State Synchronization for Fast Failover of Stateful Firewall VNF
|
|
- Francine Hubbard
- 6 years ago
- Views:
Transcription
1 Institute of Computer Science Chair of Communication Networks Prof. Dr.-Ing. P. Tran-Gia State Synchronization for Fast Failover of Stateful Firewall VNF, Claas Lorenz, Alexander Müssig, Steffen Gebert, Thomas Zinner, Phuoc Tran-Gia rdine ne-project.org comnet.informatik.uni-wuerzburg.de
2 Motivation u Traditional deployment: Single hardware device separates networks Internal Network xternal etwork 2
3 Motivation u Traditional deployment: Single hardware device separates networks u Resilience: Secondary instance as hot standby Hot Standby Internal Network xternal etwork Active StandBy 3
4 Motivation u Traditional deployment: Single hardware device separates networks u Resilience: Secondary instance as hot standby u Softwarization: Firewall software running in virtual machine Hot Standby xternal etwork Active Internal Network StandBy 4
5 Motivation u Traditional deployment: Single hardware device separates networks u Resilience: Secondary instance as hot standby u Softwarization: Firewall software running in virtual machine u NFV: Multiple active VNF instances scaling horizontally xternal etwork Internal Network 5
6 Motivation u First approaches described by the research community u Demands: Horizontal scalability: Scale in and scale out Resilience: Failover mechanisms u Open questions: Detailed design specifications Suitable synchronization mechanisms Performance evaluations à No existing firewall VNF meets these requirements 6
7 Agenda u Motivation u Background u Concept of a cloud-based firewall Failover Scale in/out Synchronization u Implementation VNF firewall module Test bed configuration u Evaluation 7
8 Firewalling Packet Filter OSI-Layer 3 (L4) *:* à :80 *:* à *:* (implicite) X CLOSED Stateful Firewall OSI-Layer 4 *:*, TCP-SYN à :80 *:*, TCP-ACK :80 X SYN SYN SYN- ACK SYN-SENT SYN-ACK-SENT SYN ACK Application Layer Firewall OSI-Layer 7 *:*, HTTP GET /index.html *:*, HTTP GET /evil.html ACK ACK ESTABLISHED Client Firewall S X 8
9 Concept Management Layer Coordination Cluster health Management Layer Master Master Master Data Plane Layer Load balancing Traffic redirection Packet inspection VNF VNF VNF Data Plane Layer Load Balancer 9
10 Example: Traffic Flow Master Key n 1 n 2 Value Established SYN-ACK Established 1 Key Conn 1 Conn 2 Value Established Established 2 3 Key Conn 1 Conn 2 Value Established Established te Table State Table State Table ACK SYN SYN- ACK 10
11 Example: Fail over Master X Key Value Key Value n 1 Established 1 Conn 1 Established 2 3 n 2 Established Conn 2 Established te Table State Table Key Conn 1 Conn 2 State Table Value Established Established 11
12 Example: Scale Out Master W Key Conn 1 Conn 2 Value Established Established 2 3 Key Conn 1 Conn 2 Value Established Established State Table State Table 12
13 Implementation u Erlang is a functional programming language by Ericsson: Provides high availability Specialized for multithreading u Prototypical implementation: Stateful firewall: Every state is logged and packets are inspected Cluster size expands dynamically u Parameter configuration: Synchronization level Data access Synchronization strategy 13
14 Firewall Modules Firewall VNF Firewall VNF Shared State Table Firewall VN CP states to nchronize Sync. Level tateful packet filtering 14
15 Synchronization Levels u Propagating levels for TCP states: NONE: No changes are propagated ESTABLISHED: Only essential state changes Established and Closed are propagated FULL: All changes are propagated to the network CLOSED SYN SYN SYN-SENT VNF VNF VNF VNF SYN- ACK SYN-ACK-SENT SYN- ACK VNF VNF ACK ACK ESTABLISHED External Network Internal Network lient Firewall Server 15
16 Firewall Modules Firewall VNF Firewall VNF Shared State Table Firewall VN rite mode to shared state Data Access None Est Full None Est Fu CP states to nchronize None Est Full Sync. Level tateful packet filtering 16
17 Database Write Clean transaction context Dirty transaction context Lock database Write to database Unlock database Write to database Maintains data consistency: Only one process can update a record Low performance: Requires locking and unlocking the database + - High performance: Directly update the record No data consistency guarantee: Ignore side effects of concurrent acces 17
