Monitoring Network Traffic with Radial Traffic Analyzer
Size: px
Start display at page:

Download "Monitoring Network Traffic with Radial Traffic Analyzer"

Transcription

1 MonitoringNetworkTraffic withradialtrafficanalyzer DanielA.KeimFlorianMansmannJörnSchneidewindTobiasSchreck IEEESymposiumonVisualAnalyticsScienceandTechnology,2006 StefanHeinz SeminarVisualAnalytics SummerTerm2008

2 Motivation Internethasbecometheinformationmediumoffirst resort Eachhostonthenetworkfacesdifferentthreatsinthis environment Maliciouscode Denial of serviceattacks Attemptstohijackamachine

3 Motivation Howcanweidentifysuchthreats? Whatkindofdataistransferredbetweenmycomputer andothercomputersonthenetwork? localnetwork localhost internet

4 Motivation NetworkMonitoring Surveillanceofimportantperformancemetrics Goal:supervisefunctionality,detectandprevent potentialproblems,developeffectivecounter measuresforanomaliesandsabotage

5 DataSet Communicationdataiscomplex Largeamountsofdata Real timedata Interrelationshipsbetweencommunication connections Relationshipsmayvaryovertime

6 DataSet TechnicalBackground TCP/IPReferenceModel 1 ApplicationLayer 2 PresentationLayer 3 SessionLayer 4 TransportLayer 5 NetworkLayer 6 DataLinkLayer 7 PhysicalLayer 1 ApplicationLayer 2 PresentationLayer 3 SessionLayer 4 TransportLayer 5 NetworkLayer 6 DataLinkLayer 7 PhysicalLayer

7 DataSet TechnicalBackground TCP/IPReferenceModel 1 ApplicationLayer 2 PresentationLayer 3 SessionLayer 4 TransportLayer 5 NetworkLayer 6 DataLinkLayer 7 PhysicalLayer allowsmappingtoapplications packetlevel TCP,UDP IP Ports IP Address MAC Address 80(http)

8 DataSet Attributes Time SourceIPaddress&port DestinationIPaddress&port Payload

9 RelatedWork StephenLau TheSpinningCube ofpotentialdoom Communicationsof thacm,2004

10 RelatedWork AnitaKomledietal. AUser CentricLookat Glyph BasedSecurity Visualization IEEEWorkshopon Visualizationfor ComputerSecurity, 2005

11 RelatedWork StefanoForestietal. VisualCorrelationof NetworkAlerts. IEEEComputer Graphicsand Applications,2006

12 RelatedWork Howdoesthisapproachdifferfromtheseworks? Bringtogetherthecomplementingpiecesof information Easierreadingandinterpretation Easier to understandmetaphors

13 RadialTrafficAnalyzer Layout Attributesaremappedto differentrings Userselectsimportant attributestobedisplayed intheinnerrings Frominsidetooutsidethe attributesareused successivelyforgrouping andsorting

14 RadialTrafficAnalyzer Whyaradiallayout? Supportsbetterthetaskoffindingsuspiciouspatterns Userisnotmisguidedtoplacemoreimportanceonan itemduetoitspositionsontheleftorright

15 ColoringConcept Specialcolors Brightnessfor secure/unsecured Usesdistinctcolors foripadressesand ports

16 RadialTrafficAnalyzer Interactivity Positioningandthusimportancewithinthesorting ordercanbechangedusingdrag&dropoperations Tooltipsareusedtodisplaythefulllabelincaseof smallsegmentsandadditionalinformation(hostname, possibleapplicationprograms)

17 RadialTrafficAnalyzer Interactivity Detailedinformationforasegmentisaccessibleusing apopupmenu Differentmeasures:transferredbytes,numberof connections,numberofsessions Mouseclickfilters/discardsalltrafficwiththechosen attribute

18 RadialTrafficAnalyzer Flexibility

19 CombiningRTAwithGeospatialDisplays IdeaforHistoMap RetrievecountrynamesforIPaddressesusing Maxmind'sGeoIPDatabase Usesquarifiedtreemaplayout Sizeofrectanglescorrespondstotrafficvolume

20 CombiningRTAwithGeospatialDisplays

21 InteractiveExplorationofDataTrafficwith HierarchicalNetworkMaps FlorianMansmannSvetlanaVinnik IEEETransactionsonVisualizationandComputerGraphics,2006

22 HierarchicalNetworkMaps Displaythedistributionofsourceandtargetdatatraffic ofnetworknodes Visualizationofportactivity Alsoaspace fillingtechniquetreemap

23 HierarchicalNetworkMaps

24 HierarchicalNetworkMaps Layout Squarifiedtreemap Togetanalmoststaticmaplayout,thetotalsizeofthe networkanditscomponentsisused(userorientation) Nodesoncontinentandcountrylevelpreservetheir relativegeographicalposition NodesontheotherlevelsaresortedbyIPaddresses

25 HierarchicalNetworkMaps

26 HierarchicalNetworkMaps

27 HierarchicalNetworkMaps Filters Typeofload(packetssent,receivedortotal) Timeframe Portorportcluster Protocol

28 HierarchicalNetworkMaps Largeamountsofdata Itturnedouttobeinfeasibletoprocesstheentire networkdata Aggregationentrieswereused(#sessions,#packets transferred,bytestransferred) Usageofdatawarehousetechniques(OLAPcubes) SplitthelogintoaShortTermLog,MiddleTermLogand LongTermLog

