Remote Security Labs in The Cloud

Size: px
Start display at page:

Download "Remote Security Labs in The Cloud"

Transcription

1 In Proceedings of EDUCON Remote Security Labs in The Cloud ReSeLa Anders Carlsson BTH Sweden Rune Gustavsson BTH Sweden Leo Truksans IMCS LU Latvia Martens Balodis IMCS LU Latvia Abstract The paper describes on-going work on a configurable network based experimental platform ReSeLa. The platform is a key component of the ongoing EU funded TEMPUS project ENGENSEC. The project is aiming at providing courses and training material to educate future generation of Cyber security experts. Our project is based on the educational Framework; Conceive, Design, Implement, Operate (CDIO 1 ). The paper outlines the background of earlier efforts on similar platforms in Sweden and Latvia. In the paper we also compares our approach with lessons learned in international projects such as PlanetLab, EmuLab, and GENI. Our approach of Cloud based environments is based on recent advanced in distributed computing such as OpenStack. Some identified and addressed challenges care presented. We also present the architecture of ReSeLa as well as its basic functionalities. The paper ends with a section on Future work and a short list of references Keywords Cloud Based Security Engineering, Open Stack, learning and training, international cooperation I. BACKGROUND We are partners in the on going EU Project ENGENSEC 2 Educating the Next generation experts in Cyber Security (Engensec.eu). The main objective of the ENGENSEC project is to create new Master s programs in areas of IT Security as a response to current and emerging cyber security threats. The goal of ENGENSEC is to develop courses, environments and training material to educate the next generation experts in this area. Thus supporting development of e-based economics and other security critical societal services in partner countries. The ENGENSEC project addresses challenges in information systems development related to ensuring Cyber Security and privacy. The project thus enables advanced Master s curricula in Cyber Security supporting education and training of the next generation experts. These suggested curricula are based on previous best practices in double degree diploma among EU universities, ECTS grading and mutual degree recognition. A crucial component in the project is to design, develop and implement sustainable experimental environments. That is, our Cloud based Remote Security Labs (ReSe-La). The ReSeLA architecture is a result of earlier efforts by the partners, for example at Blekinge Institute of Technology (BTH) and Institute of Mathematics and Computer Science of University of Latvia (IMCS LU). In 2006, Blekinge Institute of Technology (BTH) deci-ded to create a remotely accessible laboratory supporting advanced security exercises and training (OpenLabs Security laboratory). In the laboratory, students were able to experiment with insecure protocols, software vulnerabilities and other harmful software, e.g. viruses, in a safe and isolated environment. This remotely accessible security laboratory was the next logical step of the BTH campus security laboratory that had been used for advanced security experiments since The remote security laboratory introduced new challenges related to network security and remote control. To be able to provide remote controlled experi-ments in security, isolation of the experiments must be guaranteed. No unwanted information should be able to reach the experiment from the outside world and, more importantly, no information should ever be able to escape the experiment environment. Providing isolation is crucial when experimenting with self-replicating code, e.g. viruses, which must not be allowed to spread outside the laboratory environment. Good experiments should also be reproducible, i.e. it should be possible to restart the experiment from a known state. When we designed and implemented OpenLabs we considered

2 to use virtualization to increase flexibility. However, at that time this technology had some known limitations. Virtualization platforms can utilize the hardware resources better than emulated platforms, and will most certainly be cheaper to set up and run, depending on what hardware and software platform that is used. The startup of a Virtual Machine (VM) is faster that doing physical writing to a hard drive, so the startup time of an experiment will be shorter. After the experiment is over, the VMs disk content can be discarded, which means you do not need to wipe the complete hard drive. It will also be easier to prepare installations, as the teacher can do that at his/her own machine in the virtualized environment, without the worry for hardware incompatibility. On the downside, using virtual machines can lead to unwanted behavior. If many experiments are going to run on the same machine, they have to share the hardware resources between each other, which means that they also influence each other. Experiments which are resource intensive will take longer to perform and results from performance measurements will not always be reliable. Competing on resources can also influence results from experiments depending on concurrency, one example from the security domain is race conditions (See [1]). Running several virtual environments on the same machine will also lead to penalties on hard drive access. In a virtualized environment the hardware is emulated. Direct hardware access can be done be in form of device delegation, however this mechanism is not well automated in existing IaaS implementations. The emulation could introduce new bugs related to the emulation software and will probably hide bugs in the real hardware. Experiments that require direct hardware access will therefore be impossible in the first version of RSeLa, as would experiments depending on hardware bugs. For many experiments, these negative aspects may not be a problem and virtualization can still serve a good purpose as a remote experiment solution. Particularly, the experiments on software functionality that disregard properties of performance or hardware are expected to be well suited for the virtualized environments like Infrastructure as a Service (IaaS) clouds. In this case the machine will be prepared with the virtualization software and the teacher or the students can themselves provide the virtual machine image and take advantage of the simpler preparation procedure given by the virtualized environment. In Proceedings of EDUCON service provided para-virtualized virtual machines (VMs) based on Xen hypervisor, virtual networks to isolate groups of machines belonging to a separate research lab or project. The service was a clustered, high availability, automated system to host high performance VMs with real life OSes (Linux, Windows) dedicated to scientists and/or projects. It was envisioned, designed, implemented and operated at IMCS UL. It was also a new approach with no existing demand and it took time for the users to get comfortable with concept that getting a new computer for calculations is not getting a physical equipment but rather an access to a dedicated VM somewhere in a data center. Less than 3 years later after starting system operations in 2011 it hit first resource deficit. That reflects high acceptance of the system that by then was called a Cloud on par with the industry trend. At that time the Cloud had been extended to host multiple infrastructure and platform services (IaaS, PaaS), VPN access and tunnel services, real time monitoring, etc. The Cloud was recognized by its users to be reliable and well performing resource, used by tens of labs and projects. Today the IMCS UL Cloud continues to evolve and operate. In 2013 OpenStack development was skyrocketing, it was clear to IMCS UL Cloud team that OpenStack will be the next Linux of clouds (open source platform project embraced and developed by the industry). When IMCS UL got to design and deploy an automated platform for Faculty of Physics and Mathematics of University of Latvia (FPM UL) that year, it was decided to deploy an OpenStack installation because of its ease of use. Yet one concept was carried from IMCS UL Cloud into the FPM UL Cloud. The latter had InfiniBand cards for MPI calculations. It was made sure these cards are available to certain type of VMs through device delegation. And that made the Cloud usable for HPC. Some of the mentioned challenges will be addressed and some of the mentioned concepts will be further investigated in design, implementation and maintenance of ReSeLa. While ReSeLa does dedicate and give full control of the operating systems to any student, as the OpenLabs did, ReSeLa is designed to integrate and take advantage of the modern infrastructure automation solutions and concepts like IaaS clouds and software defined networking (SDN) as the IMCS UL Cloud did. Another interesting aspect of virtualization is security. The main contributor to software vulnerabilities are complexity and by introducing a virtualization layer the complexity is increased even more. As no software is perfect, there may be ways for users to break out of the virtualized environment [2]. This would lead to undefined behavior of the whole laboratory. In 2008 Institute of Mathematics and Computer Science of University of Latvia (IMCS UL) decided to create a virtual infrastructure service for Latvian scientific community. The The remaining part of the paper is organized as follows. The educational Framework of ENGENSEC is described in Section II ENGENSEC Educational Framework. The ReSeLa configurable platform is an important part of the ENGENSEC project being the link between, courses and training material The ReSeLa architecture is described in Section III. Section IV ReSeLa functionality has focus on the architecture and needed functionality. Section V Challenges addressed identifies critical challenges that have been identified and mitigated so far in our development. Section VI Other approaches presents the main ideas behind the international efforts on PlanetLab,