18 Firewall Modules Firewall VNF Firewall VNF Firewall VN Shared State Table rite confirmation ong the cluster rite mode shared state Sync. Strategy Dirty Clean Data Access Dirty Clean None Est Full Dirty Clea None Est Fu CP states to nchronize None Est Full Sync. Level tateful packet filtering 18
19 Confirmation Strategies Synchronized confirmation strategy Asynchronized confirmation strategy Instruct Write Forward packet Instruct Write Forward packet Write to database Confirm Write Confirm Instruction Write to database + - Maintains data consistency: Throughout the entire cluster Low performance: Wait for all nodes to confirm write + - High performance: Concurrent write and packet forwarding No data consistency: A successful write cannot be ensured 19
20 Firewall Modules Firewall VNF Firewall VNF Firewall VN Shared State Table rite confirmation ong the cluster rite mode to shared state Async. Sync. Sync. Strategy Dirty Clean Data Access Async. Sync. Dirty Clean None Est Full Async. Sync Dirty Clean None Est Ful CP states to nchronize None Est Full Sync. Level tateful packet filtering 20
21 Test Bed Configuration Master SDN Controller: RYU (REST API)... VNF VNF VNF Internal Network ternal twork Client Open vswitch Web Server 21
22 Methodology u Test bed setup: One Monitoring node One active firewall node One backup firewall node u Scenario: Downloading index.html (1 Byte) from web server Different load levels of 25 and 100 concurrent connections 10 runs with 10,000 downloads each u Parameter configuration: Synchronization level Data access Synchronization strategy u Objective: TCP connection setup times Asynchronous Dirty NONE Performance Consistency ESTABLISHED Firewall VNF State Table Async. Dirty None Est Sync. Clean Full Synchr Cle FU 22
23 Database Access Strategies Concurrency Level 25 Concurrency Level 100 Load Level 25 Load Level 100 u Load level 25: Minor difference up to 2ms u Load level 100: Significant difference up to 15ms u Increased impact for higher concurrency leve u Dirty context significantly faster than transacti Async. Sync. Async. Sync. Synchronization Method u Contrary to all expectations, synchronous transactions faster than asynchronous transa Context Dirty Transaction 23
24 Synchronization Level Concurrency Load Level Level Concurrency Concurrency Load Level Level 25 Level Concurrency Level 100 Async. Dirty Sync. Dirty Connection Setup Time [ms] Async. Trans Sync. Async. Async. Sync. Async. Sync. Async. Sync. Trans. Dirty Dirty Trans. Dirty Trans. Database Access Sync. Async. Trans. Dirty Database Access Sync. Level None Sync. Established Level Full None Established Full u Dirty context: More synchronization leads to higher connection setup times u Transaction context: ESTABLISHED faster than NONE à More balanced database tables u Synchronization levels show higher impact at higher concurrency levels u Increased connection setup times for FULL synchronization Sync. Dirty Async. Trans. Sync. Trans. 24
25 Cluster Sizes nodes on physical KVM server ditional nodes connected via OpenStack Master VNF... VNF VNF VNF VNF Physical Server OpenStack Clou 25
26 Cluster Sizes nodes on physical KVM server ditional nodes connected via OpenStack rty context: rger Cluster Slower connection setup Load Level 25 Load Level 100 ansaction context: Load level 25: Cluster size 3 with highest setup times Load level 100: Larger cluster à Slower connection setup 6 26
27 u Concept of a stateful firewall VNF Horizontal scalability Failover Conclusion and Outlook u Prototypical implementation of a stateful firewall VNF Different database access strategies Varying synchronization levels u Test bed setup Multiple VMs running firewall VNF Connection to OpenStack cloud to increase cluster size u Investigation of TCP connection setup times w.r.t. consistency and performance Synchronizing all states leads to 19-26% slower connection setup times 20% faster connection setup times when focusing on performance Cluster sizes of 6 and 9 adds delay of 7% and 10% in comparison to a size of 3 u Future work: Alternative data stores Firewall VNF State Table Async. Dirty None Est Sync. Clean Full 27
Using SDN and NFV to Realize a Scalable and Resilient Omni-Present Firewall
Institute of Computer Science Chair of Communication Networks Prof. Dr.-Ing. P. Tran-Gia Using SDN and NFV to Realize a Scalable and Resilient Omni-Present Firewall comnet.informatik.uni-wuerzburg.de SarDiNe
More informationEthernet Fabrics- the logical step to Software Defined Networking (SDN) Frank Koelmel, Brocade
