Network Management. Simulation can use real network data and execute near its origin. Adaptable monitoring improves scalability and flexibility

Size: px
Start display at page:

Download "Network Management. Simulation can use real network data and execute near its origin. Adaptable monitoring improves scalability and flexibility"

Transcription

1 ANCORS:AdaptableNetworkCOntrolandReporting SRI-CSL System LivioRicciulli,PhillipPorras,NachumShacham March19,1998 agement,activenetworking,anddistributedsimulationinauniedparadigmtoassist intheassessment,control,anddesignofcomputernetworks.thispaperexplores ANCORSisadistributedtoolsuitethatmergestechnologyfromnetworkman- Abstract chitectureoerssubstantialsoftwarereuse,scalability,andexibilityandsupportsan someoftheadvantagesthatcanbeobtainedfrommergingthethreetechnologies,and extensiblemechanismtoemploymultiplenetworkmanagementprotocolsofvarying degreesofcomplexity.thispaperalsodescribesnetworkengineeringandmonitoring describeshowancorsintegratescomplementaryelementsofeach.ancors'sar- servicesthatwereimplementedtoprototypesomeofancors'sarchitecturalideas 1 Introduction andprovidepracticalexperiencefortheirrenement. controlmechanismsandthenatureofinformationexchanged. TheInternetwillbecomeincreasinglydynamic.ChangesintheInternetwillaectbothits Newtrendsinnetworkdesign[12,4,3,13,9,1]seektorendernetworkprotocolsmore exibleandextensible,andtothusimprovetheiroverallusefulness.conguration changescanbeasdynamicasinterpretingandexecutingafewpredenedinstructions asanetworkpacketisreceived,causingnewprotocolstobeloadedondemand,or Theintroductionofnewtechnologiesandservicesastheybecomeavailablemaychange modifying,deleting,oraddingmorepermanentobjectsthatimplementapplicationspecicnetworkservices. offuturetechnologiesthatmaygreatlyaecttheinternet. interestofcellularphonecompaniesinaccessingservicesontheinternetareexamples thenatureofnetworktrac.theinternetphone,videobroadcast,andtheincreasing *ThisworkwassupportedbyDARPAcontractnumberDABT63-97-C

2 networkchangesandindetectinganomalousbehavior(bothmaliciousandnonmalicious). ever-changingnetworksdependsonsophisticatedmonitoringtohelpunderstandthewaya provedramatically.itisbecomingincreasinglyapparentthateectivemanagementoflarge, Thecurrentstateoftheartinnetworkengineering,monitoring,andcontrolmustimibilityconstraintsbecauseitisorientedtothesingleadministrativedomainlevel.Asnew Currentnetworkmanagementandcontrolsoftwaresuersfromseriousscalabilityandex- interdependenciesariseinsharingresourcesbeyondsingleadministrativedomains,monitoringcapabilities,likeapplication-specicprotocols,shouldbeabletochangeovertime, benetfromsimulationservicessothatnetworkengineerscanexperimentwithnewnetwork technologieswithoutcompromisingnetworkoperations.currentnetworkengineeringtools canscaleonlytosmallandrelativelysimplenetworksandarenotinteroperable.toolswill Inadditiontosophisticatedandadaptablemonitoring,futurenetworkswouldgreatly shouldadapttonewconditionsastheydevelop,andshouldbescalable. berequiredtoscalefarbeyondcurrentcapabilitiesandwillneedtopromoteinteroperability andmodelreuse.inadditiontoevaluatingperformancemetricstocompareonedesign withanother,networkengineeringtoolsshouldimplementadevelopmentenvironmentfor validatingnewdesigns. provideaexibleinfrastructuretomanageanddistributesoftware.newstandardsbeing proposedtoassistinthedistributionandmaintenanceofsoftwarethroughthenetwork[11, 10]wouldallowuserstoinstallorupdatesoftwarecomponentsbysimplyaccessingHTMLlikepages,thusprovidingmorecost-eectivemechanismsfordistributingandmaintaining applicationsoftware.whiletheadoptionofthesemechanismstodynamicallyaddand maintainthecodebaseofend-userapplicationsmayposelittletechnicalchallenge,extending Besidesoeringpowerfulassessmentanddesigntools,adaptablenetworksshouldalso sothatmonitoringandcontrolcapabilitiescanchangewiththenetworkitself. suchmechanismstoalsodeployandmaintainsystem-levelsoftwareismoredicult.an additionofsystem-levelnetworkingsoftwaremustbedoneverycarefullytoavoidpotentially costlymistakesandtheadditionmustalsobepropagatedtothemanagementinfrastructure managementparadigmtoassistnetworkdesigners.werevisitedtheconceptofnetworkmanagementandextendeditsparadigmtomakeittheenablingtechnologyfordesigning,testingagementandmonitoringofdynamicnetworkswhileaddingnewsupportintothenetwork Theobjectiveofourresearchistostreamlineand,atthesametime,enrichtheman- benetsthatancorsgainsbymergingactivenetworkingwithnetworkmanagementand fromdistributednetworkmanagement,distributedsimulationandactivenetworkingina conguring,andmonitoringnetworkassetsinthebestpossibleway.ancorsmergesideas workthatcandeployandmanageournewmultidomaininfrastructure.section4describes coherent,ecient,anduser-friendlymanner.section2focusesonexploringsomeofthe distributedsimulation.section3discussesancors'sexiblesystemmanagementframe- ourinitialimplementationexperiences,andsection5givessomeconcludingremarks. 2networkmanagementanddistributedsimulation.Ourpreliminaryexperiencesinmerging Figure1illustratesthesynergyderivedfromthemergingofactivenetworkingconceptswith IntegratedActiveNetworkManagementandDesign 2

3 Network Management Simulation can use real network data and execute near its origin Adaptable monitoring Figure1:AdvantagesofMergingDistributedNetworkManagement,DistributedSimulation improves scalability and flexibility as a design tool to test new ideas thesetechnologiesundertheancorsarchitectureindicatethatwecanprovideanintegratedenvironmentfornetworktechnologydevelopmentwhileaordingsubstantialsoftware reuseinsupervisingnetworkoperations.ancorsgainsfromactivenetworkingtheability todynamicallydeployengineering,management,anddatatransportservicesatruntime. andactivenetworking scalablemanagementframework,and(3)providenetworkmanagementfunctionstosupervisenetworkoperations,collectnetworkstatisticstobeusedasinputtonetworkengineering networkinascalableandintegratedfashiontosupportdesign,(2)integratenetworkand systemmanagementwithlegacystandards(snmp,cmip)toresultinamoreexibleand ANCORSleveragesthiscapabilityto(1)coherentlyexecutemultiplesimulationsonthe changesinthenetwork. toolsandhigher-levelassessmenttools,andassistnetworkoperatorsinreactingtosignicant assessment,andcontrollayers.thedatalayeroperatesatthedatapacketlevelandoers asetofservicesforthemanipulationofnetworkdata.theassessmentlayerperformsanalyticalreviewsofnetworkbehaviortoextractrelevantsemanticinformationfromit.the controllayerperformshigher-orderfunctionsbasedonexpertknowledge.alltheservices constitutingtheselayersaredeployableandusecommonsystemmanagementsupport.an- CORSshoulddistributedata-layerservicesattheinter-domainlevel(followingthemodelof deploymentofactivenetworking,theservicesoftheassessmentlayermayalsobedistributed thedomainlevel.however,dependingontheamountofresourcesharingresultingfromthe acrossmultipledomains.becausethecontrollayerneedstopossessasignicantamountof activenetworking)andlimitthedeploymentofassessmentandthecontrollayerservicesto networkmanagement,anddistributedsimulation.thearchitectureisdividedintodata, Figure2depictsanarchitecturebasedontheintegrationofactivenetworkingconcepts, Severalcontrolservicesshouldthencooperateattheinter-domainleveltoexchangeuseful authoritytoperformchangesinthenetwork,itshouldonlybedeployedwithinonedomain. singleadministrativeauthority. informationformakingbetterinformedcontroldecisionsabouttheirrespectivedomains. Adiscussionaboutcontrolservicesinter-domaininformationexchangeisbeyondthescopeofthispaper. Inthiscontextadomainconsistsofcollectionofsoftwareandhardwareobjectsthataremanagedbya 3

4 Control Layer Automatic Response Assessment Layer Adaptive Learning Heuristic Assessment 2.1 DataLayer Figure2:ANCORS'sArchitecture Data Layer Engineering Monitoring & Data Control Transport Althoughmergingthreetechnicalareasintoonemayoerdeniteadvantages,itisstill thatmaybenetfromdynamicdeploymentinthenetworkandthatnaturallymaptothe reason,wenditusefultodecomposethedatalayerintothreedistinctkindsofdataservices usefultorecognizethatthefundamentaltaskstobeperformedcanbeseparated.forthis threeserviceswewanttosupport:datatransport,monitoringandcontrol,andengineering DataTransportServices Datatransportservicesoercommunicationprotocols,eitherquitegeneralandextensible asproposedin[12,3,13,9,1],ormoretraditionalservicesderivedfromtheonesavailable today.inallcases,weassumethattheirdeploymentmaybedynamic.thescopeofthis paperdoesnotpermitustogiveadetaileddescriptionoftheseservicesandtheirpossible applications.weinsteadfocusontheengineeringandmonitoringandcontrolservices,which areourprimaryresearchemphasis.theseservicesintroducethefundamentaltechnology 2.1.2MonitoringandControl performance,andstabilityassessment. uponwhichancorsextendsthenetworkmanagementparadigmtosupportplanning, initialanalyticalreviewofperformancedatatodetectexceptionalconditions,reportrelevantinformationtohigher-levellayers,andoeramechanismforruntimeconguration. Monitoringandcontrolservicesmonitortheoperationofnetworkservices,performsome Theseservicesperformtasksanalogoustothoseperformedbytoday'snetworkmanagement agents.inaddition,specializedmonitoringandcontrolnetworkservicesmaybedynamically deployedtoperformuser-denedtargetedanalysessuchasthoseproposedin[6]. ablegivesancorstwomajoradvantages:(1)itpermitsselectivemonitoringofaparticular phenomenonasnewnetworkrequirementsandnewusagepatternsemergeovertime,and (2)itimprovesmonitoringscalabilitythroughanarbitrarydegreeofsophisticationinthe Theuseofactivenetworkingtoallowuser-denablemonitoringcapabilitiestobedeploy- 4

