Verifiable Cloud Outsourcing for Network Func9ons (+ Verifiable Resource Accoun9ng for Cloud Services)
|
|
- Brooke Cannon
- 6 years ago
- Views:
Transcription
1 1 Verifiable Cloud Outsourcing for Network Func9ons (+ Verifiable Resource Accoun9ng for Cloud Services) Vyas Sekar vnfo joint with Seyed Fayazbakhsh, Mike Reiter VRA joint with Chen Chen, Petros Mania9s, Adrian Perrig, Amit Vasudevan
2 Middleboxes are valuable, Type of appliance Number Firewalls 166 NIDS 127 Media gateways 110 Load balancers 67 Proxies 66 VPN gateways 45 WAN Op9mizers 44 Voice gateways 11 but have many pain points! Based on survey responses + discussions High Capital Expenses Device Sprawl High Opera9ng Expenses e.g., separate management teams need manual tuning? Inflexible, difficult to extend à need for new boxes! [COMB, NSDI 12] 2
3 Case for Network Func9on Outsourcing (NFO) Today: High CapEx, OpEx, Delay in innova9on Cloud Provider + Economies of scale, pay- per use Internet + Simplifies configura9on & deployment [APLOMB, SIGCOMM 12] 3
4 Concerns with ceding control Cloud Provider Internet Correctness proper9es: Behavior, Performance, Accoun9ng Outside scope: Isola9on, privacy,.. [vnfo, HotMiddlebox 13] 4
5 5 What makes this challenging? Lack of visibility into the workload Dynamic, traffic- dependent, and proprietary ac9ons of the network func9ons Stochas9c effects introduced by the network
6 6 Outline Mo9va9on for verifiable NFO Formalizing proper9es A roadmap for vnfo Discussion
7 Formal Framework CPU, Mem Management Interface Net CPU, Mem B CPU, B Mem, B Net f 1 σ 1. in in,,... f n σ n Packet Space State Space f :( )! ( ) Reference implementa9on Customer sto bf i 7
8 8 Blackbox Behavioral Correctness in ˆf 1 σ 1. ˆfn σ n visible to customer in?? σ 1 σ n ˆf 1 ˆfn viable state? Is there some.
9 9 Snapshot Behavioral Correctness in ˆf 1 σ 1. ˆfn σ n visible to customer in ˆf 1 ˆfn same put? Would I get the σ 1. σ n?
10 Performance Correctness ˆf 1 σ 1. in in,,... ˆfn σ n t 1, t 2,... in in, ˆf 1 ˆfn take this long? Would it really σ 1. σ n t 1, t 2,... π 1, π 2,... Observed provider performance Reference performance 10
11 11 Did- I Accoun9ng Correctness ˆf 1 σ 1. in in,,... ˆfn σ n Did It actually consume? Charged value of resource r Consump9on of resource r by provider
12 12 Should- I Accoun9ng Correctness ˆf 1 σ 1. in in,,... ˆfn σ n Should It really cost this much? Consump9on of resource r by provider Consump9on of resource r by reference implementa9on
13 13 Outline Mo9va9on for NFO + vnfo Formalizing vnfo proper9es A roadmap for vnfo Discussion
14 14 Verifiable NFO (vnfo) Overview CPU, Mem Management Interface Net CPU, Mem B CPU, B Mem, B Net. in in,,... Each func9on is implemented as a virtual appliance. NFO provider deploys a trusted shim for logging. Customer
15 15 Behavioral + Performance Correctness CPU, Mem Management Interface Net CPU, Mem B CPU, B Mem, B Net. in in,,... Customer Shim logs: every packet, VM state, 9mestamps per packet
16 16 Challenges! CPU, Mem Management Interface Net CPU, Mem B CPU, B Mem, B Net. in in,, Middlebox ac9ons make it difficult to correlate logs 2. Scalability and performance impact due to logging Customer
17 Poten9al solu9ons to challenges 1. Lack of visibility into middlebox ac9ons: Packets may be modified by middleboxes. FlowTags: NSDI Scalability Infeasible to log all packets and processing stats. Trajectory Sampling 17
18 18 Outline Mo9va9on for NFO + vnfo Formalizing vnfo proper9es A roadmap for vnfo Verifiable accoun9ng for Did- I correctness Discussion
19 19 Did- I Accoun9ng Correctness ˆf 1 σ 1. in in,,... ˆfn σ n Did It actually consume? Charged value of resource r Consump9on of resource r by provider
20 Desired Proper9es Image Integrity What is running Execu9on Integrity How it is running Accoun9ng Integrity Only chargeable events are accounted 20
21 ALIBI Design Overview Co-tenant Instance Customer s Instance (VM) Integrity protected Trusted Untrusted Provider Software Observer chargeable event Report Verifier HW Image Integrity via Aqested Instance Launch Execu9on Integrity Accoun9ng Integrity via Guest- Plarorm Isola9on via Bracke9ng 21