Ethernet Fabrics- the logical step to Software Defined Networking (SDN) Frank Koelmel, Brocade fkoelmel@broc 10/28/2013 2 2012 Brocade Communications Systems, Inc. Proprietary Information ETHERNET FABRICS
More informationSDN+NFV Next Steps in the Journey
SDN+NFV Next Steps in the Journey Margaret T. Chiosi AT&T Labs Distinguished Architect SDN-NFV Realization 2015 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks
More informationFirewall offloading based on SDN and NFV
Chair of Communication Networks Department of Electrical and Computer Engineering Technical University of Munich Firewall offloading based on SDN and NFV ITG 5.2.2/5.2.4 05.12.2016 Raphael Durner r.durner@tum.de
More informationThomas Lin, Naif Tarafdar, Byungchul Park, Paul Chow, and Alberto Leon-Garcia
Thomas Lin, Naif Tarafdar, Byungchul Park, Paul Chow, and Alberto Leon-Garcia The Edward S. Rogers Sr. Department of Electrical and Computer Engineering University of Toronto, ON, Canada Motivation: IoT
More informationUNIVERSITY OF CAGLIARI
UNIVERSITY OF CAGLIARI DIEE - Department of Electrical and Electronic Engineering Infrastrutture ed Applicazioni Avanzate nell Internet SDN: Control Plane ACK: content taken from Foundations of Modern
More informationFully Scalable Networking with MidoNet
Fully Scalable ing with MidoNet Sandro Mathys Community Manager Sandro Mathys MidoNet Community Manager at Midokura Former Linux Systems Engineer Long standing contributor to Fedora & RDO Twitter / Freenode
More informationGR Reference Models. GR Reference Models. Without Session Replication
, page 1 Advantages and Disadvantages of GR Models, page 6 SPR/Balance Considerations, page 7 Data Synchronization, page 8 CPS GR Dimensions, page 9 Network Diagrams, page 12 The CPS solution stores session
More informationBenchmarking Drafts Overview for Members of SDNRG (94th IETF, Yokohama)
Benchmarking Drafts Overview for Members of SDNRG (, Yokohama) Contr oller Perfo rman ce (A Charter of BMWG) Draft References Authors draft-ietf-bmwg-sdn-controller-benchmark-term-00 draft-ietf-bmwg-sdn-controller-benchmark-meth-00
More informationUsing Concurrent Multipath Transmission for Transport Virtualization: Analyzing Path Selection
Institute of Computer Science Department of Distributed Systems Prof. Dr.-Ing. P. Tran-Gia Using Concurrent Multipath Transmission for Transport Virtualization: Analyzing Path Selection T. Zinner (Uni
More informationVoltDB vs. Redis Benchmark
Volt vs. Redis Benchmark Motivation and Goals of this Evaluation Compare the performance of several distributed databases that can be used for state storage in some of our applications Low latency is expected
More informationExam : Implementing Microsoft Azure Infrastructure Solutions
Exam 70-533: Implementing Microsoft Azure Infrastructure Solutions Objective Domain Note: This document shows tracked changes that are effective as of January 18, 2018. Design and Implement Azure App Service
More informationAccelerating SDN and NFV Deployments. Malathi Malla Spirent Communications
Accelerating SDN and NFV Deployments Malathi Malla Spirent Communications 2 Traditional Networks Vertically integrated Closed, proprietary Slow innovation 3 Infinite Complexity of Testing Across virtual
More informationAuto-Scaling Capability Support in ONAP
Auto-Scaling Capability Support in ONAP Rashmin Patel Network Platforms Group, Intel Corporation December 12, 2017 Agenda Edge NFV Introduction Telco s Scalability Core Infrastructure Operations Generic
More informationBridging OPNFV and ETSI Yardstick and the methodology for pre-deployment validation of NFV Infrastructure
Bridging OPNFV and ETSI Yardstick and the methodology for pre-deployment validation of NFV Infrastructure Ana Cunha (Ericsson) ana.cunha@ericsson.com Agenda The facts The questions The ETSI-NFV methodology
More informationQuartzV: Bringing Quality of Time to Virtual Machines
QuartzV: Bringing Quality of Time to Virtual Machines Sandeep D souza and Raj Rajkumar Carnegie Mellon University IEEE RTAS @ CPS Week 2018 1 A Shared Notion of Time Coordinated Actions Ordering of Events
More informationWIND RIVER TITANIUM CLOUD FOR TELECOMMUNICATIONS
WIND RIVER TITANIUM CLOUD FOR TELECOMMUNICATIONS Carrier networks are undergoing their biggest transformation since the beginning of the Internet. The ability to get to market quickly and to respond to
More informationSoftware-Defined Networking (SDN) Overview
Reti di Telecomunicazione a.y. 2015-2016 Software-Defined Networking (SDN) Overview Ing. Luca Davoli Ph.D. Student Network Security (NetSec) Laboratory davoli@ce.unipr.it Luca Davoli davoli@ce.unipr.it