3 Emulab and GENI as well as recent EU funded project based on OpenStack technologies with comparisons with the ReSeLa approach. Finally, Section VII Future Work describes some key areas presently under investigation in development and maintenance of ReSeLa. The paper ends with a short list of references, Section VIII. In Proceedings of EDUCON The educational framework of ENGENSEC adopts the ideas behind the CDIO 3 Conceive, Design, Implement, and Operate Framework. The CDIO project started in 2000 with a first set of standards adopted The CDIO book version 2 came out The Lab environments at BTH (Section I) were also heavily influenced by the CDIO ideas. II. ENGENSEC EDUCATIONAL FRAMEWORK The goal of ENGENSEC is to develop, implement and validate a Joint MSc Frame Program in Cyber Security. The Frame program can be bilaterally implemented with Double Degree Diploma to enable cooperation and exchange of students and staff between involved institutions. The first step was to identify challenges and needs of a joint MSc Frame program in the different Information societies. The second step was to identify suitable contents and processes to develop and implement selected courses. The third, on going, step is to develop and evaluate he study program with related resources and education environments. The next step is to implement, train teachers, and evaluate selected pilot projects. The results of the initial survey to 52 companies are related to security threat models and existing tools as well as expected education skills developed in the MSc programs. The following set of seven courses where identified to be part of the ENGENSEC Frame program: Advanced Network & Cloud Security Wireless & Mobile Security Secure Software Development Malware Analysis Web Security Penetration tests and Ethical Hacking Digital Forensic Furthermore a configurable training environment Remote Security Lab (ReSeLa) was identified to be the training backbone of the program. ReSeLa is further described in this paper. Development and integration of the eight work packages is done in groups of peers from different organizations. The selection criteria of people were: Advanced skills in the specific topic Practical skills in the specific topic Teaching experiences on master level Interest and administrative skills in development of master courses AdobeConnect meetings and Owncloud facilitate collaboration, within and between teams. The suggested courses of ENGENCEC, above, are also a context dependent selection of courses recommended by, for instance, NICE National Initiative for Cybersecurity Education 4. Specifically, the NICE Framework 5. To foster a common view of the goals and means of the ENGENSEC project a workshop Train the Trainer was organized October 20 th 24 th in Schloss Waldhausen in Budeshem, Germany. The workshop was organized by BKA Bundeskriminalamt, Germany. A follow up of this workshop is planned as a Summer School during A key component of the CDIO framework is development of suitable training and education material bringing together students and teachers in learning situations. The ReSeLa will be a fundamental component to that end. An early version of ReSeLa OpenStack was used to perform simulations related to our research on Methods of Slow-Attack Detection [6]. Our experiments illustrate that ReSeLa, as many other web-based systems, are vulnerable to HTTP-Slow-Attacks. Future work on ReSeLa will address this vulnerability as well. Traditional Intrusion Detection Systems (IDS) are based on statistical models and methods. For example, wavelet analysis, signature analysis, cluster analysis and so on. Those methods can be used to configure effective methods for detection and response of attacks on servers. For example flooding DDoSattacks and transport layer attacks. The attacking DDoSattack methods are typically aiming to/at filling the channel capacity (Smurf, DDP-flood, etc.) and increase the normal load of individual nodes (SYN-flood, Teardrop, Ping of death, etc.). At the same time, those IDS approaches are ineffective for the detection and protection of low-intensity DoS attacks on application level. Those attacks are typically characterized by the absence of anomalies in the traffic patterns. For instance, smart phones and tablets operating in areas with weak signals are generating traffic patterns that are very similar to Slow- HTTP attack patterns! e_framework_03_2013_version1_0_interactive.pdf

4 The classes of low-intensity attacks are relatively recent but are probably growing recently. Typically low intensity attacks lead to failure of web-servers but can also be adapted to influence any application layer system. From an attackers point of view the main advantages of lowintensity attacks are: The connections appear as legitimate user connections Traditional IDS usually don not detect those attacks Existing signature based IPS/IDS techniques typically do not detect those attacks Those attacks require few resources and low bandwidth to be implemented Such attacks can drop web-servers regardless of attacker s hardware capabilities Different stages of queries can be used to implement different types of low intensity attacks Our proposed solutions for detection of slow-http attacks are based on assessment of web-server utilization and prediction of the time of transition to a state of overloading [6]. Analysis of identified conditions of slow-attacks has resulted in a set of traffic patterns that are specific for Slow-HTTP attacks on application layer [6]. Our request handling process by a we-server is modeled as a queuing system without a queue due to the fact that a presence of a waiting buffer in a web-server has no effect on the availability of service during a slow-http attack. The purpose of the model is detection rather than duration of an attack. In Proceedings of EDUCON ReSeLa is an integrated system that consists of following three components on the conceptual level: ReSeLa Panel front end; OpenStack IaaS backend; SDN router firewall and VPN backend. We chose OpenStack as a back-end for IaaS automation because it is well supported by the industry, has wide functionality, is modular in its architecture and has well defined and stable API. The integration is done through OpenStack API. Currently we use RouterOS based Mikrotik router appliance because it has API for firewall and VPN management, rich functionality, high performance and low cost. Other solutions might be used but currently only the RouterOS driver for ReSeLa has been developed. ReSeLa also uses MySQL database for its internal data structures. The ReSeLa integration model is shown below in Figure 1. A model to detect Slow-HTTP-attacks is designed and implemented using Markov chains and queuing system theory 6. The model can estimate the transition time to an overload condition of the attacked system. This value can be used for attack preventions algorithms and to develop appropriate tools to protect web-servers. III. RESEALA ARCHITECTURE The ReSeLa architecture takes advantage of recent advancements in distributed computing, e.g., Cloud Computing 6, such as Open Stack 7. Earlier examples include Emulab 8, Planet-lab 9, and GENI 10. The test beds Emulab, Planetlab and GENI will be further discussed in Section VI Other approaches Fig. 1. Resela integration model Open Stack is an Open source Cloud Computing software system environment, while Emulab focuses on the links between virtual topologies and their emulations on hardware. Selected technologies for Emulab virtual nodes are evaluated against four criteria, two from an application perspective, two from a system-wide perspective [3]: Application transparency. The extent to which virtual name spaces (e.g., process, network, file system) are isolated from each other. (Can the application run unchanged?) Application fidelity. The extent to which virtual node resources (e.g., CPU, memory, IO bandwidth) are isolated from each other. (Does the application get the resources it needs to function correctly?) System capacity. The amount of virtualization overhead. (How many virtual nodes can we host per physical one?)