5 monitoringagents,thusallowingauidtradeooftheamountofcomputationtobeperformedintheservicesdistributedthroughoutthenetworkwiththeamountofcomputation 2.1.3EngineeringServices tobeperformedinthecontrolstations. optimaldeploymentandcongurationofnetworkassetsanddevelopnewnetworktechnology.hardwaredesigntoolshavereachedaveryhighlevelofsophisticationandcanassisment.ancorsincorporatesdistributedsimulationtohelpoperatorsexploreandselectthe hardwaredesignersinallphasesofdesignanddevelopment.suchtoolscansupportawide spectrumoflevelsofabstraction,fromhigh-levelpurelybehavioralspecications,toincreasinglynerdetailedstructurallayouts,allthewaydowntotheactualdesignofthetransistors onthesilicon.simulationisusedthroughoutallphasesofthisdesignprocess,anditisthe mainmechanismthatguidesdesignchoices.asforhardware,networkdesignshouldalso becarriedoutinanenvironmentthatcanoeravariabledegreeofabstractionandthat carriedoutintherealnetworkitself.futurenetworkswillneedtoolsthatcanadapttheir canoersimulationasapivotingtechnologytoguidedevelopment.wearguethat,because oftheorganicnatureofcurrentnetworksandtheirfastevolutionpace,designshouldbe functionalityandscope,andthatcangrowandchangewiththenetworkitself. Togenerateresultsthataccuratelypredictnetworkbehaviorandperformance,simu- itself,takingtheactualobservabletracconditionsintoconsideration. erated,networktracconditions.tothatend,thetoolsshouldrunonthenetwork lationandanalysismustbecloselytiedtotheactual,ratherthanonarticiallygen- Engineeringservicesaidinthedesignandtestingofnetworkservicesbeforetheirdeploy- Beforecommittingnetwork-widechangessuchasthealterationofthenetworkrouting thebehaviorofthenetworkunderthenewalgorithmwithoutaectingnetworkreliability.thatis,analysisanddesigntoolsshouldbeavailabletoawiderangeofnetwork operators,whocouldactindependentlyorincollaborationwithoneanother. Operatorsshouldbeabletoinstallcountermeasuresdynamicallytomatchevolving algorithm,anoperatormaywanttoconductsimulationexperimentsthatcanpredict Newvulnerabilitiesmaybediscoveredthatthreatenthesurvivabilityofanetwork. Ourdistributedplanningandsimulationsystemleveragesnetworkmanagementandintroducessimulationasanadditionalnetworkservice.Integratingdistributedsimulation withnetworkmanagementhasfourmainadvantages:(1)itnaturallysupportsreuseofboth simulationsoftwareandnetworkmodels,(2)thesimulatedmodelscanuserealnetworkdata producedbythemonitoringagents,thusimprovingdelity,(3)theconsumersofthedata (thesimulationmodels)areplacedclosetotheoriginofthedatatoreduceoverheadand(4) andcontrolthesimulations. themonitoringandcontrolcapabilitiesofnetworkmanagementcanbereusedtomonitor ritymeasuresandascertaintrade-osbetweennetworkperformanceandsecurity. threats.here,too,simulationexperimentsareneededtotestecacyofplannedsecu- 5

6 spaceandarefortheexclusiveuseofthenetworkdesigners,(2)theyoperateprotocolsin networkservicesbutdierfromtheminthefollowingways:(1)theyliveinaseparateaddress avirtualtimescalethatmaydierfromphysicaltime,and(3)theymaygeneratesynthetic Inpractice,engineeringservicesmaymimicthebehaviorandperformanceofallother networktracthatdoesnotcontainuserdata. 2.2 AsshowninFigure2,ANCORS'sassessmentlayerinterfaceswiththemonitoringandcontrolservicesofthedatalayerandtheautomaticresponseserviceofthecontrollayer.Atthe AssessmentLayer datalayer,themonitoringandcontrolservicesinterfacetobothengineeringanddatatransportservices,thusprovidingauniqueinterfacetotheassessmentlayer.bydesigningour dataareperformed.therstisaheuristicreviewofelementswithinthedata,specically paradigm.attheassessmentlayer,twosophisticatedanalyticalreviewsofthenetwork's andseamlesslyintegratenetworkengineeringanddatatransportserviceswithinthesame architectureinthisway,wecanachievesoftwarereuseoftheassessmentandcontrollayers lookingformetricswithinthereportedresultsthatrepresentexceptionalorunexpected behavior.boundaryresultsforthemetricsarespeciedattheinitializationofthedata ofassessmentinvolvesanadaptivelearningalgorithmthatperformscontinuousstatistical specictotheparticulardataacquisitionagentisupdated,andstatisticallystableresults collectionagents,andmaybedynamicallyupdatedbyanadministrator.thesecondform denedmetricschangewithrespecttothecurrentoperationalbehaviorofthenetwork.the prolingofthenetworkdata.asdataowsintothestatisticalprolingengine,theprole begintoemerge.thestatisticalprolingenginemonitorsthedegreetowhichvarioususer- algorithmsusedtoprovidetheheuristicassessmentandthestatisticalprolingofnetwork datawillbeadaptedfromrelatedresearcheortoninformationsurvivability[6]. 2.3 Theoutputfromtheassessmentlayerispropagatedtothecontrollayer,wheretheseresults aredisplayedfortheadministratororprocessedbyanexpertsystemdecisionenginecapable Controllayer ofprovidingpredeterminedresponses,giventhereceiptofvariousassessmentresults. ofthecontrol-layercongurationspace.includedwitheachvalidresponsemethodareevalpatched.formulatingeectiveresponsestodetectedexceptionalactivityis,itself,anextensivesubtopicbeingpursuedwithinthescopeofourresearch.inmanysituations,themost eectiveresponsemaybenoresponseatall,inthateveryresponseimposessomecostin systemperformanceor(worse)humantime.theextenttowhichthecontrollayercontains monitoringunitsandunmanageable(soontobedisabled)monitoringunits.forcertain logictolteroutuninterestinganalysisresultsmaymeanthedierencebetweeneective analysis,thenecessityforresponseinvocationmaybeobvious.forotheranalysisresults analysisresults,suchasthedetectionofsignicantexceptionalactivitythroughheuristic Thepassageoftimeisexplicitlycontrolledbypredenedtime-synchronizationalgorithms. uationmetricsfordeterminingthecircumstancesunderwhichthemethodshouldbedis- Responsemethodsarepredenedcodesegmentsdeployedtotheanalysistargetaspart 6

7 (suchasthedetectionofastatisticalanomalyinthepacketstreamtoorfromanetwork service)thecontrollayermayrequiregreatersophisticationintheinvocationlogic. andthatprovidesasingulareecttoaddresstheproblemwithoutharmingtheowof legitimatenetworktrac.thefollowinggeneralformsofresponseareavailablethroughthe controllayerasanalysisresultsfromtheassessmentlayerarereceived: Itisimportanttotailoraresponsethatisappropriategiventheseverityoftheproblem, Passiveresultsdissemination:Thecontrollayercansimplymaketheanalysis facilitatepassivedisseminationofanalysisresultsbyusingalready-existingnetwork protocolssuchassnmp,includingthetranslationofanalysisresultsintoanad-hoc resultsavailableforadministrativereview.wearecurrentlyexploringtechniquesto Assertiveresultsdissemination:Thecontrollayercanactivelydisseminateadministrativealerts.Whiletheautomaticdisseminationofalertsmayhelptoprovide MIBstructure. Dynamicoversightofthemonitoringandcontrollayer:Thecontrollayer timelyreviewofproblemsbyadministrators,thisapproachmaybethemostexpensive formofresponse,inthatitrequireshumanoversight. components,requiringgreatercollectionfromthedatalayerastheassessmentlayer identiessignicantexceptionalactivity. mayprovidelimitedcontroloverthecongurationofloggingfacilitieswithinnetwork Dynamiccongurationchanges:Thecontrollayermayinducechangestothe congurationofthenetworkinfrastructureinresponsetoexceptionalactivity.such 3 ANCORS'sSystemManagement actionsmayincluderecongurationofservices,routingdatabases,orlteringrules. vicesthatarefairlypermanentandlong-livedandthatcanbenetfromhavingaseparate ANCORS'ssupportforthedeploymentandmanagementofnetworkservicesfocusesonser- systemmanagementinfrastructure.themanagementofshort-livedservicesshouldbedirectlyembeddedinthemechanismsthatdeployandcontrolthemandthereforeareintegral partsoftheirdynamicloadingmechanisms.thiskindofmicro-management,currentlybeing addressedbyseveralresearchprojects[12,3,13],isbeyondthescopeofthispaper. ture(figure2)areequal.theirdeployment,operation,andmonitoringcanbeperformed thefollowingdiscussionweoerasolutionfortheireective,scalable,anduser-friendly usingthesamemechanisms,andthereforetheycanbemanagedinthesameparadigm.in Fromasystemmanagementpointofview,allservicesconstitutingANCORS'sarchitec- fromsystemmanagement.thesupportfunctionscanbebroadlycharacterizedasthose ticateddatatransportservicesandassessmentservicesrequireidenticalsupportfunctions management. AllclassesofdeployablenetworkservicesfromsimpleSNMPdaemonstomoresophis- 7

