management: ADC Version 5.0 Table of Contents Table of Contents BIG-IQ Application Delivery Controller: Overview...5 What is Application Delivery Controller?...5 Managing Device Resources...7
More informationImplementing VXLAN. Prerequisites for implementing VXLANs. Information about Implementing VXLAN
This module provides conceptual information for VXLAN in general and configuration information for layer 2 VXLAN on Cisco ASR 9000 Series Router. For configuration information of layer 3 VXLAN, see Implementing
More informationManaging and Securing Computer Networks. Guy Leduc. Chapter 2: Software-Defined Networks (SDN) Chapter 2. Chapter goals:
Managing and Securing Computer Networks Guy Leduc Chapter 2: Software-Defined Networks (SDN) Mainly based on: Computer Networks and Internets, 6 th Edition Douglas E. Comer Pearson Education, 2015 (Chapter
More informationQuantum, network services for Openstack. Salvatore Orlando Openstack Quantum core developer
Quantum, network services for Openstack Salvatore Orlando sorlando@nicira.com Openstack Quantum core developer Twitter- @taturiello Caveats Quantum is in its teenage years: there are lots of things that
More informationChapter 4 Network Layer: The Data Plane
Chapter 4 Network Layer: The Data Plane A note on the use of these Powerpoint slides: We re making these slides freely available to all (faculty, students, readers). They re in PowerPoint form so you see
More informationSDN Workshop. Contact: TSDN01_v0.1. [xx] Revision:
SDN Workshop Contact: training@apnic.net Issue Date: [Date] TSDN01_v0.1 Revision: [xx] Routers Two key roles: Determining network paths Packet forwarding 2 Today s router Management High Availability FCAPS
More informationUNIVERSITY OF CAGLIARI
UNIVERSITY OF CAGLIARI DIEE - Department of Electrical and Electronic Engineering Infrastrutture ed Applicazioni Avanzate nell Internet SDN: Control Plane ACK: content taken from Foundations of Modern
More informationFastIron Ethernet Switch Software Defined Networking (SDN)
CONFIGURATION GUIDE FastIron Ethernet Switch Software Defined Networking (SDN) Supporting FastIron Software Release 08.0.30 53-1003629-03 15 June 2017 2017, Brocade Communications Systems, Inc. All Rights
More informationNew trends in IT. Network Functions Virtualization (NFV) & Software Defined-WAN
New trends in IT Network Functions Virtualization (NFV) & Software Defined-WAN 2017 AT&T Intellectual Property. All rights reserved. AT&T, Globe logo, Mobilizing Your World and DIRECTV are registered trademarks
More information100 GBE AND BEYOND. Diagram courtesy of the CFP MSA Brocade Communications Systems, Inc. v /11/21
100 GBE AND BEYOND 2011 Brocade Communications Systems, Inc. Diagram courtesy of the CFP MSA. v1.4 2011/11/21 Current State of the Industry 10 Electrical Fundamental 1 st generation technology constraints
More informationLecture 14 SDN and NFV. Antonio Cianfrani DIET Department Networking Group netlab.uniroma1.it
Lecture 14 SDN and NFV Antonio Cianfrani DIET Department Networking Group netlab.uniroma1.it Traditional network vs SDN TRADITIONAL Closed equipment Software + hardware Cost Vendor-specific management.
