Design and Implementa/on of a Consolidated Middlebox Architecture. Vyas Sekar Sylvia Ratnasamy Michael Reiter Norbert Egi Guangyu Shi
|
|
- Audra Stevens
- 6 years ago
- Views:
Transcription
1 Design and Implementa/on of a Consolidated Middlebox Architecture Vyas Sekar Sylvia Ratnasamy Michael Reiter Norbert Egi Guangyu Shi 1
2 Need for Network Evolu/on New applica/ons Evolving threats Performance, Security, Compliance Policy constraints New devices 2
3 Network Evolu/on today: Middleboxes! Data from a large enterprise: >80K users across tens of sites Just network security $10 billion Type of appliance Number Firewalls 166 NIDS 127 Media gateways 110 Load balancers 67 Proxies 66 VPN gateways 45 WAN Op/mizers 44 Voice gateways 11 Total Middleboxes 636 Total routers ~900 3
4 Key pain points Management Management Management Narrow interfaces Specialized boxes Point solu/ons! è Increases capital expenses & sprawl Increases opera/ng expenses Limits extensibility and flexibility 4
5 Outline Mo/va/on High- level idea: Consolida?on System design Implementa/on and Evalua/on 5
6 Consolida/on at Pla[orm- Level Today: Independent, specialized boxes Proxy Firewall IDS/IPS AppFilter Decouple Hardware and Soaware e.g., FlowStream (UCL/Lancaster) Consolida/on reduces capital expenses and sprawl 6
7 Consolida/on reduces CapEx 1 Normalized utilization (%) WAN optimizer Proxy Load Balancer Firewall 07-09,06: ,17: ,04: ,15: ,02:00 Time (mm-dd,hr) Mul/plexing benefit = Max_of_TotalU/liza/on / Sum_of_MaxU/liza/ons 7
8 Consolida/on Enables Extensibility VPN Web Mail IDS Proxy Firewall Protocol Parsers Session Management e.g., xomb (UCSD) Bro Contribu/on of reusable modules: % 8
9 Consolida/ng Management Network- Wide Management Logically centralized High- level interfaces e.g., SDN, OpenFlow, 4D Simplifies management to reduce opera/ng expenses 9
10 Consolida/on enables flexible resource management Today: All processing at logical ingress Process Process (0.4(P) P) Process (0.3 P) N1 Overload! Process (0.3 P) N2 P: N1à N3 N3 Distribu/on reduces load imbalance 10
11 Outline Mo/va/on High- level idea: Consolida/on CoMb: System design Implementa/on and Evalua/on 11
12 CoMb System Overview Network- wide Controller Logically centralized e.g., NOX, 4D Soaware- centric e.g., PacketShader, RouteBricks, ServerSwitch, SwitchBlade Exis/ng work: simple, homogeneous rou/ng- like workload Middleboxes: complex, heterogeneous, new opportuni/es 12
13 CoMb Management Layer Goal: Balance load across network Exploit mul/plexing, reuse, distribu/on Policy Constraints HTTP: IDS < Proxy Resource Requirements Network- wide Controller Rou/ng, Traffic Processing responsibili/es 13
14 Capturing Policy and Reuse Efficiently IDS Proxy 2 3 CPU HTTP: 1+2 unit of CPU 1+3 units of mem 1 HTTP UDP HTTP NFS common 1 Memory HTTP: IDS < Proxy Footprint on resource Need per- packet policy, reuse dependencies! HyperApp: union of apps to run CPU CPU CPU HTTP = IDS & Proxy 3 4 UDP = IDS 3 1 NFS = Proxy 1 4 Memory Memory Memory Policy, dependency are implicit Needs small brute- force step 14
15 Network- wide Op/miza/on Minimize Maximum Load, Subject to Processing coverage for each class of traffic à Frac/on of processed traffic adds up to 1 Load on each node à sum over HyperApp responsibili/es per- path No explicit Dependency Policy A simple, tractable linear program Very close (< 0.1%) to theore/cal op/mal 15
16 CoMb Pla[orm Applica/ons IDS Proxy Realize Hyperapp Parallelize Core1 Core4 Policy Enforcer IDS < Proxy Policy Shim (Pshim) Lightweight Parallelize Classifica?on: HTTP NIC Traffic No conten/on Fast classifica/on 16
17 Parallelizing Applica/on Instances App Per core HyperApp1: M1 < M2 HyperApp2: M2 < M3 HyperApp per core M1 M2 M3 M1 M2 M2 M3 Core1 Core2 Core3 Core1 Core2 PShim PShim PShim PShim - Inter- core communica/on - More work for PShim + No in- core context switch + Keeps structures core- local + Beter for reuse - But incurs context- switch - Need replicas HyperApp- per- core is beter or comparable 17
18 CoMb Pla[orm Design Core- local processing Workload balancing M1 Hyper App1 Core 1 Core 2 Core 3 M2 M3 Hyper App2 M1 M4 M5 M1 M4 Hyper App3 Hyper App4 Hyper App3 PShim PShim PShim PShim PShim Q1 Q2 Q3 Q4 Q5 NIC hardware Conten/on- free network I/O Parallel, core- local 18