8 achieving(1)processcontrol,(2)conguration,or(3)monitoring. maybedierentfromthephysicallocationoftheirdeployment.forthisreason,areliable fromnetworknodes.thephysicallocationofthecodethatimplementsthenetworkservices transportprotocolsuchastcpmaybeusedtotransferthecode.somesearchingand Processcontrolfunctionsallowtheloadingandunloadingofnetworkservicestoand codestorageandretrieval. andricherprotocolssuchastheonesdescribedin[10,11]couldbeusedforuser-friendly browsingcapabilitiesshouldbeoeredsothatnetworkoperatorsmayalsoeasilylocatethe appropriateexecutablecodes.existingprotocolssuchashttpandldap/x500ornewer nodeandpossiblytailoringtheservicetoparticularneeds. beenloadedontotheintendednodesforthepurposeofintegratingthemintothenetwork Congurationfunctionswritecontroldataintothenetworkservicesaftertheyhave administratorinteractively(oritmaybeinvokediterativelybythenetworkmonitoringand controlservices)forthepurposeofcollectingperformancedata. ofsupervisingitsoperation.thissupportfunctionmaybeinvokeddirectlyfromthenetwork Monitoringfunctionsresultinreadingdatafromthenetworkserviceforthepurpose Configuration Functions Management Station Monitoring Functions Process Control Functions Service Deployment Automatic Response Root Daemon Assessment Layer arootmanagerhandlesprocesscontrolrequestscomingfromthemanagementstationsor Figure3:ANCORS'sManagementArchitecture automaticresponseservicestoeitherloadnewservicesorterminateexistingones.theassessmentlayerinterpretsmonitoringresultsfromthedatalayer,andtheautomaticresponse servicesreacttosignicantconditionsastheyarereportedbytheassessmentlayer.the automaticresponseservicesmayrecongureboththeassessmentservicesandthedata-layer servicesinresponsetochangesinthenetworkbehavior. ThisdecompositiongivesrisetothearchitecturedepictedinFigure3.InANCORS, Data Layer management.becauseoftheexibilityintroducedbyactivenetworkingandancors'sabilitytosupport approachofhavingthemanagementstationdirectlymonitorandcontrolthedatalayer.this NoticefromFigure3thatANCORS'sarchitectureallowsthetraditionalbutnonscalable multipleprotocols,monitoringandcontrolfunctionalitiescanbesupportedwithinthesamemanagement Monitoringistypicallyassociatedwithnetworkmanagementandcontrolisassociatedwithsystem framework. 8

9 New Service Content-Type: application/x-ancors Init() MIME document Browser ANCORS Manager SNMP Manager <?XML VERSION="1.0 RMD="NONE"?> <ANCORS> Content-Type: text/html <agent=" </ANCORS> <HTML> <TITLE> Configuration for XX</TITLE> <FORM ACTION="/cgi-bin/exec.cgi/"> Figure4:Services'managementcanbespeciedthroughtheuseofMIMEencapsulation Content-Type: application/x-snmp <INPUT TYPE=SUBMIT NAME="parameter1" VALUE="value1"> andthexmllanguage. <INPUT TYPE=SUBMIT NAME="parameter2" VALUE="value2"> <?XML VERSION="1.0 RMD="NONE"?> </FORM></HTML> <SNMP> <agent="ftp://ftp.csl.sri.com/snmp/agentxx"> aspectofourarchitecturecanbeveryusefulwhensimplenetworkmanagementtechnologies <mib="ftp://ftp.csl.sri.com/snmp/mibxx"> areemployedthatdonotrequiread-hocdistributedmonitoringfunctions. </SNMP> servicesandmanagementstations.whileweintendtoformulateaprotocolthatbestsuits wedonotintendtohaveauniqueformatfortheinformationexchangesbetweennetwork thenatureofouradaptablemanagementparadigmbasedondelegation[14],werecognize WerecognizethatInternetservicesmustbeopen,simpleandexible,andtherefore HTMLcouldbeemployedforservicestobeconguredandmonitoredinteractively.To likesnmpshouldbesupportedinthosecaseswherebackwardcompatibilityisdesirable; thatlegacyprotocolsandsimpleweb-basedsolutionsshouldalsobepossible.standards supportmultipleprotocols,ancorsusesadiscoverymechanismtoprobenewlydeployed services.theideaisquitesimpleandissomewhatsimilartotheapproachfollowedtodayon respondwithamime-encapsulatedreply.ingeneral,thereplycontainsinformationtobe deployment,theservicesrespondtoapredenedanduniversallyagreed-uponcommand theweb.eachnetworkservicelistensonaportassignedtoitbytherootmanager.after usedforthecongurationandmonitoringoftheserviceitselfandthecongurationofother init(theequivalentofget/inhttp).theinitcommandcausesthenetworkservicesto relatedservices. mationencapsulatedinansnmp-specicmime.thereplywouldspecifytheurlofthe SNMPagentandtheassociatedMIBtobeloadedwiththeservice.Themanagementstation thenloadstherequestedsnmpagentandmibandautomaticallyaddstheservicetoits AsshowninFigure4,aservicewantingtouseSNMP,forexample,replieswithinforplicationthatweintendtodevelopinthenearfuture,basedondelegation.Inamoresimple scenario,theservicecanalsoreplywithanencapsulatedmessageinhtmlformat.the SNMPmanagerapplication. replaythenallowstheadministratortousestandardhtmlformstocongureandlater Figure4alsoshowsanANCORSMIMEcorrespondingtothespecicmanagementap- 9

10 Load_process <URL1> ANCORS Root Daemon Fork GET <URL1> GET <URL2> HTTP Load_thread <URL2> New Process Server interactivelymonitortheservicethroughabrowser.yetanotherapproachisfortheservice Figure5:ANCORSdaemonscanspawnanewprocessorathreadwithinaprocess New torespondbyprovidingjavabyte-codethatcanthenbeembeddedeitherinthecentral proposedin[2].otherinterestingtechnologiesthatarebeingdeveloped,andthatmaybe managementstationsorinadistributedmonitoringagent,usingaschemesimilartotheone included,aredrp[10]andnestor[15]. problemofhowtoextendthemonitoringandcontrolcapabilityasnewnetworkservices simpleandlightweightmanagementsolutionsbasedonstandardwebsoftware,oritcan aredeployed.inadditiontoallowingbackwardcompatibility,thisschemecansupportvery WethinkANCORS'ssimplequerymechanismcanbethefoundationforsolvingthe alsosupportmoresophisticatedsolutionstobolsterthepowerofnetworkmanagementas needed. inimplementing(1)aprototypeofarootancorsdaemonthatdynamicallyacceptsand 4Wearecurrentlyprototypingmostoftheideaswehaveoutlined.Wehaveprimarilyfocused Implementation instantiatesnetworkservices,(2)arepresentativeexampleofanengineeringservicethat couldbeusedtoconductveryaccurate,end-to-endquantitativeexperimentation,and(3) theintegrationofamonitoringandcontrolserviceforintrusiondetection[6]. 4.1 ThecurrentprototypeofanANCORSrootdaemonacceptscommandstodownloadnetwork servicefromaremotelocation.thenetworkserviceisspeciedasaurl;theancorsdaemon,afterdownloadingtheservicewithanhttpgetcommand,stripsthehtmlheader ANCORSRootdaemon torunthedownloadednetworkservice(aswelltoacceptfurthercommands),or(2)simply caneither(1)triggertheancorsdaemontoduplicateitselfbyusingaforksystemcall addathreadtoanexistingprocess.ineithercase,thedownloadedcodeisinitiallyaccessed fromthereceivedcodeandinstallstheservice.asshowninfigure5,thedownloadcommand throughauniversallypredenedentrypoint(init()).thisinitialcongurationfunction cansimplytransfercontroltothedownloadedcodeforexecution,oritcanrstgatherrun- 10