22 22 ALIBI architecture Enhance KVM nested virtualiza9on with resource accoun9ng and protec9on L2 Guest KVM-L1 KVM-L0 HW L2 Guest Alibi Advantage Intercept cri9cal events No modifica9on to L1 hypervisor Current Implementa9on CPU accoun9ng Memory accoun9ng
23 Guest- Plarorm Isola9on (Execu9on Integrity) Memory Integrity Isolate memory pages M by instances M i is writeable only when instance i is running Control Flow Integrity Protect program stack by memory protec9on Monitor and validate guest- CPU state changes Storage Integrity Integrity protected file system 23
24 Bracke9ng (Accoun9ng integrity) map page unmap page A Instance 0 B Instance 1 Event Detec9on Control transfer Memory mapping and unmapping Event Aqribu9on Associate resource usage with CPU ownership Instance 0 C CPU Execution Event Repor9ng Collect event measurements Store and protect event measurements 24
25 25 CPU Accoun9ng Case Study Account CPU cycles directly used by L2 guest Protect Time Stamp Counter (TSC) register L2 Guest KVM-L1 KVM-L0 HW L2 Guest Alibi Get CPU cycles, e.g., RDTSC Entry into L2 guest Exit from L2 guest Virtualize TSC register Read Timestamp Counter
26 Overhead of ALIBI HW: Intel Xeon E (3.10Ghz) with 8GB RAM L2/L1: Ubuntu 9.04 (kernel version ) L0: Ubuntu (kernel version 3.5.0) and ALIBI single-level nested nested with accounting % Native (higher the better) Single- level virt. vs. na9ve (no virt.) : ~9.5% slowdown Nested virt. vs. Single- level virt. : ~6.3% slowdown ALIBI addi9onal: ~0.5% slowdown 26
27 27 Outline Mo9va9on for verifiable NFO Formalizing proper9es A roadmap for vnfo Discussion
28 Discussion Is the NFO provider willing to deploy a shim? What are the market implica9ons for customers? What is the role of SLAs? Should- I accoun9ng? I/O accoun9ng? Interes9ng anecdotes of correctness or accoun9ng problems? Minimal TCB? with nested? Crowdsourcing correctness? 28
Design and Implementa/on of a Consolidated Middlebox Architecture. Vyas Sekar Sylvia Ratnasamy Michael Reiter Norbert Egi Guangyu Shi
Design and Implementa/on of a Consolidated Middlebox Architecture Vyas Sekar Sylvia Ratnasamy Michael Reiter Norbert Egi Guangyu Shi 1 Need for Network Evolu/on New applica/ons Evolving threats Performance,
More informationAbstrac(ons for Middleboxes. à StonyBrook
Abstrac(ons for Middleboxes Vyas Sekar Intel Labs à StonyBrook Sylvia Ratnasamy UC Berkeley 1 Need for In- Network Func(ons Changing applica(ons Evolving threats Performance Security Compliance Policy
More information15-744: Computer Networking. Middleboxes and NFV
15-744: Computer Networking Middleboxes and NFV Middleboxes and NFV Overview of NFV Challenge of middleboxes Middlebox consolidation Outsourcing middlebox functionality Readings: Network Functions Virtualization
More informationPDP : A Flexible and Programmable Data Plane. Massimo Gallo et al.
PDP : A Flexible and Programmable Data Plane Massimo Gallo et al. Introduction Network Function evolution L7 Load Balancer TLS/SSL Server Proxy Server Firewall Introduction Network Function evolution Can
More informationMaking Middleboxes Someone Else s Problem: Network Processing as a Cloud Service
Making Middleboxes Someone Else s Problem: Network Processing as a Cloud Service Justine Sherry*, Shaddi Hasan*, Colin Scott*, Arvind Krishnamurthy, Sylvia Ratnasamy*, and Vyas Sekar * Typical Enterprise
More informationEnforcing Network- Wide Policies in the Presence of Dynamic Middlebox Ac>ons using FlowTags
Enforcing Network- Wide Policies in the Presence of Dynamic Middlebox Ac>ons using FlowTags Seyed K. Fayazbakhsh *, Luis Chiang, Vyas Sekar *, Minlan Yu, Jeffrey Mogul * CMU, Deutsche Telekom, USC, Google
More informationNetwork in the Cloud: a Map-and-Encap Approach
Network in the Cloud: a Map-and-Encap Approach Damien Saucez Wassim Haddad Inria Ericsson IEEE CloudNet 12 Enterprise network www ISP1 SOHO ISP2 Internet 2 Enterprise network (contd.) Survey on 57 enterprise
More informationSafeBricks: Shielding Network Functions in the Cloud
SafeBricks: Shielding Network Functions in the Cloud Rishabh Poddar, Chang Lan, Raluca Ada Popa, Sylvia Ratnasamy UC Berkeley Network Functions (NFs) in the cloud Clients 2 Enterprise Destination Network
More informationMPLS vs SDWAN.