19 Outline Mo/va/on High- level idea: Consolida/on System design: Making Consolida/on Prac/cal Implementa?on and Evalua?on 19
20 CoMb Implementa/on Network- wide Management using CPLEX Ported logic From Bro à Click Extensible apps Protocol Session Policy Shim Kernel mode Click Standalone apps Memory mapped Or Virtual interfaces 8- core Intel Xeon with Intel NIC 20
21 Consolida/on is Prac/cal Low overhead for exis/ng applica/ons Controller takes < 1.6s for 52- node topology 5x beter than VM- based consolida/on 21
22 Benefits: Reduc/on in Maximum Load 25 MaxLoad Today /MaxLoad Consolidated Relative savings Abilene Geant Enterprise AS1221 AS3257 AS1239 Consolida/on reduces maximum load by X Consolida/on reduces provisioning cost X 22
23 Discussion Isola/on Current: rely on process- level isola/on Leverage user- space networking Get reuse- despite- isola/on? Changes vendor business models Already happening (e.g., virtual appliances ) Benefits imply someone will do it! May already have extensible stacks 23
24 Conclusions Most network evolu/on today occurs via middleboxes Today: Narrow, point solu/ons High CapEx, OpEx, and device sprawl Inflexible, difficult to extend Our proposal: Consolidated architecture Extensible, general- purpose Reduces CapEx, OpEx, and device sprawl More opportuni/es Isola/on APIs (H/W Apps, Management Apps, App Stack) 24
15-744: Computer Networking. Middleboxes and NFV
15-744: Computer Networking Middleboxes and NFV Middleboxes and NFV Overview of NFV Challenge of middleboxes Middlebox consolidation Outsourcing middlebox functionality Readings: Network Functions Virtualization
More informationAbstrac(ons for Middleboxes. à StonyBrook
Abstrac(ons for Middleboxes Vyas Sekar Intel Labs à StonyBrook Sylvia Ratnasamy UC Berkeley 1 Need for In- Network Func(ons Changing applica(ons Evolving threats Performance Security Compliance Policy
More informationVerifiable Cloud Outsourcing for Network Func9ons (+ Verifiable Resource Accoun9ng for Cloud Services)
1 Verifiable Cloud Outsourcing for Network Func9ons (+ Verifiable Resource Accoun9ng for Cloud Services) Vyas Sekar vnfo joint with Seyed Fayazbakhsh, Mike Reiter VRA joint with Chen Chen, Petros Mania9s,
More informationNetwork function virtualization
Network function virtualization Ankit Singla ETH Zürich Spring 2017 News from SIGCOMM 2017 36 papers (out of 250 submissions) On every topic we covered / will cover 2 papers from ETH! 2 An update Beyond
More informationMiddleboxes. CSU CS557 - Fall 2017 Instructor: Lorenzo De Carli
Middleboxes CSU CS557 - Fall 2017 Instructor: Lorenzo De Carli What is a middlebox? Middlebox : networking parlance for any network device which performs analysis and/or transformation of application-level
More informationEnforcing Network- Wide Policies in the Presence of Dynamic Middlebox Ac>ons using FlowTags
Enforcing Network- Wide Policies in the Presence of Dynamic Middlebox Ac>ons using FlowTags Seyed K. Fayazbakhsh *, Luis Chiang, Vyas Sekar *, Minlan Yu, Jeffrey Mogul * CMU, Deutsche Telekom, USC, Google
More informationRouteBricks: Exploi2ng Parallelism to Scale So9ware Routers
RouteBricks: Exploi2ng Parallelism to Scale So9ware Routers Mihai Dobrescu and etc. SOSP 2009 Presented by Shuyi Chen Mo2va2on Router design Performance Extensibility They are compe2ng goals Hardware approach
More informationMaking Middleboxes Someone Else s Problem: Network Processing as a Cloud Service
Making Middleboxes Someone Else s Problem: Network Processing as a Cloud Service Justine Sherry*, Shaddi Hasan*, Colin Scott*, Arvind Krishnamurthy, Sylvia Ratnasamy*, and Vyas Sekar * Typical Enterprise
More informationNetwork Wide Policy Enforcement. Michael K. Reiter (joint work with V. Sekar, R. Krishnaswamy, A. Gupta)
Network Wide Policy Enforcement Michael K. Reiter (joint work with V. Sekar, R. Krishnaswamy, A. Gupta) 1 Enforcing Policy in Future Networks MF vision includes enforcement of rich policies in the network
More informationMaking Network Functions Software-Defined
Making Network Functions Software-Defined Yotam Harchol VMware Research / The Hebrew University of Jerusalem Joint work with Anat Bremler-Barr and David Hay Appeared in ACM SIGCOMM 2016 THE HEBREW UNIVERSITY
More informationPolicy-preserving Middlebox Placement in SDN-Enabled Data Centers
