Network Management. Simulation can use real network data and execute near its origin. Adaptable monitoring improves scalability and flexibility
|
|
- Hilary Hines
- 8 years ago
- Views:
Transcription
1 ANCORS:AdaptableNetworkCOntrolandReporting SRI-CSL System LivioRicciulli,PhillipPorras,NachumShacham March19,1998 agement,activenetworking,anddistributedsimulationinauniedparadigmtoassist intheassessment,control,anddesignofcomputernetworks.thispaperexplores ANCORSisadistributedtoolsuitethatmergestechnologyfromnetworkman- Abstract chitectureoerssubstantialsoftwarereuse,scalability,andexibilityandsupportsan someoftheadvantagesthatcanbeobtainedfrommergingthethreetechnologies,and extensiblemechanismtoemploymultiplenetworkmanagementprotocolsofvarying degreesofcomplexity.thispaperalsodescribesnetworkengineeringandmonitoring describeshowancorsintegratescomplementaryelementsofeach.ancors'sar- servicesthatwereimplementedtoprototypesomeofancors'sarchitecturalideas 1 Introduction andprovidepracticalexperiencefortheirrenement. controlmechanismsandthenatureofinformationexchanged. TheInternetwillbecomeincreasinglydynamic.ChangesintheInternetwillaectbothits Newtrendsinnetworkdesign[12,4,3,13,9,1]seektorendernetworkprotocolsmore exibleandextensible,andtothusimprovetheiroverallusefulness.conguration changescanbeasdynamicasinterpretingandexecutingafewpredenedinstructions asanetworkpacketisreceived,causingnewprotocolstobeloadedondemand,or Theintroductionofnewtechnologiesandservicesastheybecomeavailablemaychange modifying,deleting,oraddingmorepermanentobjectsthatimplementapplicationspecicnetworkservices. offuturetechnologiesthatmaygreatlyaecttheinternet. interestofcellularphonecompaniesinaccessingservicesontheinternetareexamples thenatureofnetworktrac.theinternetphone,videobroadcast,andtheincreasing *ThisworkwassupportedbyDARPAcontractnumberDABT63-97-C
2 networkchangesandindetectinganomalousbehavior(bothmaliciousandnonmalicious). ever-changingnetworksdependsonsophisticatedmonitoringtohelpunderstandthewaya provedramatically.itisbecomingincreasinglyapparentthateectivemanagementoflarge, Thecurrentstateoftheartinnetworkengineering,monitoring,andcontrolmustimibilityconstraintsbecauseitisorientedtothesingleadministrativedomainlevel.Asnew Currentnetworkmanagementandcontrolsoftwaresuersfromseriousscalabilityandex- interdependenciesariseinsharingresourcesbeyondsingleadministrativedomains,monitoringcapabilities,likeapplication-specicprotocols,shouldbeabletochangeovertime, benetfromsimulationservicessothatnetworkengineerscanexperimentwithnewnetwork technologieswithoutcompromisingnetworkoperations.currentnetworkengineeringtools canscaleonlytosmallandrelativelysimplenetworksandarenotinteroperable.toolswill Inadditiontosophisticatedandadaptablemonitoring,futurenetworkswouldgreatly shouldadapttonewconditionsastheydevelop,andshouldbescalable. berequiredtoscalefarbeyondcurrentcapabilitiesandwillneedtopromoteinteroperability andmodelreuse.inadditiontoevaluatingperformancemetricstocompareonedesign withanother,networkengineeringtoolsshouldimplementadevelopmentenvironmentfor validatingnewdesigns. provideaexibleinfrastructuretomanageanddistributesoftware.newstandardsbeing proposedtoassistinthedistributionandmaintenanceofsoftwarethroughthenetwork[11, 10]wouldallowuserstoinstallorupdatesoftwarecomponentsbysimplyaccessingHTMLlikepages,thusprovidingmorecost-eectivemechanismsfordistributingandmaintaining applicationsoftware.whiletheadoptionofthesemechanismstodynamicallyaddand maintainthecodebaseofend-userapplicationsmayposelittletechnicalchallenge,extending Besidesoeringpowerfulassessmentanddesigntools,adaptablenetworksshouldalso sothatmonitoringandcontrolcapabilitiescanchangewiththenetworkitself. suchmechanismstoalsodeployandmaintainsystem-levelsoftwareismoredicult.an additionofsystem-levelnetworkingsoftwaremustbedoneverycarefullytoavoidpotentially costlymistakesandtheadditionmustalsobepropagatedtothemanagementinfrastructure managementparadigmtoassistnetworkdesigners.werevisitedtheconceptofnetworkmanagementandextendeditsparadigmtomakeittheenablingtechnologyfordesigning,testingagementandmonitoringofdynamicnetworkswhileaddingnewsupportintothenetwork Theobjectiveofourresearchistostreamlineand,atthesametime,enrichtheman- benetsthatancorsgainsbymergingactivenetworkingwithnetworkmanagementand fromdistributednetworkmanagement,distributedsimulationandactivenetworkingina conguring,andmonitoringnetworkassetsinthebestpossibleway.ancorsmergesideas workthatcandeployandmanageournewmultidomaininfrastructure.section4describes coherent,ecient,anduser-friendlymanner.section2focusesonexploringsomeofthe distributedsimulation.section3discussesancors'sexiblesystemmanagementframe- ourinitialimplementationexperiences,andsection5givessomeconcludingremarks. 2networkmanagementanddistributedsimulation.Ourpreliminaryexperiencesinmerging Figure1illustratesthesynergyderivedfromthemergingofactivenetworkingconceptswith IntegratedActiveNetworkManagementandDesign 2
3 Network Management Simulation can use real network data and execute near its origin Adaptable monitoring Figure1:AdvantagesofMergingDistributedNetworkManagement,DistributedSimulation improves scalability and flexibility as a design tool to test new ideas thesetechnologiesundertheancorsarchitectureindicatethatwecanprovideanintegratedenvironmentfornetworktechnologydevelopmentwhileaordingsubstantialsoftware reuseinsupervisingnetworkoperations.ancorsgainsfromactivenetworkingtheability todynamicallydeployengineering,management,anddatatransportservicesatruntime. andactivenetworking scalablemanagementframework,and(3)providenetworkmanagementfunctionstosupervisenetworkoperations,collectnetworkstatisticstobeusedasinputtonetworkengineering networkinascalableandintegratedfashiontosupportdesign,(2)integratenetworkand systemmanagementwithlegacystandards(snmp,cmip)toresultinamoreexibleand ANCORSleveragesthiscapabilityto(1)coherentlyexecutemultiplesimulationsonthe changesinthenetwork. toolsandhigher-levelassessmenttools,andassistnetworkoperatorsinreactingtosignicant assessment,andcontrollayers.thedatalayeroperatesatthedatapacketlevelandoers asetofservicesforthemanipulationofnetworkdata.theassessmentlayerperformsanalyticalreviewsofnetworkbehaviortoextractrelevantsemanticinformationfromit.the controllayerperformshigher-orderfunctionsbasedonexpertknowledge.alltheservices constitutingtheselayersaredeployableandusecommonsystemmanagementsupport.an- CORSshoulddistributedata-layerservicesattheinter-domainlevel(followingthemodelof deploymentofactivenetworking,theservicesoftheassessmentlayermayalsobedistributed thedomainlevel.however,dependingontheamountofresourcesharingresultingfromthe acrossmultipledomains.becausethecontrollayerneedstopossessasignicantamountof activenetworking)andlimitthedeploymentofassessmentandthecontrollayerservicesto networkmanagement,anddistributedsimulation.thearchitectureisdividedintodata, Figure2depictsanarchitecturebasedontheintegrationofactivenetworkingconcepts, Severalcontrolservicesshouldthencooperateattheinter-domainleveltoexchangeuseful authoritytoperformchangesinthenetwork,itshouldonlybedeployedwithinonedomain. singleadministrativeauthority. informationformakingbetterinformedcontroldecisionsabouttheirrespectivedomains. Adiscussionaboutcontrolservicesinter-domaininformationexchangeisbeyondthescopeofthispaper. Inthiscontextadomainconsistsofcollectionofsoftwareandhardwareobjectsthataremanagedbya 3