MPLS vs SDWAN MPLS MPLS It offers excellent QoS when it comes to avoiding packet loss and keeping a business s most important traffic flowing. This reliability is especially essential to maintain the quality
More informationToday s Objec4ves. Data Center. Virtualiza4on Cloud Compu4ng Amazon Web Services. What did you think? 10/23/17. Oct 23, 2017 Sprenkle - CSCI325
Today s Objec4ves Virtualiza4on Cloud Compu4ng Amazon Web Services Oct 23, 2017 Sprenkle - CSCI325 1 Data Center What did you think? Oct 23, 2017 Sprenkle - CSCI325 2 1 10/23/17 Oct 23, 2017 Sprenkle -
More informationRED HAT ENTERPRISE VIRTUALIZATION 3.0
RED HAT ENTERPRISE VIRTUALIZATION 3.0 YOUR STRATEGIC VIRTUALIZATION ALTERNATIVE John Rinehart, Product Marke3ng Manager Mark St. Laurent, Senior Solu3on Architect Email: msl@redhat.com March 28, 2012 AGENDA
More informationVirtualization. Introduction. Why we interested? 11/28/15. Virtualiza5on provide an abstract environment to run applica5ons.
Virtualization Yifu Rong Introduction Virtualiza5on provide an abstract environment to run applica5ons. Virtualiza5on technologies have a long trail in the history of computer science. Why we interested?
More informationM 2 R: Enabling Stronger Privacy in MapReduce Computa;on
M 2 R: Enabling Stronger Privacy in MapReduce Computa;on Anh Dinh, Prateek Saxena, Ee- Chien Chang, Beng Chin Ooi, Chunwang Zhang School of Compu,ng Na,onal University of Singapore 1. Mo;va;on Distributed
More informationIntel Network Builders Solution Brief. Etisalat* and Intel Virtualizing the Internet. Flexibility
Intel Network Builders Solution Brief Etisalat* and Intel Virtualizing the Internet Gateway Gi-LAN for Service Flexibility Introduction Etisalat Group* is one of the world s leading telecom groups in emerging
More informationCNIT 50: Network Security Monitoring. 2. Collecting Network Traffic: Access, Storage, and Management
CNIT 50: Network Security Monitoring 2. Collecting Network Traffic: Access, Storage, and Management Topics A Sample Network for a Pilot NSM System IP Addresses and Network Address Translation Choosing
More informationINSTALLATION RUNBOOK FOR. VNF (virtual firewall) 15.1X49-D30.3. Liberty. Application Type: vsrx Version: MOS Version: 8.0. OpenStack Version:
INSTALLATION RUNBOOK FOR Juniper vsrx Application Type: vsrx Version: VNF (virtual firewall) 15.1X49-D30.3 MOS Version: 8.0 OpenStack Version: Liberty 1 Introduction 1.1 Target Audience 2 Application Overview
More informationOracle Mul*tenant. The Bea'ng Heart of Database as a Service. Debaditya Cha9erjee Senior Principal Product Manager Oracle Database, Product Management
Oracle Mul*tenant The Bea'ng Heart of Database as a Service Debaditya Cha9erjee Senior Principal Product Manager Oracle Database, Product Management Safe Harbor Statement The following is intended to outline
More informationNetworks and Opera/ng Systems Chapter 21: Virtual Machine Monitors ( )
Networks and Opera/ng Systems Chapter 21: Virtual Machine Monitors (252 0062 00) Donald Kossmann & Torsten Hoefler Frühjahrssemester 2013 Systems Group Department of Computer Science ETH Zürich Last /me:
More informationSecure Server Project. Xen Project Developer Summit 2013 Adven9um Labs Jason Sonnek
Secure Server Project Xen Project Developer Summit 2013 Adven9um Labs Jason Sonnek 1 Outline I. Mo9va9on, Objec9ves II. Threat Landscape III. Design IV. Status V. Roadmap 2 Mo9va9on In a nutshell: Secure
More informationBackground. IBM sold expensive mainframes to large organiza<ons. Monitor sits between one or more OSes and HW
Virtual Machines Background IBM sold expensive mainframes to large organiza
More informationWIND RIVER TITANIUM CLOUD FOR TELECOMMUNICATIONS
WIND RIVER TITANIUM CLOUD FOR TELECOMMUNICATIONS Carrier networks are undergoing their biggest transformation since the beginning of the Internet. The ability to get to market quickly and to respond to