More informationCloudEngine 1800V Virtual Switch
CloudEngine 1800V Virtual Switch CloudEngine 1800V Virtual Switch Product Overview Huawei CloudEngine 1800V (CE1800V) is a distributed virtual switch designed for virtualized environments in cloud data
More information虛擬化技術 Virtualization Techniques
虛擬化技術 Virtualization Techniques Network Virtualization Software Defined Network Introduction Motivation Concept Open Flow Virtual Switch SOFTWARE DEFINED NETWORK We have lost our way Routing, management,
More informationConfiguring Port Channels
This chapter contains the following sections: Information About Port Channels, on page 1, on page 8 Verifying Port Channel Configuration, on page 16 Verifying the Load-Balancing Outgoing Port ID, on page
More informationConfiguring Firewall Filters (J-Web Procedure)
Configuring Firewall Filters (J-Web Procedure) You configure firewall filters on EX Series switches to control traffic that enters ports on the switch or enters and exits VLANs on the network and Layer
More informationSoftware Defined Networking
Software Defined Networking Daniel Zappala CS 460 Computer Networking Brigham Young University Proliferation of Middleboxes 2/16 a router that manipulatees traffic rather than just forwarding it NAT rewrite
More informationThinking Architecturally (80 Minutes Inside Scott s Head)
Thinking Architecturally (80 Minutes Inside Scott s Head) EE122 Fall 2012 Scott Shenker http://inst.eecs.berkeley.edu/~ee122/ Materials with thanks to Jennifer Rexford, Ion Stoica, Vern Paxson and other
More informationHP SDN Document Portfolio Introduction
HP SDN Document Portfolio Introduction Technical Solution Guide Version: 1 September 2013 Table of Contents HP SDN Document Portfolio Overview... 2 Introduction... 2 Terms and Concepts... 2 Resources,
More informationSource Address Validation: from the Current Network Architecture to SDN-based Architecture
Source Address Validation: from the Current Network Architecture to SDN-based Architecture Jun Bi Tsinghua University/CERNET GFI 2013 Nov. 20, 2013 1 Content Source Address Validation Architecture (SAVA)
More informationHow SDN Works Introduction of OpenFlow Protocol
行動寬頻尖端技術課程推廣計畫 How SDN Works Introduction of OpenFlow Protocol Oct. 12, 2017 1 Outline From Legacy Network to SDN How SDN Works OpenFlow Overview - OpenFlow Switch - OpenFlow Controller - The Controller-Switch
More informationIt's kind of fun to do the impossible with DPDK Yoshihiro Nakajima, Hirokazu Takahashi, Kunihiro Ishiguro, Koji Yamazaki NTT Labs
It's kind of fun to do the impossible with DPDK Yoshihiro Nakajima, Hirokazu Takahashi, Kunihiro Ishiguro, Koji Yamazaki NTT Labs 0 Agenda Motivation for fun Fun with Lagopus SDN switch Fun with speed
More informationSoftware Defined Networking 2015 BROCADE COMMUNICATIONS SYSTEMS, INC.
Software Defined Networking 2015 BROCADE COMMUNICATIONS SYSTEMS, INC. Agenda Business Consideration A Customer Journey Quick Overview of SDN and NFV Software Networking Solutions SDN Controller vrouter
More informationOpenFlow: A Security Analysis
Introduction OpenFlow: A Security Analysis Rowan Klöti 1 Vasileios Kotronis 2 Paul Smith 3 1 rkloeti@alumni.ethz.ch ETH Zurich 2 vkotroni@tik.ee.ethz.ch ETH Zurich 3 paul.smith@ait.ac.at AIT Austrian Institute
More informationForwarding Table Entries in Software Defined Networks: Representation and Uses in Network Engineering
Forwarding Table Entries in Software Defined Networks: Representation and Uses in Network Engineering by Liang Yang A thesis submitted to the Victoria University of Wellington in fulfilment of the requirements
More informationChapter 8 roadmap. Network Security
Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message integrity 8.4 Securing e-mail 8.5 Securing TCP connections: SSL 8.6 Network layer security: IPsec 8.7 Securing
More informationH3C S5130-EI Switch Series
H3C S5130-EI Switch Series OpenFlow Configuration Guide New H3C Technologies Co., Ltd. http://www.h3c.com Software version: Release 311x Document version: 6W102-20180323 Copyright 2016-2018, New H3C Technologies
More informationCould IXPs Use OpenFlow To Scale? Ivan Pepelnjak Chief Technology Advisor NIL Data Communications
Could IXPs Use OpenFlow To Scale? Ivan Pepelnjak (ip@ipspace.net) Chief Technology Advisor NIL Data Communications Disclaimer The presentation describes potential future solution that could be implemented
More information