11 started.ourcurrentsystemmanagementprototypesupportsthedeploymentofnativebinarycompatiblecodeorjavaapplications.thedeploymentandcongurationmechanism timecongurationdatainamannerspecictoeachnetworkserviceandthenexplicitly easilydeployedwithoutmodication.inaddition,wehaveimplementedsimpleweb-based tionlesandspecifyingrequiredcommand-lineargumentssothatexistingsoftwarecanbe isfullybackwardcompatible.legacyservicescanbeconguredbydownloadingcongura- congurationmechanismsfornewlydevelopedservices.intheseservices,theconguration andmonitoringfunctionsareembeddedinsidethedeployedserviceitself.thesefunctions returnhtmlcodethatisfedtothenetworkmanagertogathersomeuser-denedruntime parametersorfordisplayingusagedata.thenetworkengineerconguresandmonitorsthe serviceswithhtmlformsthatarethenpushedbackthroughacgiscripttothecreated thecreationofnewdecentralizedmanagementsolutionsbasedontheconceptofdelegation service.eachoperationreturnshtmlformsthatinturnmaycallotherfunctions,thus systemwillallowtheincorporationofexistingnmsoftwarebasedonsnmpandjavaand (perhapsusingjavaasthedelegationlanguage). allowingahierarchicalorganizationofhtmlpages.futureextensionstoourmanagement timesynchronization.theseprimitivescanprovidesupportfordistributedsimulationnetworkengineeringapplications,aswellassomeformsofsophisticatednetworkmonitoring. inadditiontostandardnativesystemfunctionality(i/o,memorymanagement,networking), provide(1)multithreading(nonpreemptive),(2)lanmulticastemulation,and(3)global TheANCORSdaemonoersasetofbuilt-inprimitivestothedownloadedservicesthat, 4.2 Todatewehaveproducedarepresentativeexampleofanengineeringnetworkservicethat emulatesaunixkernel.theservicewasobtainedbymodifyingalinuxoperatingsystem VirtualNetworkingUsingANCORS ifcongandroute)intotheserviceitselfascongurationfunctions.memorymanagement deletedthelesystemsupportandincorporatedallnecessarycongurationprocedures(like lower-level,hardware-dependentproceduresandinterfaceswithuser-levelcounterparts.we toallowitsexecutioninusermode.themodicationsoftheoperatingsystemreplacedall wascompletelydeletedandreplacedbyuser-levelmemoryallocationfunctions(mallocand haviorofareallinuxkernelandcanthereforebeusedasavehicletoinstantiatehigh thesimulationpackage(csim[8]). free).theschedulingwasalsocompletelyreplacedbynonpreemptivethreadingoeredby functionsacceptsseveraldierenttimingcongurationstoapproximatetheprotocolstack delitydistributedsimulationsofvirtualnetworks[7].oneofthemodel'sconguration Theresultingserviceexecutesinavirtualtimescale,oerstheidenticalnetworkingbe- timingbehavioroffourdierentkernels(sunos4.13,sunos5.5,linux2.02,andbsd2.2). ANCORS'sabilitytoaddanddeletethreadscanbeusedinthisapplicationtodynamically Linuxcounterpartandthereforecanbeusedtoreproduceawiderangeofloadingconditions. Thevirtualkerneloersthenetworkapplicationprogramminginterface(API)ofthereal operationstobeperformedbythemanagementsystem. Forexample,itcoulduseaMIME-encapsulateddocumenttospecifycongurationandmonitoring Allproductsandcompanynamesmentionedinthispaperarethetrademarksoftheirrespectiveholders. 11

12 User-defined Threads Measured Load Analytical Model Deployable virtual host User-defined Monitoring Application Load Application Virtual TCP/UDP API Measured Load TCP Ethernet Interface1 Ip Network Broadcast UDP IP Ethernet Interface 2 Ip Network Broadcast ICMP Ethernet Interface n Ip Network Broadcast Hash Function Figure6:DeployableVirtualHost Hash Function Hash Function Port # Port # Port # Virtual Kernel user-denedmonitoringprobesintothekernelsothatspecicparameterscanbeobserved. changeloadingconditions(byaddingordeletinguser-denedloadingthreads)orbyinjecting Forthetimebeingwehaveimplementedsomesimpleloadmodelsborrowedfromclassic TCP/IP somerealapplicationstothevirtualkerneltogenerateapplication-specicloads(perhaps closelymimickingrealloadconditionsrecordedbynetworkmonitoringservicesorbylinking queuingtheory.asshowninfigure6,theuser-denableloadsmaybeproducedbyeither originatingfromareal-timevideostream). gurethemselvestoparticipateinemulatedmulticastsessionsthatparallelthebehaviorof virtualethernetsegments.initially,allrealhostsareawareofallotherrealhoststhatmay sharethesamevirtualethernetsegment.eachvirtualethernetsegmentnetworkaddress ThevirtualkernelscommunicatewitheachotherthroughTCP,andautomaticallycontheportassociatedwitheachvirtualinterface.Thus,iftwoormorevirtualhostsshareceduretriestoconnecttoallknownpeersthatmayshareavirtualEthernetsegmentusing thevirtualkernelinitializesitsvirtualinterfaces,themulticastemulationinitializationpro- assignedtoavirtualhostistransformedthroughahashfunctionintoaportnumber.when usedtotunnelvirtualethernetpackets.whenavirtualhostsendsasimulationpacket virtualnetworkaddress,andthereforeusethesameport,theyestablishatcpconnection connectedtotheassociatedport. pertainingtoaparticularvirtualethernetsegment,itsendsittoallvirtualhoststhathave throughastandardhtmlbrowserorbyusingascript.wehavesofarinstantiatedseveralvirtualnetworksrunningonanetworkofworkstationsincludingsunsparcstation Thedeploymentofavirtualnetworkisachievedbydownloadingandconguringseveral virtualkernelsthroughancorsdaemons.alltheseoperationscanbeperformedeither 20s,UltraSPARCs,andIntel-basedmachinesrunningBSDandLinuxoperatingsystems. Ourexperimentshave,sofar,onlyveriedthebehavioralsemanticsofourvirtualnetwork andweplantoconductrepresentativeperformanceexperimentstoexploresomeinteresting quantitativenetworkdesignissues. 12

13 4.3 whichrepresentsamonitoringandcontrolserviceatthedatalayer.thisintrusion-detection Wearealsodevelopingaprototypedownloadableintrusion-detectionmoduleforANCORS, AMonitoringandControlServiceforIntrusionDetection modulecanbedynamicallyconguredanddeployedtoanynetworkelementthathostsan ANCORSdaemon,andcanthenreturnanalysisresultstotheassessmentlayerforcorrelation andperhapscontrol-layerresponses.thesedynamicallydistributableintrusion-detection servicemodulesrepresentasignicantdeparturefromthepreviouscentralizedhost-based, user-oriented,intrusion-detectioneortsthatsuerpoorscalabilityandintegrationintolarge networks.theintrusion-detectionservicesareadaptationsofseparateintrusion-detectionresearchtoolsdevelopedbysriundertheemerald(eventmonitoringenablingresponses toanomalouslivedisturbances)project,andrepresentoneoftherstdistributednetwork surveillancesecuritymechanismsthatwillfullyintegrateintoanactivenetworkparadigm. isforwardedtotheintrusion-detectionmodule'sanalysisengines,whichconsistofbotha interactingwiththeanalysistargettoanalyzeavarietyofoperationaldata,includingaudit data,system-orapplication-layeractivitylogs,andnetworktrac.theoperationaldata TheANCORSintrusion-detectionservicemoduleconsistsofeventlters,capableof detectionservicecanbefoundin[6]. DetailsofthearchitecturalstructureandanalysiscapabilitiesoftheANCORSintrusion- signatureanalysis(anexpert-system)engineandastatisticalanomalydetectionengine. avarietyofancorshosts,andtoconductavarietyofanalysesonheterogeneousevent streams,istheimplementationofapluggablecongurationlibrarythatallowsstrongseparationbetweentheanalysissemanticsandthecode-base.theancorsintrusion-detection Fundamentaltotheintrusion-detectionmodule'sabilitytosupportrapiddeploymentto gablecongurationlibrarycalledtheresourceobject.theresourceobjectishighlytarget moduleconsistsoftwomajorcomponents,theanalysiscode-base,andadynamicallyplug- asthenativemethodsneededtoretrieveandformatthetargeteventstream.asintrusiondetectionmodulesaredeployedfromoneanalysistargettoanother,nocodemodicationsourceobjectappropriateforthetargethostandanalysisobjectives.upondeployment,the ANCORSdaemonreceivesboththeintrusion-detectioncodemoduleandaresourceobject, detaileddiscussionoftheancorsintrusion-detectionmodule'sabilitiestodetectmisuse whichitinstantiatestoprovidedynamicallydeployableandcustomizablesurveillance.a andotherexceptionalactivitiesontcp/ipgatewaymachinescanbefoundin[5]. specic,containingalloftheoperatingparametersfortheintrusion-detectionmodule,aswell arenecessary.rather,onemustconstruct,orselectfromapreconstructedlibrary,there- userapplications,networkoperatorswillrequireanecientandexibleinfrastructureto 5Asthedynamicdeploymentofnetworkingservicesbecomesstandardtechnologytosupport Conclusion networkmonitoring,control,anddesigncancoexistinanintegratedparadigm.thesynergy management,monitoring,andengineeringtoolsandstandardswillbecrucialindetermining thespeedatwhichnetworkingwillevolvetowardamoredynamicarchitecture.inancors, assisttheminnetworkdesign,conguration,andmonitoring.thequalityoffuturenetwork 13

14 shownhowaunied,yetveryextensible,systemmanagementframeworkcanbederived willdramaticallyincreasethepowerofnetworkmanagementandengineering.wehave fromcurrentwebtechnologytoprovidecompatibilitywithlegacystandard(snmp)and ofcombiningdistributedsimulation,networkmonitoringandcontrol,andactivenetworking virtuallyunlimitedextensibilitytointroducemorepowerfulmanagementtechnologiesas theybecomeavailable.wehavealsodescribedsomeserviceswehaveimplementedthatcan beusedinthecontextofournewnetworkmanagementframework. toprovideanintegratedplatformformergingdatatransportprotocolsandtheirassociated deploymentmechanismswithourextensibleengineeringandmanagementsupport.inaddition,wewilluseourinfrastrucuturetoconductnetworkengineeringexperimentstoadvance Inthenearfuture,weplantobridgeourworkwithexistingactivenetworkingtechnologies theunderstandingofend-to-endnetworkbehaviorandoerauser-friendlyenvironmentfor thedevelopmentofnewnetworktechnologies. 14