4 Control Layer Automatic Response Assessment Layer Adaptive Learning Heuristic Assessment 2.1 DataLayer Figure2:ANCORS'sArchitecture Data Layer Engineering Monitoring & Data Control Transport Althoughmergingthreetechnicalareasintoonemayoerdeniteadvantages,itisstill thatmaybenetfromdynamicdeploymentinthenetworkandthatnaturallymaptothe reason,wenditusefultodecomposethedatalayerintothreedistinctkindsofdataservices usefultorecognizethatthefundamentaltaskstobeperformedcanbeseparated.forthis threeserviceswewanttosupport:datatransport,monitoringandcontrol,andengineering DataTransportServices Datatransportservicesoercommunicationprotocols,eitherquitegeneralandextensible asproposedin[12,3,13,9,1],ormoretraditionalservicesderivedfromtheonesavailable today.inallcases,weassumethattheirdeploymentmaybedynamic.thescopeofthis paperdoesnotpermitustogiveadetaileddescriptionoftheseservicesandtheirpossible applications.weinsteadfocusontheengineeringandmonitoringandcontrolservices,which areourprimaryresearchemphasis.theseservicesintroducethefundamentaltechnology 2.1.2MonitoringandControl performance,andstabilityassessment. uponwhichancorsextendsthenetworkmanagementparadigmtosupportplanning, initialanalyticalreviewofperformancedatatodetectexceptionalconditions,reportrelevantinformationtohigher-levellayers,andoeramechanismforruntimeconguration. Monitoringandcontrolservicesmonitortheoperationofnetworkservices,performsome Theseservicesperformtasksanalogoustothoseperformedbytoday'snetworkmanagement agents.inaddition,specializedmonitoringandcontrolnetworkservicesmaybedynamically deployedtoperformuser-denedtargetedanalysessuchasthoseproposedin[6]. ablegivesancorstwomajoradvantages:(1)itpermitsselectivemonitoringofaparticular phenomenonasnewnetworkrequirementsandnewusagepatternsemergeovertime,and (2)itimprovesmonitoringscalabilitythroughanarbitrarydegreeofsophisticationinthe Theuseofactivenetworkingtoallowuser-denablemonitoringcapabilitiestobedeploy- 4
5 monitoringagents,thusallowingauidtradeooftheamountofcomputationtobeperformedintheservicesdistributedthroughoutthenetworkwiththeamountofcomputation 2.1.3EngineeringServices tobeperformedinthecontrolstations. optimaldeploymentandcongurationofnetworkassetsanddevelopnewnetworktechnology.hardwaredesigntoolshavereachedaveryhighlevelofsophisticationandcanassisment.ancorsincorporatesdistributedsimulationtohelpoperatorsexploreandselectthe hardwaredesignersinallphasesofdesignanddevelopment.suchtoolscansupportawide spectrumoflevelsofabstraction,fromhigh-levelpurelybehavioralspecications,toincreasinglynerdetailedstructurallayouts,allthewaydowntotheactualdesignofthetransistors onthesilicon.simulationisusedthroughoutallphasesofthisdesignprocess,anditisthe mainmechanismthatguidesdesignchoices.asforhardware,networkdesignshouldalso becarriedoutinanenvironmentthatcanoeravariabledegreeofabstractionandthat carriedoutintherealnetworkitself.futurenetworkswillneedtoolsthatcanadapttheir canoersimulationasapivotingtechnologytoguidedevelopment.wearguethat,because oftheorganicnatureofcurrentnetworksandtheirfastevolutionpace,designshouldbe functionalityandscope,andthatcangrowandchangewiththenetworkitself. Togenerateresultsthataccuratelypredictnetworkbehaviorandperformance,simu- itself,takingtheactualobservabletracconditionsintoconsideration. erated,networktracconditions.tothatend,thetoolsshouldrunonthenetwork lationandanalysismustbecloselytiedtotheactual,ratherthanonarticiallygen- Engineeringservicesaidinthedesignandtestingofnetworkservicesbeforetheirdeploy- Beforecommittingnetwork-widechangessuchasthealterationofthenetworkrouting thebehaviorofthenetworkunderthenewalgorithmwithoutaectingnetworkreliability.thatis,analysisanddesigntoolsshouldbeavailabletoawiderangeofnetwork operators,whocouldactindependentlyorincollaborationwithoneanother. Operatorsshouldbeabletoinstallcountermeasuresdynamicallytomatchevolving algorithm,anoperatormaywanttoconductsimulationexperimentsthatcanpredict Newvulnerabilitiesmaybediscoveredthatthreatenthesurvivabilityofanetwork. Ourdistributedplanningandsimulationsystemleveragesnetworkmanagementandintroducessimulationasanadditionalnetworkservice.Integratingdistributedsimulation withnetworkmanagementhasfourmainadvantages:(1)itnaturallysupportsreuseofboth simulationsoftwareandnetworkmodels,(2)thesimulatedmodelscanuserealnetworkdata producedbythemonitoringagents,thusimprovingdelity,(3)theconsumersofthedata (thesimulationmodels)areplacedclosetotheoriginofthedatatoreduceoverheadand(4) andcontrolthesimulations. themonitoringandcontrolcapabilitiesofnetworkmanagementcanbereusedtomonitor ritymeasuresandascertaintrade-osbetweennetworkperformanceandsecurity. threats.here,too,simulationexperimentsareneededtotestecacyofplannedsecu- 5
6 spaceandarefortheexclusiveuseofthenetworkdesigners,(2)theyoperateprotocolsin networkservicesbutdierfromtheminthefollowingways:(1)theyliveinaseparateaddress avirtualtimescalethatmaydierfromphysicaltime,and(3)theymaygeneratesynthetic Inpractice,engineeringservicesmaymimicthebehaviorandperformanceofallother networktracthatdoesnotcontainuserdata. 2.2 AsshowninFigure2,ANCORS'sassessmentlayerinterfaceswiththemonitoringandcontrolservicesofthedatalayerandtheautomaticresponseserviceofthecontrollayer.Atthe AssessmentLayer datalayer,themonitoringandcontrolservicesinterfacetobothengineeringanddatatransportservices,thusprovidingauniqueinterfacetotheassessmentlayer.bydesigningour dataareperformed.therstisaheuristicreviewofelementswithinthedata,specically paradigm.attheassessmentlayer,twosophisticatedanalyticalreviewsofthenetwork's andseamlesslyintegratenetworkengineeringanddatatransportserviceswithinthesame architectureinthisway,wecanachievesoftwarereuseoftheassessmentandcontrollayers lookingformetricswithinthereportedresultsthatrepresentexceptionalorunexpected behavior.boundaryresultsforthemetricsarespeciedattheinitializationofthedata ofassessmentinvolvesanadaptivelearningalgorithmthatperformscontinuousstatistical specictotheparticulardataacquisitionagentisupdated,andstatisticallystableresults collectionagents,andmaybedynamicallyupdatedbyanadministrator.thesecondform denedmetricschangewithrespecttothecurrentoperationalbehaviorofthenetwork.the prolingofthenetworkdata.asdataowsintothestatisticalprolingengine,theprole begintoemerge.thestatisticalprolingenginemonitorsthedegreetowhichvarioususer- algorithmsusedtoprovidetheheuristicassessmentandthestatisticalprolingofnetwork datawillbeadaptedfromrelatedresearcheortoninformationsurvivability[6]. 2.3 Theoutputfromtheassessmentlayerispropagatedtothecontrollayer,wheretheseresults aredisplayedfortheadministratororprocessedbyanexpertsystemdecisionenginecapable Controllayer ofprovidingpredeterminedresponses,giventhereceiptofvariousassessmentresults. ofthecontrol-layercongurationspace.includedwitheachvalidresponsemethodareevalpatched.formulatingeectiveresponsestodetectedexceptionalactivityis,itself,anextensivesubtopicbeingpursuedwithinthescopeofourresearch.inmanysituations,themost eectiveresponsemaybenoresponseatall,inthateveryresponseimposessomecostin systemperformanceor(worse)humantime.theextenttowhichthecontrollayercontains monitoringunitsandunmanageable(soontobedisabled)monitoringunits.forcertain logictolteroutuninterestinganalysisresultsmaymeanthedierencebetweeneective analysis,thenecessityforresponseinvocationmaybeobvious.forotheranalysisresults analysisresults,suchasthedetectionofsignicantexceptionalactivitythroughheuristic Thepassageoftimeisexplicitlycontrolledbypredenedtime-synchronizationalgorithms. uationmetricsfordeterminingthecircumstancesunderwhichthemethodshouldbedis- Responsemethodsarepredenedcodesegmentsdeployedtotheanalysistargetaspart 6