29 HierarchicalNetworkMaps DescendingtothePixelLevel

30 HierarchicalNetworkMaps Interaction Usercanchoosewhichregionofthenetworkshould beinvestigatedfurther Drill down/roll up Additionalinformationviapopupmenu(interactive time,host,andportactivitydiagrams)

31 HierarchicalNetworkMaps

32 HierarchicalNetworkMaps Pros Integrationofgeographicalinformationwithaclever layout Nicedataoverview Cons Needsalotofdisplayspacedependingonthe granularitylevel Integrationofdetails

33 CombiningRTAwithGeospatialDisplays

34 RadialTrafficAnalyzer Animationovertime

35 RadialTrafficAnalyzer Animationovertime

36 RadialTrafficAnalyzer Animationovertime

37 RadialTrafficAnalyzer Animationovertime

38 RadialTrafficAnalyzer Classification

39 RadialTrafficAnalyzer Pros Easymetaphor(e.g.fastperceptionofthetraffic composition) Goodcolorscheme Combinationofmachinetechniquesandhuman capabilities

40 RadialTrafficAnalyzer Cons Displayspace/useoftooltips(especiallywhen displayingbothvisualizationsatonce) Noexplanationofthedatapreprocessingand performance

41 Summary

Similar documents

Chapter 32 Internet Security

Chapter 32 Internet Security Chapter 32 Internet Security Copyright The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 32: Outline 32.1 NETWORK-LAYER SECURITY 32.2 TRANSPORT-LAYER SECURITY 32.3

More information

Network Management & Security (CS 330) RMON

Network Management & Security (CS 330) RMON Network Management & Security (CS 330) RMON Dr. Ihsan Ullah Department of Computer Science & IT University of Balochistan, Quetta Pakistan November 08, 2013 CS 330 RMON 1/13 1 / 13 Outline Remote Network

More information

Chapter 10. Network Security

Chapter 10. Network Security Chapter 10 Network Security 10.1. Chapter 10: Outline 10.1 INTRODUCTION 10.2 CONFIDENTIALITY 10.3 OTHER ASPECTS OF SECURITY 10.4 INTERNET SECURITY 10.5 FIREWALLS 10.2 Chapter 10: Objective We introduce

More information

IP Filter/Firewall Setup

IP Filter/Firewall Setup IP Filter/Firewall Setup Introduction The IP Filter/Firewall function helps protect your local network against attack from outside. It also provides a method of restricting users on the local network from

More information

Open System Interconnection (OSI) Protocols

Open System Interconnection (OSI) Protocols CHAPTER 32 Open System Interconnection (OSI) Protocols Background The Open System Interconnection (OSI) protocol suite is comprised of numerous standard protocols that are based on the OSI reference model.

More information

OSI Protocols. Background. Technology Basics. Media Access CHAPTER

OSI Protocols. Background. Technology Basics. Media Access CHAPTER CHAPTER 20 OSI Protocols Background In the early days of intercomputer communication, networking software was created in a haphazard, ad hoc fashion. When networks grew sufficiently popular, the need to

More information

Firewalls. Network Security. Firewalls Defined. Firewalls

Firewalls. Network Security. Firewalls Defined. Firewalls Network Security Firewalls Firewalls Types of Firewalls Screening router firewalls Computer-based firewalls Firewall appliances Host firewalls (firewalls on clients and servers) Inspection Methods Firewall

More information

Guideline on Firewall

Guideline on Firewall CMSGu2014-02 Mauritian Computer Emergency Response Team CERT-MU SECURITY GUIDELINE 2011-02 Enhancing Cyber Security in Mauritius Guideline on Firewall National Computer Board Mauritius Version 1.0 June

More information

CSE 4482 Computer Security Management: Assessment and Forensics. Protection Mechanisms: Firewalls

CSE 4482 Computer Security Management: Assessment and Forensics. Protection Mechanisms: Firewalls CSE 4482 Computer Security Management: Assessment and Forensics Protection Mechanisms: Firewalls Instructor: N. Vlajic, Fall 2013 Required reading: Management of Information Security (MIS), by Whitman

More information

How To Set Up Mybpx Security Configuration Guide V1.2.2 (V1.3.2) On A Pc Or Mac)

How To Set Up Mybpx Security Configuration Guide V1.2.2 (V1.3.2) On A Pc Or Mac) MyPBX Security Configuration Guide Version: V1.2 Date: October 15 th, 2012 Yeastar Technology Co., Ltd. http://www.yeastar.com 1/11 Contents 1. Security Configuration for Web GUI... 3 1.1 Change the default

More information

CYBER SCIENCE 2015 AN ANALYSIS OF NETWORK TRAFFIC CLASSIFICATION FOR BOTNET DETECTION

CYBER SCIENCE 2015 AN ANALYSIS OF NETWORK TRAFFIC CLASSIFICATION FOR BOTNET DETECTION CYBER SCIENCE 2015 AN ANALYSIS OF NETWORK TRAFFIC CLASSIFICATION FOR BOTNET DETECTION MATIJA STEVANOVIC PhD Student JENS MYRUP PEDERSEN Associate Professor Department of Electronic Systems Aalborg University,

More information

Cisco PIX vs. Checkpoint Firewall

Cisco PIX vs. Checkpoint Firewall Cisco PIX vs. Checkpoint Firewall Introduction Firewall technology ranges from packet filtering to application-layer proxies, to Stateful inspection; each technique gleaning the benefits from its predecessor.