15 References [2]F.Barillaud,L.Deri,andM.Feredun.Networkmanagementusinginternettechnologies.Integrated [1]D.ScottAlexander,MarianneShaw,ScottM.Nettles,andJonathanM.Smith.Activebridging.To appearintheproceedingsoftheacmsigcomm'97conference,cannes,france,september1997. [4]U.Legedza,D.J.Wetherall,andJ.V.Guttag.Improvingtheperformanceofdistributedapplications [3]L.PetersonJ.Hartman,U.ManberandT.Proebsting.Liquidsoftware:Anewparadigmfornetworked systems.technicalreport96-11,universityofarizona,1996. NetworkManagementV,SanDiego,1997. [6]P.A.PorrasandP.G.Neumann.Emerald:Eventmonitoringenablingresponsestoanomalouslive [5]P.A.PorrasandA.Valdes.Livetracanalysisoftcp/ipgateways.ToappearinProceedingsofthe NetworkandDistributedSystemSecuritySymposium,SanDiego,March,1998. usingactivenetworks.submittedtoieeeinfocom'98,1998. [7]L.Ricciulli.High-delitydistributedsimulationoflocalareanetworks.ToappearinProceedingsofthe October,1997. disturbances.proceedingsofthenationalinformationsystemssecurityconference,baltimore,md, [9]JonathanSmith,DavidFarber,CarlA.Gunter,ScottNettle,MarkSegal,WilliamD.Sincoskie, [8]H.Schwetman.Csim:Ac-based,process-orientedsimulationlanguage.Technicalreport,MCC, stAnnualSimulationSymposium,Boston,April,1998. [10]ArthurvanHo,JohnGiannandrea,MarkHapner,SteveCarter,andMiloMedin.TheHTTPDistributionandReplicationProtocol. DavidFeldmeier,andScottAlexander.Switchware:Towardsa21stcenturynetworkinfrastructure. [11]ArthurvanHo,HadiPartovi,andTomThai.SpecicationfortheOpenSoftwareDescription(OSD) [13]Y.YeminiandS.daSilva.Towardsprogrammablenetworks.IFIP/IEEEInternationalWorkshopon [12]D.J.Wetherall,J.V.Guttag,andD.L.Tennenhouse.Ants:Atoolkitforbuildinganddynamically deployingnetworkprotocols.submittedtoieeesopenarch'98,1998. Format. [15]Y.Yemini,A.V.Konstantinou,andDaniloFlorissi.Nestor:Networkselfmanagementandorganization. [14]Y.Yemini,G.Goldszmidt,andS.Yemini.Networkmanagementbydelegation.SecondInternational DistributedSystems:OperationsandManagement,L'Aquila,Italy,October1996. SymposiumonIntegratedNetworkManagement,WashingtonDC,April

Web Browsing Examples. How Web Browsing and HTTP Works

Web Browsing Examples. How Web Browsing and HTTP Works How Web Browsing and HTTP Works 1 1 2 Lets consider an example that shows how web browsing and HTTP work. The example will cover a simple, but very common case. There are many more details of HTTP that

More information

Recent work in OpenBSD relayd AsiaBSDCon 2013 Reyk Flöter (reyk@openbsd.org)

Recent work in OpenBSD relayd AsiaBSDCon 2013 Reyk Flöter (reyk@openbsd.org) Recent work in OpenBSD relayd AsiaBSDCon 2013 Reyk Flöter (reyk@openbsd.org) Agenda History & Background Recent work SSL Interception Socket Splicing Filter rewrite relayd buzzword bingo Load Balancer

More information

Computer Networks. Lecture 7: Application layer: FTP and HTTP. Marcin Bieńkowski. Institute of Computer Science University of Wrocław

Computer Networks. Lecture 7: Application layer: FTP and HTTP. Marcin Bieńkowski. Institute of Computer Science University of Wrocław Computer Networks Lecture 7: Application layer: FTP and Marcin Bieńkowski Institute of Computer Science University of Wrocław Computer networks (II UWr) Lecture 7 1 / 23 Reminder: Internet reference model

More information

LESSON 3.6. 98-366 Networking Fundamentals. Understand TCP/IP

LESSON 3.6. 98-366 Networking Fundamentals. Understand TCP/IP Understand TCP/IP Lesson Overview In this lesson, you will learn about: TCP/IP Tracert Telnet Netstat Reserved addresses Local loopback IP Ping Pathping Ipconfig Protocols Anticipatory Set Experiment with

More information

Before deploying SiteAudit it is recommended to review the information below. This will ensure efficient installation and operation of SiteAudit.

Before deploying SiteAudit it is recommended to review the information below. This will ensure efficient installation and operation of SiteAudit. SiteAudit Knowledge Base Deployment Check List June 2012 In This Article: Platform Requirements Windows Settings Discovery Configuration Before deploying SiteAudit it is recommended to review the information

More information

Virtual Server and DDNS. Virtual Server and DDNS. For BIPAC 741/743GE

Virtual Server and DDNS. Virtual Server and DDNS. For BIPAC 741/743GE Virtual Server and DDNS For BIPAC 741/743GE August, 2003 1 Port Number In TCP/IP and UDP networks, a port is a 16-bit number, used by the host-to-host protocol to identify to which application program

More information

Managing Virtual Servers

Managing Virtual Servers CHAPTER 4 Content Switching Module Device Manager (CVDM-CSM) displays details of existing virtual servers and enables users to perform detailed tasks that include creating or deleting virtual servers,

More information

Minimal network traffic is the result of SiteAudit s design. The information below explains why network traffic is minimized.

Minimal network traffic is the result of SiteAudit s design. The information below explains why network traffic is minimized. SiteAudit Knowledge Base Network Traffic March 2012 In This Article: SiteAudit s Traffic Impact How SiteAudit Discovery Works Why Traffic is Minimal How to Measure Traffic Minimal network traffic is the

More information

Stateful Inspection Technology

Stateful Inspection Technology Stateful Inspection Technology Security Requirements TECH NOTE In order to provide robust security, a firewall must track and control the flow of communication passing through it. To reach control decisions

More information

EXPLORER. TFT Filter CONFIGURATION

EXPLORER. TFT Filter CONFIGURATION EXPLORER TFT Filter Configuration Page 1 of 9 EXPLORER TFT Filter CONFIGURATION Thrane & Thrane Author: HenrikMøller Rev. PA4 Page 1 6/15/2006 EXPLORER TFT Filter Configuration Page 2 of 9 1 Table of Content

More information

Configure a Microsoft Windows Workstation Internal IP Stateful Firewall

Configure a Microsoft Windows Workstation Internal IP Stateful Firewall 70 Lab #5 Lab #5 Assessment Spreadsheet A Review the default settings for Windows Firewall on your student workstation and indicate your settings below: GENERAL Recommended (Firewall On/Off) Don t Allow

More information

Firewall VPN Router. Quick Installation Guide M73-APO09-380

Firewall VPN Router. Quick Installation Guide M73-APO09-380 Firewall VPN Router Quick Installation Guide M73-APO09-380 Firewall VPN Router Overview The Firewall VPN Router provides three 10/100Mbit Ethernet network interface ports which are the Internal/LAN, External/WAN,

More information

Lab Exercise SSL/TLS. Objective. Step 1: Open a Trace. Step 2: Inspect the Trace

Lab Exercise SSL/TLS. Objective. Step 1: Open a Trace. Step 2: Inspect the Trace Lab Exercise SSL/TLS Objective To observe SSL/TLS (Secure Sockets Layer / Transport Layer Security) in action. SSL/TLS is used to secure TCP connections, and it is widely used as part of the secure web:

More information

NAS 272 Using Your NAS as a Syslog Server

NAS 272 Using Your NAS as a Syslog Server NAS 272 Using Your NAS as a Syslog Server Enable your NAS as a Syslog Server to centrally manage the logs from all network devices A S U S T O R C O L L E G E COURSE OBJECTIVES Upon completion of this

More information

Network Security. Network Packet Analysis

Network Security. Network Packet Analysis Network Security Network Packet Analysis Module 3 Keith A. Watson, CISSP, CISA IA Research Engineer, CERIAS kaw@cerias.purdue.edu 1 Network Packet Analysis Definition: Examining network packets to determine

More information

Interfacing an HTML Form to the ez80f91 MCU

Interfacing an HTML Form to the ez80f91 MCU Application Note Interfacing an HTML Form to the ez80f91 MCU AN020803-0708 Abstract This application note demonstrates how to use Zilog s ez80f91 microcontroller unit (MCU) as a web server to send electronic

More information

Network Layers. CSC358 - Introduction to Computer Networks

Network Layers. CSC358 - Introduction to Computer Networks Network Layers Goal Understand how application processes set up a connection and exchange messages. Understand how addresses are determined Data Exchange Between Application Processes TCP Connection-Setup

More information

Transport and Network Layer

Transport and Network Layer Transport and Network Layer 1 Introduction Responsible for moving messages from end-to-end in a network Closely tied together TCP/IP: most commonly used protocol o Used in Internet o Compatible with a

More information

How to Make the Client IP Address Available to the Back-end Server

How to Make the Client IP Address Available to the Back-end Server How to Make the Client IP Address Available to the Back-end Server For Layer 4 - UDP and Layer 4 - TCP services, the actual client IP address is passed to the server in the TCP header. No further configuration

More information

SO_REUSEPORT Scaling Techniques for Servers with High Connection Rates. Ying Cai ycai@google.com

SO_REUSEPORT Scaling Techniques for Servers with High Connection Rates. Ying Cai ycai@google.com SO_REUSEPORT Scaling Techniques for Servers with High Connection Rates Ying Cai ycai@google.com Problems Servers with high connection/transaction rates TCP servers, e.g. web server UDP servers, e.g. DNS

More information

Contents. ST9612 Model WIC Printer. Get the original printer s information. Edited 11/04/15

Contents. ST9612 Model WIC Printer. Get the original printer s information. Edited 11/04/15 Printer - Replacement The following is a guide on how to swap out a WIC printer with another. A scenario where this might happen is when getting a service replacement for faulty hardware from Source Technologies.