7 (suchasthedetectionofastatisticalanomalyinthepacketstreamtoorfromanetwork service)thecontrollayermayrequiregreatersophisticationintheinvocationlogic. andthatprovidesasingulareecttoaddresstheproblemwithoutharmingtheowof legitimatenetworktrac.thefollowinggeneralformsofresponseareavailablethroughthe controllayerasanalysisresultsfromtheassessmentlayerarereceived: Itisimportanttotailoraresponsethatisappropriategiventheseverityoftheproblem, Passiveresultsdissemination:Thecontrollayercansimplymaketheanalysis facilitatepassivedisseminationofanalysisresultsbyusingalready-existingnetwork protocolssuchassnmp,includingthetranslationofanalysisresultsintoanad-hoc resultsavailableforadministrativereview.wearecurrentlyexploringtechniquesto Assertiveresultsdissemination:Thecontrollayercanactivelydisseminateadministrativealerts.Whiletheautomaticdisseminationofalertsmayhelptoprovide MIBstructure. Dynamicoversightofthemonitoringandcontrollayer:Thecontrollayer timelyreviewofproblemsbyadministrators,thisapproachmaybethemostexpensive formofresponse,inthatitrequireshumanoversight. components,requiringgreatercollectionfromthedatalayerastheassessmentlayer identiessignicantexceptionalactivity. mayprovidelimitedcontroloverthecongurationofloggingfacilitieswithinnetwork Dynamiccongurationchanges:Thecontrollayermayinducechangestothe congurationofthenetworkinfrastructureinresponsetoexceptionalactivity.such 3 ANCORS'sSystemManagement actionsmayincluderecongurationofservices,routingdatabases,orlteringrules. vicesthatarefairlypermanentandlong-livedandthatcanbenetfromhavingaseparate ANCORS'ssupportforthedeploymentandmanagementofnetworkservicesfocusesonser- systemmanagementinfrastructure.themanagementofshort-livedservicesshouldbedirectlyembeddedinthemechanismsthatdeployandcontrolthemandthereforeareintegral partsoftheirdynamicloadingmechanisms.thiskindofmicro-management,currentlybeing addressedbyseveralresearchprojects[12,3,13],isbeyondthescopeofthispaper. ture(figure2)areequal.theirdeployment,operation,andmonitoringcanbeperformed thefollowingdiscussionweoerasolutionfortheireective,scalable,anduser-friendly usingthesamemechanisms,andthereforetheycanbemanagedinthesameparadigm.in Fromasystemmanagementpointofview,allservicesconstitutingANCORS'sarchitec- fromsystemmanagement.thesupportfunctionscanbebroadlycharacterizedasthose ticateddatatransportservicesandassessmentservicesrequireidenticalsupportfunctions management. AllclassesofdeployablenetworkservicesfromsimpleSNMPdaemonstomoresophis- 7
8 achieving(1)processcontrol,(2)conguration,or(3)monitoring. maybedierentfromthephysicallocationoftheirdeployment.forthisreason,areliable fromnetworknodes.thephysicallocationofthecodethatimplementsthenetworkservices transportprotocolsuchastcpmaybeusedtotransferthecode.somesearchingand Processcontrolfunctionsallowtheloadingandunloadingofnetworkservicestoand codestorageandretrieval. andricherprotocolssuchastheonesdescribedin[10,11]couldbeusedforuser-friendly browsingcapabilitiesshouldbeoeredsothatnetworkoperatorsmayalsoeasilylocatethe appropriateexecutablecodes.existingprotocolssuchashttpandldap/x500ornewer nodeandpossiblytailoringtheservicetoparticularneeds. beenloadedontotheintendednodesforthepurposeofintegratingthemintothenetwork Congurationfunctionswritecontroldataintothenetworkservicesaftertheyhave administratorinteractively(oritmaybeinvokediterativelybythenetworkmonitoringand controlservices)forthepurposeofcollectingperformancedata. ofsupervisingitsoperation.thissupportfunctionmaybeinvokeddirectlyfromthenetwork Monitoringfunctionsresultinreadingdatafromthenetworkserviceforthepurpose Configuration Functions Management Station Monitoring Functions Process Control Functions Service Deployment Automatic Response Root Daemon Assessment Layer arootmanagerhandlesprocesscontrolrequestscomingfromthemanagementstationsor Figure3:ANCORS'sManagementArchitecture automaticresponseservicestoeitherloadnewservicesorterminateexistingones.theassessmentlayerinterpretsmonitoringresultsfromthedatalayer,andtheautomaticresponse servicesreacttosignicantconditionsastheyarereportedbytheassessmentlayer.the automaticresponseservicesmayrecongureboththeassessmentservicesandthedata-layer servicesinresponsetochangesinthenetworkbehavior. ThisdecompositiongivesrisetothearchitecturedepictedinFigure3.InANCORS, Data Layer management.becauseoftheexibilityintroducedbyactivenetworkingandancors'sabilitytosupport approachofhavingthemanagementstationdirectlymonitorandcontrolthedatalayer.this NoticefromFigure3thatANCORS'sarchitectureallowsthetraditionalbutnonscalable multipleprotocols,monitoringandcontrolfunctionalitiescanbesupportedwithinthesamemanagement Monitoringistypicallyassociatedwithnetworkmanagementandcontrolisassociatedwithsystem framework. 8
9 New Service Content-Type: application/x-ancors Init() MIME document Browser ANCORS Manager SNMP Manager <?XML VERSION="1.0 RMD="NONE"?> <ANCORS> Content-Type: text/html <agent=" </ANCORS> <HTML> <TITLE> Configuration for XX</TITLE> <FORM ACTION="/cgi-bin/exec.cgi/"> Figure4:Services'managementcanbespeciedthroughtheuseofMIMEencapsulation Content-Type: application/x-snmp <INPUT TYPE=SUBMIT NAME="parameter1" VALUE="value1"> andthexmllanguage. <INPUT TYPE=SUBMIT NAME="parameter2" VALUE="value2"> <?XML VERSION="1.0 RMD="NONE"?> </FORM></HTML> <SNMP> <agent="ftp://ftp.csl.sri.com/snmp/agentxx"> aspectofourarchitecturecanbeveryusefulwhensimplenetworkmanagementtechnologies <mib="ftp://ftp.csl.sri.com/snmp/mibxx"> areemployedthatdonotrequiread-hocdistributedmonitoringfunctions. </SNMP> servicesandmanagementstations.whileweintendtoformulateaprotocolthatbestsuits wedonotintendtohaveauniqueformatfortheinformationexchangesbetweennetwork thenatureofouradaptablemanagementparadigmbasedondelegation[14],werecognize WerecognizethatInternetservicesmustbeopen,simpleandexible,andtherefore HTMLcouldbeemployedforservicestobeconguredandmonitoredinteractively.To likesnmpshouldbesupportedinthosecaseswherebackwardcompatibilityisdesirable; thatlegacyprotocolsandsimpleweb-basedsolutionsshouldalsobepossible.standards supportmultipleprotocols,ancorsusesadiscoverymechanismtoprobenewlydeployed services.theideaisquitesimpleandissomewhatsimilartotheapproachfollowedtodayon respondwithamime-encapsulatedreply.ingeneral,thereplycontainsinformationtobe deployment,theservicesrespondtoapredenedanduniversallyagreed-uponcommand theweb.eachnetworkservicelistensonaportassignedtoitbytherootmanager.after usedforthecongurationandmonitoringoftheserviceitselfandthecongurationofother init(theequivalentofget/inhttp).theinitcommandcausesthenetworkservicesto relatedservices. mationencapsulatedinansnmp-specicmime.thereplywouldspecifytheurlofthe SNMPagentandtheassociatedMIBtobeloadedwiththeservice.Themanagementstation thenloadstherequestedsnmpagentandmibandautomaticallyaddstheservicetoits AsshowninFigure4,aservicewantingtouseSNMP,forexample,replieswithinforplicationthatweintendtodevelopinthenearfuture,basedondelegation.Inamoresimple scenario,theservicecanalsoreplywithanencapsulatedmessageinhtmlformat.the SNMPmanagerapplication. replaythenallowstheadministratortousestandardhtmlformstocongureandlater Figure4alsoshowsanANCORSMIMEcorrespondingtothespecicmanagementap- 9