More information

Application-layer protocols

Application-layer protocols Application layer Goals: Conceptual aspects of network application protocols Client server paradigm Service models Learn about protocols by examining popular application-level protocols HTTP DNS Application-layer

More information

Economic Indicators Division Henock Kebede October 20, 2015

Economic Indicators Division Henock Kebede October 20, 2015 USA usatrade.census.gov ONLINE Economic Indicators Division Henock Kebede October 20, 2015 CUSTOMERS Small Businesses Manufacturers Local and State Governments Federal Government Agencies Congress and

More information

CS 4803 Computer and Network Security

CS 4803 Computer and Network Security Network layers CS 4803 Computer and Network Security Application Transport Network Lower level Alexandra (Sasha) Boldyreva IPsec 1 2 Roughly Application layer: the communicating processes themselves and

More information

ZENworks 11 Support Pack 4 HTTP Proxy Reference. May 2016

ZENworks 11 Support Pack 4 HTTP Proxy Reference. May 2016 ZENworks 11 Support Pack 4 HTTP Proxy Reference May 2016 Legal Notices For information about legal notices, trademarks, disclaimers, warranties, export and other use restrictions, U.S. Government rights,

More information

Lab 8.4.2 Configuring Access Policies and DMZ Settings

Lab 8.4.2 Configuring Access Policies and DMZ Settings Lab 8.4.2 Configuring Access Policies and DMZ Settings Objectives Log in to a multi-function device and view security settings. Set up Internet access policies based on IP address and application. Set

More information

Chapter 11 Cloud Application Development

Chapter 11 Cloud Application Development Chapter 11 Cloud Application Development Contents Motivation. Connecting clients to instances through firewalls. Chapter 10 2 Motivation Some of the questions of interest to application developers: How

More information

Security threats and network. Software firewall. Hardware firewall. Firewalls

Security threats and network. Software firewall. Hardware firewall. Firewalls Security threats and network As we have already discussed, many serious security threats come from the networks; Firewalls The firewalls implement hardware or software solutions based on the control of

More information

Chapter 3. TCP/IP Networks. 3.1 Internet Protocol version 4 (IPv4)

Chapter 3. TCP/IP Networks. 3.1 Internet Protocol version 4 (IPv4) Chapter 3 TCP/IP Networks 3.1 Internet Protocol version 4 (IPv4) Internet Protocol version 4 is the fourth iteration of the Internet Protocol (IP) and it is the first version of the protocol to be widely

More information

Protocol Security Where?

Protocol Security Where? IPsec: AH and ESP 1 Protocol Security Where? Application layer: (+) easy access to user credentials, extend without waiting for OS vendor, understand data; (-) design again and again; e.g., PGP, ssh, Kerberos

More information

Bypassing Firewall. @ PISA AGM Theme Seminar 2005. Presented by Ricky Lou Zecure Lab Limited

Bypassing Firewall. @ PISA AGM Theme Seminar 2005. Presented by Ricky Lou Zecure Lab Limited Bypassing Firewall @ PISA AGM Theme Seminar 2005 Presented by Ricky Lou Zecure Lab Limited Firewall Piercing (Inside-Out Attacks) Disclaimer We hereby disclaim all responsibility for the following hacks.

More information

Firewall. User Manual

Firewall. User Manual Firewall User Manual 1 IX. Firewall This chapter introduces firewall general policy, access rule, and content filter settings to ensure network security. 9.1 General Policy The firewall is enabled by default.

More information

Network Traffic Evolution. Prof. Anja Feldmann, Ph.D. Dr. Steve Uhlig

Network Traffic Evolution. Prof. Anja Feldmann, Ph.D. Dr. Steve Uhlig Network Traffic Evolution Prof. Anja Feldmann, Ph.D. Dr. Steve Uhlig 1 Example trace Name port % bytes % packets bytes per packet world-wide-web 80???????????? netnews 119???????????? pop-3 mail 110????????????...

More information

RID-DoS: Real-time Inter-network Defense Against Denial of Service Attacks. Kathleen M. Moriarty. MIT Lincoln Laboratory.

RID-DoS: Real-time Inter-network Defense Against Denial of Service Attacks. Kathleen M. Moriarty. MIT Lincoln Laboratory. : Real-time Inter-network Defense Against Denial of Service Attacks Kathleen M. Moriarty 22 October 2002 This work was sponsored by the Air Force Contract number F19628-00-C-002. Opinions, interpretations,

More information

!NAVSEC':!A!Recommender!System!for!3D! Network!Security!Visualiza<ons!