More information

Building Applications With Sockets

Building Applications With Sockets C C Building Applications With Sockets Topics & Goals: Sockets mechanism & its use App layer design & implementation principles Building applications using sockets D Sockets: Unifying Transport API Simplify

More information

Network Configuration Settings

Network Configuration Settings Network Configuration Settings Many small businesses already have an existing firewall device for their local network when they purchase Microsoft Windows Small Business Server 2003. Often, these devices

More information

NB6 Series Quality of Service (QoS) Setup (NB6Plus4, NB6Plus4W Rev1)

NB6 Series Quality of Service (QoS) Setup (NB6Plus4, NB6Plus4W Rev1) NB6 Series Quality of Service (QoS) Setup (NB6Plus4, NB6Plus4W Rev1) NB6 Series and Quality of Service (QoS) The following Quality of Service (QoS) settings offer a basic setup example, setting up 3 devices

More information

Bypassing Firewall. @ PISA AGM Theme Seminar 2005. Presented by Ricky Lou Zecure Lab Limited

Bypassing Firewall. @ PISA AGM Theme Seminar 2005. Presented by Ricky Lou Zecure Lab Limited Bypassing Firewall @ PISA AGM Theme Seminar 2005 Presented by Ricky Lou Zecure Lab Limited Firewall Piercing (Inside-Out Attacks) Disclaimer We hereby disclaim all responsibility for the following hacks.

More information

Web. Services. Web Technologies. Today. Web. Technologies. Internet WWW. Protocols TCP/IP HTTP. Apache. Next Time. Lecture #3 2008 3 Apache.

Web. Services. Web Technologies. Today. Web. Technologies. Internet WWW. Protocols TCP/IP HTTP. Apache. Next Time. Lecture #3 2008 3 Apache. JSP, and JSP, and JSP, and 1 2 Lecture #3 2008 3 JSP, and JSP, and Markup & presentation (HTML, XHTML, CSS etc) Data storage & access (JDBC, XML etc) Network & application protocols (, etc) Programming

More information

CSE 4482 Computer Security Management: Assessment and Forensics. Protection Mechanisms: Firewalls

CSE 4482 Computer Security Management: Assessment and Forensics. Protection Mechanisms: Firewalls CSE 4482 Computer Security Management: Assessment and Forensics Protection Mechanisms: Firewalls Instructor: N. Vlajic, Fall 2013 Required reading: Management of Information Security (MIS), by Whitman

More information

Immotec Systems, Inc. SQL Server 2005 Installation Document

Immotec Systems, Inc. SQL Server 2005 Installation Document SQL Server Installation Guide 1. From the Visor 360 installation CD\USB Key, open the Access folder and install the Access Database Engine. 2. Open Visor 360 V2.0 folder and double click on Setup. Visor

More information

Overview - Using ADAMS With a Firewall

Overview - Using ADAMS With a Firewall Page 1 of 6 Overview - Using ADAMS With a Firewall Internet security is becoming increasingly important as public and private entities connect their internal networks to the Internet. One of the most popular

More information

2057-15. First Workshop on Open Source and Internet Technology for Scientific Environment: with case studies from Environmental Monitoring

2057-15. First Workshop on Open Source and Internet Technology for Scientific Environment: with case studies from Environmental Monitoring 2057-15 First Workshop on Open Source and Internet Technology for Scientific Environment: with case studies from Environmental Monitoring 7-25 September 2009 TCP/IP Networking Abhaya S. Induruwa Department

More information

Overview - Using ADAMS With a Firewall

Overview - Using ADAMS With a Firewall Page 1 of 9 Overview - Using ADAMS With a Firewall Internet security is becoming increasingly important as public and private entities connect their internal networks to the Internet. One of the most popular

More information

IxLoad - Layer 4-7 Performance Testing of Content Aware Devices and Networks

IxLoad - Layer 4-7 Performance Testing of Content Aware Devices and Networks IxLoad - Layer 4-7 Performance Testing of Content Aware Devices and Networks IxLoad is a highly scalable solution for accurately assessing the performance of content-aware devices and networks. IxLoad

More information

Deployment Guide Jan-2016 rev. a. Deploying Array Networks APV Series Application Delivery Controllers with Oracle WebLogic 12c

Deployment Guide Jan-2016 rev. a. Deploying Array Networks APV Series Application Delivery Controllers with Oracle WebLogic 12c Deployment Guide Jan-2016 rev. a Deploying Array Networks APV Series Application Delivery Controllers with Oracle WebLogic 12c Table of Contents 1 Introduction... 3 1.1 Array Networks APV Appliance...

More information

Stateful Inspection Technology

Stateful Inspection Technology White Paper Stateful Inspection Technology The industry standard for enterprise-class network security solutions Check Point protects every part of your network perimeter, internal, Web to keep your information

More information

Lecture (02) Networking Model (TCP/IP) Networking Standard (OSI) (I)

Lecture (02) Networking Model (TCP/IP) Networking Standard (OSI) (I) Lecture (02) Networking Model (TCP/IP) Networking Standard (OSI) (I) By: Dr. Ahmed ElShafee ١ Dr. Ahmed ElShafee, ACU : Fall 2015, Networks II Agenda Introduction to networking architecture Historical

More information

Deploying the Barracuda Load Balancer with Office Communications Server 2007 R2. Office Communications Server Overview.

Deploying the Barracuda Load Balancer with Office Communications Server 2007 R2. Office Communications Server Overview. Deploying the Barracuda Load Balancer with Office Communications Server 2007 R2 Organizations can use the Barracuda Load Balancer to enhance the scalability and availability of their Microsoft Office Communications

More information

Multi-Homing Dual WAN Firewall Router

Multi-Homing Dual WAN Firewall Router Multi-Homing Dual WAN Firewall Router Quick Installation Guide M73-APO09-400 Multi-Homing Dual WAN Firewall Router Overview The Multi-Homing Dual WAN Firewall Router provides three 10/100Mbit Ethernet

More information

Socket = an interface connection between two (dissimilar) pipes. OS provides this API to connect applications to networks. home.comcast.

Socket = an interface connection between two (dissimilar) pipes. OS provides this API to connect applications to networks. home.comcast. Interprocess communication (Part 2) For an application to send something out as a message, it must arrange its OS to receive its input. The OS is then sends it out either as a UDP datagram on the transport

More information

Data Collection and Analysis: Get End-to-End Security with Cisco Connected Analytics for Network Deployment

Data Collection and Analysis: Get End-to-End Security with Cisco Connected Analytics for Network Deployment White Paper Data Collection and Analysis: Get End-to-End Security with Cisco Connected Analytics for Network Deployment Cisco Connected Analytics for Network Deployment (CAND) is Cisco hosted, subscription-based

More information

Outline VLAN. Inter-VLAN communication. Layer-3 Switches. Spanning Tree Protocol Recap

Outline VLAN. Inter-VLAN communication. Layer-3 Switches. Spanning Tree Protocol Recap Outline Network Virtualization and Data Center Networks 263-3825-00 DC Virtualization Basics Part 2 Qin Yin Fall Semester 2013 More words about VLAN Virtual Routing and Forwarding (VRF) The use of load

More information

Chapter 3 Restricting Access From Your Network

Chapter 3 Restricting Access From Your Network Chapter 3 Restricting Access From Your Network This chapter describes how to use the content filtering and reporting features of the RangeMax Dual Band Wireless-N Router WNDR3300 to protect your network.

More information

Computer Networking LAB 2 HTTP

Computer Networking LAB 2 HTTP Computer Networking LAB 2 HTTP 1 OBJECTIVES The basic GET/response interaction HTTP message formats Retrieving large HTML files Retrieving HTML files with embedded objects HTTP authentication and security

More information

Cape Girardeau Career Center CISCO Networking Academy Bill Link, Instructor. 2.,,,, and are key services that ISPs can provide to all customers.