10 Load_process <URL1> ANCORS Root Daemon Fork GET <URL1> GET <URL2> HTTP Load_thread <URL2> New Process Server interactivelymonitortheservicethroughabrowser.yetanotherapproachisfortheservice Figure5:ANCORSdaemonscanspawnanewprocessorathreadwithinaprocess New torespondbyprovidingjavabyte-codethatcanthenbeembeddedeitherinthecentral proposedin[2].otherinterestingtechnologiesthatarebeingdeveloped,andthatmaybe managementstationsorinadistributedmonitoringagent,usingaschemesimilartotheone included,aredrp[10]andnestor[15]. problemofhowtoextendthemonitoringandcontrolcapabilityasnewnetworkservices simpleandlightweightmanagementsolutionsbasedonstandardwebsoftware,oritcan aredeployed.inadditiontoallowingbackwardcompatibility,thisschemecansupportvery WethinkANCORS'ssimplequerymechanismcanbethefoundationforsolvingthe alsosupportmoresophisticatedsolutionstobolsterthepowerofnetworkmanagementas needed. inimplementing(1)aprototypeofarootancorsdaemonthatdynamicallyacceptsand 4Wearecurrentlyprototypingmostoftheideaswehaveoutlined.Wehaveprimarilyfocused Implementation instantiatesnetworkservices,(2)arepresentativeexampleofanengineeringservicethat couldbeusedtoconductveryaccurate,end-to-endquantitativeexperimentation,and(3) theintegrationofamonitoringandcontrolserviceforintrusiondetection[6]. 4.1 ThecurrentprototypeofanANCORSrootdaemonacceptscommandstodownloadnetwork servicefromaremotelocation.thenetworkserviceisspeciedasaurl;theancorsdaemon,afterdownloadingtheservicewithanhttpgetcommand,stripsthehtmlheader ANCORSRootdaemon torunthedownloadednetworkservice(aswelltoacceptfurthercommands),or(2)simply caneither(1)triggertheancorsdaemontoduplicateitselfbyusingaforksystemcall addathreadtoanexistingprocess.ineithercase,thedownloadedcodeisinitiallyaccessed fromthereceivedcodeandinstallstheservice.asshowninfigure5,thedownloadcommand throughauniversallypredenedentrypoint(init()).thisinitialcongurationfunction cansimplytransfercontroltothedownloadedcodeforexecution,oritcanrstgatherrun- 10
11 started.ourcurrentsystemmanagementprototypesupportsthedeploymentofnativebinarycompatiblecodeorjavaapplications.thedeploymentandcongurationmechanism timecongurationdatainamannerspecictoeachnetworkserviceandthenexplicitly easilydeployedwithoutmodication.inaddition,wehaveimplementedsimpleweb-based tionlesandspecifyingrequiredcommand-lineargumentssothatexistingsoftwarecanbe isfullybackwardcompatible.legacyservicescanbeconguredbydownloadingcongura- congurationmechanismsfornewlydevelopedservices.intheseservices,theconguration andmonitoringfunctionsareembeddedinsidethedeployedserviceitself.thesefunctions returnhtmlcodethatisfedtothenetworkmanagertogathersomeuser-denedruntime parametersorfordisplayingusagedata.thenetworkengineerconguresandmonitorsthe serviceswithhtmlformsthatarethenpushedbackthroughacgiscripttothecreated thecreationofnewdecentralizedmanagementsolutionsbasedontheconceptofdelegation service.eachoperationreturnshtmlformsthatinturnmaycallotherfunctions,thus systemwillallowtheincorporationofexistingnmsoftwarebasedonsnmpandjavaand (perhapsusingjavaasthedelegationlanguage). allowingahierarchicalorganizationofhtmlpages.futureextensionstoourmanagement timesynchronization.theseprimitivescanprovidesupportfordistributedsimulationnetworkengineeringapplications,aswellassomeformsofsophisticatednetworkmonitoring. inadditiontostandardnativesystemfunctionality(i/o,memorymanagement,networking), provide(1)multithreading(nonpreemptive),(2)lanmulticastemulation,and(3)global TheANCORSdaemonoersasetofbuilt-inprimitivestothedownloadedservicesthat, 4.2 Todatewehaveproducedarepresentativeexampleofanengineeringnetworkservicethat emulatesaunixkernel.theservicewasobtainedbymodifyingalinuxoperatingsystem VirtualNetworkingUsingANCORS ifcongandroute)intotheserviceitselfascongurationfunctions.memorymanagement deletedthelesystemsupportandincorporatedallnecessarycongurationprocedures(like lower-level,hardware-dependentproceduresandinterfaceswithuser-levelcounterparts.we toallowitsexecutioninusermode.themodicationsoftheoperatingsystemreplacedall wascompletelydeletedandreplacedbyuser-levelmemoryallocationfunctions(mallocand haviorofareallinuxkernelandcanthereforebeusedasavehicletoinstantiatehigh thesimulationpackage(csim[8]). free).theschedulingwasalsocompletelyreplacedbynonpreemptivethreadingoeredby functionsacceptsseveraldierenttimingcongurationstoapproximatetheprotocolstack delitydistributedsimulationsofvirtualnetworks[7].oneofthemodel'sconguration Theresultingserviceexecutesinavirtualtimescale,oerstheidenticalnetworkingbe- timingbehavioroffourdierentkernels(sunos4.13,sunos5.5,linux2.02,andbsd2.2). ANCORS'sabilitytoaddanddeletethreadscanbeusedinthisapplicationtodynamically Linuxcounterpartandthereforecanbeusedtoreproduceawiderangeofloadingconditions. Thevirtualkerneloersthenetworkapplicationprogramminginterface(API)ofthereal operationstobeperformedbythemanagementsystem. Forexample,itcoulduseaMIME-encapsulateddocumenttospecifycongurationandmonitoring Allproductsandcompanynamesmentionedinthispaperarethetrademarksoftheirrespectiveholders. 11
12 User-defined Threads Measured Load Analytical Model Deployable virtual host User-defined Monitoring Application Load Application Virtual TCP/UDP API Measured Load TCP Ethernet Interface1 Ip Network Broadcast UDP IP Ethernet Interface 2 Ip Network Broadcast ICMP Ethernet Interface n Ip Network Broadcast Hash Function Figure6:DeployableVirtualHost Hash Function Hash Function Port # Port # Port # Virtual Kernel user-denedmonitoringprobesintothekernelsothatspecicparameterscanbeobserved. changeloadingconditions(byaddingordeletinguser-denedloadingthreads)orbyinjecting Forthetimebeingwehaveimplementedsomesimpleloadmodelsborrowedfromclassic TCP/IP somerealapplicationstothevirtualkerneltogenerateapplication-specicloads(perhaps closelymimickingrealloadconditionsrecordedbynetworkmonitoringservicesorbylinking queuingtheory.asshowninfigure6,theuser-denableloadsmaybeproducedbyeither originatingfromareal-timevideostream). gurethemselvestoparticipateinemulatedmulticastsessionsthatparallelthebehaviorof virtualethernetsegments.initially,allrealhostsareawareofallotherrealhoststhatmay sharethesamevirtualethernetsegment.eachvirtualethernetsegmentnetworkaddress ThevirtualkernelscommunicatewitheachotherthroughTCP,andautomaticallycontheportassociatedwitheachvirtualinterface.Thus,iftwoormorevirtualhostsshareceduretriestoconnecttoallknownpeersthatmayshareavirtualEthernetsegmentusing thevirtualkernelinitializesitsvirtualinterfaces,themulticastemulationinitializationpro- assignedtoavirtualhostistransformedthroughahashfunctionintoaportnumber.when usedtotunnelvirtualethernetpackets.whenavirtualhostsendsasimulationpacket virtualnetworkaddress,andthereforeusethesameport,theyestablishatcpconnection connectedtotheassociatedport. pertainingtoaparticularvirtualethernetsegment,itsendsittoallvirtualhoststhathave throughastandardhtmlbrowserorbyusingascript.wehavesofarinstantiatedseveralvirtualnetworksrunningonanetworkofworkstationsincludingsunsparcstation Thedeploymentofavirtualnetworkisachievedbydownloadingandconguringseveral virtualkernelsthroughancorsdaemons.alltheseoperationscanbeperformedeither 20s,UltraSPARCs,andIntel-basedmachinesrunningBSDandLinuxoperatingsystems. Ourexperimentshave,sofar,onlyveriedthebehavioralsemanticsofourvirtualnetwork andweplantoconductrepresentativeperformanceexperimentstoexploresomeinteresting quantitativenetworkdesignissues. 12