!NAVSEC':!A!Recommender!System!for!3D! Network!Security!Visualiza<ons! !:!A!Recommender!System!for!3D! Network!Security!Visualiza

More information

Network Address Translation (NAT)

Network Address Translation (NAT) Network Address Translation (NAT) Relates to Lab 7. Module about private networks and NAT. Taken from http://www.cs.virginia.edu/~itlab/ book/slides/module17-nat.ppt 1 Private Network Private IP network

More information

Internet Firewall CSIS 3230. Internet Firewall. Spring 2012 CSIS 4222. net13 1. Firewalls. Stateless Packet Filtering

Internet Firewall CSIS 3230. Internet Firewall. Spring 2012 CSIS 4222. net13 1. Firewalls. Stateless Packet Filtering Internet Firewall CSIS 3230 A combination of hardware and software that isolates an organization s internal network from the Internet at large Ch 8.8: Packet filtering, firewalls, intrusion detection Ch

More information

ProxySG TechBrief Implementing a Reverse Proxy

ProxySG TechBrief Implementing a Reverse Proxy ProxySG TechBrief Implementing a Reverse Proxy What is a reverse proxy? The Blue Coat ProxySG provides the basis for a robust and flexible Web communications solution. In addition to Web policy management,

More information

12. Firewalls Content

12. Firewalls Content Content 1 / 17 12.1 Definition 12.2 Packet Filtering & Proxy Servers 12.3 Architectures - Dual-Homed Host Firewall 12.4 Architectures - Screened Host Firewall 12.5 Architectures - Screened Subnet Firewall

More information

Web Application Level Approach against the HTTP Flood Attacks IOSEC HTTP Anti Flood/DoS Security Gateway Module

Web Application Level Approach against the HTTP Flood Attacks IOSEC HTTP Anti Flood/DoS Security Gateway Module Web Application Level Approach against the HTTP Flood Attacks IOSEC HTTP Anti Flood/DoS Security Gateway Module While HTTP Flood and DoS attacks are spreading nowadays, there is a new attack surface reduction

More information

On-Premises DDoS Mitigation for the Enterprise

On-Premises DDoS Mitigation for the Enterprise On-Premises DDoS Mitigation for the Enterprise FIRST LINE OF DEFENSE Pocket Guide The Challenge There is no doubt that cyber-attacks are growing in complexity and sophistication. As a result, a need has

More information

Network Management Functions RMON1, RMON2. Network Management

Network Management Functions RMON1, RMON2. Network Management Network Management Functions RMON1, RMON2 Network Management 30.5.2013 1 Lectures Schedule Week Week 1 Topic Computer Networks - Network Management Architectures & Applications Week 2 Network Management

More information

Business Case for a DDoS Consolidated Solution

Business Case for a DDoS Consolidated Solution Business Case for a DDoS Consolidated Solution Executive Summary Distributed denial-of-service (DDoS) attacks are becoming more serious and sophisticated. Attack motivations are increasingly financial

More information

Enterprise Network Management. March 4, 2009

Enterprise Network Management. March 4, 2009 Automated Service Discovery for Enterprise Network Management Stony Brook University sty March 4, 2009 1 Motivation shutdown unplug what happen when a network device is unplugged df for maintenance? 2

More information

The Transport Layer. Antonio Carzaniga. October 24, 2014. Faculty of Informatics University of Lugano. 2005 2007 Antonio Carzaniga

The Transport Layer. Antonio Carzaniga. October 24, 2014. Faculty of Informatics University of Lugano. 2005 2007 Antonio Carzaniga The Transport Layer Antonio Carzaniga Faculty of Informatics University of Lugano October 24, 2014 Outline Basic concepts in transport-layer protocols Multiplexing/demultiplexing UDP message format Reliable

More information

Firewall Testing Methodology W H I T E P A P E R

Firewall Testing Methodology W H I T E P A P E R Firewall ing W H I T E P A P E R Introduction With the deployment of application-aware firewalls, UTMs, and DPI engines, the network is becoming more intelligent at the application level With this awareness

More information

Firewall Introduction Several Types of Firewall. Cisco PIX Firewall

Firewall Introduction Several Types of Firewall. Cisco PIX Firewall Firewall Introduction Several Types of Firewall. Cisco PIX Firewall What is a Firewall? Non-computer industries: a wall that controls the spreading of a fire. Networks: a designed device that controls

More information

Appendix A: Configuring Firewalls for a VPN Server Running Windows Server 2003

Appendix A: Configuring Firewalls for a VPN Server Running Windows Server 2003 http://technet.microsoft.com/en-us/library/cc757501(ws.10).aspx Appendix A: Configuring Firewalls for a VPN Server Running Windows Server 2003 Updated: October 7, 2005 Applies To: Windows Server 2003 with

More information

Flow Analysis Versus Packet Analysis. What Should You Choose?