More informationEBOOK: VMware Cloud on AWS: Optimized for the Next-Generation Hybrid Cloud
EBOOK: VMware Cloud on AWS: Optimized for the Next-Generation Hybrid Cloud Contents Introduction... 3 What is VMware Cloud on AWS?... 5 Customer Benefits of Adopting VMware Cloud on AWS... 6 VMware Cloud
More informationTALK THUNDER SOFTWARE FOR BARE METAL HIGH-PERFORMANCE SOFTWARE FOR THE MODERN DATA CENTER WITH A10 DATASHEET YOUR CHOICE OF HARDWARE
DATASHEET THUNDER SOFTWARE FOR BARE METAL YOUR CHOICE OF HARDWARE A10 Networks application networking and security solutions for bare metal raise the bar on performance with an industryleading software
More informationCS 350 Winter 2011 Current Topics: Virtual Machines + Solid State Drives
CS 350 Winter 2011 Current Topics: Virtual Machines + Solid State Drives Virtual Machines Resource Virtualization Separating the abstract view of computing resources from the implementation of these resources
More informationBuilding Security Services on top of SDN
Building Security Services on top of SDN Gregory Blanc Télécom SudParis, IMT 3rd FR-JP Meeting on Cybersecurity WG7 April 25th, 2017 Keio University Mita Campus, Tokyo Table of Contents 1 SDN and NFV as
More informationLecture 09: VMs and VCS head in the clouds
Lecture 09: VMs and VCS head in the Hands-on Unix system administration DeCal 2012-10-29 1 / 20 Projects groups of four people submit one form per group with OCF usernames, proposed project ideas, and
More informationElastic Virtual Network Function Placement CloudNet 2015
Elastic Virtual Network Function Placement CloudNet 215 M. GHAZNAVI, A. KHAN, N. SHAHRIAR, KH. ALSUBHI, R. AHMED, R. BOUTABA DAVID R. CHERITON SCHOOL OF COMPUTER SCIENCE UNIVERSITY OF WATERLOO Outline
More informationChapter 3 Virtualization Model for Cloud Computing Environment
Chapter 3 Virtualization Model for Cloud Computing Environment This chapter introduces the concept of virtualization in Cloud Computing Environment along with need of virtualization, components and characteristics
More informationPolicy-preserving Middlebox Placement in SDN-Enabled Data Centers
Policy-preserving Middlebox Placement in SDN-Enabled Data Centers Bin Tang Computer Science Department California State University Dominguez Hills Some slides are from www.cs.berkeley.edu/~randy/courses/cs268.f08/lectures/22-
More informationRIGHTNOW A C E
RIGHTNOW A C E 2 0 1 4 2014 Aras 1 A C E 2 0 1 4 Scalability Test Projects Understanding the results 2014 Aras Overview Original Use Case Scalability vs Performance Scale to? Scaling the Database Server
More informationPolicy-Sealed Data: A New Abstraction for Building Trusted Cloud Services
Max Planck Institute for Software Systems Policy-Sealed Data: A New Abstraction for Building Trusted Cloud Services 1, Rodrigo Rodrigues 2, Krishna P. Gummadi 1, Stefan Saroiu 3 MPI-SWS 1, CITI / Universidade
More information100 Gbps Open-Source Software Router? It's Here. Jim Thompson, CTO, Netgate
100 Gbps Open-Source Software Router? It's Here. Jim Thompson, CTO, Netgate @gonzopancho Agenda Edge Router Use Cases Need for Speed Cost, Flexibility, Control, Evolution The Engineering Challenge Solution
More informationNested Virtualization and Server Consolidation
Nested Virtualization and Server Consolidation Vara Varavithya Department of Electrical Engineering, KMUTNB varavithya@gmail.com 1 Outline Virtualization & Background Nested Virtualization Hybrid-Nested
More informationG-NET: Effective GPU Sharing In NFV Systems
G-NET: Effective Sharing In NFV Systems Kai Zhang*, Bingsheng He^, Jiayu Hu #, Zeke Wang^, Bei Hua #, Jiayi Meng #, Lishan Yang # *Fudan University ^National University of Singapore #University of Science
More informationAnalytics in the Cloud Mandate or Option?