5 System flexibility. The level of which virtualization take place (can we run multiple OSes?) and the degree of portability (can we run on a wide range of hardware?) The following Figure 2 captures present architecture concepts from OpenStack provisionally selected for ReSeLa. In Proceedings of EDUCON Hardware Controller Node: 1 processor, 2 GB memory, and 5 GB storage Network Node: 1 processor, 512 MB memory, and 5 GB storage Compute Node: 1 processor, 2 GB memory, and 10 GB storage Figure 3 illustrates our Three node Architecture: Controller, Compute and Network. Those architecture models are also subject to changes that will be further elaborated in Section VI. Software Centos 6.5 desktop version OpenStack Icehouse - Current stable release, security-supported!! Horizon! IV. RESEALA FUNCTIONALITY Provides!UI! Neutron! Nova! Network!connection! VM! Provisions! Provides! Images! Provides!Auth! Keystone! Glance! Stores! Images! Swift! ReSeLa provides the following high-level functionality: Web access to Lab management and usage; On demand Lab provisioning; A concept of Virtual Lab as a singular object; Isolated Lab networks, customizable network policies; VPN access points that allow direct connections to Lab instances. Fig. 2. OpenStack components for ReSeLa ReSeLa Panel is the front end for students, teachers and administrators, Figure 4. Fig. 4. The ReSeLa student front page ReSeLa students and teachers are commonly referred to as Users. The Panel supports the life cycle of the Virtual Lab, Figure 5. Fig. 3. ReSeLa three node architecture Minimum hardware requirements for the three-node configuration are at present, but are subject for changes in the future: Fig 5. The ReSeLa Virtual Lab life cycle

6 The Lab s object is a set of the following virtual objects: Virtual machines (VMs) with some CPU/RAM/HDD resources; References to templates of VM disk images; Nets with connections to VM interfaces; Network policy (access to Internet or specific Ips). When provisioned a Lab object forms a sandbox internal network and one or more VMs in it. In Proceedings of EDUCON Network policy defines the inbound/outbound access of the Lab network. All users and administrators have user accounts with their role in the ReSeLa and can use those for ReSeLa functionality allowed to their role. A subset of basic functions of ReSeLa and the role access matrix is shown in Table 1. Fuinction Student Teacher Admin Lab life cycle List labs and access consoles ot the instances Number of simultaneous labs Manage Lab templates Manage accounts users Access OpenStack management Use VPN account for network access to instances (all enrolled courses) (all assigned courses) All courses Only own For all assigned students For all users 1 1 per course unlimited (only own) /only own) Table 1. Selected functions and role access of ReSeLa The ReSeLa system will be configured to support security training and education by selecting appropriate configurations of courses from the ENGENSEC program and related training material and manuals. Lessons learned will be inputs to coming generations of the ReSeLa environment. The functional architecture of ReSeLa is presented in Figure 6 below. Fig. 6. Functional architecture of ReSeLa V. CHALLENGES ADDRESSED We have identified and addressed several challenges of different types in the ENGENSEC project. The challenges are related to education policies, suitable solutions to technological problems and challenges related to learning and practice security measures to mitigate different types of security threats. Examples related to technological issues are, for instance, related to that our partner countries Ukraine and Russia can only provide limited Internet speed connectivity. Availability of IP v.4 addresses is extremely limited implying that they have no possibility to use IPv.6 addresses. However, at both BTH in Sweden and at University of Latvia in Lithuania we can use IPv.6 and we have available IPv.4 resources. Consequently, we will implement and evaluate an IP - tunnel testing of OpenVPN/PPTP connections. This means that students at those institutions can have full access from their homes or university computer to the available Lab-set of computers. Another challenge is to assure that only limited traffic is allowed, The protocols ssh, VNC, Virtual desktop or X.11 are at the student s computers and we have to assure that there is no possibilities for other foreign traffic, inbound or outbound from the lab-sets or between different student labsets to exist. One of the strengths of Resela is it's simple and clean user interface. We believe this is an important feature of a remote Lab system and follow this feature as a guideline when designing the architecture and functionality. The access to consoles of VMs is provided through the same Resela Panel Web interface, which eliminates need to install and use other 3rd party software. VI. OTHER APPROACHES Examples of other international approaches towards shared environments supporting experiments with distributed computing are, as we earlier mentioned:

7 PlanetLab Emulab GENI PlanetLab. PlanetLab is an open platform for developing, deploying, and accessing planetary scale services. A first version of the system was developed 2002 by Princeton, UC Berkeley, and Intel Research. In October 2008: A prototype implementation of the GENI interfaces to PlanetLab functionality is made available. PlanetLab is network testbed distributed among a large number of universities and research organizations and it gave researcher a possibility to analyze network functionality, but with the important limitation; it was to only one special Linux dialect allowed as operating system. Other limitation is reliability of results of performance or timing. We have uncertain result because there is no suitable control function of those parameters. The test/ experiments could be executed simultaneously potentially intervening with other experiments without being able to take into account the workloads of network connections and computations of the experiments. In Proceedings of EDUCON and limitations leading to guidelines for Emulab users to take into account when setting up and evaluating experiments. GENI. GENI (Global Environment for Network Innovations) provides a virtual laboratory for networking and distributed system research and education. It is well suited for exploring networks at scale, thereby promoting innovations in network science, security, services and applications. GENI has a GENIStack which is build around EmuLab components and hence closed systems. GENI allows experimenters to: Obtain compute resources from locations around the United States; Connect compute resources using Layer2 networks in topologies best suited to their experiments; Install custom software or even custom operating systems on these compute resources; Control how network switches in their exoeriments handle traffic flows; Run their Layer 3 and above protocols by installing protocol software in their compute resources and by providing flow controllers for their switches. PlanetLab has proven to be an invaluable platform for learning about network-wide phenomena, creating new network protocols, evaluating new and existing network services, gaining experience with network systems running at global scale, and in the end, deploying novel network services that enhance the capabilities of the Internet. Emulab. Emulation testbeds are increasingly used to study the Internet in order to improve protection and response mechanisms. These are frequently considered more adequate than software simulators to realistically recreate the complex behaviour of networks. A recent paper On the use of Emulab Testbeds for scientifically Rigorous Experiments [4] sheds some light on insights of strengths and weaknesses of emulation based experiments. Scientifically rigorous experiments should meet requirements in terms of: Fidelity; refers to how accurately an experimental platform reproduces a real system Repeatability; represents the ability to repeat an experiment and obtain the same or statically consistent result Measurement accuracy and Interference; experiments should be accurately monitored and measurements should not interfere with the experiment because the might alter the outcome of the experiments The findings of the paper is that Emulab based testbeds are representative of real systems in terms of emergent behaviour (qualitative) and that repeatable experiments are possible. Based on experimental results have furthermore provided caveats and insights to significant configuration parameters Recent EU funded projects based on OpenStack are XIFI 11 and FIware 12, aiming at simplifying design and implementation of business support systems. Some comparisons of PlanetLab and EmuLab with ReSeLa: Planetlab s major limitations it only support one special Linux dialect as operating system Planetlab s other imitations is the limited reliance on result in performance and timing Both EmuLab and DistSeclab from BTH have high demands on computing resources, operating systems or network components and need a computer box for each object (limited distribution) ReSeLa use SDN Software Defined Network technologies and principles to create objects and Virtual Machines (VMs) to simulate OS or Services. A Hypervisor that could support, for instance, setting up and monitoring scientifically rigorous behaviors, by providing trustworthy mappings and scheduling of VM on hardware equipment. VII. FUTURE WORK Future work will be on testing behavior and components and improving functionality