Policy-preserving Middlebox Placement in SDN-Enabled Data Centers Bin Tang Computer Science Department California State University Dominguez Hills Some slides are from www.cs.berkeley.edu/~randy/courses/cs268.f08/lectures/22-
More informationInternet Technology. 15. Things we didn t get to talk about. Paul Krzyzanowski. Rutgers University. Spring Paul Krzyzanowski
Internet Technology 15. Things we didn t get to talk about Paul Krzyzanowski Rutgers University Spring 2016 May 6, 2016 352 2013-2016 Paul Krzyzanowski 1 Load Balancers Load Balancer External network NAT
More informationMAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER
MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER Bret Hartman Cisco / Security & Government Group Session ID: SPO1-W25 Session Classification: General Interest 1 Mobility Cloud Threat Customer centric
More informationNext Generation Network Architectures. Srinivasan Seshan!
Next Generation Network Architectures Srinivasan Seshan! Living Analy+cs Rich data collec,on à real-,me data analy,cs à automated applica,on feedback à rich data collec,on Key networking/distributed systems
More informationProAc&ve Rou&ng In Scalable Data Centers with PARIS
ProAc&ve Rou&ng In Scalable Data Centers with PARIS Theophilus Benson Duke University Joint work with Dushyant Arora + and Jennifer Rexford* + Arista Networks *Princeton University Data Center Networks
More informationBuilding a Big IaaS Cloud. David /
Building a Big IaaS Cloud David Nalley @ke4qqq ke4qqq@apache.org / david@gnsa.us #whoami Recovering Sysadmin F/LOSS contributor Committer on Apache CloudStack Assumptions You have a need for an IaaS compute
More informationNext hop in rou-ng Summary of Future Internet WP1 work. Hannu Flinck
Next hop in rou-ng Summary of Future Internet WP1 work Hannu Flinck Original focus on Rou-ng Scalability Mo$va$on: Internet Architecture Board stated (in RFC 4984): rou-ng scalability is the most important
More informationNetSlices: Scalable Mul/- Core Packet Processing in User- Space
NetSlices: Scalable Mul/- Core Packet Processing in - Space Tudor Marian, Ki Suh Lee, Hakim Weatherspoon Cornell University Presented by Ki Suh Lee Packet Processors Essen/al for evolving networks Sophis/cated
More informationThe Top 10 Reasons to Replace Your Branch Router with SD-WAN. An ebook presented by Silver Peak Systems
The Top 10 Reasons to Replace Your Branch Router with SD-WAN An ebook presented by Silver Peak Systems MODERN ENTERPRISES RUN IN THE CLOUD. TRADITIONAL ROUTER-CENTRIC WAN ARCHITECTURES WEREN T DESIGNED
More informationA TCO Analysis of Ericsson's Virtual Network System Concept Applied to Mobile Backhaul
A TCO Analysis of Ericsson's Virtual Network System Concept Applied to Mobile Backhaul Executive Summary Controlling total cost of ownership (TCO) of access, aggregation, and edge networks used for mobile
More informationSimplifying the Branch Network
Simplifying the Branch Network By: Lee Doyle, Principal Analyst at Doyle Research Sponsored by Aruba, a Hewlett Packard Enterprise company Executive Summary A majority of IT organizations are experiencing
More informationLecture 14 SDN and NFV. Antonio Cianfrani DIET Department Networking Group netlab.uniroma1.it
Lecture 14 SDN and NFV Antonio Cianfrani DIET Department Networking Group netlab.uniroma1.it Traditional network vs SDN TRADITIONAL Closed equipment Software + hardware Cost Vendor-specific management.
More informationNFV and SDN what does it mean to enterprises?
OPINION NFV and SDN what does it mean to enterprises? By Clive Hamilton, VP Network Services, NTT Europe Rethinking the enterprise network The typical enterprise network now comprises hundreds or even
More informationElastic Virtual Network Function Placement CloudNet 2015
Elastic Virtual Network Function Placement CloudNet 215 M. GHAZNAVI, A. KHAN, N. SHAHRIAR, KH. ALSUBHI, R. AHMED, R. BOUTABA DAVID R. CHERITON SCHOOL OF COMPUTER SCIENCE UNIVERSITY OF WATERLOO Outline
More informationData Center Virtualization: VirtualWire
Data Center Virtualization: VirtualWire Hakim Weatherspoon Assistant Professor, Dept of Computer Science CS 5413: High Performance Systems and Networking November 21, 2014 Slides from USENIX Workshop on
More informationChapter 5. Security Components and Considerations.