Flow Analysis Versus Packet Analysis. What Should You Choose? Flow Analysis Versus Packet Analysis. What Should You Choose? www.netfort.com Flow analysis can help to determine traffic statistics overall, but it falls short when you need to analyse a specific conversation

More information

Internet Traffic Measurement

Internet Traffic Measurement Internet Traffic Measurement Internet Traffic Measurement Network Monitor Placement Measurement Analysis Tools Measurement Result Reporting Probing Mechanism Vantage Points Edge vs Core Hardware vs Software

More information

Dragonframe License Manager User Guide Version 1.2.2

Dragonframe License Manager User Guide Version 1.2.2 Dragonframe License Manager User Guide Version 1.2.2 The Dragonframe License Manager (DFLM) provides floating license management for Dragonframe 3.0 and above. You must contact support (support@dragonframe.com)

More information

Cover. White Paper. (nchronos 4.1)

Cover. White Paper. (nchronos 4.1) Cover White Paper (nchronos 4.1) Copyright Copyright 2013 Colasoft LLC. All rights reserved. Information in this document is subject to change without notice. No part of this document may be reproduced

More information

CMPSCI 453 Computer Networking. Professor V. Arun Department of Computer Science University of Massachusetts Amherst

CMPSCI 453 Computer Networking. Professor V. Arun Department of Computer Science University of Massachusetts Amherst CMPSCI 453 Computer Networking Professor V. Arun Department of Computer Science University of Massachusetts Amherst 1 What is this course about? introductory (first) course in computer networking q learn

More information

Summer Internship 2013

Summer Internship 2013 Summer Internship 2013 Group IV - Enhancement of Jmeter Week 4 Report 1 9 th June 2013 Shekhar Saurav Report on Configuration Element Plugin 'SMTP Defaults' Configuration Elements or config elements are

More information

Cisco IOS Flexible NetFlow Technology

Cisco IOS Flexible NetFlow Technology Cisco IOS Flexible NetFlow Technology Last Updated: December 2008 The Challenge: The ability to characterize IP traffic and understand the origin, the traffic destination, the time of day, the application

More information

Monitor network traffic in the Dashboard tab

Monitor network traffic in the Dashboard tab As a network analyzer (aka. packet sniffer & protocol analyzer), Capsa makes it easy for us to monitor and analyze network traffic in its intuitive and information-rich tab views. With Capsa's network

More information

Giganet Cloud Managed Security as a Service

Giganet Cloud Managed Security as a Service Giganet Cloud Managed Security as a Service The Internet is so slow! Am I getting the right bandwidth?? These are common questions and issues familiar to ISPs and subscribers. ISPs and subscribers have

More information

COMPUTER NETWORKING PRIMER

COMPUTER NETWORKING PRIMER COMPUTER NETWORKING PRIMER To help you understand the uses and benefits of Novell products, this primer explains basic computer networking concepts and technology and also introduces computer networking

More information

The question becomes, How does the competent Windows IT professional open up their print server to their Mac clients?

The question becomes, How does the competent Windows IT professional open up their print server to their Mac clients? INTRODUCTION With the number of Macs growing, especially in the academic and consumer fields the need to support them has become a must have for many existing Windows environments. The question becomes,

More information

Darstellung Unterschied ZyNOS Firmware Version 4.02 => 4.03

Darstellung Unterschied ZyNOS Firmware Version 4.02 => 4.03 Darstellung Unterschied ZyNOS Firmware Version 4.02 => 4.03 1 - ZyWALL Firmware v4.03 Enhancement (1) - Content Filter Support for Multiple Policies : : November 14, 2007 2 - ZyWALL Firmware v4.03 Enhancement

More information

Configuring Network Load Balancing with Cerberus FTP Server

Configuring Network Load Balancing with Cerberus FTP Server Configuring Network Load Balancing with Cerberus FTP Server May 2016 Version 1.0 1 Introduction Purpose This guide will discuss how to install and configure Network Load Balancing on Windows Server 2012

More information

DATA MINING TOOL FOR INTEGRATED COMPLAINT MANAGEMENT SYSTEM WEKA 3.6.7

DATA MINING TOOL FOR INTEGRATED COMPLAINT MANAGEMENT SYSTEM WEKA 3.6.7 DATA MINING TOOL FOR INTEGRATED COMPLAINT MANAGEMENT SYSTEM WEKA 3.6.7 UNDER THE GUIDANCE Dr. N.P. DHAVALE, DGM, INFINET Department SUBMITTED TO INSTITUTE FOR DEVELOPMENT AND RESEARCH IN BANKING TECHNOLOGY

More information

Flow Visualization Using MS-Excel

Flow Visualization Using MS-Excel Flow Visualization Using MS-Excel Visualization for the Common Man Presented by Lee Rock and Jay Brown US-CERT Analysts Einstein Program Background US-CERT Mission Einstein Program > Large volumes of traffic

More information

HTTPS HTTP. ProxySG Web Server. Client. ProxySG TechBrief Reverse Proxy with SSL. 1 Technical Brief

HTTPS HTTP. ProxySG Web Server. Client. ProxySG TechBrief Reverse Proxy with SSL. 1 Technical Brief ProxySG TechBrief Reverse Proxy with SSL What is Reverse Proxy with SSL? The Blue Coat ProxySG includes the basis for a robust and flexible reverse proxy solution. In addition to web policy management,

More information

Stateful Inspection Technology

Stateful Inspection Technology Stateful Inspection Technology Security Requirements TECH NOTE In order to provide robust security, a firewall must track and control the flow of communication passing through it. To reach control decisions

More information

New Products and New Features May, 2015

New Products and New Features May, 2015 NetAcquire Server 8 New Products and New Features May, 2015 1. Includes all NetAcquire 7.6 and earlier enhancements 2. Runs on a new real-time operating system: NetAcquire Deterministic Linux (NDL) a.