8 Testing of functionality and performance. Specifically related to flexible and reliable allocation of resources and networking. Extending the learning and teaching environments by tools to directly report completed tasks by the students. Some results of lessons learned from experiments on the BTH platform are presented in [5] and [6], The initial plan of ReSeLa similar to the EU project XIFI, that is to create a federated cloud that interacts with other ReSeLa OpenStack clouds. Unfortunately, it turned out that the universities of Ukraine and Russia did not have a sufficient capacity of Internet connections to support this on the ENGENSEC level.. To harness this obstacle we decided at an early stage to focus on building local ReSeLa installations. This implies that a future challenge will be to develop support to run a distributed cloud between different universities. Next challenge would be to introduce Green Computing, that is introduce powerup/down computers to save energy/resources. There is support for those developments in next generations of OpenStack. In Proceedings of EDUCON VIII. REFERENCES [1] John Viega, Gary McGraw, Building Secure Software How to Avoid Security Problems the Right Way, September [2] Common Vulnerabilities and Exposures, CVE , Published [3] Hibler, M., Ricci, R., Stoller, L., Duerig, J., Guruprasad, S., Stack, T., Webb, K., and Lepreau, J.: Large-scale Virtualization in the Emulab Network Testbed. [4] Siaterlis, C., Garcia, A. P., and Gemge. B.: On the Use of EmuLab Testbeds for Scientifically Rigorous Experiments. IEEE Communications, Surveys & Tutorials, Vol. 215, No 2, Second Quarter [5] Gustavsson, R. and Carlsson, A.: Resilient Smart Grids, Configurable Experiment Platforms. In Proceedings of IEEE First International Scientific Practical Conference PIC S&T 2014, October Kharkiv, Ukraine. [6] Duravkin, I. and Carlsson, A.; Method of Slow-Attack Detection.. In Proceedings of IEEE First International Scientific Practical Conference PIC S&T 2014, October Kharkiv, Ukraine.

Analysis on Virtualization Technologies in Cloud

Analysis on Virtualization Technologies in Cloud Analysis on Virtualization Technologies in Cloud 1 V RaviTeja Kanakala, V.Krishna Reddy, K.Thirupathi Rao 1 Research Scholar, Department of CSE, KL University, Vaddeswaram, India I. Abstract Virtualization

More information

Appendix to; Assessing Systemic Risk to Cloud Computing Technology as Complex Interconnected Systems of Systems

Appendix to; Assessing Systemic Risk to Cloud Computing Technology as Complex Interconnected Systems of Systems Appendix to; Assessing Systemic Risk to Cloud Computing Technology as Complex Interconnected Systems of Systems Yacov Y. Haimes and Barry M. Horowitz Zhenyu Guo, Eva Andrijcic, and Joshua Bogdanor Center

More information

Automated deployment of virtualization-based research models of distributed computer systems

Automated deployment of virtualization-based research models of distributed computer systems Automated deployment of virtualization-based research models of distributed computer systems Andrey Zenzinov Mechanics and mathematics department, Moscow State University Institute of mechanics, Moscow

More information

Mobile Cloud Computing T-110.5121 Open Source IaaS

Mobile Cloud Computing T-110.5121 Open Source IaaS Mobile Cloud Computing T-110.5121 Open Source IaaS Tommi Mäkelä, Otaniemi Evolution Mainframe Centralized computation and storage, thin clients Dedicated hardware, software, experienced staff High capital

More information

2) Xen Hypervisor 3) UEC

2) Xen Hypervisor 3) UEC 5. Implementation Implementation of the trust model requires first preparing a test bed. It is a cloud computing environment that is required as the first step towards the implementation. Various tools

More information

CHAPTER 2 THEORETICAL FOUNDATION

CHAPTER 2 THEORETICAL FOUNDATION CHAPTER 2 THEORETICAL FOUNDATION 2.1 Theoretical Foundation Cloud computing has become the recent trends in nowadays computing technology world. In order to understand the concept of cloud, people should

More information

Boas Betzler. Planet. Globally Distributed IaaS Platform Examples AWS and SoftLayer. November 9, 2015. 20014 IBM Corporation

Boas Betzler. Planet. Globally Distributed IaaS Platform Examples AWS and SoftLayer. November 9, 2015. 20014 IBM Corporation Boas Betzler Cloud IBM Distinguished Computing Engineer for a Smarter Planet Globally Distributed IaaS Platform Examples AWS and SoftLayer November 9, 2015 20014 IBM Corporation Building Data Centers The

More information

Infrastructure as a Service (IaaS)

Infrastructure as a Service (IaaS) Infrastructure as a Service (IaaS) (ENCS 691K Chapter 4) Roch Glitho, PhD Associate Professor and Canada Research Chair My URL - http://users.encs.concordia.ca/~glitho/ References 1. R. Moreno et al.,

More information

A Survey on Virtual Machine Security

A Survey on Virtual Machine Security A Survey on Virtual Machine Security Jenni Susan Reuben Helsinki University of Technology jreubens@cc.hut.fi Abstract Virtualization plays a major role in helping the organizations to reduce the operational

More information

Lecture 02b Cloud Computing II

Lecture 02b Cloud Computing II Mobile Cloud Computing Lecture 02b Cloud Computing II 吳 秀 陽 Shiow-yang Wu T. Sridhar. Cloud Computing A Primer, Part 2: Infrastructure and Implementation Topics. The Internet Protocol Journal, Volume 12,

More information

2. Research and Development on the Autonomic Operation. Control Infrastructure Technologies in the Cloud Computing Environment

2. Research and Development on the Autonomic Operation. Control Infrastructure Technologies in the Cloud Computing Environment R&D supporting future cloud computing infrastructure technologies Research and Development on Autonomic Operation Control Infrastructure Technologies in the Cloud Computing Environment DEMPO Hiroshi, KAMI

More information

Data Centers and Cloud Computing

Data Centers and Cloud Computing Data Centers and Cloud Computing CS377 Guest Lecture Tian Guo 1 Data Centers and Cloud Computing Intro. to Data centers Virtualization Basics Intro. to Cloud Computing Case Study: Amazon EC2 2 Data Centers

More information

Security and Billing for Azure Pack. Presented by 5nine Software and Cloud Cruiser

Security and Billing for Azure Pack. Presented by 5nine Software and Cloud Cruiser Security and Billing for Azure Pack Presented by 5nine Software and Cloud Cruiser Meet our Speakers Symon Perriman VP of Business Development 5nine Software symon@5nine.com @SymonPerriman Paul Zinn Senior

More information

Introduction to OpenStack

Introduction to OpenStack Introduction to OpenStack Carlo Vallati PostDoc Reseracher Dpt. Information Engineering University of Pisa carlo.vallati@iet.unipi.it Cloud Computing - Definition Cloud Computing is a term coined to refer

More information

Network Virtualization: A Tutorial

Network Virtualization: A Tutorial Network Virtualization: A Tutorial George N. Rouskas Department of Computer Science North Carolina State University http://rouskas.csc.ncsu.edu/ Network Virtualization: A Tutorial OFC 2012, March 2012

More information

Comparison of Open Source Cloud System for Small and Medium Sized Enterprises

Comparison of Open Source Cloud System for Small and Medium Sized Enterprises , pp.276-282 http://dx.doi.org/10.14257/astl.2014.51.63 Comparison of Open Source Cloud System for Small and Medium Sized Enterprises Yasuo Uchida 1, Seigo Matsuno 1, Makoto Sakamoto 2 1 Ube National College