Chapter 5. Security Components and Considerations. Technology Brief Virtualization and Cloud Security Virtualization concept is taking major portion in current Data Center environments in order to reduce
More informationPRISTINE Project A different approach to SDN
PRISTINE Project A different approach to SDN Joan A. García-Espín Area Director Distributed Apps and Nets January 30 th, 2014 RINA Research, Korea-EU Workshop Primary Goals of SDN 1. Commodi(za(on of network
More informationETSI FUTURE Network SDN and NFV for Carriers MP Odini HP CMS CT Office April 2013
ETSI FUTURE Network SDN and NFV for Carriers MP Odini HP CMS CT Office April 2013 Challenges and Opportunities Reduce Capex/Opex Challenges Innovation at devices and OTT side Number of devices explode
More informationPDP : A Flexible and Programmable Data Plane. Massimo Gallo et al.
PDP : A Flexible and Programmable Data Plane Massimo Gallo et al. Introduction Network Function evolution L7 Load Balancer TLS/SSL Server Proxy Server Firewall Introduction Network Function evolution Can
More informationWhat s next for your data center? Power Your Evolution with Physical and Virtual ADCs. Jeppe Koefoed Wim Zandee Field sales, Nordics
What s next for your data center? Power Your Evolution with Physical and Virtual ADCs. Jeppe Koefoed Wim Zandee Field sales, Nordics Vision: Everything as a service Speed Scalability Speed to Market
More informationToday s Objec4ves. Data Center. Virtualiza4on Cloud Compu4ng Amazon Web Services. What did you think? 10/23/17. Oct 23, 2017 Sprenkle - CSCI325
Today s Objec4ves Virtualiza4on Cloud Compu4ng Amazon Web Services Oct 23, 2017 Sprenkle - CSCI325 1 Data Center What did you think? Oct 23, 2017 Sprenkle - CSCI325 2 1 10/23/17 Oct 23, 2017 Sprenkle -
More informationOpenADN: A Case for Open Application Delivery Networking
OpenADN: A Case for Open Application Delivery Networking Subharthi Paul, Raj Jain, Jianli Pan Washington University in Saint Louis {Pauls, jain, jp10}@cse.wustl.edu International Conference on Computer
More informationCYBER SECURITY MALAYSIA AWARDS, CONFERENCE & EXHIBITION (CSM-ACE) Securing Virtual Environments
CYBER SECURITY MALAYSIA AWARDS, CONFERENCE & EXHIBITION (CSM-ACE) 2010 October 25 29, 2010 Kuala Lumpur Convention Centre Securing Virtual Environments Raimund Genes CTO Trend Micro The Changing Datacenter
More informationImplemen'ng IPv6 Segment Rou'ng in the Linux Kernel
Implemen'ng IPv6 Segment Rou'ng in the Linux Kernel David Lebrun, Olivier Bonaventure ICTEAM, UCLouvain Work supported by ARC grant 12/18-054 (ARC-SDN) and a Cisco grant Agenda IPv6 Segment Rou'ng Implementa'on
More informationForwarding Architecture
Forwarding Architecture Brighten Godfrey CS 538 February 14 2018 slides 2010-2018 by Brighten Godfrey unless otherwise noted Building a fast router Partridge: 50 Gb/sec router A fast IP router well, fast
More informationHypergraph Sparsifica/on and Its Applica/on to Par//oning
Hypergraph Sparsifica/on and Its Applica/on to Par//oning Mehmet Deveci 1,3, Kamer Kaya 1, Ümit V. Çatalyürek 1,2 1 Dept. of Biomedical Informa/cs, The Ohio State University 2 Dept. of Electrical & Computer
More informationEnable Infrastructure Beyond Cloud
Enable Infrastructure Beyond Cloud Tim Ti Senior Vice President R&D July 24, 2013 The Ways of Communication Evolve Operator s challenges Challenge 1 Revenue Growth Slow Down Expense rate device platform
More informationOPTIMAL ROUTING VS. ROUTE REFLECTOR VNF - RECONCILE THE FIRE WITH WATER
OPTIMAL ROUTING VS. ROUTE REFLECTOR VNF - RECONCILE THE FIRE WITH WATER Rafal Jan Szarecki #JNCIE136 Solu9on Architect, Juniper Networks. AGENDA Route Reflector VNF - goals Route Reflector challenges and
More informationBenefits of SD-WAN to the Distributed Enterprise
WHITE PAPER Benefits of SD-WAN to the Distributed Enterprise 1 B enefits of SD-WAN to the Distributed Enterprise Branch Networking Today More Bandwidth, More Complexity Branch or remote office network