More informationWhat Multisite Means for Identity Management
What Multisite Means for Identity Management Multisite Howard Huang, Huawei 2 Outline Multisite Project Overview Multisite Identity Management Use Case Proposed Solution Demo Upstream Bug Report 3 Multisite
More informationNEC Virtualized Evolved Packet Core vepc
TE-524262 NEC Virtualized Evolved Packet Core vepc Design Concepts and Benefits INDEX Leading the transformation into Mobile Packet Core Virtualization P.3 vepc System Architecture Overview P.4 Elastic
More informationTRex Realistic Traffic Generator
DEVNET-1120 TRex Realistic Traffic Generator Hanoch Haim, Principal Engineer Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this session in the Cisco
More informationHow to Perform a Manual High Availability Failover
How to Perform a Manual High Availability Failover In an HA setup, the primary CloudGen Firewall stays active until a serious problem occurs. If virtual servers and services must be shut down (for example,
More informationUpgrade the ASA FirePOWER Module
This document describes how to upgrade the ASA FirePOWER module using ASDM or the Firepower Management Center, depending on your management choice. Refer to Upgrade the ASA Appliance or ASAv to determine
More informationRESTCOMMONE. Load Balancer. Copyright All Rights Reserved Page 2
RESTCOMMONE Load Balancer Copyright All Rights Reserved Page 2 RestcommONE Core Components RestcommOne Connect Visual Designer Web Browser WebRTC SDK s Mobile WebRTC SDK s RESTful API Layer RestcommOne
More informationHA for OpenStack: Connecting the dots
HA for OpenStack: Connecting the dots Raghavan Rags Srinivas Rackspace OpenStack Meetup, Washington DC on Jan. 23 rd 2013 Rags Solutions Architect at Rackspace for OpenStack-based Rackspace Private Cloud
More informationMWC 2015 End to End NFV Architecture demo_
MWC 2015 End to End NFV Architecture demo_ March 2015 demonstration @ Intel booth Executive summary The goal is to demonstrate how an advanced multi-vendor implementation of the ETSI ISG NFV architecture
More informationBroker Clusters. Cluster Models
4 CHAPTER 4 Broker Clusters Cluster Models Message Queue supports the use of broker clusters: groups of brokers working together to provide message delivery services to clients. Clusters enable a Message
More informationWasser drauf, umrühren, fertig?
Wasser drauf, umrühren, fertig? Steffen Miller Principal Sales Consultant Agenda Motivation Was ist ein WebLogic Cluster? Cluster Konzepte Q & A WLS HA Focus Areas Data Failure Human
More informationNetwork Function Virtualization (NFV)
Network Function Virtualization (NFV) Roch Glitho, PhD Associate Professor and Canada Research Chair My URL - http://users.encs.concordia.ca/~glitho/ References 1. R. Mijumbi et al., Network Function Virtualization:
More informationApplication of SDN: Load Balancing & Traffic Engineering
Application of SDN: Load Balancing & Traffic Engineering Outline 1 OpenFlow-Based Server Load Balancing Gone Wild Introduction OpenFlow Solution Partitioning the Client Traffic Transitioning With Connection
More informationJuniper JN0-410 Exam. Volume: 65 Questions. Question No: 1 What are two valid service VMs in a service chain? (Choose two.) A.
Volume: 65 Questions Question No: 1 What are two valid service VMs in a service chain? (Choose two.) A. gateway B. load balancer C. orchestrator D. firewall Answer: B,D Question No: 2 Which role does OpenStack
More informationArchitecture: Consolidated Platform. Eddie Augustine Major Accounts Manager: Federal
Architecture: Consolidated Platform Eddie Augustine Major Accounts Manager: Federal Current DoD Situation Stovepipes of Technology icontrol Customization irules Solutions Security Access Availability Load
More informationSD-WAN Deployment Guide (CVD)
SD-WAN Deployment Guide (CVD) All Cisco Meraki security appliances are equipped with SD-WAN capabilities that enable administrators to maximize network resiliency and bandwidth efficiency. This guide introduces
More informationDesigning for Scalability. Patrick Linskey EJB Team Lead BEA Systems
Designing for Scalability Patrick Linskey EJB Team Lead BEA Systems plinskey@bea.com 1 Patrick Linskey EJB Team Lead at BEA OpenJPA Committer JPA 1, 2 EG Member 2 Agenda Define and discuss scalability
More informationQoS/QoE in future IoT/5G Networks: A Telco transformation infrastructure perspective.