Analytics in the Cloud Mandate or Option? Rick Lower Sr. Director of Analytics Alliances Teradata 1 The SAS & Teradata Partnership Overview Partnership began in 2007 to improving analytic performance Teradata
More informationBackground. IBM sold expensive mainframes to large organiza<ons. Monitor sits between one or more OSes and HW
Virtual Machines Background IBM sold expensive mainframes to large organiza
More informationVirtual Security Gateway Overview
This chapter contains the following sections: Information About the Cisco Virtual Security Gateway, page 1 Cisco Virtual Security Gateway Configuration for the Network, page 10 Feature History for Overview,
More informationBuilding a Big IaaS Cloud. David /
Building a Big IaaS Cloud David Nalley @ke4qqq ke4qqq@apache.org / david@gnsa.us #whoami Recovering Sysadmin F/LOSS contributor Committer on Apache CloudStack Assumptions You have a need for an IaaS compute
More informationUsing Dynamic Voltage Frequency Scaling and CPU Pinning for Energy Efficiency in Cloud Compu1ng. Jakub Krzywda Umeå University
Using Dynamic Voltage Frequency Scaling and CPU Pinning for Energy Efficiency in Cloud Compu1ng Jakub Krzywda Umeå University How to use DVFS and CPU Pinning to lower the power consump1on during periods
More informationAn Analysis and Empirical Study of Container Networks
An Analysis and Empirical Study of Container Networks Kun Suo *, Yong Zhao *, Wei Chen, Jia Rao * University of Texas at Arlington *, University of Colorado, Colorado Springs INFOCOM 2018@Hawaii, USA 1
More informationOpenADN: A Case for Open Application Delivery Networking
OpenADN: A Case for Open Application Delivery Networking Subharthi Paul, Raj Jain, Jianli Pan Washington University in Saint Louis {Pauls, jain, jp10}@cse.wustl.edu International Conference on Computer
More informationLooking ahead with IBM i. 10+ year roadmap
Looking ahead with IBM i 10+ year roadmap 1 Enterprises Trust IBM Power 80 of Fortune 100 have IBM Power Systems The top 10 banking firms have IBM Power Systems 9 of top 10 insurance companies have IBM
More informationEndBox: Scalable Middlebox Functions Using Client-Side Trusted Execution
: Scalable Functions Using -Side Trusted Execution Image CC-BY-SA Victorgrigas David Goltzsche, 1 Signe Rüsch, 1 Manuel Nieke, 1 Sébastien Vaucher, 2 Nico Weichbrodt, 1 Valerio Schiavoni, 2 Pierre-Louis
More informationAWS: Basic Architecture Session SUNEY SHARMA Solutions Architect: AWS
AWS: Basic Architecture Session SUNEY SHARMA Solutions Architect: AWS suneys@amazon.com AWS Core Infrastructure and Services Traditional Infrastructure Amazon Web Services Security Security Firewalls ACLs
More informationDell EMC Hyper-Converged Infrastructure
Dell EMC Hyper-Converged Infrastructure New normal for the modern data center GLOBAL SPONSORS Traditional infrastructure and processes are unsustainable Expensive tech refreshes, risky data migrations
More informationMyCloud Computing Business computing in the cloud, ready to go in minutes
MyCloud Computing Business computing in the cloud, ready to go in minutes In today s dynamic environment, businesses need to be able to respond quickly to changing demands. Using virtualised computing
More informationData Protection for Cisco HyperFlex with Veeam Availability Suite. Solution Overview Cisco Public
Data Protection for Cisco HyperFlex with Veeam Availability Suite 1 2017 2017 Cisco Cisco and/or and/or its affiliates. its affiliates. All rights All rights reserved. reserved. Highlights Is Cisco compatible
More informationStatus Update About COLO (COLO: COarse-grain LOck-stepping Virtual Machines for Non-stop Service)
Status Update About COLO (COLO: COarse-grain LOck-stepping Virtual Machines for Non-stop Service) eddie.dong@intel.com arei.gonglei@huawei.com yanghy@cn.fujitsu.com Agenda Background Introduction Of COLO
More informationNetSlices: Scalable Mul/- Core Packet Processing in User- Space
NetSlices: Scalable Mul/- Core Packet Processing in - Space Tudor Marian, Ki Suh Lee, Hakim Weatherspoon Cornell University Presented by Ki Suh Lee Packet Processors Essen/al for evolving networks Sophis/cated
More informationUsing Network Virtualization in DevOps environments Yves Fauser, 22. March 2016 (Technical Product Manager VMware NSBU)
Using Network Virtualization in DevOps environments Yves Fauser, 22. March 2016 (Technical Product Manager VMware NSBU) 2014 VMware Inc. All rights reserved. Who is standing in front of you? Yves Fauser
More informationThe Top 10 Reasons to Replace Your Branch Router with SD-WAN. An ebook presented by Silver Peak Systems