More informationCisco SDN 解决方案 ACI 的基本概念
Cisco SDN 解决方案 ACI 的基本概念 Presented by: Shangxin Du(@shdu)-Solution Support Engineer, Cisco TAC Aug 26 th, 2015 2013 Cisco and/or its affiliates. All rights reserved. 1 Type Consumption Delivery Big data,
More informationIntel Network Builders Solution Brief. Etisalat* and Intel Virtualizing the Internet. Flexibility
Intel Network Builders Solution Brief Etisalat* and Intel Virtualizing the Internet Gateway Gi-LAN for Service Flexibility Introduction Etisalat Group* is one of the world s leading telecom groups in emerging
More informationHow to live with IP forever
How to live with IP forever (or at least for quite some 5me) IPv6 to the rescue! Solves all problems with IPv4 Standardized during the 1990 s Final RFC in 1999 IPv4 vs IPv6 32- bit addresses IPSec op5onal
More information100 Gbps Open-Source Software Router? It's Here. Jim Thompson, CTO, Netgate
100 Gbps Open-Source Software Router? It's Here. Jim Thompson, CTO, Netgate @gonzopancho Agenda Edge Router Use Cases Need for Speed Cost, Flexibility, Control, Evolution The Engineering Challenge Solution
More informationSD-WANs and Lifecycle Service Orchestra8on (LSO) Pascal Menezes CTO, MEF
s and Lifecycle Service Orchestra8on (LSO) Pascal Menezes CTO, MEF Content About MEF, LSO and Vision MEF s Defini>on of MEF s Use Cases MEF s Vision of the Evolu>on of Summary MEF Created the $80B* Carrier
More information2013 ONS Tutorial 2: SDN Market Opportunities. Sizing the SDN Market Opportunities Lee Doyle, Doyle Research
2013 ONS Tutorial 2: SDN Market Opportunities Sizing the SDN Market Opportunities Lee Doyle, Doyle Research ldoyle@doyle-research.com April 15, 2013 1 1 SDN Market Overview SDN Opportunity is Unlimited
More informationBuilding Security Services on top of SDN
Building Security Services on top of SDN Gregory Blanc Télécom SudParis, IMT 3rd FR-JP Meeting on Cybersecurity WG7 April 25th, 2017 Keio University Mita Campus, Tokyo Table of Contents 1 SDN and NFV as
More informationSAFEGUARDING YOUR VIRTUALIZED RESOURCES ON THE CLOUD. May 2012
SAFEGUARDING YOUR VIRTUALIZED RESOURCES ON THE CLOUD May 2012 THE ECONOMICS OF THE DATA CENTER Physical Server Installed Base (Millions) Logical Server Installed Base (Millions) Complexity and Operating
More informationFlexplane: An Experimenta0on Pla3orm for Resource Management in Datacenters. Amy Ousterhout, Jonathan Perry, Hari Balakrishnan, Petr Lapukhov
Flexplane: An Experimenta0on Pla3orm for Resource Management in Datacenters Amy Ousterhout, Jonathan Perry, Hari Balakrishnan, Petr Lapukhov Datacenter Networks Applica0ons have diverse requirements Dozens
More informationNetwork+ Guide to Networks 6 th Edition
Network+ Guide to Networks 6 th Edition Chapter 10 Virtual Networks and Remote Access Objectives 1. Explain virtualization and identify characteristics of virtual network components 2. Create and configure
More informationCisco SD-WAN and DNA-C
Cisco SD-WAN and DNA-C SD-WAN Cisco SD-WAN Intent-based networking for the branch and WAN 4x Improved application experience Better user experience Deploy applications in minutes on any platform with consistent
More informationBackground. IBM sold expensive mainframes to large organiza<ons. Monitor sits between one or more OSes and HW
Virtual Machines Background IBM sold expensive mainframes to large organiza
More informationBROCADE CLOUD-OPTIMIZED NETWORKING: THE BLUEPRINT FOR THE SOFTWARE-DEFINED NETWORK
BROCADE CLOUD-OPTIMIZED NETWORKING: THE BLUEPRINT FOR THE SOFTWARE-DEFINED NETWORK Ken Cheng VP, Service Provider and Application Delivery Products September 12, 2012 Brocade Cloud-Optimized Networking
More informationAutomating the Software-Defined Data Center with vcloud Automation Center
Automating the Software-Defined Data Center with vcloud Automation Center Aviv Waiss, lead Cloud management Specialist 2014 VMware Inc. All rights reserved. The Impact of the Accelerating Pace of Business
More informationStandalone to SQL Server HA Clusters in Minutes.