13 4.3 whichrepresentsamonitoringandcontrolserviceatthedatalayer.thisintrusion-detection Wearealsodevelopingaprototypedownloadableintrusion-detectionmoduleforANCORS, AMonitoringandControlServiceforIntrusionDetection modulecanbedynamicallyconguredanddeployedtoanynetworkelementthathostsan ANCORSdaemon,andcanthenreturnanalysisresultstotheassessmentlayerforcorrelation andperhapscontrol-layerresponses.thesedynamicallydistributableintrusion-detection servicemodulesrepresentasignicantdeparturefromthepreviouscentralizedhost-based, user-oriented,intrusion-detectioneortsthatsuerpoorscalabilityandintegrationintolarge networks.theintrusion-detectionservicesareadaptationsofseparateintrusion-detectionresearchtoolsdevelopedbysriundertheemerald(eventmonitoringenablingresponses toanomalouslivedisturbances)project,andrepresentoneoftherstdistributednetwork surveillancesecuritymechanismsthatwillfullyintegrateintoanactivenetworkparadigm. isforwardedtotheintrusion-detectionmodule'sanalysisengines,whichconsistofbotha interactingwiththeanalysistargettoanalyzeavarietyofoperationaldata,includingaudit data,system-orapplication-layeractivitylogs,andnetworktrac.theoperationaldata TheANCORSintrusion-detectionservicemoduleconsistsofeventlters,capableof detectionservicecanbefoundin[6]. DetailsofthearchitecturalstructureandanalysiscapabilitiesoftheANCORSintrusion- signatureanalysis(anexpert-system)engineandastatisticalanomalydetectionengine. avarietyofancorshosts,andtoconductavarietyofanalysesonheterogeneousevent streams,istheimplementationofapluggablecongurationlibrarythatallowsstrongseparationbetweentheanalysissemanticsandthecode-base.theancorsintrusion-detection Fundamentaltotheintrusion-detectionmodule'sabilitytosupportrapiddeploymentto gablecongurationlibrarycalledtheresourceobject.theresourceobjectishighlytarget moduleconsistsoftwomajorcomponents,theanalysiscode-base,andadynamicallyplug- asthenativemethodsneededtoretrieveandformatthetargeteventstream.asintrusiondetectionmodulesaredeployedfromoneanalysistargettoanother,nocodemodicationsourceobjectappropriateforthetargethostandanalysisobjectives.upondeployment,the ANCORSdaemonreceivesboththeintrusion-detectioncodemoduleandaresourceobject, detaileddiscussionoftheancorsintrusion-detectionmodule'sabilitiestodetectmisuse whichitinstantiatestoprovidedynamicallydeployableandcustomizablesurveillance.a andotherexceptionalactivitiesontcp/ipgatewaymachinescanbefoundin[5]. specic,containingalloftheoperatingparametersfortheintrusion-detectionmodule,aswell arenecessary.rather,onemustconstruct,orselectfromapreconstructedlibrary,there- userapplications,networkoperatorswillrequireanecientandexibleinfrastructureto 5Asthedynamicdeploymentofnetworkingservicesbecomesstandardtechnologytosupport Conclusion networkmonitoring,control,anddesigncancoexistinanintegratedparadigm.thesynergy management,monitoring,andengineeringtoolsandstandardswillbecrucialindetermining thespeedatwhichnetworkingwillevolvetowardamoredynamicarchitecture.inancors, assisttheminnetworkdesign,conguration,andmonitoring.thequalityoffuturenetwork 13
14 shownhowaunied,yetveryextensible,systemmanagementframeworkcanbederived willdramaticallyincreasethepowerofnetworkmanagementandengineering.wehave fromcurrentwebtechnologytoprovidecompatibilitywithlegacystandard(snmp)and ofcombiningdistributedsimulation,networkmonitoringandcontrol,andactivenetworking virtuallyunlimitedextensibilitytointroducemorepowerfulmanagementtechnologiesas theybecomeavailable.wehavealsodescribedsomeserviceswehaveimplementedthatcan beusedinthecontextofournewnetworkmanagementframework. toprovideanintegratedplatformformergingdatatransportprotocolsandtheirassociated deploymentmechanismswithourextensibleengineeringandmanagementsupport.inaddition,wewilluseourinfrastrucuturetoconductnetworkengineeringexperimentstoadvance Inthenearfuture,weplantobridgeourworkwithexistingactivenetworkingtechnologies theunderstandingofend-to-endnetworkbehaviorandoerauser-friendlyenvironmentfor thedevelopmentofnewnetworktechnologies. 14
15 References [2]F.Barillaud,L.Deri,andM.Feredun.Networkmanagementusinginternettechnologies.Integrated [1]D.ScottAlexander,MarianneShaw,ScottM.Nettles,andJonathanM.Smith.Activebridging.To appearintheproceedingsoftheacmsigcomm'97conference,cannes,france,september1997. [4]U.Legedza,D.J.Wetherall,andJ.V.Guttag.Improvingtheperformanceofdistributedapplications [3]L.PetersonJ.Hartman,U.ManberandT.Proebsting.Liquidsoftware:Anewparadigmfornetworked systems.technicalreport96-11,universityofarizona,1996. NetworkManagementV,SanDiego,1997. [6]P.A.PorrasandP.G.Neumann.Emerald:Eventmonitoringenablingresponsestoanomalouslive [5]P.A.PorrasandA.Valdes.Livetracanalysisoftcp/ipgateways.ToappearinProceedingsofthe NetworkandDistributedSystemSecuritySymposium,SanDiego,March,1998. usingactivenetworks.submittedtoieeeinfocom'98,1998. [7]L.Ricciulli.High-delitydistributedsimulationoflocalareanetworks.ToappearinProceedingsofthe October,1997. disturbances.proceedingsofthenationalinformationsystemssecurityconference,baltimore,md, [9]JonathanSmith,DavidFarber,CarlA.Gunter,ScottNettle,MarkSegal,WilliamD.Sincoskie, [8]H.Schwetman.Csim:Ac-based,process-orientedsimulationlanguage.Technicalreport,MCC, stAnnualSimulationSymposium,Boston,April,1998. [10]ArthurvanHo,JohnGiannandrea,MarkHapner,SteveCarter,andMiloMedin.TheHTTPDistributionandReplicationProtocol. DavidFeldmeier,andScottAlexander.Switchware:Towardsa21stcenturynetworkinfrastructure. [11]ArthurvanHo,HadiPartovi,andTomThai.SpecicationfortheOpenSoftwareDescription(OSD) [13]Y.YeminiandS.daSilva.Towardsprogrammablenetworks.IFIP/IEEEInternationalWorkshopon [12]D.J.Wetherall,J.V.Guttag,andD.L.Tennenhouse.Ants:Atoolkitforbuildinganddynamically deployingnetworkprotocols.submittedtoieeesopenarch'98,1998. Format. [15]Y.Yemini,A.V.Konstantinou,andDaniloFlorissi.Nestor:Networkselfmanagementandorganization. [14]Y.Yemini,G.Goldszmidt,andS.Yemini.Networkmanagementbydelegation.SecondInternational DistributedSystems:OperationsandManagement,L'Aquila,Italy,October1996. SymposiumonIntegratedNetworkManagement,WashingtonDC,April
Web Browsing Examples. How Web Browsing and HTTP Works
How Web Browsing and HTTP Works 1 1 2 Lets consider an example that shows how web browsing and HTTP work. The example will cover a simple, but very common case. There are many more details of HTTP that
More informationRecent work in OpenBSD relayd AsiaBSDCon 2013 Reyk Flöter (reyk@openbsd.org)
Recent work in OpenBSD relayd AsiaBSDCon 2013 Reyk Flöter (reyk@openbsd.org) Agenda History & Background Recent work SSL Interception Socket Splicing Filter rewrite relayd buzzword bingo Load Balancer
More informationComputer Networks. Lecture 7: Application layer: FTP and HTTP. Marcin Bieńkowski. Institute of Computer Science University of Wrocław
Computer Networks Lecture 7: Application layer: FTP and Marcin Bieńkowski Institute of Computer Science University of Wrocław Computer networks (II UWr) Lecture 7 1 / 23 Reminder: Internet reference model
More informationLESSON 3.6. 98-366 Networking Fundamentals. Understand TCP/IP
Understand TCP/IP Lesson Overview In this lesson, you will learn about: TCP/IP Tracert Telnet Netstat Reserved addresses Local loopback IP Ping Pathping Ipconfig Protocols Anticipatory Set Experiment with
More informationBefore deploying SiteAudit it is recommended to review the information below. This will ensure efficient installation and operation of SiteAudit.
SiteAudit Knowledge Base Deployment Check List June 2012 In This Article: Platform Requirements Windows Settings Discovery Configuration Before deploying SiteAudit it is recommended to review the information
More informationVirtual Server and DDNS. Virtual Server and DDNS. For BIPAC 741/743GE
Virtual Server and DDNS For BIPAC 741/743GE August, 2003 1 Port Number In TCP/IP and UDP networks, a port is a 16-bit number, used by the host-to-host protocol to identify to which application program
More informationManaging Virtual Servers
CHAPTER 4 Content Switching Module Device Manager (CVDM-CSM) displays details of existing virtual servers and enables users to perform detailed tasks that include creating or deleting virtual servers,
More informationMinimal network traffic is the result of SiteAudit s design. The information below explains why network traffic is minimized.