More information

Iaas for Private and Public Cloud using Openstack

Iaas for Private and Public Cloud using Openstack Iaas for Private and Public Cloud using Openstack J. Beschi Raja, Assistant Professor, Department of CSE, Kalasalingam Institute of Technology, TamilNadu, India, K.Vivek Rabinson, PG Student, Department

More information

Securing Virtual Applications and Servers

Securing Virtual Applications and Servers White Paper Securing Virtual Applications and Servers Overview Security concerns are the most often cited obstacle to application virtualization and adoption of cloud-computing models. Merely replicating

More information

Disaster Recovery Design Ehab Ashary University of Colorado at Colorado Springs

Disaster Recovery Design Ehab Ashary University of Colorado at Colorado Springs Disaster Recovery Design Ehab Ashary University of Colorado at Colorado Springs As a head of the campus network department in the Deanship of Information Technology at King Abdulaziz University for more

More information

COS 318: Operating Systems. Virtual Machine Monitors

COS 318: Operating Systems. Virtual Machine Monitors COS 318: Operating Systems Virtual Machine Monitors Kai Li and Andy Bavier Computer Science Department Princeton University http://www.cs.princeton.edu/courses/archive/fall13/cos318/ Introduction u Have

More information

Virtual Machine Monitors. Dr. Marc E. Fiuczynski Research Scholar Princeton University

Virtual Machine Monitors. Dr. Marc E. Fiuczynski Research Scholar Princeton University Virtual Machine Monitors Dr. Marc E. Fiuczynski Research Scholar Princeton University Introduction Have been around since 1960 s on mainframes used for multitasking Good example VM/370 Have resurfaced

More information

CLOUD COMPUTING & SECURITY -A PRACTICAL APPROACH

CLOUD COMPUTING & SECURITY -A PRACTICAL APPROACH CLOUD COMPUTING & SECURITY -A PRACTICAL APPROACH ORGANIZED BY र ट र य इल क ट र नक एव स चन प र य गक स थ न, ग रखप र National Institute of Electronics and Information Technology (NIELIT) Gorakhpur An Autonomous

More information

SDN v praxi overlay sítí pro OpenStack. 5.10.2015 Daniel Prchal daniel.prchal@hpe.com

SDN v praxi overlay sítí pro OpenStack. 5.10.2015 Daniel Prchal daniel.prchal@hpe.com SDN v praxi overlay sítí pro OpenStack 5.10.2015 Daniel Prchal daniel.prchal@hpe.com Agenda OpenStack OpenStack Architecture SDN Software Defined Networking OpenStack Networking HP Helion OpenStack HP

More information

Unisys ClearPath Forward Fabric Based Platform to Power the Weather Enterprise

Unisys ClearPath Forward Fabric Based Platform to Power the Weather Enterprise Unisys ClearPath Forward Fabric Based Platform to Power the Weather Enterprise Introducing Unisys All in One software based weather platform designed to reduce server space, streamline operations, consolidate

More information

Cloud Essentials for Architects using OpenStack

Cloud Essentials for Architects using OpenStack Cloud Essentials for Architects using OpenStack Course Overview Start Date 18th December 2014 Duration 2 Days Location Dublin Course Code SS906 Programme Overview Cloud Computing is gaining increasing

More information

Ubuntu OpenStack on VMware vsphere: A reference architecture for deploying OpenStack while limiting changes to existing infrastructure

Ubuntu OpenStack on VMware vsphere: A reference architecture for deploying OpenStack while limiting changes to existing infrastructure TECHNICAL WHITE PAPER Ubuntu OpenStack on VMware vsphere: A reference architecture for deploying OpenStack while limiting changes to existing infrastructure A collaboration between Canonical and VMware

More information

Virtualization Technologies (ENCS 691K Chapter 3)

Virtualization Technologies (ENCS 691K Chapter 3) Virtualization Technologies (ENCS 691K Chapter 3) Roch Glitho, PhD Associate Professor and Canada Research Chair My URL - http://users.encs.concordia.ca/~glitho/ The Key Technologies on Which Cloud Computing

More information

Cloud Computing for Control Systems CERN Openlab Summer Student Program 9/9/2011 ARSALAAN AHMED SHAIKH

Cloud Computing for Control Systems CERN Openlab Summer Student Program 9/9/2011 ARSALAAN AHMED SHAIKH Cloud Computing for Control Systems CERN Openlab Summer Student Program 9/9/2011 ARSALAAN AHMED SHAIKH CONTENTS Introduction... 4 System Components... 4 OpenNebula Cloud Management Toolkit... 4 VMware

More information

KVM, OpenStack, and the Open Cloud

KVM, OpenStack, and the Open Cloud KVM, OpenStack, and the Open Cloud Adam Jollans, IBM Southern California Linux Expo February 2015 1 Agenda A Brief History of VirtualizaJon KVM Architecture OpenStack Architecture KVM and OpenStack Case

More information

Using SUSE Cloud to Orchestrate Multiple Hypervisors and Storage at ADP

Using SUSE Cloud to Orchestrate Multiple Hypervisors and Storage at ADP Using SUSE Cloud to Orchestrate Multiple Hypervisors and Storage at ADP Agenda ADP Cloud Vision and Requirements Introduction to SUSE Cloud Overview Whats New VMWare intergration HyperV intergration ADP

More information

Testing ARES on the GTS framework: lesson learned and open issues. Mauro Femminella University of Perugia mauro.femminella@unipg.

Testing ARES on the GTS framework: lesson learned and open issues. Mauro Femminella University of Perugia mauro.femminella@unipg. Testing ARES on the GTS framework: lesson learned and open issues Mauro Femminella University of Perugia mauro.femminella@unipg.it Outline What is ARES What testing on GTS? Our solution Performance evaluation

More information

A Study on Detection of Hacking and Malware Codes in Bare Metal Hypervisor for Virtualized Internal Environment of Cloud Service

A Study on Detection of Hacking and Malware Codes in Bare Metal Hypervisor for Virtualized Internal Environment of Cloud Service 78 A Study on Detection of Hacking and Malware Codes in Bare Metal Hypervisor for Virtualized Internal Environment of Cloud Service Jung-oh Park Dept. of Information Communications, DONGYANG MIRAE University,

More information

Intro to Virtualization

Intro to Virtualization Cloud@Ceid Seminars Intro to Virtualization Christos Alexakos Computer Engineer, MSc, PhD C. Sysadmin at Pattern Recognition Lab 1 st Seminar 19/3/2014 Contents What is virtualization How it works Hypervisor

More information

Analysis of Network Segmentation Techniques in Cloud Data Centers

Analysis of Network Segmentation Techniques in Cloud Data Centers 64 Int'l Conf. Grid & Cloud Computing and Applications GCA'15 Analysis of Network Segmentation Techniques in Cloud Data Centers Ramaswamy Chandramouli Computer Security Division, Information Technology

More information

Cloud Computing through Virtualization and HPC technologies

Cloud Computing through Virtualization and HPC technologies Cloud Computing through Virtualization and HPC technologies William Lu, Ph.D. 1 Agenda Cloud Computing & HPC A Case of HPC Implementation Application Performance in VM Summary 2 Cloud Computing & HPC HPC

More information

STeP-IN SUMMIT 2013. June 18 21, 2013 at Bangalore, INDIA. Performance Testing of an IAAS Cloud Software (A CloudStack Use Case)