Standalone to SQL Server HA Clusters in Minutes Connor.Cox@DH2i.com Failover Cluster Instances Instance- level failover Applica:on, OS, and infrastructure protec:on Fast, automated failover Free hdps://technet.microsog.com/en-
More informationStrategies to remove complexity from everyday infrastructure
Strategies to remove complexity from everyday infrastructure Nils Swart Director, Plexxi Open Network Exchange, Dallas 2013- April- 11 Why are we still here? Simplicity is the ultimate sophistication Leonardo
More informationCato Cloud. Solution Brief. Software-defined and Cloud-based Secure Enterprise Network NETWORK + SECURITY IS SIMPLE AGAIN
Cato Cloud Software-defined and Cloud-based Secure Enterprise Network Solution Brief NETWORK + SECURITY IS SIMPLE AGAIN Legacy WAN and Security Appliances are Incompatible with the Modern Enterprise The
More informationCato Cloud. Software-defined and cloud-based secure enterprise network. Solution Brief
Cato Cloud Software-defined and cloud-based secure enterprise network Solution Brief Legacy WAN and Security Appliances are Incompatible with the Modern Enterprise Cato Networks: Software-defined and Cloud-based
More informationSDN Security BRKSEC Alok Mittal Security Business Group, Cisco
SDN Security Alok Mittal Security Business Group, Cisco Security at the Speed of the Network Automating and Accelerating Security Through SDN Countering threats is complex and difficult. Software Defined
More informationUsing the Cisco ACE Application Control Engine Application Switches with the Cisco ACE XML Gateway
Using the Cisco ACE Application Control Engine Application Switches with the Cisco ACE XML Gateway Applying Application Delivery Technology to Web Services Overview The Cisco ACE XML Gateway is the newest
More informationOp#mizing PGAS overhead in a mul#-locale Chapel implementa#on of CoMD
Op#mizing PGAS overhead in a mul#-locale Chapel implementa#on of CoMD Riyaz Haque and David F. Richards This work was performed under the auspices of the U.S. Department of Energy by Lawrence Livermore
More informationIntroduc)on to SDN and NFV. Tomás Lynch Solu/on Architect III Ericsson
Introduc)on to SDN and NFV Tomás Lynch Solu/on Architect III Ericsson SoBware- Defined Networking THE PATH TO SDN Introduc)on to SDN & NFV Ericsson AB 2015 2015-09- 25 Page 2 IP Router Evolu)on In the
More informationRaj Jain (Washington University in Saint Louis) Mohammed Samaka (Qatar University)
APPLICATION DEPLOYMENT IN FUTURE GLOBAL MULTI-CLOUD ENVIRONMENT Raj Jain (Washington University in Saint Louis) Mohammed Samaka (Qatar University) GITMA 2015 Conference, St. Louis, June 23, 2015 These
More informationBe Fast, Cheap and in Control with SwitchKV. Xiaozhou Li
Be Fast, Cheap and in Control with SwitchKV Xiaozhou Li Goal: fast and cost-efficient key-value store Store, retrieve, manage key-value objects Get(key)/Put(key,value)/Delete(key) Target: cluster-level
More informationSDN TO BE OR NOT TO BE. Uwe Richter SE Director Russia/CIS, East and South East Europe
SDN TO BE OR NOT TO BE Uwe Richter SE Director Russia/CIS, East and South East Europe uwe@juniper.net FUNDAMENTAL PROBLEMS TO SOLVE Want more innovation in networking Want it more quickly too Want more
More informationNetwork Security: Network Flooding. Seungwon Shin GSIS, KAIST
Network Security: Network Flooding Seungwon Shin GSIS, KAIST Detecting Network Flooding Attacks SYN-cookies Proxy based CAPCHA Ingress/Egress filtering Some examples SYN-cookies Background In a TCP 3-way
More informationRule-Based Forwarding
Building Extensible Networks with Rule-Based Forwarding Lucian Popa Norbert Egi Sylvia Ratnasamy Ion Stoica UC Berkeley/ICSI Lancaster Univ. Intel Labs Berkeley UC Berkeley Making Internet forwarding flexible
More informationHardware Accelera+on in an SDN/NFV World: MRV POC with Charter Communica+ons
Hardware Accelera+on in an SDN/NFV World: MRV POC with Charter Communica+ons AusNOG 2016 Lightning Talk John Jones (jjones@mrv.com) Sept 2, 2016 Overview MRV NFV POC with Charter in Denver, Colorado. We
More informationCisco Nexus Data Broker
Data Sheet Cisco Nexus Data Broker Product Overview You used to monitor traffic mainly to manage network operations. Today, when you monitor traffic you can find out instantly what is happening throughout
More informationPrepAwayExam. High-efficient Exam Materials are the best high pass-rate Exam Dumps
PrepAwayExam http://www.prepawayexam.com/ High-efficient Exam Materials are the best high pass-rate Exam Dumps Exam : 642-541 Title : VPN and Security Cisco SAFE Implementation Exam (CSI) Vendors : Cisco