Cape Girardeau Career Center CISCO Networking Academy Bill Link, Instructor. 2.,,,, and are key services that ISPs can provide to all customers. Name: 1. What is an Enterprise network and how does it differ from a WAN? 2.,,,, and are key services that ISPs can provide to all customers. 3. Describe in detail what a managed service that an ISP might

More information

ZEN LOAD BALANCER EE v3.04 DATASHEET The Load Balancing made easy

ZEN LOAD BALANCER EE v3.04 DATASHEET The Load Balancing made easy ZEN LOAD BALANCER EE v3.04 DATASHEET The Load Balancing made easy OVERVIEW The global communication and the continuous growth of services provided through the Internet or local infrastructure require to

More information

CONNECTING WINDOWS XP PROFESSIONAL TO A NETWORK

CONNECTING WINDOWS XP PROFESSIONAL TO A NETWORK 1 Chapter 10 CONNECTING WINDOWS XP PROFESSIONAL TO A NETWORK Chapter 10: CONNECTING WINDOWS XP PROFESSIONAL TO A NETWORK 2 OVERVIEW Configure and troubleshoot the TCP/IP protocol Connect to a wireless

More information

Lab VI Capturing and monitoring the network traffic

Lab VI Capturing and monitoring the network traffic Lab VI Capturing and monitoring the network traffic 1. Goals To gain general knowledge about the network analyzers and to understand their utility To learn how to use network traffic analyzer tools (Wireshark)

More information

Chapter 11. User Datagram Protocol (UDP)

Chapter 11. User Datagram Protocol (UDP) Chapter 11 User Datagram Protocol (UDP) The McGraw-Hill Companies, Inc., 2000 1 CONTENTS PROCESS-TO-PROCESS COMMUNICATION USER DATAGRAM CHECKSUM UDP OPERATION USE OF UDP UDP PACKAGE The McGraw-Hill Companies,

More information

Application. Transport. Network. Data Link. Physical. Network Layers. Goal

Application. Transport. Network. Data Link. Physical. Network Layers. Goal Layers Goal Understand how application processes set up a connection and exchange messages. Understand how addresses are determined 1 2 Data Exchange Between Processes TCP Connection-Setup Between Processes

More information

1 Data information is sent onto the network cable using which of the following? A Communication protocol B Data packet

1 Data information is sent onto the network cable using which of the following? A Communication protocol B Data packet Review questions 1 Data information is sent onto the network cable using which of the following? A Communication protocol B Data packet C Media access method D Packages 2 To which TCP/IP architecture layer

More information

Technical Note. vsphere Deployment Worksheet on page 2. Express Configuration on page 3. Single VLAN Configuration on page 5

Technical Note. vsphere Deployment Worksheet on page 2. Express Configuration on page 3. Single VLAN Configuration on page 5 Technical Note The vfabric Data Director worksheets contained in this technical note are intended to help you plan your Data Director deployment. The worksheets include the following: vsphere Deployment

More information

Many network and firewall administrators consider the network firewall at the network edge as their primary defense against all network woes.

Many network and firewall administrators consider the network firewall at the network edge as their primary defense against all network woes. RimApp RoadBLOCK goes beyond simple filtering! Many network and firewall administrators consider the network firewall at the network edge as their primary defense against all network woes. However, traditional

More information

Check Point FireWall-1 HTTP Security Server performance tuning

Check Point FireWall-1 HTTP Security Server performance tuning PROFESSIONAL SECURITY SYSTEMS Check Point FireWall-1 HTTP Security Server performance tuning by Mariusz Stawowski CCSA/CCSE (4.1x, NG) Check Point FireWall-1 security system has been designed as a means

More information

Non-intrusive, complete network protocol decoding with plain mnemonics in English

Non-intrusive, complete network protocol decoding with plain mnemonics in English The Triple Play Analysis Suite - DATA The Triple Play Analysis Suite - Data are meant for emulating the client s application such as FTP downloading or Web Browser testing at the termination point of DSL

More information

7. Windows XP Firewall

7. Windows XP Firewall Page 1 of 5 Oxford University Computing Services Search OUCS Connecting to the Ethernet with Windows XP Home Edition or Professional Full search Feedback 7. Windows XP Firewall oucs >network >ethernet

More information

MilsVPN VPN Tunnel Port Translation. Table of Contents...1 1. Introduction...2 2. VPN Tunnel Settings...2

MilsVPN VPN Tunnel Port Translation. Table of Contents...1 1. Introduction...2 2. VPN Tunnel Settings...2 Page 1 of 8 Table of Contents Table of Contents...1 1. Introduction...2 2. VPN Tunnel Settings...2 2.1 VPN Settings...2 2.2 MilsVPN Service Properties...3 3. Service Object Creation...3 4. Firewall rules

More information

How To Configure A Vyatta 4.2.0 As A Ds Internet Connection Router/Gateway With A Web Server On A Dspv.Net 4.0.1 (Dspv) On A Network With A D

How To Configure A Vyatta 4.2.0 As A Ds Internet Connection Router/Gateway With A Web Server On A Dspv.Net 4.0.1 (Dspv) On A Network With A D Open Informatics a An Information Technology Company Visit us on the web at www.openinformatics.net Tutorial Author: Zlatan Klebic Send Feedback: zklebic@openinformatics.net Configuring a Vyatta 4.0 release

More information

CTIS 256 Web Technologies II. Week # 1 Serkan GENÇ

CTIS 256 Web Technologies II. Week # 1 Serkan GENÇ CTIS 256 Web Technologies II Week # 1 Serkan GENÇ Introduction Aim: to be able to develop web-based applications using PHP (programming language) and mysql(dbms). Internet is a huge network structure connecting

More information

000-284. Easy CramBible Lab DEMO ONLY VERSION 000-284. Test284,IBM WbS.DataPower SOA Appliances, Firmware V3.6.0

000-284. Easy CramBible Lab DEMO ONLY VERSION 000-284. Test284,IBM WbS.DataPower SOA Appliances, Firmware V3.6.0 Easy CramBible Lab 000-284 Test284,IBM WbS.DataPower SOA Appliances, Firmware V3.6.0 ** Single-user License ** This copy can be only used by yourself for educational purposes Web: http://www.crambible.com/

More information

3.2.2 Bandwidth Requirements

3.2.2 Bandwidth Requirements You also need to prioritize your voice traffic over your data traffic and configure the ShoreTel system s feature. 3.2.2 Requirements The amount of bandwidth for voice calls depends on these details: Number

More information

Ports utilisés. Ports utilisés par le XT1000/5000 :

Ports utilisés. Ports utilisés par le XT1000/5000 : Ports utilisés Ports utilisés par le XT1000/5000 : 80 HTTP (TCP) WEB server 123 SNTP (UDP) SNTP Client 161 SNMP (UDP) SNMP Configuration and Status 162 SNMP (UDP) SNMP Traps and events 1718 H.225/RAS (UDP)

More information

CS 188/219. Scalable Internet Services Andrew Mutz October 8, 2015

CS 188/219. Scalable Internet Services Andrew Mutz October 8, 2015 CS 188/219 Scalable Internet Services Andrew Mutz October 8, 2015 For Today About PTEs Empty spots were given out If more spots open up, I will issue more PTEs You must have a group by today. More detail

More information

InduSoft Thin Client Setup and Troubleshooting Guide

InduSoft Thin Client Setup and Troubleshooting Guide Abstract InduSoft Thin Client Setup and Troubleshooting Guide This Thin Client Troubleshooting Guide is designed to be used in conjunction with the Thin Clients and Mobile Access sections of the current

More information

SNMP-1000 Intelligent SNMP/HTTP System Manager Features Introduction Web-enabled, No Driver Needed Powerful yet Easy to Use

SNMP-1000 Intelligent SNMP/HTTP System Manager Features Introduction Web-enabled, No Driver Needed Powerful yet Easy to Use SNMP-1000 Intelligent SNMP/HTTP System Manager Features Monitors system fans, temperature, voltage, power supply, CPU fan, CPU temperature, Vcore, watchdog timer etc. Stand alone system monitoring, no

More information

Comtrend 1 Port Router Installation Guide CT-5072T

Comtrend 1 Port Router Installation Guide CT-5072T Comtrend 1 Port Router Installation Guide CT-5072T 1 Installing Access Point s DSL Service with a Comtrend Router Thank you for selecting Access Point, Inc. to be your Internet service provider. This guide

More information

Deployment Scenarios

Deployment Scenarios Deployment Scenarios Sun Cobalt Summary The Sun Cobalt is a network-based appliance for managing a large number of remote servers and for deploying services to these servers. A control station is deployed

More information

Fachgebiet Technische Informatik, Joachim Zumbrägel

Fachgebiet Technische Informatik, Joachim Zumbrägel Computer Network Lab 2015 Fachgebiet Technische Informatik, Joachim Zumbrägel Overview Internet Internet Protocols Fundamentals about HTTP Communication HTTP-Server, mode of operation Static/Dynamic Webpages

More information

Inside-Out Attacks. ivan.buetler@csnc.ch. Covert Channel Attacks Inside-out Attacks Seite 1 GLÄRNISCHSTRASSE 7 POSTFACH 1671 CH-8640 RAPPERSWIL

Inside-Out Attacks. ivan.buetler@csnc.ch. Covert Channel Attacks Inside-out Attacks Seite 1 GLÄRNISCHSTRASSE 7 POSTFACH 1671 CH-8640 RAPPERSWIL Inside-Out Attacks ivan.buetler@csnc.ch Covert Channel Attacks Inside-out Attacks Seite 1 Goals of this presentation! Responses to the following questions! What are inside-out attacks! Who will use this

More information

SNMP Protocol for Easy Network Management

SNMP Protocol for Easy Network Management ACTi Knowledge Base Category: Educational Note Sub-category: Application Model: ACM Series TCM Series ACD-2100 TCD-2100 TCD-2500 Firmware: Software: N/A Author: Wells.Wei Published: 2010/10/22 Reviewed:

More information

Step into the Future: HTML5 and its Impact on SSL VPNs

Step into the Future: HTML5 and its Impact on SSL VPNs Step into the Future: HTML5 and its Impact on SSL VPNs Aidan Gogarty HOB, Inc. Session ID: SPO - 302 Session Classification: General Interest What this is all about. All about HTML5 3 useful components

More information

ZEN LOAD BALANCER EE v3.02 DATASHEET The Load Balancing made easy

ZEN LOAD BALANCER EE v3.02 DATASHEET The Load Balancing made easy ZEN LOAD BALANCER EE v3.02 DATASHEET The Load Balancing made easy OVERVIEW The global communication and the continuous growth of services provided through the Internet or local infrastructure require to

More information

APV9650. Application Delivery Controller

APV9650. Application Delivery Controller APV9650 D a t a S h e e t Application Delivery Controller Array Networks APV Series of Application Delivery Controllers optimizes the availability, user experience, performance, security and scalability

More information

Network: several computers who can communicate. bus. Main example: Ethernet (1980 today: coaxial cable, twisted pair, 10Mb 1000Gb).