TIM BRASIL Rio de Janeiro, 29 de Novembro de 2017 QoS/QoE in future IoT/5G Networks: A Telco transformation infrastructure perspective. AGENDA THE CONTEXT: UNDERSTANDING THE SCENARIOS TECHNOLOGIES, ARCHITECTURES
More information2. How DX activen unique technology works
1. - Topic DX can work in active/passive mode as any other load balancer. However, unlike any other device, the DX can work in active/active or activen mode for all its Cluster / Forwarder / Redirector
More informationSQL Server Virtualization 201
Virtualization 201 Management and Risk Mitigation PASS Virtualization Virtual Chapter 2014.05.15 About David Klee @kleegeek davidklee.net gplus.to/kleegeek linked.com/a/davidaklee Specialties / Focus Areas
More informationLecture 14 SDN and NFV. Antonio Cianfrani DIET Department Networking Group netlab.uniroma1.it
Lecture 14 SDN and NFV Antonio Cianfrani DIET Department Networking Group netlab.uniroma1.it Traditional network vs SDN TRADITIONAL Closed equipment Software + hardware Cost Vendor-specific management.
More informationOpenStack Networking: Where to Next?
WHITE PAPER OpenStack Networking: Where to Next? WHAT IS STRIKING IS THE PERVASIVE USE OF OPEN VSWITCH (OVS), AND AMONG NEUTRON FEATURES, THE STRONG INTEREST IN SOFTWARE- BASED NETWORKING ON THE SERVER,
More informationETSI NFV #19 SpecFest Denver 2017
ETSI NFV #19 SpecFest Denver 2017 VNF Scaling with Nokia VNFM Nokia CloudBand Application Manager (CBAM) Hunor Demeter CBAM, Product Owner hunor.demeter@nokia.com 1 Agenda 1 2 ETSI NFV Nokia VNF Manager
More informationZhang Chen Zhang Chen Copyright 2017 FUJITSU LIMITED
Introduce Introduction And And Status Status Update Update About About COLO COLO FT FT Zhang Chen Zhang Chen Agenda Background Introduction
More informationScalable Cloud Management with Management Objectives
Scalable Cloud Management with Management Objectives Rolf Stadler, Fetahi Wuhib School of Electrical Engineering KTH, Royal Institute of Technology, Sweden RMAC Project Meeting, Delft, NL, February 20,
More informationVeeam Backup & Replication v6
Veeam Backup & Replication v6 Part 3: Advanced Replication Doug Hazelman Vice President of Product Strategy Anton Gostev Director of Product Management Release contents subject to change prior to general
More informationDistributed Network Function Virtualization
Distributed Network Function Virtualization Fred Oliveira, Fellow at Verizon Sarath Kumar, Software Engineer at Big Switch Networks Rimma Iontel, Senior Architect at Red Hat Outline What is Distributed
More informationAdvanced CSR Lab with High Availability and Transit VPC
Advanced CSR Lab with High Availability and Transit VPC Fan Yang, Cisco, Engineer, Technical Marketing Nikolai Pitaev, Cisco, Engineer, Technical Marketing LTRVIR-3004 Agenda Slides (30 Min.): CSR 1000V
More informationDesign and Implementation of Virtual TAP for Software-Defined Networks
Design and Implementation of Virtual TAP for Software-Defined Networks - Master Thesis Defense - Seyeon Jeong Supervisor: Prof. James Won-Ki Hong Dept. of CSE, DPNM Lab., POSTECH, Korea jsy0906@postech.ac.kr
More informationInvestigating the Impact of Network Topology on the Processing Times of SDN Controllers
Investigating the Impact of Network Topology on the Processing Times of SDN Controllers Christopher Metter, Steffen Gebert, Stanislav Lange, Thomas Zinner, Phuoc Tran-Gia, Michael Jarschel University of
More informationInternet Technology. 15. Things we didn t get to talk about. Paul Krzyzanowski. Rutgers University. Spring Paul Krzyzanowski
Internet Technology 15. Things we didn t get to talk about Paul Krzyzanowski Rutgers University Spring 2016 May 6, 2016 352 2013-2016 Paul Krzyzanowski 1 Load Balancers Load Balancer External network NAT
More informationDeploying TeraVM in an OpenStack Environment
Application Note Deploying TeraVM in an OpenStack Environment VIAVI Solutions TeraVM in OpenStack* is revolutionizing IP testing! Never before has it been as easy or cost effective to scale test traffic
More informationNFV ACCELERATION INTRODUCTION. Presenter Ning Zong
NFV ACCELERATION INTRODUCTION Presenter Ning Zong (zongning@huawei.com) 1 Some History - Why Acceleration is Beneficial to NFV PoC#21 - Network Intensive and Compute Intensive Hardware Acceleration ETSI
More informationHow to Configure Route 53 for F-Series Firewalls in AWS
How to Configure Route 53 for F-Series Firewalls in AWS If you are running multiple stacks in different AWS regions, or multiple deployments in a single region, you must configure AWS Route 53 to access
More informationLearning with Purpose