More informationDatabase Machine Administration v/s Database Administration: Similarities and Differences
Database Machine Administration v/s Database Administration: Similarities and Differences IOUG Exadata Virtual Conference Vivek Puri Manager Database Administration & Engineered Systems The Sherwin-Williams
More informationEnd to End SLA for Enterprise Multi-Tenant Applications
End to End SLA for Enterprise Multi-Tenant Applications Girish Moodalbail, Principal Engineer, Oracle Inc. Venugopal Iyer, Principal Engineer, Oracle Inc. The following is intended to outline our general
More informationCoVisor: A Composi,onal Hypervisor for So6ware- Defined Networks
CoVisor: A Composi,onal Hypervisor for So6ware- Defined Networks Xin Jin Jennifer Gossels, Jennifer Rexford, David Walker 1 So6ware- Defined Networking Centralized control with open APIs OpenFlow Applica,on
More informationEnding the Confusion About Software- Defined Networking: A Taxonomy
Ending the Confusion About Software- Defined Networking: A Taxonomy This taxonomy cuts through confusion generated by the flood of vendor SDN announcements. It presents a framework that network and server
More informationSDN for Multi-Layer IP & Optical Networks
SDN for Multi-Layer IP & Optical Networks Sterling d Perrin Senior Analyst, Heavy Reading Agenda Definitions for SDN and NFV SDN Drivers and Barriers SDN Use Cases and Applications General Uses Specific
More informationMitigating Branch Office Risks with SD-WAN
WHITE PAPER Mitigating Branch Office Risks with SD-WAN 1 M itigating Branch Office Risks with SD-WAN Branch Security Overview The branch or remote office stands out as a point of vulnerability in an increasingly
More informationBalancing Computation-Communication Tradeoffs in Scaling Network-Wide Intrusion Detection Systems
Balancing Computation-Communication Tradeoffs in Scaling Network-Wide Intrusion Detection Systems Victor Heorhiadi University of North Carolina Chapel Hill, NC, USA Michael K. Reiter University of North
More informationWindows Server System Center Azure Pack
Windows Server System Center Azure Pack Tenant Deployment Multi-Tier LOB Application Tenant Deployment Multi-Tier LOB Application Inbox feature for integrated management of IP addresses, domain
More informationAPPLICATION CENTRIC INFRASTRUCTURE
APPLICATION CENTRIC INFRASTRUCTURE Ulrich Hamm, Technical Solutions Architect, uhamm@cisco.com Jose Moreno, Technical Solutions Architect, josemor@cisco.com May 30, 2014 1 WHAT IS THE PROBLEM? (I) The
More informationSecuring Your Virtual World Harri Kaikkonen Channel Manager
Securing Your Virtual World Harri Kaikkonen Channel Manager Copyright 2009 Trend Micro Inc. Virtualisation On The Rise 16,000,000 Virtualized x86 shipments 14,000,000 12,000,000 10,000,000 8,000,000 6,000,000
More informationEvaluating the Security of Software Defined Networking
Evaluating the Security of Software Defined Networking This expert e-guide explores the latest challenges in network security. Get tips for evaluating network security virtualization and explore the security
More informationWHITE PAPER. Applying Software-Defined Security to the Branch Office
Applying Software-Defined Security to the Branch Office Branch Security Overview Increasingly, the branch or remote office is becoming a common entry point for cyber-attacks into the enterprise. Industry
More informationCato Cloud. Global SD-WAN with Built-in Network Security. Solution Brief. Cato Cloud Solution Brief. The Future of SD-WAN. Today.
Cato Cloud Global SD-WAN with Built-in Network Security Solution Brief 1 Legacy WAN and Security Appliances are Incompatible with the Modern Enterprise The rise of cloud applications and mobile workforces
More informationSDN (Software-Defined Networking) Enabling Network Innovation from Edge
SDN (Software-Defined Networking) Enabling Network Innovation from Edge Gaogang XIE http://www.fnii.cn http://www.ict.ac.cn Internet 20 Year in China April 20, 1994, NCFC (The National Computing and Networking
More informationG-NET: Effective GPU Sharing In NFV Systems
G-NET: Effective Sharing In NFV Systems Kai Zhang*, Bingsheng He^, Jiayu Hu #, Zeke Wang^, Bei Hua #, Jiayi Meng #, Lishan Yang # *Fudan University ^National University of Singapore #University of Science
More informationGet Your Datacenter SDN Ready. Ahmad Chehime Cisco ACI Strategic Product Sales Specialist SPSS Emerging Region
Get Your Datacenter SDN Ready Ahmad Chehime Cisco ACI Strategic Product Sales Specialist SPSS Emerging Region AGENDA Data Center Trends, Priorities, Concerns What Problems Are we Trying to Solve? Cisco
More informationMPLS vs SDWAN.