The Top 10 Reasons to Replace Your Branch Router with SD-WAN An ebook presented by Silver Peak Systems MODERN ENTERPRISES RUN IN THE CLOUD. TRADITIONAL ROUTER-CENTRIC WAN ARCHITECTURES WEREN T DESIGNED
More informationEthernet Fabrics- the logical step to Software Defined Networking (SDN) Frank Koelmel, Brocade
Ethernet Fabrics- the logical step to Software Defined Networking (SDN) Frank Koelmel, Brocade fkoelmel@broc 10/28/2013 2 2012 Brocade Communications Systems, Inc. Proprietary Information ETHERNET FABRICS
More informationOPTIMAL ROUTING VS. ROUTE REFLECTOR VNF - RECONCILE THE FIRE WITH WATER
OPTIMAL ROUTING VS. ROUTE REFLECTOR VNF - RECONCILE THE FIRE WITH WATER Rafal Jan Szarecki #JNCIE136 Solu9on Architect, Juniper Networks. AGENDA Route Reflector VNF - goals Route Reflector challenges and
More informationReVirt: Enabling Intrusion Analysis through Virtual Machine Logging and Replay
ReVirt: Enabling Intrusion Analysis through Virtual Machine Logging and Replay Or We Can Remember It for You Wholesale (with apologies to Philip K. Dick) George Dunlap, Sam King, SukruCinar, MurtazaBasraiand
More informationAccelerate Your Cloud Journey
Dubai, UAE 20th March 2013 Accelerate Your Cloud Journey James Spearman Dimension Data - Solutions Architect Cloud 2012 2011 Cisco and/or its affiliates. All rights reserved. Cisco Connect 1 Dimension
More informationGuarded Modules: Adap/vely Extending the VMM s Privileges Into the Guest
Guarded Modules: Adap/vely Extending the VMM s Privileges Into the Guest Kyle C. Hale Peter Dinda Department of Electrical Engineering and Computer Science Northwestern University hip://halek.co hip://presciencelab.org
More informationNetwork function virtualization
Network function virtualization Ankit Singla ETH Zürich Spring 2017 News from SIGCOMM 2017 36 papers (out of 250 submissions) On every topic we covered / will cover 2 papers from ETH! 2 An update Beyond
More informationLeviathan redux. John L. Manferdelli Intel Science and Technology Center for Secure Compu;ng UC, Berkeley
Leviathan redux John L. Manferdelli Intel Science and Technology Center for Secure Compu;ng UC, Berkeley Joint work with Tom Roeder (Google), Fred Schneider (Cornell) And Kevin Walsh of Mt Holyoke College
More informationCCW Workshop Technical Session on Mobile Cloud Compu<ng
CCW Workshop Technical Session on Mobile Cloud Compu
More informationAccelerate your Software Delivery Lifecycle with IBM Development and Test Environment Services
Accelerate your Software Delivery Lifecycle with IBM Development and Test Environment Services DevOps Best Practices for High-Performing Enterprises Enterprise capability for continuous software delivery
More informationMaking Network Functions Software-Defined
Making Network Functions Software-Defined Yotam Harchol VMware Research / The Hebrew University of Jerusalem Joint work with Anat Bremler-Barr and David Hay Appeared in ACM SIGCOMM 2016 THE HEBREW UNIVERSITY
More informationThe Road to a Secure, Compliant Cloud
The Road to a Secure, Compliant Cloud The Road to a Secure, Compliant Cloud Build a trusted infrastructure with a solution stack from Intel, IBM Cloud SoftLayer,* VMware,* and HyTrust Technology innovation
More informationDatabase Machine Administration v/s Database Administration: Similarities and Differences
Database Machine Administration v/s Database Administration: Similarities and Differences IOUG Exadata Virtual Conference Vivek Puri Manager Database Administration & Engineered Systems The Sherwin-Williams
More informationAchieving safe, certified, multicore avionics systems with Separation Kernel Hypervisors
Safety & Security for the Connected World Achieving safe, certified, multicore avionics systems with Separation Kernel Hypervisors 13 October 2015 Mark Pitchford, Technical Manager, EMEA Achieving safe,
More informationSAFEGUARDING YOUR VIRTUALIZED RESOURCES ON THE CLOUD. May 2012
SAFEGUARDING YOUR VIRTUALIZED RESOURCES ON THE CLOUD May 2012 THE ECONOMICS OF THE DATA CENTER Physical Server Installed Base (Millions) Logical Server Installed Base (Millions) Complexity and Operating
More informationVirtualization Practices: Providing a Complete Virtual Solution in a Box
PRESENTATION TITLE GOES HERE Virtualization Practices: Providing a Complete Virtual Solution in a Box Jyh-shing Chen / NetApp SNIA Legal Notice The material contained in this tutorial is copyrighted by
More informationVirtual Appliance Applications. Yao-Min Chen
Virtual Appliance Applications Yao-Min Chen Outline Introduction to Case Study 1: License Server Virtual Appliance Case Study 2: Distributed Virtual Switch (DVS) Controller Virtual Appliance Intrusion
More informationVirtualization & On-Premise Cloud