Network Measurement for 100Gbps Links Using Multicore Processors Xiaoban Wu, Dr. Peilong Li, Dr. Yongyi Ran, Prof. Yan Luo Department of Electrical and Computer Engineering University of Massachusetts
More informationConfiguring NAT for High Availability
Configuring NAT for High Availability Last Updated: December 18, 2011 This module contains procedures for configuring Network Address Translation (NAT) to support the increasing need for highly resilient
More informationCorrigendum 3. Tender Number: 10/ dated
(A premier Public Sector Bank) Information Technology Division Head Office, Mangalore Corrigendum 3 Tender Number: 10/2016-17 dated 07.09.2016 for Supply, Installation and Maintenance of Distributed Denial
More informationMicrosoft Exchange Server 2013 and 2016 Deployment
Microsoft Exchange Server 2013 and 2016 Deployment Barracuda Networks has conducted interoperability tests using the Barracuda Load Balancer ADC and Microsoft Exchange Server 2013 and Microsoft Exchange
More informationOverview. CPS Architecture Overview. Operations, Administration and Management (OAM) CPS Architecture Overview, page 1 Geographic Redundancy, page 5
CPS Architecture, page 1 Geographic Redundancy, page 5 CPS Architecture The Cisco Policy Suite (CPS) solution utilizes a three-tier virtual architecture for scalability, system resilience, and robustness
More informationJames Won-Ki Hong. Distributed Processing & Network Management Lab. Dept. of Computer Science and Engineering POSTECH, Korea.
James Won-Ki Hong Distributed Processing & Network Management Lab. Dept. of Computer Science and Engineering POSTECH, Korea jwkhong@postech.ac.kr 2017. 7. 6 DPNM Lab., POSTECH NetSoft 2017 DEP Network
More informationESCALATOR DESIGN CONSIDERATIONS
ESCALATOR DESIGN CONSIDERATIONS Release brahmaputra.1.0 (9ba9270) OPNFV May 28, 2016 CONTENTS 1 Reference Architecture 3 1.1 Precondition of Upgrade......................................... 4 2 Information
More informationBeBanjo Infrastructure and Security Overview
BeBanjo Infrastructure and Security Overview Can you trust Software-as-a-Service (SaaS) to run your business? Is your data safe in the cloud? At BeBanjo, we firmly believe that SaaS delivers great benefits
More information<Insert Picture Here> Oracle NoSQL Database A Distributed Key-Value Store
Oracle NoSQL Database A Distributed Key-Value Store Charles Lamb The following is intended to outline our general product direction. It is intended for information purposes only,
More informationData Center Interconnection
Dubrovnik, Croatia, South East Europe 20-22 May, 2013 Data Center Interconnection Network Service placements Yves Louis TSA Data Center 2011 2012 Cisco and/or its affiliates. All rights reserved. Cisco
More informationvrealize Operations Management Pack for NSX for vsphere 3.0
vrealize Operations Management Pack for NSX for vsphere 3.0 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition.
More informationvrealize Operations Management Pack for NSX for vsphere 3.5.0
vrealize Operations Management Pack for NSX for vsphere 3.5.0 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition.
More informationLive Migration of Virtualized Edge Networks: Analytical Modeling and Performance Evaluation
Live Migration of Virtualized Edge Networks: Analytical Modeling and Performance Evaluation Walter Cerroni, Franco Callegati DEI University of Bologna, Italy Outline Motivations Virtualized edge networks
More informationCustomize OpenStack for Telco NFV
Security Level: Customize OpenStack for Telco NFV Tianran Zhou (zhoutianran@huawei.com) Feng Dong (albert.dongfeng@huawei.com) www.huawei.com HUAWEI TECHNOLOGIES CO., LTD. Motivation Linux as a general
More informationMySQL High-Availability
MySQL High-Availability with the Percona replication manager (PRM) Yves Trudeau April, 2014 About myself : Yves Trudeau Principal architect at Percona since 2009 With MySQL then Sun, 2007 to 2009 Focus
More informationManaging Openstack in a cloud-native way
Managing Openstack in a cloud-native way Alberto García Marcel Haerry Red Hat Cloud Architect Over 5 years helping companies to adopt emerging technologies Network engineer in a previous life Leading the
More informationImproving the Expected Quality of Experience in Cloud-Enabled Wireless Access Networks
Improving the Expected Quality of Experience in Cloud-Enabled Wireless Access Networks Dr. Hang Liu & Kristofer Smith Department of Electrical Engineering and Computer Science The Catholic University of
More informationDocument Sub Title. Yotpo. Technical Overview 07/18/ Yotpo