MPLS vs SDWAN MPLS MPLS It offers excellent QoS when it comes to avoiding packet loss and keeping a business s most important traffic flowing. This reliability is especially essential to maintain the quality
More informationVirtualization Overview. Joel Jaeggli AFNOG SS-E 2013
Virtualization Overview Joel Jaeggli AFNOG SS-E 2013 1 What are we using this Year? Mac-mini servers Intel core i7 quad core 8 hyperthreads 16GB of ram 2 x 256GB SATA SSD A pretty hefty server Less than
More informationThe IRATI project: objectives, outcomes and lessons learned
The IRATI project: objectives, outcomes and lessons learned 3 rd international RINA Workshop. Ghent. January 2015 Eduard Grasa (Fundació i2cat) on behalf of the IRATI team IRATI objectives, outcomes and
More informationNETWORK AND SD-VPN. Meshing legacy and Cloud Service Providers
NETWORK AND SD-VPN NETWORK AND SD-VPN Reduced network overheads and complexity, and an agile approach to Network Transformation. Cloud Gateway lets you reduce appliance sprawl and network aggregation points
More informationMyCloud Computing Business computing in the cloud, ready to go in minutes
MyCloud Computing Business computing in the cloud, ready to go in minutes In today s dynamic environment, businesses need to be able to respond quickly to changing demands. Using virtualised computing
More informationOracle Solaris 11: No-Compromise Virtualization
Oracle Solaris 11: No-Compromise Virtualization Oracle Solaris 11 is a complete, integrated, and open platform engineered for large-scale enterprise environments. Its built-in virtualization provides a
More informationEnabling Branch Office Consolidation
WHITE PAPER Enabling Branch Office Consolidation A Riverbed Technology White Paper Executive Summary The first wave of IT consolidation moved services out of the remote office and into the data center
More informationEthernet Wide Area Networking, Routers or Switches and Making the Right Choice
Ethernet Wide Area Networking, Routers or Switches and Making the Right Choice The Road To Ethernet WAN Various industry sources show trends in globalization and distribution, of employees moving towards
More informationImplementing A High Performance Virtualized CPE Solution
Implementing A High Performance Virtualized CPE Solution Hongjun Ni & Singfu Lee Intel HuachenTel Acknowledgement: Chuanguo Wang @HuachenTel Xuekun Hu, Jerry Zhang @Intel Ray Kinsella, Radu Nicolau @Intel
More informationPradeep Kathail Chief Software Architect Network Operating Systems Technology Group, Cisco Systems Inc.
Pradeep Kathail Chief Software Architect Network Operating Systems Technology Group, Cisco Systems Inc. March 4 th, 2014 2012 2010 Cisco and/or its affiliates. All rights reserved. 1 2012 Cisco and/or
More informationSCALING SOFTWARE DEFINED NETWORKS. Chengyu Fan (edited by Lorenzo De Carli)
SCALING SOFTWARE DEFINED NETWORKS Chengyu Fan (edited by Lorenzo De Carli) Introduction Network management is driven by policy requirements Network Policy Guests must access Internet via web-proxy Web
More informationOracle IaaS, a modern felhő infrastruktúra
Sárecz Lajos Cloud Platform Sales Consultant Oracle IaaS, a modern felhő infrastruktúra Copyright 2017, Oracle and/or its affiliates. All rights reserved. Azure Window collapsed Oracle Infrastructure as
More informationTransac'onal Libraries Alexander Spiegelman *, Guy Golan-Gueta, and Idit Keidar * Technion Yahoo Research
Transac'onal Libraries Alexander Spiegelman *, Guy Golan-Gueta, and Idit Keidar * * Technion Yahoo Research 1 Mul'-Threading is Everywhere 2 Agenda Mo@va@on Concurrent Data Structure Libraries (CDSLs)
More informationvcenter Operations Management Pack for NSX-vSphere
vcenter Operations Management Pack for NSX-vSphere vcenter Operations Manager 5.8 This document supports the version of each product listed and supports all subsequent versions until the document is replaced
More informationSoftware defined networking
Software defined networking Telecom Summit 2015 Anton Turygin IP Networks and Services solution architect Programmable Networks Drivers Network Evolution Agility Communication Services New Revenue Streams
More information