SiteAudit Knowledge Base Network Traffic March 2012 In This Article: SiteAudit s Traffic Impact How SiteAudit Discovery Works Why Traffic is Minimal How to Measure Traffic Minimal network traffic is the
More informationStateful Inspection Technology
Stateful Inspection Technology Security Requirements TECH NOTE In order to provide robust security, a firewall must track and control the flow of communication passing through it. To reach control decisions
More informationEXPLORER. TFT Filter CONFIGURATION
EXPLORER TFT Filter Configuration Page 1 of 9 EXPLORER TFT Filter CONFIGURATION Thrane & Thrane Author: HenrikMøller Rev. PA4 Page 1 6/15/2006 EXPLORER TFT Filter Configuration Page 2 of 9 1 Table of Content
More informationConfigure a Microsoft Windows Workstation Internal IP Stateful Firewall
70 Lab #5 Lab #5 Assessment Spreadsheet A Review the default settings for Windows Firewall on your student workstation and indicate your settings below: GENERAL Recommended (Firewall On/Off) Don t Allow
More informationFirewall VPN Router. Quick Installation Guide M73-APO09-380
Firewall VPN Router Quick Installation Guide M73-APO09-380 Firewall VPN Router Overview The Firewall VPN Router provides three 10/100Mbit Ethernet network interface ports which are the Internal/LAN, External/WAN,
More informationLab Exercise SSL/TLS. Objective. Step 1: Open a Trace. Step 2: Inspect the Trace
Lab Exercise SSL/TLS Objective To observe SSL/TLS (Secure Sockets Layer / Transport Layer Security) in action. SSL/TLS is used to secure TCP connections, and it is widely used as part of the secure web:
More informationNAS 272 Using Your NAS as a Syslog Server
NAS 272 Using Your NAS as a Syslog Server Enable your NAS as a Syslog Server to centrally manage the logs from all network devices A S U S T O R C O L L E G E COURSE OBJECTIVES Upon completion of this
More informationNetwork Security. Network Packet Analysis
Network Security Network Packet Analysis Module 3 Keith A. Watson, CISSP, CISA IA Research Engineer, CERIAS kaw@cerias.purdue.edu 1 Network Packet Analysis Definition: Examining network packets to determine
More informationInterfacing an HTML Form to the ez80f91 MCU
Application Note Interfacing an HTML Form to the ez80f91 MCU AN020803-0708 Abstract This application note demonstrates how to use Zilog s ez80f91 microcontroller unit (MCU) as a web server to send electronic
More informationNetwork Layers. CSC358 - Introduction to Computer Networks
Network Layers Goal Understand how application processes set up a connection and exchange messages. Understand how addresses are determined Data Exchange Between Application Processes TCP Connection-Setup
More informationTransport and Network Layer
Transport and Network Layer 1 Introduction Responsible for moving messages from end-to-end in a network Closely tied together TCP/IP: most commonly used protocol o Used in Internet o Compatible with a
More informationHow to Make the Client IP Address Available to the Back-end Server
How to Make the Client IP Address Available to the Back-end Server For Layer 4 - UDP and Layer 4 - TCP services, the actual client IP address is passed to the server in the TCP header. No further configuration
More informationSO_REUSEPORT Scaling Techniques for Servers with High Connection Rates. Ying Cai ycai@google.com
SO_REUSEPORT Scaling Techniques for Servers with High Connection Rates Ying Cai ycai@google.com Problems Servers with high connection/transaction rates TCP servers, e.g. web server UDP servers, e.g. DNS
More informationContents. ST9612 Model WIC Printer. Get the original printer s information. Edited 11/04/15
Printer - Replacement The following is a guide on how to swap out a WIC printer with another. A scenario where this might happen is when getting a service replacement for faulty hardware from Source Technologies.
More informationBuilding Applications With Sockets
C C Building Applications With Sockets Topics & Goals: Sockets mechanism & its use App layer design & implementation principles Building applications using sockets D Sockets: Unifying Transport API Simplify
More informationNetwork Configuration Settings
Network Configuration Settings Many small businesses already have an existing firewall device for their local network when they purchase Microsoft Windows Small Business Server 2003. Often, these devices
More informationNB6 Series Quality of Service (QoS) Setup (NB6Plus4, NB6Plus4W Rev1)
NB6 Series Quality of Service (QoS) Setup (NB6Plus4, NB6Plus4W Rev1) NB6 Series and Quality of Service (QoS) The following Quality of Service (QoS) settings offer a basic setup example, setting up 3 devices
More informationBypassing Firewall. @ PISA AGM Theme Seminar 2005. Presented by Ricky Lou Zecure Lab Limited
Bypassing Firewall @ PISA AGM Theme Seminar 2005 Presented by Ricky Lou Zecure Lab Limited Firewall Piercing (Inside-Out Attacks) Disclaimer We hereby disclaim all responsibility for the following hacks.
More informationWeb. Services. Web Technologies. Today. Web. Technologies. Internet WWW. Protocols TCP/IP HTTP. Apache. Next Time. Lecture #3 2008 3 Apache.
JSP, and JSP, and JSP, and 1 2 Lecture #3 2008 3 JSP, and JSP, and Markup & presentation (HTML, XHTML, CSS etc) Data storage & access (JDBC, XML etc) Network & application protocols (, etc) Programming
More informationCSE 4482 Computer Security Management: Assessment and Forensics. Protection Mechanisms: Firewalls
CSE 4482 Computer Security Management: Assessment and Forensics Protection Mechanisms: Firewalls Instructor: N. Vlajic, Fall 2013 Required reading: Management of Information Security (MIS), by Whitman
More informationImmotec Systems, Inc. SQL Server 2005 Installation Document
SQL Server Installation Guide 1. From the Visor 360 installation CD\USB Key, open the Access folder and install the Access Database Engine. 2. Open Visor 360 V2.0 folder and double click on Setup. Visor
More informationOverview - Using ADAMS With a Firewall
Page 1 of 6 Overview - Using ADAMS With a Firewall Internet security is becoming increasingly important as public and private entities connect their internal networks to the Internet. One of the most popular
More information2057-15. First Workshop on Open Source and Internet Technology for Scientific Environment: with case studies from Environmental Monitoring
2057-15 First Workshop on Open Source and Internet Technology for Scientific Environment: with case studies from Environmental Monitoring 7-25 September 2009 TCP/IP Networking Abhaya S. Induruwa Department
More informationOverview - Using ADAMS With a Firewall
Page 1 of 9 Overview - Using ADAMS With a Firewall Internet security is becoming increasingly important as public and private entities connect their internal networks to the Internet. One of the most popular
More informationIxLoad - Layer 4-7 Performance Testing of Content Aware Devices and Networks
IxLoad - Layer 4-7 Performance Testing of Content Aware Devices and Networks IxLoad is a highly scalable solution for accurately assessing the performance of content-aware devices and networks. IxLoad
More informationDeployment Guide Jan-2016 rev. a. Deploying Array Networks APV Series Application Delivery Controllers with Oracle WebLogic 12c
Deployment Guide Jan-2016 rev. a Deploying Array Networks APV Series Application Delivery Controllers with Oracle WebLogic 12c Table of Contents 1 Introduction... 3 1.1 Array Networks APV Appliance...
More informationStateful Inspection Technology
White Paper Stateful Inspection Technology The industry standard for enterprise-class network security solutions Check Point protects every part of your network perimeter, internal, Web to keep your information
More informationLecture (02) Networking Model (TCP/IP) Networking Standard (OSI) (I)
Lecture (02) Networking Model (TCP/IP) Networking Standard (OSI) (I) By: Dr. Ahmed ElShafee ١ Dr. Ahmed ElShafee, ACU : Fall 2015, Networks II Agenda Introduction to networking architecture Historical
More informationDeploying the Barracuda Load Balancer with Office Communications Server 2007 R2. Office Communications Server Overview.
Deploying the Barracuda Load Balancer with Office Communications Server 2007 R2 Organizations can use the Barracuda Load Balancer to enhance the scalability and availability of their Microsoft Office Communications
More informationMulti-Homing Dual WAN Firewall Router
Multi-Homing Dual WAN Firewall Router Quick Installation Guide M73-APO09-400 Multi-Homing Dual WAN Firewall Router Overview The Multi-Homing Dual WAN Firewall Router provides three 10/100Mbit Ethernet
More informationSocket = an interface connection between two (dissimilar) pipes. OS provides this API to connect applications to networks. home.comcast.