Document Sub Title Yotpo Technical Overview 07/18/2016 2015 Yotpo Contents Introduction... 3 Yotpo Architecture... 4 Yotpo Back Office (or B2B)... 4 Yotpo On-Site Presence... 4 Technologies... 5 Real-Time
More informationADVA FSP 150 ProVMe. Performance and Functionality Test Report. Introduction. VNF Lifecycle Management
ADVA FSP 150 ProVMe Performance and Functionality Test Report Introduction EANTC was commissioned by Intel under the Intel Network Builders program to perform independent tests of the ADVA FSP 150 ProVMe
More informationCommunication System Design Projects. Communication System Design:
Communication System Design Projects KUNGLIGA TEKNISKA HÖGSKOLAN PROFESSOR: DEJAN KOSTIC TEACHING ASSISTANT: GEORGIOS KATSIKAS Communication System Design: https://www.kth.se/social/course/ik2200/ Traditional
More informationContainers OpenStack. Murano brings Docker & Kubernetes to OpenStack. Serg Melikyan. software.mirantis.com. January 27, 2015
Containers OpenStack Murano brings Docker & Kubernetes to OpenStack Serg Melikyan software.mirantis.com January 27, 2015 Agenda Introduction Murano Kubernetes Empowering Docker on OpenStack Kubernetes
More informationMySQL Replication Options. Peter Zaitsev, CEO, Percona Moscow MySQL User Meetup Moscow,Russia
MySQL Replication Options Peter Zaitsev, CEO, Percona Moscow MySQL User Meetup Moscow,Russia Few Words About Percona 2 Your Partner in MySQL and MongoDB Success 100% Open Source Software We work with MySQL,
More informationSCALE AND SECURE MOBILE / IOT MQTT TRAFFIC
APPLICATION NOTE SCALE AND SECURE MOBILE / IOT TRAFFIC Connecting millions of devices requires a simple implementation for fast deployments, adaptive security for protection against hacker attacks, and
More informationPerformance and Security Influence of Augmenting IDS using SDN and NFV
Performance and Security Influence of Augmenting IDS using SDN and NFV SSP 2017 2017/11/9 http://se.informatik.uni-wuerzburg.de/ Content Motivation Background Approach Evaluation Conclusion 1 MOTIVATION
More informationIntroduction. Delivering Management as Agile as the Cloud: Enabling New Architectures with CA Technologies Virtual Network Assurance Solution
Delivering Management as Agile as the Cloud: Enabling New Architectures with CA Technologies Virtual Network Assurance Solution Introduction Service providers and IT departments of every type are seeking
More informationHP Helion OpenStack Carrier Grade 1.1: Release Notes
HP Helion OpenStack Carrier Grade 1.1: Release Notes HP Helion OpenStack Carrier Grade Contents 2 Contents HP Helion OpenStack Carrier Grade 1.1: Release Notes...3 Changes in This Release... 5 Usage Caveats...7
More informationPerformance Considerations of Network Functions Virtualization using Containers
Performance Considerations of Network Functions Virtualization using Containers Jason Anderson, et al. (Clemson University) 2016 International Conference on Computing, Networking and Communications, Internet
More informationSurvey on Cloud Infrastructure Service: OpenStack Compute
Survey on Cloud Infrastructure Service: OpenStack Compute Vignesh Ravindran Sankarbala Manoharan School of Informatics and Computing Indiana University, Bloomington IN {ravindrv, manohars}@indiana.edu
More informationNew Features in VMware vsphere (ESX 4)
New Features in VMware vsphere (ESX 4) VMware vsphere Fault Tolerance FT VMware Fault Tolerance or FT is a new HA solution from VMware for VMs. It is only available in vsphere 4 and above and provides
More informationThe Function Placement Problem (FPP)
Chair of Communication Networks Department of Electrical and Computer Engineering Technical University of Munich The Function Placement Problem (FPP) Wolfgang Kellerer Technical University of Munich Dagstuhl,
More informationThe Interoperability Challenge in. Telecom and NFV Environments. Carsten Rossenhövel, EANTC Chris Price, Ericsson Ildikó Váncsa, OpenStack Foundation
The Interoperability Challenge in Telecom and NFV Environments Carsten Rossenhövel, EANTC Chris Price, Ericsson Ildikó Váncsa, OpenStack Foundation Open source testing Commercial implementation testing
More informationDesign and development of the reactive BGP peering in softwaredefined routing exchanges
Design and development of the reactive BGP peering in softwaredefined routing exchanges LECTURER: HAO-PING LIU ADVISOR: CHU-SING YANG (Email: alen6516@gmail.com) 1 Introduction Traditional network devices
More informationExperiences in Realizing Large Robust Software Defined Networks. Ravi Manghirmalani Ramesh Subrahmaniam
Experiences in Realizing Large Robust Software Defined Networks Ravi anghirmalani Ramesh Subrahmaniam Controller Offload SDN mandates a split of control and forwarding plane The control and forwarding