Key Solutions Virtualization & On-Premise Cloud Hive Fabric provides the economics and simplicity of the Public Cloud in your data center. No more VMware Tax or proprietary HCI hardware. Expensive, proprietary,
More informationDeveloping, Deploying and Managing Applications on the Cloud
Developing, Deploying and Managing Applications on the Cloud Jayabalan S CTO & Co-Founder September 10, 2011 Agenda 1 2 3 4 5 6 7 8 9 10 Introduction Computing Evolution IT Challenges and Importance of
More informationGetting to Know Apache CloudStack
Getting to Know Apache CloudStack Joe Brockmeier PPMC Member Apache CloudStack jzb@apache.org Five Six Characteristics of Clouds On-Demand Self-Service Broad Network Access Resource Pooling Rapid Elasticity
More information1Y Designing Citrix XenDesktop 7.6 Solutions
1Y0-401 - Designing Citrix XenDesktop 7.6 Solutions 1. Scenario: CGE acquires a small energy company that is running MGMT, a proprietary 16-bit application. A Citrix Architect is tasked with deploying
More informationLeverage the Citrix WANScaler Software Client to Increase Application Performance for Mobile Users
Leverage the Citrix WANScaler Software Client to Increase Application Performance for Mobile Users Daniel Künzli System Engineer ANG Switzerland Citrix Systems International GmbH Specifications and Architecture
More informationMonitoring IPv6 Content Accessibility and Reachability. Contact: R. Guerin University of Pennsylvania
Monitoring IPv6 Content Accessibility and Reachability Contact: R. Guerin (guerin@ee.upenn.edu) University of Pennsylvania Outline Goals and scope So=ware overview Func@onality, performance, and requirements
More informationVMware vshield Edge Design Guide
ware Technical WHITE PAPER ware Overview The new virtual datacenter (vdc) infrastructure deployments enable IT to provide on-demand infrastructure services to its customers on a common, shared infrastructure
More informationNetAlly. Application Advisor. Distributed Sites and Applications. Monitor and troubleshoot end user application experience.
NetAlly Application Advisor Monitor End User Experience for Local and Remote Users, Distributed Sites and Applications Part of the OptiView Management Suite (OMS) OMS provides the breadth of visibility
More informationAnd Then There Were More:
David Naylor Carnegie Mellon And Then There Were More: Secure Communication for More Than Two Parties Richard Li University of Utah Christos Gkantsidis Microsoft Research Thomas Karagiannis Microsoft Research
More informationCYBER SECURITY MALAYSIA AWARDS, CONFERENCE & EXHIBITION (CSM-ACE) Securing Virtual Environments
CYBER SECURITY MALAYSIA AWARDS, CONFERENCE & EXHIBITION (CSM-ACE) 2010 October 25 29, 2010 Kuala Lumpur Convention Centre Securing Virtual Environments Raimund Genes CTO Trend Micro The Changing Datacenter
More informationSymantec Data Loss Preven2on 12.5 Demo Presenta2on
Symantec Data Loss Preven2on 12.5 Demo Presenta2on 1 Our Understanding PROJECT DRIVERS & DATA TO PROTECT Regulatory compliance PCI, GLBA Data inventory and cleansing SSNs, CCNs [Replace these bullet points
More informationA Fine-grained Performance-based Decision Model for Virtualization Application Solution
A Fine-grained Performance-based Decision Model for Virtualization Application Solution Jianhai Chen College of Computer Science Zhejiang University Hangzhou City, Zhejiang Province, China 2011/08/29 Outline
More informationVirtualization. Michael Tsai 2018/4/16
Virtualization Michael Tsai 2018/4/16 What is virtualization? Let s first look at a video from VMware http://www.vmware.com/tw/products/vsphere.html Problems? Low utilization Different needs DNS DHCP Web
More informationMidoNet Scalability Report
MidoNet Scalability Report MidoNet Scalability Report: Virtual Performance Equivalent to Bare Metal 1 MidoNet Scalability Report MidoNet: For virtual performance equivalent to bare metal Abstract: This
More informationChapter 5 C. Virtual machines
Chapter 5 C Virtual machines Virtual Machines Host computer emulates guest operating system and machine resources Improved isolation of multiple guests Avoids security and reliability problems Aids sharing
More informationDell EMC Hyper-Converged Infrastructure
Dell EMC Hyper-Converged Infrastructure New normal for the modern data center Nikolaos.Nikolaou@dell.com Sr. Systems Engineer Greece, Cyprus & Malta GLOBAL SPONSORS Traditional infrastructure and processes
More informationDistributed Systems. 31. The Cloud: Infrastructure as a Service Paul Krzyzanowski. Rutgers University. Fall 2013
Distributed Systems 31. The Cloud: Infrastructure as a Service Paul Krzyzanowski Rutgers University Fall 2013 December 12, 2014 2013 Paul Krzyzanowski 1 Motivation for the Cloud Self-service configuration