Interprocess communication (Part 2) For an application to send something out as a message, it must arrange its OS to receive its input. The OS is then sends it out either as a UDP datagram on the transport
More informationData Collection and Analysis: Get End-to-End Security with Cisco Connected Analytics for Network Deployment
White Paper Data Collection and Analysis: Get End-to-End Security with Cisco Connected Analytics for Network Deployment Cisco Connected Analytics for Network Deployment (CAND) is Cisco hosted, subscription-based
More informationOutline VLAN. Inter-VLAN communication. Layer-3 Switches. Spanning Tree Protocol Recap
Outline Network Virtualization and Data Center Networks 263-3825-00 DC Virtualization Basics Part 2 Qin Yin Fall Semester 2013 More words about VLAN Virtual Routing and Forwarding (VRF) The use of load
More informationChapter 3 Restricting Access From Your Network
Chapter 3 Restricting Access From Your Network This chapter describes how to use the content filtering and reporting features of the RangeMax Dual Band Wireless-N Router WNDR3300 to protect your network.
More informationComputer Networking LAB 2 HTTP
Computer Networking LAB 2 HTTP 1 OBJECTIVES The basic GET/response interaction HTTP message formats Retrieving large HTML files Retrieving HTML files with embedded objects HTTP authentication and security
More informationCape Girardeau Career Center CISCO Networking Academy Bill Link, Instructor. 2.,,,, and are key services that ISPs can provide to all customers.
Name: 1. What is an Enterprise network and how does it differ from a WAN? 2.,,,, and are key services that ISPs can provide to all customers. 3. Describe in detail what a managed service that an ISP might
More informationZEN LOAD BALANCER EE v3.04 DATASHEET The Load Balancing made easy
ZEN LOAD BALANCER EE v3.04 DATASHEET The Load Balancing made easy OVERVIEW The global communication and the continuous growth of services provided through the Internet or local infrastructure require to
More informationCONNECTING WINDOWS XP PROFESSIONAL TO A NETWORK
1 Chapter 10 CONNECTING WINDOWS XP PROFESSIONAL TO A NETWORK Chapter 10: CONNECTING WINDOWS XP PROFESSIONAL TO A NETWORK 2 OVERVIEW Configure and troubleshoot the TCP/IP protocol Connect to a wireless
More informationLab VI Capturing and monitoring the network traffic
Lab VI Capturing and monitoring the network traffic 1. Goals To gain general knowledge about the network analyzers and to understand their utility To learn how to use network traffic analyzer tools (Wireshark)
More informationChapter 11. User Datagram Protocol (UDP)
Chapter 11 User Datagram Protocol (UDP) The McGraw-Hill Companies, Inc., 2000 1 CONTENTS PROCESS-TO-PROCESS COMMUNICATION USER DATAGRAM CHECKSUM UDP OPERATION USE OF UDP UDP PACKAGE The McGraw-Hill Companies,
More informationApplication. Transport. Network. Data Link. Physical. Network Layers. Goal
Layers Goal Understand how application processes set up a connection and exchange messages. Understand how addresses are determined 1 2 Data Exchange Between Processes TCP Connection-Setup Between Processes
More information1 Data information is sent onto the network cable using which of the following? A Communication protocol B Data packet
Review questions 1 Data information is sent onto the network cable using which of the following? A Communication protocol B Data packet C Media access method D Packages 2 To which TCP/IP architecture layer
More informationTechnical Note. vsphere Deployment Worksheet on page 2. Express Configuration on page 3. Single VLAN Configuration on page 5
Technical Note The vfabric Data Director worksheets contained in this technical note are intended to help you plan your Data Director deployment. The worksheets include the following: vsphere Deployment
More informationMany network and firewall administrators consider the network firewall at the network edge as their primary defense against all network woes.
RimApp RoadBLOCK goes beyond simple filtering! Many network and firewall administrators consider the network firewall at the network edge as their primary defense against all network woes. However, traditional
More informationCheck Point FireWall-1 HTTP Security Server performance tuning
PROFESSIONAL SECURITY SYSTEMS Check Point FireWall-1 HTTP Security Server performance tuning by Mariusz Stawowski CCSA/CCSE (4.1x, NG) Check Point FireWall-1 security system has been designed as a means
More informationNon-intrusive, complete network protocol decoding with plain mnemonics in English
The Triple Play Analysis Suite - DATA The Triple Play Analysis Suite - Data are meant for emulating the client s application such as FTP downloading or Web Browser testing at the termination point of DSL
More information7. Windows XP Firewall
Page 1 of 5 Oxford University Computing Services Search OUCS Connecting to the Ethernet with Windows XP Home Edition or Professional Full search Feedback 7. Windows XP Firewall oucs >network >ethernet
More informationMilsVPN VPN Tunnel Port Translation. Table of Contents...1 1. Introduction...2 2. VPN Tunnel Settings...2
Page 1 of 8 Table of Contents Table of Contents...1 1. Introduction...2 2. VPN Tunnel Settings...2 2.1 VPN Settings...2 2.2 MilsVPN Service Properties...3 3. Service Object Creation...3 4. Firewall rules
More informationHow To Configure A Vyatta 4.2.0 As A Ds Internet Connection Router/Gateway With A Web Server On A Dspv.Net 4.0.1 (Dspv) On A Network With A D
Open Informatics a An Information Technology Company Visit us on the web at www.openinformatics.net Tutorial Author: Zlatan Klebic Send Feedback: zklebic@openinformatics.net Configuring a Vyatta 4.0 release
More informationCTIS 256 Web Technologies II. Week # 1 Serkan GENÇ
CTIS 256 Web Technologies II Week # 1 Serkan GENÇ Introduction Aim: to be able to develop web-based applications using PHP (programming language) and mysql(dbms). Internet is a huge network structure connecting
More information000-284. Easy CramBible Lab DEMO ONLY VERSION 000-284. Test284,IBM WbS.DataPower SOA Appliances, Firmware V3.6.0
Easy CramBible Lab 000-284 Test284,IBM WbS.DataPower SOA Appliances, Firmware V3.6.0 ** Single-user License ** This copy can be only used by yourself for educational purposes Web: http://www.crambible.com/
More information3.2.2 Bandwidth Requirements
You also need to prioritize your voice traffic over your data traffic and configure the ShoreTel system s feature. 3.2.2 Requirements The amount of bandwidth for voice calls depends on these details: Number
More informationPorts utilisés. Ports utilisés par le XT1000/5000 :
Ports utilisés Ports utilisés par le XT1000/5000 : 80 HTTP (TCP) WEB server 123 SNTP (UDP) SNTP Client 161 SNMP (UDP) SNMP Configuration and Status 162 SNMP (UDP) SNMP Traps and events 1718 H.225/RAS (UDP)
More informationCS 188/219. Scalable Internet Services Andrew Mutz October 8, 2015
CS 188/219 Scalable Internet Services Andrew Mutz October 8, 2015 For Today About PTEs Empty spots were given out If more spots open up, I will issue more PTEs You must have a group by today. More detail
More informationInduSoft Thin Client Setup and Troubleshooting Guide
Abstract InduSoft Thin Client Setup and Troubleshooting Guide This Thin Client Troubleshooting Guide is designed to be used in conjunction with the Thin Clients and Mobile Access sections of the current
More informationSNMP-1000 Intelligent SNMP/HTTP System Manager Features Introduction Web-enabled, No Driver Needed Powerful yet Easy to Use
SNMP-1000 Intelligent SNMP/HTTP System Manager Features Monitors system fans, temperature, voltage, power supply, CPU fan, CPU temperature, Vcore, watchdog timer etc. Stand alone system monitoring, no
More informationComtrend 1 Port Router Installation Guide CT-5072T
Comtrend 1 Port Router Installation Guide CT-5072T 1 Installing Access Point s DSL Service with a Comtrend Router Thank you for selecting Access Point, Inc. to be your Internet service provider. This guide
More informationDeployment Scenarios
Deployment Scenarios Sun Cobalt Summary The Sun Cobalt is a network-based appliance for managing a large number of remote servers and for deploying services to these servers. A control station is deployed
More informationFachgebiet Technische Informatik, Joachim Zumbrägel
Computer Network Lab 2015 Fachgebiet Technische Informatik, Joachim Zumbrägel Overview Internet Internet Protocols Fundamentals about HTTP Communication HTTP-Server, mode of operation Static/Dynamic Webpages
More informationInside-Out Attacks. ivan.buetler@csnc.ch. Covert Channel Attacks Inside-out Attacks Seite 1 GLÄRNISCHSTRASSE 7 POSTFACH 1671 CH-8640 RAPPERSWIL
Inside-Out Attacks ivan.buetler@csnc.ch Covert Channel Attacks Inside-out Attacks Seite 1 Goals of this presentation! Responses to the following questions! What are inside-out attacks! Who will use this
More informationSNMP Protocol for Easy Network Management
ACTi Knowledge Base Category: Educational Note Sub-category: Application Model: ACM Series TCM Series ACD-2100 TCD-2100 TCD-2500 Firmware: Software: N/A Author: Wells.Wei Published: 2010/10/22 Reviewed:
More informationStep into the Future: HTML5 and its Impact on SSL VPNs
Step into the Future: HTML5 and its Impact on SSL VPNs Aidan Gogarty HOB, Inc. Session ID: SPO - 302 Session Classification: General Interest What this is all about. All about HTML5 3 useful components
More informationZEN LOAD BALANCER EE v3.02 DATASHEET The Load Balancing made easy
ZEN LOAD BALANCER EE v3.02 DATASHEET The Load Balancing made easy OVERVIEW The global communication and the continuous growth of services provided through the Internet or local infrastructure require to
More informationAPV9650. Application Delivery Controller
APV9650 D a t a S h e e t Application Delivery Controller Array Networks APV Series of Application Delivery Controllers optimizes the availability, user experience, performance, security and scalability
More informationNetwork: several computers who can communicate. bus. Main example: Ethernet (1980 today: coaxial cable, twisted pair, 10Mb 1000Gb).