More information

Protection and Security [supplemental] 1. Network Firewalls

Protection and Security [supplemental] 1. Network Firewalls Protection and Security [supplemental] 1 Network Firewalls How to connect a trusted computer system to an untrusted network? Put a firewall between the trusted (system or systems) and the untrusted. All

More information

An apparatus for P2P classification in Netflow traces

An apparatus for P2P classification in Netflow traces An apparatus for P2P classification in Netflow traces Andrew M Gossett, Ioannis Papapanagiotou and Michael Devetsikiotis Electrical and Computer Engineering, North Carolina State University, Raleigh, USA

More information

Innovative, High-Density, Massively Scalable Packet Capture and Cyber Analytics Cluster for Enterprise Customers

Innovative, High-Density, Massively Scalable Packet Capture and Cyber Analytics Cluster for Enterprise Customers Innovative, High-Density, Massively Scalable Packet Capture and Cyber Analytics Cluster for Enterprise Customers The Enterprise Packet Capture Cluster Platform is a complete solution based on a unique

More information

Table of Contents. Cisco Blocking Peer to Peer File Sharing Programs with the PIX Firewall

Table of Contents. Cisco Blocking Peer to Peer File Sharing Programs with the PIX Firewall Table of Contents Blocking Peer to Peer File Sharing Programs with the PIX Firewall...1 Document ID: 42700...1 Introduction...1 Prerequisites...1 Requirements...1 Components Used...1 Conventions...2 PIX

More information

Reverse Shells Enable Attackers To Operate From Your Network. Richard Hammer August 2006

Reverse Shells Enable Attackers To Operate From Your Network. Richard Hammer August 2006 Reverse Shells Enable Attackers To Operate From Your Network Richard Hammer August 2006 Reverse Shells? Why should you care about reverse shells? How do reverse shells work? How do reverse shells get installed

More information

Hadoop Technology for Flow Analysis of the Internet Traffic

Hadoop Technology for Flow Analysis of the Internet Traffic Hadoop Technology for Flow Analysis of the Internet Traffic Rakshitha Kiran P PG Scholar, Dept. of C.S, Shree Devi Institute of Technology, Mangalore, Karnataka, India ABSTRACT: Flow analysis of the internet

More information

Scan Report Executive Summary. Part 2. Component Compliance Summary IP Address : 69.43.165.11

Scan Report Executive Summary. Part 2. Component Compliance Summary IP Address : 69.43.165.11 Scan Report Executive Summary Part 1. Scan Information Scan Customer Company: Date scan was completed: rsync.net ASV Company: Comodo CA Limited 06-02-2015 Scan expiration date: 08-31-2015 Part 2. Component

More information

Network Security: A Practical Approach. Jan L. Harrington

Network Security: A Practical Approach. Jan L. Harrington Network Security: A Practical Approach Jan L. Harrington ELSEVIER AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY TOKYO Morgan Kaufmann is an imprint of

More information

IPSec or SSL VPN? Copyright 2004 Juniper Networks, Inc. www.juniper.net 1

IPSec or SSL VPN? Copyright 2004 Juniper Networks, Inc. www.juniper.net 1 IPSec or SSL VPN? Copyright 2004 Juniper Networks, Inc. www.juniper.net 1 Copyright 2004 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net 2 The Traditional Extended Enterprise Fixed

More information

CSCI 7000-001 Firewalls and Packet Filtering

CSCI 7000-001 Firewalls and Packet Filtering CSCI 7000-001 Firewalls and Packet Filtering November 1, 2001 Firewalls are the wrong approach. They don t solve the general problem, and they make it very difficult or impossible to do many things. On

More information

IDS / IPS. James E. Thiel S.W.A.T.

IDS / IPS. James E. Thiel S.W.A.T. IDS / IPS An introduction to intrusion detection and intrusion prevention systems James E. Thiel January 14, 2005 S.W.A.T. Drexel University Overview Intrusion Detection Purpose Types Detection Methods

More information

Figure 41-1 IP Filter Rules

Figure 41-1 IP Filter Rules 41. Firewall / IP Filter This function allows user to enable the functionality of IP filter. Both inside and outside packets through router could be decided to allow or drop by supervisor. Figure 41-1

More information

Network Security Topologies. Chapter 11

Network Security Topologies. Chapter 11 Network Security Topologies Chapter 11 Learning Objectives Explain network perimeter s importance to an organization s security policies Identify place and role of the demilitarized zone in the network

More information

Computer Networks. A Top-Down Approach. Behrouz A. Forouzan. and. Firouz Mosharraf. \Connect Mc \ Learn. Hill

Computer Networks. A Top-Down Approach. Behrouz A. Forouzan. and. Firouz Mosharraf. \Connect Mc \ Learn. Hill Computer Networks A Top-Down Approach Behrouz A. Forouzan and Firouz Mosharraf \Connect Mc \ Learn Graw I Succeed* Hill Preface xvii Trademarks xxiii Chapter 1 Introduction 1 1.1 OVERVIEW OF THE INTERNET

More information

Firewalls, NAT and Intrusion Detection and Prevention Systems (IDS)

Firewalls, NAT and Intrusion Detection and Prevention Systems (IDS) Firewalls, NAT and Intrusion Detection and Prevention Systems (IDS) Internet (In)Security Exposed Prof. Dr. Bernhard Plattner With some contributions by Stephan Neuhaus Thanks to Thomas Dübendorfer, Stefan