More informationHyper-Converged Infrastructure: Providing New Opportunities for Improved Availability
Hyper-Converged Infrastructure: Providing New Opportunities for Improved Availability IT teams in companies of all sizes face constant pressure to meet the Availability requirements of today s Always-On
More informationCloud Strategies for Addressing IT Challenges
Cloud Strategies for Addressing IT Challenges Mark Bowker Senior Analyst Enterprise Strategy Group Introduction Mark Bowker, Senior Analyst U.S. Headquarters 20 Asylum Street Milford, MA 01757 2011 Enterprise
More informationTCC, so your business continues
TCC, so your business continues 1 Whitepaper Executive summary The TCC (Tuxis Cloud Concept) is a smart way to build hosting infrastructures for your private cloud and virtual datacenter. It natively integrates
More informationMiddleboxes. CSU CS557 - Fall 2017 Instructor: Lorenzo De Carli
Middleboxes CSU CS557 - Fall 2017 Instructor: Lorenzo De Carli What is a middlebox? Middlebox : networking parlance for any network device which performs analysis and/or transformation of application-level
More informationUse Case Brief BUILDING A PRIVATE CLOUD PROVIDING PUBLIC CLOUD FUNCTIONALITY WITHIN THE SAFETY OF YOUR ORGANIZATION
Use Case Brief BUILDING A PRIVATE CLOUD PROVIDING PUBLIC CLOUD FUNCTIONALITY WITHIN THE SAFETY OF YOUR ORGANIZATION At many enterprises today, end users are demanding a powerful yet easy-to-use Private
More informationWHITE PAPER ARUBA SD-BRANCH OVERVIEW
WHITE PAPER ARUBA SD-BRANCH OVERVIEW June 2018 Table of Contents Overview of the Traditional Branch...1 Adoption of Cloud Services...1 Shift to the Internet as a Business Transport Medium...1 Increasing
More informationVirtualization Security & Audit. John Tannahill, CA, CISM, CGEIT, CRISC
Virtualization Security & Audit John Tannahill, CA, CISM, CGEIT, CRISC jtannahi@rogers.com Session Overview Virtualization Concepts Virtualization Technologies Key Risk & Control Areas Audit Programs /
More informationTop 5 Reasons HPE Delivers the Best Microsoft Azure Stack Solution
Top 5 Reasons HPE Delivers the Best Microsoft Azure Stack Solution Bageshri Kundu Worldwide Product Manager, Cloud Solutions September 2018 HPE ProLiant for Microsoft Azure Stack Deliver Azure-consistent
More informationIntel Open Network Platform. Recep Ozdag Intel Networking Division May 8, 2013
Intel Open Network Platform Recep Ozdag Intel Networking Division May 8, 2013 Agenda Traditional Networking vs. SDN Intel Open Network Platform (ONP) Introduction SDN Use Cases Future of ONP Traditional
More informationCisco Cloud Services Router 1000V with Cisco IOS XE Software Release 3.13
Q&A Cisco Cloud Services Router 1000V with Cisco IOS XE Software Release 3.13 Q. What is the Cisco Cloud Services Router 1000V? A. The Cisco Cloud Services Router 1000V (CSR 1000V) is a router in virtual
More informationWorkload Mobility and Disaster Recovery to VMware Cloud IaaS Providers
VMware vcloud Architecture Toolkit for Service Providers Workload Mobility and Disaster Recovery to VMware Cloud IaaS Providers Version 2.9 January 2018 Adrian Roberts 2018 VMware, Inc. All rights reserved.
More informationThe Mitigation of Threats and Risks in the Process of Virtualization by Securing the Hypervisor Control Factor
The Mitigation of Threats and Risks in the Process of Virtualization by Securing the Hypervisor Control Factor A. S. Thiab *,1,2,a, and A. S. Shibghatullah 1,b 1 Optimization, Modelling, Analysis, Simulation
More informationInnovative Solutions. Trusted Performance. Intelligently Engineered. Comparison of SD WAN Solutions. Technology Brief
Innovative. Trusted Performance. Intelligently Engineered. Comparison of SD WAN Technology Brief Comparison of SD WAN SD-WAN Overview By the end of 2019, 30% of enterprises will use SD-WAN products in
More informationOriginally prepared by Lehigh graduate Greg Bosch; last modified April 2016 by B. Davison
Virtualization Originally prepared by Lehigh graduate Greg Bosch; last modified April 2016 by B. Davison I. Introduction to Virtualization II. Virtual liances III. Benefits to Virtualization IV. Example
More informationExtreme Networks Session Director
Data Sheet Highlights Designed for 4G/LTE, 5G Mobile Network Operators, and IoT scale Maximizes utilization of existing monitoring solutions with subscriberaware network traffic load balancing, filtering,
More informationOpenNebula on VMware: Cloud Reference Architecture
OpenNebula on VMware: Cloud Reference Architecture Version 1.2, October 2016 Abstract The OpenNebula Cloud Reference Architecture is a blueprint to guide IT architects, consultants, administrators and
More information