STeP-IN SUMMIT 2013. June 18 21, 2013 at Bangalore, INDIA. Performance Testing of an IAAS Cloud Software (A CloudStack Use Case) 10 th International Conference on Software Testing June 18 21, 2013 at Bangalore, INDIA by Sowmya Krishnan, Senior Software QA Engineer, Citrix Copyright: STeP-IN Forum and Quality Solutions for Information

More information

Intel Cloud Builder Guide: Cloud Design and Deployment on Intel Platforms

Intel Cloud Builder Guide: Cloud Design and Deployment on Intel Platforms EXECUTIVE SUMMARY Intel Cloud Builder Guide Intel Xeon Processor-based Servers Red Hat* Cloud Foundations Intel Cloud Builder Guide: Cloud Design and Deployment on Intel Platforms Red Hat* Cloud Foundations

More information

Effective Security Architecture for Virtualized Data Center Networks

Effective Security Architecture for Virtualized Data Center Networks Effective Security Architecture for Virtualized Data Center Networks 1 Udeze Chidiebele. C, 3 Okafor Kennedy.C 1,3 R & D Department, Electronics Development Institute (FMST-NASENI), Awka, Nigeria. Abstract

More information

Emulating an Embedded Firewall

Emulating an Embedded Firewall Emulating an Embedded Firewall Clifford Neuman, Deepak Dayama, and Arun Viswanathan University of Southern California Abstract The Adventium Labs Embedded Distributed Firewall provides a simple interface

More information

Introduction to Cyber Security / Information Security

Introduction to Cyber Security / Information Security Introduction to Cyber Security / Information Security Syllabus for Introduction to Cyber Security / Information Security program * for students of University of Pune is given below. The program will be

More information

Keyword: Cloud computing, service model, deployment model, network layer security.

Keyword: Cloud computing, service model, deployment model, network layer security. Volume 4, Issue 2, February 2014 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com An Emerging

More information

An Experimental Study of Load Balancing of OpenNebula Open-Source Cloud Computing Platform

An Experimental Study of Load Balancing of OpenNebula Open-Source Cloud Computing Platform An Experimental Study of Load Balancing of OpenNebula Open-Source Cloud Computing Platform A B M Moniruzzaman 1, Kawser Wazed Nafi 2, Prof. Syed Akhter Hossain 1 and Prof. M. M. A. Hashem 1 Department

More information

Virtualization, SDN and NFV

Virtualization, SDN and NFV Virtualization, SDN and NFV HOW DO THEY FIT TOGETHER? Traditional networks lack the flexibility to keep pace with dynamic computing and storage needs of today s data centers. In order to implement changes,

More information

Securing Cloud using Third Party Threaded IDS

Securing Cloud using Third Party Threaded IDS Securing Cloud using Third Party Threaded IDS Madagani Rajeswari, Madhu babu Janjanam 1 Student, Dept. of CSE, Vasireddy Venkatadri Institute of Technology, Guntur, AP 2 Assistant Professor, Dept. of CSE,

More information

ESET Endpoint Security 6 ESET Endpoint Antivirus 6 for Windows

ESET Endpoint Security 6 ESET Endpoint Antivirus 6 for Windows ESET Endpoint Security 6 ESET Endpoint Antivirus 6 for Windows Products Details ESET Endpoint Security 6 protects company devices against most current threats. It proactively looks for suspicious activity

More information

Windows Embedded Security and Surveillance Solutions

Windows Embedded Security and Surveillance Solutions Windows Embedded Security and Surveillance Solutions Windows Embedded 2010 Page 1 Copyright The information contained in this document represents the current view of Microsoft Corporation on the issues

More information

Chapter 11 Cloud Application Development

Chapter 11 Cloud Application Development Chapter 11 Cloud Application Development Contents Motivation. Connecting clients to instances through firewalls. Chapter 10 2 Motivation Some of the questions of interest to application developers: How

More information

Introduction to Cloud Computing. Srinath Beldona srinath_beldona@yahoo.com

Introduction to Cloud Computing. Srinath Beldona srinath_beldona@yahoo.com Introduction to Cloud Computing Srinath Beldona srinath_beldona@yahoo.com Agenda Pre-requisites Course objectives What you will learn in this tutorial? Brief history Is cloud computing new? Why cloud computing?

More information

Application-Centric WLAN. Rob Mellencamp

Application-Centric WLAN. Rob Mellencamp Application-Centric WLAN Rob Mellencamp Agenda NX Integrated Services Platform Integrated Services Architecture Application Installation Example Application Monitoring Enterprise Mobility Architecture

More information

NETWORK SECURITY (W/LAB) Course Syllabus

NETWORK SECURITY (W/LAB) Course Syllabus 6111 E. Skelly Drive P. O. Box 477200 Tulsa, OK 74147-7200 NETWORK SECURITY (W/LAB) Course Syllabus Course Number: NTWK-0008 OHLAP Credit: Yes OCAS Code: 8131 Course Length: 130 Hours Career Cluster: Information

More information

IJREAT International Journal of Research in Engineering & Advanced Technology, Volume 1, Issue 1, March, 2013 ISSN: 2320-8791 www.ijreat.

IJREAT International Journal of Research in Engineering & Advanced Technology, Volume 1, Issue 1, March, 2013 ISSN: 2320-8791 www.ijreat. Intrusion Detection in Cloud for Smart Phones Namitha Jacob Department of Information Technology, SRM University, Chennai, India Abstract The popularity of smart phone is increasing day to day and the

More information

Data Centers and Cloud Computing. Data Centers

Data Centers and Cloud Computing. Data Centers Data Centers and Cloud Computing Intro. to Data centers Virtualization Basics Intro. to Cloud Computing 1 Data Centers Large server and storage farms 1000s of servers Many TBs or PBs of data Used by Enterprises

More information

Multilevel Communication Aware Approach for Load Balancing

Multilevel Communication Aware Approach for Load Balancing Multilevel Communication Aware Approach for Load Balancing 1 Dipti Patel, 2 Ashil Patel Department of Information Technology, L.D. College of Engineering, Gujarat Technological University, Ahmedabad 1

More information

Virtualised MikroTik

Virtualised MikroTik Virtualised MikroTik MikroTik in a Virtualised Hardware Environment Speaker: Tom Smyth CTO Wireless Connect Ltd. Event: MUM Krackow Feb 2008 http://wirelessconnect.eu/ Copyright 2008 1 Objectives Understand

More information

Cloud Sure - Virtual Machines

Cloud Sure - Virtual Machines Cloud Sure - Virtual Machines Maximize your IT network The use of Virtualization is an area where Cloud Computing really does come into its own and arguably one of the most exciting directions in the IT

More information

packet retransmitting based on dynamic route table technology, as shown in fig. 2 and 3.

packet retransmitting based on dynamic route table technology, as shown in fig. 2 and 3. Implementation of an Emulation Environment for Large Scale Network Security Experiments Cui Yimin, Liu Li, Jin Qi, Kuang Xiaohui National Key Laboratory of Science and Technology on Information System

More information

Cloud Computing. Chapter 8 Virtualization

Cloud Computing. Chapter 8 Virtualization Cloud Computing Chapter 8 Virtualization Learning Objectives Define and describe virtualization. Discuss the history of virtualization. Describe various types of virtualization. List the pros and cons