More information

CSCI 454/554 Computer and Network Security. Topic 8.1 IPsec

CSCI 454/554 Computer and Network Security. Topic 8.1 IPsec CSCI 454/554 Computer and Network Security Topic 8.1 IPsec Outline IPsec Objectives IPsec architecture & concepts IPsec authentication header IPsec encapsulating security payload 2 IPsec Objectives Why

More information

Proxy Server, Network Address Translator, Firewall. Proxy Server

Proxy Server, Network Address Translator, Firewall. Proxy Server Proxy Server, Network Address Translator, Firewall 1 Proxy Server 2 1 Introduction What is a proxy server? Acts on behalf of other clients, and presents requests from other clients to a server. Acts as

More information

DDoS Protection Technology White Paper

DDoS Protection Technology White Paper DDoS Protection Technology White Paper Keywords: DDoS attack, DDoS protection, traffic learning, threshold adjustment, detection and protection Abstract: This white paper describes the classification of

More information

Cloudvue Remote Desktop Client GUI User Guide

Cloudvue Remote Desktop Client GUI User Guide Cloudvue Remote Desktop Client GUI User Guide I. To connect to a Windows server - After power up, the login screen will be displayed. A. Auto Search/User Defined Use Auto Search to find available Windows

More information

COMP416 Lab (1) Wireshark I. 23 September 2013

COMP416 Lab (1) Wireshark I. 23 September 2013 COMP416 Lab (1) Wireshark I 23 September 2013 2 Before the lab Review the content of communication architecture. Review TCP/IP model and protocol suite. Understand data transferring, layering, and encapsulation/demultiplexing.

More information

Flashback: Internet design goals. Security Part Two: Attacks and Countermeasures. Security Vulnerabilities. Why did they leave it out?

Flashback: Internet design goals. Security Part Two: Attacks and Countermeasures. Security Vulnerabilities. Why did they leave it out? Flashback: Internet design goals Security Part Two: Attacks and Countermeasures 1. Interconnection 2. Failure resilience 3. Multiple types of service 4. Variety of networks 5. Management of resources 6.

More information

Voice Over IP and Firewalls

Voice Over IP and Firewalls Introduction Voice Over IP and Firewalls By Mark Collier Chief Technology Officer SecureLogix Corporation mark.collier@securelogix.com Use of Voice Over IP (VoIP) in enterprises is becoming more and more

More information

02 Internet!= Web. Internet Technology. MSc in Communication Sciences 2010-11 Program in Technologies for Human Communication.

02 Internet!= Web. Internet Technology. MSc in Communication Sciences 2010-11 Program in Technologies for Human Communication. di scienze MSc in Communication Sciences 2010-11 Program in Technologies for Human Communication Davide Eynard nternet Technology 02 nternet!= Web di scienze 2 The client-server model When you use an nternet-based

More information

SAP WEB DISPATCHER Helps you to make decisions on Web Dispatcher implementation

SAP WEB DISPATCHER Helps you to make decisions on Web Dispatcher implementation A BasisOnDemand.com White Paper SAP WEB DISPATCHER Helps you to make decisions on Web Dispatcher implementation by Prakash Palani Table of Contents 1. Purpose... 3 2. What is Web Dispatcher?... 3 3. Can

More information

Introduction. Interoperability & Tools Group. Existing Network Packet Capture Tools. Challenges for existing tools. Microsoft Message Analyzer

Introduction. Interoperability & Tools Group. Existing Network Packet Capture Tools. Challenges for existing tools. Microsoft Message Analyzer Introduction Interoperability & Tools Group Existing Network Packet Capture Tools Challenges for existing tools Microsoft Message Analyzer Slide 2 Interop and Tools What we do Part of Windows Server Org

More information

On-Net Surveillance Systems, Inc. Triggering Software Generic Events from the Windows Scheduler

On-Net Surveillance Systems, Inc. Triggering Software Generic Events from the Windows Scheduler Triggering Software Generic Events from the Windows Scheduler Background OnSSI s NetDVR and NetDVMS NVR software platforms have the ability to change certain settings based on external events. As an example,

More information

NEC contribution to OpenDaylight: Virtual Tenant Network (VTN)

NEC contribution to OpenDaylight: Virtual Tenant Network (VTN) NEC contribution to OpenDaylight: Virtual Tenant Network (VTN) June. 2013 NEC Page 1 Agenda OpenDaylight Virtual Tenant Network - VTN Model Live Demo VTN Implementation Page 2 OpenDaylight Virtual Tenant

More information

Digi Connect WAN Application Helper NAT, GRE, ESP and TCP/UPD Forwarding and IP Filtering

Digi Connect WAN Application Helper NAT, GRE, ESP and TCP/UPD Forwarding and IP Filtering Introduction Digi Connect Application Helper NAT, GRE, ESP and TCP/UPD Forwarding and IP Filtering The Digi Connect supports five features which provide security and IP traffic forwarding when using incoming

More information

Large-Scale TCP Packet Flow Analysis for Common Protocols Using Apache Hadoop

Large-Scale TCP Packet Flow Analysis for Common Protocols Using Apache Hadoop Large-Scale TCP Packet Flow Analysis for Common Protocols Using Apache Hadoop R. David Idol Department of Computer Science University of North Carolina at Chapel Hill david.idol@unc.edu http://www.cs.unc.edu/~mxrider

More information

Analysis of Communication Patterns in Network Flows to Discover Application Intent

Analysis of Communication Patterns in Network Flows to Discover Application Intent Analysis of Communication Patterns in Network Flows to Discover Application Intent Presented by: William H. Turkett, Jr. Department of Computer Science FloCon 2013 January 9, 2013 Port- and payload signature-based

More information

Are Second Generation Firewalls Good for Industrial Control Systems?