1 / 17 Network: several computers who can communicate. Bus topology: bus Main example: Ethernet (1980 today: coaxial cable, twisted pair, 10Mb 1000Gb). Hardware has globally unique MAC addresses (IDs).
More informationPrint Audit Facilities Manager Technical Overview
Print Audit Facilities Manager Technical Overview Print Audit Facilities Manager is a powerful, easy to use tool designed to remotely collect meter reads, automate supplies fulfilment and report service
More informationIP Filter/Firewall Setup
IP Filter/Firewall Setup Introduction The IP Filter/Firewall function helps protect your local network against attack from outside. It also provides a method of restricting users on the local network from
More informationNetwork-Oriented Software Development. Course: CSc4360/CSc6360 Instructor: Dr. Beyah Sessions: M-W, 3:00 4:40pm Lecture 2
Network-Oriented Software Development Course: CSc4360/CSc6360 Instructor: Dr. Beyah Sessions: M-W, 3:00 4:40pm Lecture 2 Topics Layering TCP/IP Layering Internet addresses and port numbers Encapsulation
More informationIMPLEMENTATION OF INTELLIGENT FIREWALL TO CHECK INTERNET HACKERS THREAT
IMPLEMENTATION OF INTELLIGENT FIREWALL TO CHECK INTERNET HACKERS THREAT Roopa K. Panduranga Rao MV Dept of CS and Engg., Dept of IS and Engg., J.N.N College of Engineering, J.N.N College of Engineering,
More informationHow to install and use CrossTec Remote Control or SchoolVue in a Virtual and or Terminal Service environment
How to install and use CrossTec Remote Control or SchoolVue in a Virtual and or Terminal Service environment 1 P a g e CrossTec Corporation 500 NE Spanish River Blvd. Suite 201 Phone 800.675.0729 Fax 561.391.5820
More informationNetwork Technologies
Network Technologies Glenn Strong Department of Computer Science School of Computer Science and Statistics Trinity College, Dublin January 28, 2014 What Happens When Browser Contacts Server I Top view:
More informationUsing Nessus to Detect Wireless Access Points. March 6, 2015 (Revision 4)
Using Nessus to Detect Wireless Access Points March 6, 2015 (Revision 4) Table of Contents Introduction... 3 Why Detect Wireless Access Points?... 3 Wireless Scanning for WAPs... 4 Detecting WAPs using
More informationManagement, Logging and Troubleshooting
CHAPTER 15 This chapter describes the following: SNMP Configuration System Logging SNMP Configuration Cisco NAC Guest Server supports management applications monitoring the system over SNMP (Simple Network
More informationTable of Contents. Introduction
viii Table of Contents Introduction xvii Chapter 1 All About the Cisco Certified Security Professional 3 How This Book Can Help You Pass the CCSP Cisco Secure VPN Exam 5 Overview of CCSP Certification
More informationPort Utilization Guide for Cisco Unified Contact Center Express, Release 8.5(1)
Utilization Guide for Cisco Unified Contact Center Express, Release 8.5(1) For Cisco Unified Contact Center Express and Cisco Unified IP IVR Release 8.5(1) Americas Headquarters: Cisco Systems, Inc., 170
More informationAddress Resolution Protocol (ARP)
Address Resolution Protocol (ARP) Question: how do packets actually get to their destination? IP routing tables: based on network addresses Ethernet physical interfaces only understand ethernet addresses
More informationVirtual Server in SP883
Virtual Server in SP883 1 Introduction: 1.1 Micronet SP883 is a hard QoS broadband router, means its guaranteed service can provide absolute reservation of resource (bandwidth) for specific traffic;not
More informationConfiguring Class Maps and Policy Maps
CHAPTER 4 Configuring Class Maps and Policy Maps This chapter describes how to configure class maps and policy maps to provide a global level of classification for filtering traffic received by or passing
More informationConfiguring Network Address Translation (NAT)
8 Configuring Network Address Translation (NAT) Contents Overview...................................................... 8-3 Translating Between an Inside and an Outside Network........... 8-3 Local and
More informationDynamic DNS How-To Guide
Configuration Guide Dynamic DNS How-To Guide Overview This guide will show you how to set up a Dynamic DNS host name under the D-Link DDNS service with your D-Link ShareCenter TM. Dynamic DNS is a protocol
More informationHomeWorks P5 Processor Ethernet TCP / IP Networking Specification
HomeWorks P5 Processor Ethernet TCP / IP Networking Specification Table of Contents Table of Contents...2 Revision History...2 Overview...3 Single Ethernet Port...3 Protocols Used...3 TCP / IP Settings...3
More informationQuick Note 026. Using the firewall of a Digi TransPort to redirect HTTP Traffic to a proxy server. Digi International Technical Support December 2011
Quick Note 026 Using the firewall of a Digi TransPort to redirect HTTP Traffic to a proxy server Digi International Technical Support December 2011 Contents 1 Introduction... 3 1.1 Outline... 3 1.2 Assumptions...
More informationThe Design and Implementation of Content Switch On IXP12EB
The Design and Implementation of Content Switch On IXP12EB Thesis Proposal by Longhua Li Computer Science Department University of Colorado at Colorado Springs 5/15/2001 Approved by: Dr. Edward Chow (Advisor)
More informationPacket Capture. Document Scope. SonicOS Enhanced Packet Capture
Packet Capture Document Scope This solutions document describes how to configure and use the packet capture feature in SonicOS Enhanced. This document contains the following sections: Feature Overview
More informationSysPatrol - Server Security Monitor
SysPatrol Server Security Monitor User Manual Version 2.2 Sep 2013 www.flexense.com www.syspatrol.com 1 Product Overview SysPatrol is a server security monitoring solution allowing one to monitor one or
More informationPass Through Proxy. How-to. Overview:..1 Why PTP?...1
Pass Through Proxy How-to Overview:..1 Why PTP?...1 Via an SA port...1 Via external DNS resolution...1 Examples of Using Passthrough Proxy...2 Example configuration using virtual host name:...3 Example
More informationBasic Internet programming Formalities. Hands-on tools for internet programming
Welcome Basic Internet programming Formalities Hands-on tools for internet programming DD1335 (gruint10) Serafim Dahl serafim@nada.kth.se DD1335 (Lecture 1) Basic Internet Programming Spring 2010 1 / 23
More informationChapter 16 Route Health Injection
Chapter 16 Route Health Injection You can configure an HP Routing Switch to check the health of the HTTP application and inject a host route into the network to force a preferred route to an actively responding
More informationVERITAS Cluster Server Traffic Director Option. Product Overview
VERITAS Cluster Server Traffic Director Option Product Overview V E R I T A S W H I T E P A P E R Table of Contents Traffic Director Option for VERITAS Cluster Server Overview.............................................1
More informationConfiguring Health Monitoring Using Health Probes
CHAPTER10 Configuring Health Monitoring Using Health Probes This chapter describes how to configure a health probe on the Cisco 4700 Series Application Control Engine (ACE) appliance. This chapter contains
More informationImplementing PCoIP Proxy as a Security Server/Access Point Alternative
Implementing PCoIP Proxy as a Security Server/Access Point Alternative Overview VMware s Horizon Security Server and Access Point provides secure access to sessions over an unsecured WAN and/or Internet
More informationPresented by Aurang Zeb 14CS-03. Network Management System
Presented by Aurang Zeb 14CS-03 Network Management System INTRODUCTION o We can define network management as monitoring, testing, configuring, and troubleshooting network components to meet a set of requirements.
More information