More information

Networking for Caribbean Development

Networking for Caribbean Development Networking for Caribbean Development BELIZE NOV 2 NOV 6, 2015 w w w. c a r i b n o g. o r g Virtualization: Architectural Considerations and Implementation Options Virtualization Virtualization is the

More information

Building A Secure Microsoft Exchange Continuity Appliance

Building A Secure Microsoft Exchange Continuity Appliance Building A Secure Microsoft Exchange Continuity Appliance Teneros, Inc. 215 Castro Street, 3rd Floor Mountain View, California 94041-1203 USA p 650.641.7400 f 650.641.7401 ON AVAILABLE ACCESSIBLE Building

More information

Chapter 2 Addendum (More on Virtualization)

Chapter 2 Addendum (More on Virtualization) Chapter 2 Addendum (More on Virtualization) Roch Glitho, PhD Associate Professor and Canada Research Chair My URL - http://users.encs.concordia.ca/~glitho/ More on Systems Virtualization Type I (bare metal)

More information

cloud functionality: advantages and Disadvantages

cloud functionality: advantages and Disadvantages Whitepaper RED HAT JOINS THE OPENSTACK COMMUNITY IN DEVELOPING AN OPEN SOURCE, PRIVATE CLOUD PLATFORM Introduction: CLOUD COMPUTING AND The Private Cloud cloud functionality: advantages and Disadvantages

More information

Mirantis OpenStack Express: Security White Paper

Mirantis OpenStack Express: Security White Paper Mirantis OpenStack Express: Security White Paper Version 1.0 2005 2014 All Rights Reserved www.mirantis.com 1 Introduction While the vast majority IT professionals are now familiar with the cost-saving

More information

The Cloud, Virtualization, and Security

The Cloud, Virtualization, and Security A Cloud: Large groups of remote servers that are networked to allow centralized, shared data storage and online access to computer services or resources A Cloud: Large groups of remote servers that are

More information

Windows Server 2008 R2 Hyper-V Live Migration

Windows Server 2008 R2 Hyper-V Live Migration Windows Server 2008 R2 Hyper-V Live Migration Table of Contents Overview of Windows Server 2008 R2 Hyper-V Features... 3 Dynamic VM storage... 3 Enhanced Processor Support... 3 Enhanced Networking Support...

More information

Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com

Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com W H I T E P A P E R O r a c l e V i r t u a l N e t w o r k i n g D e l i v e r i n g F a b r i c

More information

Virtual Machine in Data Center Switches Huawei Virtual System

Virtual Machine in Data Center Switches Huawei Virtual System Virtual Machine in Data Center Switches Huawei Virtual System Contents 1 Introduction... 3 2 VS: From the Aspect of Virtualization Technology... 3 3 VS: From the Aspect of Market Driving... 4 4 VS: From

More information

Data Centers and Cloud Computing. Data Centers. MGHPCC Data Center. Inside a Data Center

Data Centers and Cloud Computing. Data Centers. MGHPCC Data Center. Inside a Data Center Data Centers and Cloud Computing Intro. to Data centers Virtualization Basics Intro. to Cloud Computing Data Centers Large server and storage farms 1000s of servers Many TBs or PBs of data Used by Enterprises

More information

SECURE, ENTERPRISE FILE SYNC AND SHARE WITH EMC SYNCPLICITY UTILIZING EMC ISILON, EMC ATMOS, AND EMC VNX

SECURE, ENTERPRISE FILE SYNC AND SHARE WITH EMC SYNCPLICITY UTILIZING EMC ISILON, EMC ATMOS, AND EMC VNX White Paper SECURE, ENTERPRISE FILE SYNC AND SHARE WITH EMC SYNCPLICITY UTILIZING EMC ISILON, EMC ATMOS, AND EMC VNX Abstract This white paper explains the benefits to the extended enterprise of the on-

More information

SUSE Cloud 2.0. Pete Chadwick. Douglas Jarvis. Senior Product Manager pchadwick@suse.com. Product Marketing Manager djarvis@suse.

SUSE Cloud 2.0. Pete Chadwick. Douglas Jarvis. Senior Product Manager pchadwick@suse.com. Product Marketing Manager djarvis@suse. SUSE Cloud 2.0 Pete Chadwick Douglas Jarvis Senior Product Manager pchadwick@suse.com Product Marketing Manager djarvis@suse.com SUSE Cloud SUSE Cloud is an open source software solution based on OpenStack

More information

Plug-and-play Virtual Appliance Clusters Running Hadoop. Dr. Renato Figueiredo ACIS Lab - University of Florida

Plug-and-play Virtual Appliance Clusters Running Hadoop. Dr. Renato Figueiredo ACIS Lab - University of Florida Plug-and-play Virtual Appliance Clusters Running Hadoop Dr. Renato Figueiredo ACIS Lab - University of Florida Advanced Computing and Information Systems laboratory Introduction You have so far learned

More information

SCADA System Overview

SCADA System Overview Introduction SCADA systems are critical to the control and monitoring of complex cyber-physical systems. Now with advanced computer and communications technologies, SCADA systems are connected to networks

More information

ISERink Overview. Version 1.1. February 1, 2015

ISERink Overview. Version 1.1. February 1, 2015 ISERink Overview Version 1.1 February 1, 2015 First developed to support cyber defense competitions (CDCs), ISERink is a virtual laboratory environment that allows students an opportunity to undertake

More information

Sales Slide Midokura Enterprise MidoNet V1. July 2015 Fujitsu Limited

Sales Slide Midokura Enterprise MidoNet V1. July 2015 Fujitsu Limited Sales Slide Midokura Enterprise MidoNet V1 July 2015 Fujitsu Limited What Is Midokura Enterprise MidoNet? Network Virtualization Software Coordinated with OpenStack Provides safe & effective virtual networks

More information

IOS110. Virtualization 5/27/2014 1

IOS110. Virtualization 5/27/2014 1 IOS110 Virtualization 5/27/2014 1 Agenda What is Virtualization? Types of Virtualization. Advantages and Disadvantages. Virtualization software Hyper V What is Virtualization? Virtualization Refers to

More information

Windows Server 2008 R2 Hyper-V Live Migration

Windows Server 2008 R2 Hyper-V Live Migration Windows Server 2008 R2 Hyper-V Live Migration White Paper Published: August 09 This is a preliminary document and may be changed substantially prior to final commercial release of the software described

More information

Presenting Mongoose A New Approach to Traffic Capture (patent pending) presented by Ron McLeod and Ashraf Abu Sharekh January 2013

Presenting Mongoose A New Approach to Traffic Capture (patent pending) presented by Ron McLeod and Ashraf Abu Sharekh January 2013 Presenting Mongoose A New Approach to Traffic Capture (patent pending) presented by Ron McLeod and Ashraf Abu Sharekh January 2013 Outline Genesis - why we built it, where and when did the idea begin Issues

More information

Remote PC Guide Series - Volume 1

Remote PC Guide Series - Volume 1 Introduction and Planning for Remote PC Implementation with NETLAB+ Document Version: 2016-02-01 What is a remote PC and how does it work with NETLAB+? This educational guide will introduce the concepts

More information

Cloud Orchestration. Mario Cho. Open Frontier Lab. hephaex@gmail.com

Cloud Orchestration. Mario Cho. Open Frontier Lab. hephaex@gmail.com Cloud Orchestration Mario Cho Open Frontier Lab. hephaex@gmail.com Who Am I? Technical Architect HPC (High Performance Computing) for Human Brain Mapping Enterprise Architec for Storage Tiering Techincal