Are Second Generation Firewalls Good for Industrial Control Systems? Are Second Generation Firewalls Good for Industrial Control Systems? Bernie Pella, CISSP Schneider Electric Cyber Security Services bernie.pella@schneider-electric.com Firewall Overview Firewalls provide

More information

ENSC 427: Communication Networks

ENSC 427: Communication Networks Spring 2012 ENSC 427: Communication Networks Creating a Secure Network through Firewalls and Virtual Private Networks http://www.sfu.ca/~msa102 Team #2 Maxim Soleimani-Nouri Andy Cheng Saman Mehdizadeh

More information

Networking for Caribbean Development

Networking for Caribbean Development Networking for Caribbean Development BELIZE NOV 2 NOV 6, 2015 w w w. c a r i b n o g. o r g N E T W O R K I N G F O R C A R I B B E A N D E V E L O P M E N T BELIZE NOV 2 NOV 6, 2015 w w w. c a r i b n

More information

1/5/2014. Objectives. Performance Evaluation of Computer Networks. Contents WHY? NETWORK MEASUREMENT. Why Network Measurement. Why Network Measurement

1/5/2014. Objectives. Performance Evaluation of Computer Networks. Contents WHY? NETWORK MEASUREMENT. Why Network Measurement. Why Network Measurement , 2013 Performance Evaluation of Computer Networks Week 9 (Part 1) Performance Measurement Objectives Appreciate the role of measurement in building and maintaining high-performance TCP/IP networks Explain

More information

Performance Evaluation of Computer Networks

Performance Evaluation of Computer Networks , 2013 Performance Evaluation of Computer Networks Week 9 (Part 1) Performance Measurement Mujdat Soyturk, Ph.D. Asst. Prof. Objectives Appreciate the role of measurement in building and maintaining high-performance

More information

Chapter 7 Transport-Level Security

Chapter 7 Transport-Level Security Cryptography and Network Security Chapter 7 Transport-Level Security Lectured by Nguyễn Đức Thái Outline Web Security Issues Security Socket Layer (SSL) Transport Layer Security (TLS) HTTPS Secure Shell

More information

Smart Network Access System SmartNA 10 Gigabit Aggregating Filtering TAP

Smart Network Access System SmartNA 10 Gigabit Aggregating Filtering TAP Smart Network Access System SmartNA 10 Gigabit Aggregating Filtering TAP Gain Access and Visibility to your 10 Gigabit Links Today! 10 Gigabit SR or LR Passive Optical TAP or connect two (2) 10 Gigabit

More information

Automated Service Discovery for Enterprise Network Management

Automated Service Discovery for Enterprise Network Management Automated Service Discovery for Enterprise Network Management William Tu, Priya Thangaraj, Jui-hao Chiang Professor Tzi-cker Chiueh CEWIT Stony Brook University March 8, 2009 1 Introductin A key pillar

More information

Overview - Using ADAMS With a Firewall

Overview - Using ADAMS With a Firewall Page 1 of 6 Overview - Using ADAMS With a Firewall Internet security is becoming increasingly important as public and private entities connect their internal networks to the Internet. One of the most popular

More information

Trends and Differences in Connection-behavior within Classes of Internet Backbone Traffic

Trends and Differences in Connection-behavior within Classes of Internet Backbone Traffic MonNet a project for network and traffic monitoring Trends and Differences in Connection-behavior within Classes of Internet Backbone Traffic Wolfgang John, Sven Tafvelin and Tomas Olovsson Department

More information

OLD VULNERABILITIES IN NEW PROTOCOLS? HEADACHES ABOUT IPV6 FRAGMENTS

OLD VULNERABILITIES IN NEW PROTOCOLS? HEADACHES ABOUT IPV6 FRAGMENTS OLD VULNERABILITIES IN NEW PROTOCOLS? HEADACHES ABOUT IPV6 FRAGMENTS Eric Vyncke (@evyncke) Cisco Session ID: ARCH W01 Session Classification: Advanced Agenda Status of WorldWide IPv6 Deployment IPv6 refresher:

More information

Introduction to Wireshark Network Analysis

Introduction to Wireshark Network Analysis Introduction to Wireshark Network Analysis Page 2 of 24 Table of Contents INTRODUCTION 4 Overview 4 CAPTURING LIVE DATA 5 Preface 6 Capture Interfaces 6 Capture Options 6 Performing the Capture 8 ANALYZING

More information

Quantum Hyper- V plugin

Quantum Hyper- V plugin Quantum Hyper- V plugin Project blueprint Author: Alessandro Pilotti Version: 1.0 Date: 01/10/2012 Hyper-V reintroduction in OpenStack with the Folsom release was primarily focused

More information
2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback | Do Not Sell My Personal Information