Network: several computers who can communicate. bus. Main example: Ethernet (1980 today: coaxial cable, twisted pair, 10Mb 1000Gb). 1 / 17 Network: several computers who can communicate. Bus topology: bus Main example: Ethernet (1980 today: coaxial cable, twisted pair, 10Mb 1000Gb). Hardware has globally unique MAC addresses (IDs).

More information

Print Audit Facilities Manager Technical Overview

Print Audit Facilities Manager Technical Overview Print Audit Facilities Manager Technical Overview Print Audit Facilities Manager is a powerful, easy to use tool designed to remotely collect meter reads, automate supplies fulfilment and report service

More information

IP Filter/Firewall Setup

IP Filter/Firewall Setup IP Filter/Firewall Setup Introduction The IP Filter/Firewall function helps protect your local network against attack from outside. It also provides a method of restricting users on the local network from

More information

Network-Oriented Software Development. Course: CSc4360/CSc6360 Instructor: Dr. Beyah Sessions: M-W, 3:00 4:40pm Lecture 2

Network-Oriented Software Development. Course: CSc4360/CSc6360 Instructor: Dr. Beyah Sessions: M-W, 3:00 4:40pm Lecture 2 Network-Oriented Software Development Course: CSc4360/CSc6360 Instructor: Dr. Beyah Sessions: M-W, 3:00 4:40pm Lecture 2 Topics Layering TCP/IP Layering Internet addresses and port numbers Encapsulation

More information

IMPLEMENTATION OF INTELLIGENT FIREWALL TO CHECK INTERNET HACKERS THREAT

IMPLEMENTATION OF INTELLIGENT FIREWALL TO CHECK INTERNET HACKERS THREAT IMPLEMENTATION OF INTELLIGENT FIREWALL TO CHECK INTERNET HACKERS THREAT Roopa K. Panduranga Rao MV Dept of CS and Engg., Dept of IS and Engg., J.N.N College of Engineering, J.N.N College of Engineering,

More information

How to install and use CrossTec Remote Control or SchoolVue in a Virtual and or Terminal Service environment

How to install and use CrossTec Remote Control or SchoolVue in a Virtual and or Terminal Service environment How to install and use CrossTec Remote Control or SchoolVue in a Virtual and or Terminal Service environment 1 P a g e CrossTec Corporation 500 NE Spanish River Blvd. Suite 201 Phone 800.675.0729 Fax 561.391.5820

More information

Network Technologies

Network Technologies Network Technologies Glenn Strong Department of Computer Science School of Computer Science and Statistics Trinity College, Dublin January 28, 2014 What Happens When Browser Contacts Server I Top view:

More information

Using Nessus to Detect Wireless Access Points. March 6, 2015 (Revision 4)

Using Nessus to Detect Wireless Access Points. March 6, 2015 (Revision 4) Using Nessus to Detect Wireless Access Points March 6, 2015 (Revision 4) Table of Contents Introduction... 3 Why Detect Wireless Access Points?... 3 Wireless Scanning for WAPs... 4 Detecting WAPs using

More information

Management, Logging and Troubleshooting

Management, Logging and Troubleshooting CHAPTER 15 This chapter describes the following: SNMP Configuration System Logging SNMP Configuration Cisco NAC Guest Server supports management applications monitoring the system over SNMP (Simple Network

More information

Table of Contents. Introduction

Table of Contents. Introduction viii Table of Contents Introduction xvii Chapter 1 All About the Cisco Certified Security Professional 3 How This Book Can Help You Pass the CCSP Cisco Secure VPN Exam 5 Overview of CCSP Certification

More information

Port Utilization Guide for Cisco Unified Contact Center Express, Release 8.5(1)

Port Utilization Guide for Cisco Unified Contact Center Express, Release 8.5(1) Utilization Guide for Cisco Unified Contact Center Express, Release 8.5(1) For Cisco Unified Contact Center Express and Cisco Unified IP IVR Release 8.5(1) Americas Headquarters: Cisco Systems, Inc., 170

More information

Address Resolution Protocol (ARP)

Address Resolution Protocol (ARP) Address Resolution Protocol (ARP) Question: how do packets actually get to their destination? IP routing tables: based on network addresses Ethernet physical interfaces only understand ethernet addresses

More information

Virtual Server in SP883

Virtual Server in SP883 Virtual Server in SP883 1 Introduction: 1.1 Micronet SP883 is a hard QoS broadband router, means its guaranteed service can provide absolute reservation of resource (bandwidth) for specific traffic;not

More information

Configuring Class Maps and Policy Maps

Configuring Class Maps and Policy Maps CHAPTER 4 Configuring Class Maps and Policy Maps This chapter describes how to configure class maps and policy maps to provide a global level of classification for filtering traffic received by or passing

More information

Configuring Network Address Translation (NAT)

Configuring Network Address Translation (NAT) 8 Configuring Network Address Translation (NAT) Contents Overview...................................................... 8-3 Translating Between an Inside and an Outside Network........... 8-3 Local and

More information

Dynamic DNS How-To Guide

Dynamic DNS How-To Guide Configuration Guide Dynamic DNS How-To Guide Overview This guide will show you how to set up a Dynamic DNS host name under the D-Link DDNS service with your D-Link ShareCenter TM. Dynamic DNS is a protocol

More information

HomeWorks P5 Processor Ethernet TCP / IP Networking Specification

HomeWorks P5 Processor Ethernet TCP / IP Networking Specification HomeWorks P5 Processor Ethernet TCP / IP Networking Specification Table of Contents Table of Contents...2 Revision History...2 Overview...3 Single Ethernet Port...3 Protocols Used...3 TCP / IP Settings...3

More information

Quick Note 026. Using the firewall of a Digi TransPort to redirect HTTP Traffic to a proxy server. Digi International Technical Support December 2011

Quick Note 026. Using the firewall of a Digi TransPort to redirect HTTP Traffic to a proxy server. Digi International Technical Support December 2011 Quick Note 026 Using the firewall of a Digi TransPort to redirect HTTP Traffic to a proxy server Digi International Technical Support December 2011 Contents 1 Introduction... 3 1.1 Outline... 3 1.2 Assumptions...

More information

The Design and Implementation of Content Switch On IXP12EB

The Design and Implementation of Content Switch On IXP12EB The Design and Implementation of Content Switch On IXP12EB Thesis Proposal by Longhua Li Computer Science Department University of Colorado at Colorado Springs 5/15/2001 Approved by: Dr. Edward Chow (Advisor)

More information

Packet Capture. Document Scope. SonicOS Enhanced Packet Capture

Packet Capture. Document Scope. SonicOS Enhanced Packet Capture Packet Capture Document Scope This solutions document describes how to configure and use the packet capture feature in SonicOS Enhanced. This document contains the following sections: Feature Overview

More information

SysPatrol - Server Security Monitor

SysPatrol - Server Security Monitor SysPatrol Server Security Monitor User Manual Version 2.2 Sep 2013 www.flexense.com www.syspatrol.com 1 Product Overview SysPatrol is a server security monitoring solution allowing one to monitor one or

More information

Pass Through Proxy. How-to. Overview:..1 Why PTP?...1

Pass Through Proxy. How-to. Overview:..1 Why PTP?...1 Pass Through Proxy How-to Overview:..1 Why PTP?...1 Via an SA port...1 Via external DNS resolution...1 Examples of Using Passthrough Proxy...2 Example configuration using virtual host name:...3 Example

More information

Basic Internet programming Formalities. Hands-on tools for internet programming

Basic Internet programming Formalities. Hands-on tools for internet programming Welcome Basic Internet programming Formalities Hands-on tools for internet programming DD1335 (gruint10) Serafim Dahl serafim@nada.kth.se DD1335 (Lecture 1) Basic Internet Programming Spring 2010 1 / 23

More information

Chapter 16 Route Health Injection

Chapter 16 Route Health Injection Chapter 16 Route Health Injection You can configure an HP Routing Switch to check the health of the HTTP application and inject a host route into the network to force a preferred route to an actively responding

More information

VERITAS Cluster Server Traffic Director Option. Product Overview

VERITAS Cluster Server Traffic Director Option. Product Overview VERITAS Cluster Server Traffic Director Option Product Overview V E R I T A S W H I T E P A P E R Table of Contents Traffic Director Option for VERITAS Cluster Server Overview.............................................1

More information

Configuring Health Monitoring Using Health Probes

Configuring Health Monitoring Using Health Probes CHAPTER10 Configuring Health Monitoring Using Health Probes This chapter describes how to configure a health probe on the Cisco 4700 Series Application Control Engine (ACE) appliance. This chapter contains

More information

Implementing PCoIP Proxy as a Security Server/Access Point Alternative

Implementing PCoIP Proxy as a Security Server/Access Point Alternative Implementing PCoIP Proxy as a Security Server/Access Point Alternative Overview VMware s Horizon Security Server and Access Point provides secure access to sessions over an unsecured WAN and/or Internet

More information

Presented by Aurang Zeb 14CS-03. Network Management System

Presented by Aurang Zeb 14CS-03. Network Management System Presented by Aurang Zeb 14CS-03 Network Management System INTRODUCTION o We can define network management as monitoring, testing, configuring, and troubleshooting network components to meet a set of requirements.

More information