More informationHPE Helion OpenStack Carrier Grade 1.1 Release Notes HPE Helion
HPE Helion OpenStack Carrier Grade 1.1 Release Notes 2017-11-14 HPE Helion Contents HP Helion OpenStack Carrier Grade 1.1: Release Notes... 3 Changes in This Release... 3 Usage Caveats...4 Known Problems
More informationSelf-Protecting Multi-Paths A Simple and Efficient Protection Switching Mechanism
University of Würzburg Dept. of Distributed Systems Prof. Dr. P. Tran-Gia, Jens Milbrandt, Andreas Reifert Self-Protecting Multi-Paths A Simple and Efficient Protection Switching Mechanism Outline > Overview
More informationHigh Availability Options
, on page 1 Load Balancing, on page 2 Distributed VPN Clustering, Load balancing and Failover are high-availability features that function differently and have different requirements. In some circumstances
More informationUpgrading Your System a Telco User Perspective. Ulrich Kleber San Francisco November 2015
Upgrading Your System a Telco User Perspective Ulrich Kleber San Francisco November 2015 Outline Introduction and Requirements Upgrade Scenarios OPNFV Escalator Project 2 Outline Introduction and Requirements
More informationElastic Network Functions: Opportunities and Challenges
Elastic Network Functions: Opportunities and Challenges Robert Szabo (Ericsson Research) EU-FP7-UNIFY Project UNIFY is co-funded by the European Commission DG CONNECT in FP7 Outline ETSI Elastic VNF with
More informationWhite Paper. How to select a cloud disaster recovery method that meets your requirements.
How to select a cloud disaster recovery method that meets your requirements. VS Table of contents Table of contents Page 2 Executive Summary Page 3 Introduction Page 3 Disaster Recovery Methodologies Page
More informationNETWORK FUNCTIONS VIRTUALIZATION (NFV) FORCES-BASED ABSTRACTION LAYER
NETWORK FUNCTIONS VIRTUALIZATION (NFV) FORCES-BASED ABSTRACTION LAYER Evangelos Haleplidis (ehalep@ece.upatras.gr) Jamal Hadi Salim (hadi@mojatatu.com) Joel Halpern (joel.halpern@ericsson.com ) Odysseas
More informationTo get a feel for how to use the FIREWALL > Live page in NextGen Admin, watch the following video:
Under the Live tab, you can view and filter real-time information for the traffic that passes through the Barracuda NextGen Firewall F-Series. You can also manage the traffic sessions. To access the Live
More informationLoad Balancing For Clustered Barracuda CloudGen WAF Instances in the New Microsoft Azure Management Portal
Load Balancing For Clustered Barracuda CloudGen WAF Instances in the New Microsoft Azure Management This guide will walk you through the steps to load balance traffic across multiple instances of the Barracuda
More informationAvi Vantage Platform Architecture
WHITE PAPER WHITE PAPER Avi Vantage Platform Architecture Industry s first intent-based application services platform based on a software-defined scale-out architecture for multi-cloud environments EXECUTIVE
More informationCourse Objectives In this course, students can expect to learn how to:
CNS-222 Citrix NetScaler Essentials and Unified Gateway The objective of this course is to provide the foundational concepts and teach the skills necessary to deploy, secure and manage a Citrix NetScaler
More informationMesh Networks
Institute of Computer Science Department of Distributed Systems Prof. Dr.-Ing. P. Tran-Gia Decentralized Bandwidth Management in IEEE 802.16 Mesh Networks www3.informatik.uni-wuerzburg.de Motivation IEEE
More informationSmartNIC Programming Models
SmartNIC Programming Models Johann Tönsing 207-06-07 207 Open-NFP Agenda SmartNIC hardware Pre-programmed vs. custom (C and/or P4) firmware Programming models / offload models Switching on NIC, with SR-IOV
More informationNGF0502 AWS Student Slides
NextGen Firewall AWS Use Cases Barracuda NextGen Firewall F Implementation Guide Architectures and Deployments Based on four use cases Edge Firewall Secure Remote Access Office to Cloud / Hybrid Cloud
More informationFirepower Threat Defense Cluster for the Firepower 4100/9300
Firepower Threat Defense Cluster for the Firepower 4100/9300 Clustering lets you group multiple Firepower Threat Defense units together as a single logical device. Clustering is only supported for the
More informationHillstone CloudEdge For Network Function Virtualization (NFV) Solutions
Hillstone CloudEdge For Network Function Virtualization (NFV) Solutions Introduction With the advancing technologies, business applications and operations naturally have become more dynamic in order to
More information