More information

KVM, OpenStack, and the Open Cloud

KVM, OpenStack, and the Open Cloud KVM, OpenStack, and the Open Cloud Adam Jollans, IBM & Mike Kadera, Intel CloudOpen Europe - October 13, 2014 13Oct14 Open VirtualizaGon Alliance 1 Agenda A Brief History of VirtualizaGon KVM Architecture

More information

Software Define Storage (SDs) and its application to an Openstack Software Defined Infrastructure (SDi) implementation

Software Define Storage (SDs) and its application to an Openstack Software Defined Infrastructure (SDi) implementation Software Define Storage (SDs) and its application to an Openstack Software Defined Infrastructure (SDi) implementation This paper discusses how data centers, offering a cloud computing service, can deal

More information

I/O Virtualization Using Mellanox InfiniBand And Channel I/O Virtualization (CIOV) Technology

I/O Virtualization Using Mellanox InfiniBand And Channel I/O Virtualization (CIOV) Technology I/O Virtualization Using Mellanox InfiniBand And Channel I/O Virtualization (CIOV) Technology Reduce I/O cost and power by 40 50% Reduce I/O real estate needs in blade servers through consolidation Maintain

More information

AC 2012-4887: WORK-IN-PROGRESS: CREATING AN INTRUSION DE- TECTION EXPERIMENTAL ENVIRONMENT USING CLOUD-BASED VIR- TUALIZATION TECHNOLOGY

AC 2012-4887: WORK-IN-PROGRESS: CREATING AN INTRUSION DE- TECTION EXPERIMENTAL ENVIRONMENT USING CLOUD-BASED VIR- TUALIZATION TECHNOLOGY AC 2012-4887: WORK-IN-PROGRESS: CREATING AN INTRUSION DE- TECTION EXPERIMENTAL ENVIRONMENT USING CLOUD-BASED VIR- TUALIZATION TECHNOLOGY Mr. John M. Jones, East Carolina University John Jones is currently

More information

Datasheet FUJITSU Software ServerView Cloud Monitoring Manager V1.0

Datasheet FUJITSU Software ServerView Cloud Monitoring Manager V1.0 Datasheet FUJITSU Software ServerView Cloud Monitoring Manager V1.0 Datasheet FUJITSU Software ServerView Cloud Monitoring Manager V1.0 A Monitoring Cloud Service for Enterprise OpenStack Systems Cloud

More information

FPGA Accelerator Virtualization in an OpenPOWER cloud. Fei Chen, Yonghua Lin IBM China Research Lab

FPGA Accelerator Virtualization in an OpenPOWER cloud. Fei Chen, Yonghua Lin IBM China Research Lab FPGA Accelerator Virtualization in an OpenPOWER cloud Fei Chen, Yonghua Lin IBM China Research Lab Trend of Acceleration Technology Acceleration in Cloud is Taking Off Used FPGA to accelerate Bing search

More information

Comparing Open Source Private Cloud (IaaS) Platforms

Comparing Open Source Private Cloud (IaaS) Platforms Comparing Open Source Private Cloud (IaaS) Platforms Lance Albertson OSU Open Source Lab Associate Director of Operations lance@osuosl.org / @ramereth About me OSU Open Source Lab Server hosting for Open

More information

Intel Service Assurance Administrator. Product Overview

Intel Service Assurance Administrator. Product Overview Intel Service Assurance Administrator Product Overview Running Enterprise Workloads in the Cloud Enterprise IT wants to Start a private cloud initiative to service internal enterprise customers Find an

More information

Load DynamiX Storage Performance Validation: Fundamental to your Change Management Process

Load DynamiX Storage Performance Validation: Fundamental to your Change Management Process Load DynamiX Storage Performance Validation: Fundamental to your Change Management Process By Claude Bouffard Director SSG-NOW Labs, Senior Analyst Deni Connor, Founding Analyst SSG-NOW February 2015 L

More information

The Review of Virtualization in an Isolated Computer Environment

The Review of Virtualization in an Isolated Computer Environment The Review of Virtualization in an Isolated Computer Environment Sunanda Assistant professor, Department of Computer Science & Engineering, Ludhiana College of Engineering & Technology, Ludhiana, Punjab,

More information

PART I: The Pros and Cons of Public Cloud Computing

PART I: The Pros and Cons of Public Cloud Computing PART I: The Pros and Cons of Public Cloud Computing Pros 1. Efficiently use the resource through sharing Users from companies or enterprises can access to the centralized servers where data are stored

More information

Best Practices for Monitoring Databases on VMware. Dean Richards Senior DBA, Confio Software

Best Practices for Monitoring Databases on VMware. Dean Richards Senior DBA, Confio Software Best Practices for Monitoring Databases on VMware Dean Richards Senior DBA, Confio Software 1 Who Am I? 20+ Years in Oracle & SQL Server DBA and Developer Worked for Oracle Consulting Specialize in Performance

More information

AMD SEAMICRO OPENSTACK BLUEPRINTS CLOUD- IN- A- BOX OCTOBER 2013

AMD SEAMICRO OPENSTACK BLUEPRINTS CLOUD- IN- A- BOX OCTOBER 2013 AMD SEAMICRO OPENSTACK BLUEPRINTS CLOUD- IN- A- BOX OCTOBER 2013 OpenStack What is OpenStack? OpenStack is a cloud operaeng system that controls large pools of compute, storage, and networking resources

More information

Lecture 02a Cloud Computing I

Lecture 02a Cloud Computing I Mobile Cloud Computing Lecture 02a Cloud Computing I 吳 秀 陽 Shiow-yang Wu What is Cloud Computing? Computing with cloud? Mobile Cloud Computing Cloud Computing I 2 Note 1 What is Cloud Computing? Walking

More information

Storage solutions for a. infrastructure. Giacinto DONVITO INFN-Bari. Workshop on Cloud Services for File Synchronisation and Sharing

Storage solutions for a. infrastructure. Giacinto DONVITO INFN-Bari. Workshop on Cloud Services for File Synchronisation and Sharing Storage solutions for a productionlevel cloud infrastructure Giacinto DONVITO INFN-Bari Synchronisation and Sharing 1 Outline Use cases Technologies evaluated Implementation (hw and sw) Problems and optimization

More information

Network performance in virtual infrastructures

Network performance in virtual infrastructures Network performance in virtual infrastructures A closer look at Amazon EC2 Alexandru-Dorin GIURGIU University of Amsterdam System and Network Engineering Master 03 February 2010 Coordinators: Paola Grosso

More information

Intro to NSX. Network Virtualization. 2014 VMware Inc. All rights reserved.

Intro to NSX. Network Virtualization. 2014 VMware Inc. All rights reserved. Intro to NSX Network Virtualization 2014 VMware Inc. All rights reserved. Agenda Introduction NSX Overview Details: Microsegmentation NSX Operations More Information SDDC/Network Virtualization Security

More information

Intel Cloud Builder Guide to Cloud Design and Deployment on Intel Xeon Processor-based Platforms

Intel Cloud Builder Guide to Cloud Design and Deployment on Intel Xeon Processor-based Platforms Intel Cloud Builder Guide to Cloud Design and Deployment on Intel Xeon Processor-based Platforms Enomaly Elastic Computing Platform, * Service Provider Edition Executive Summary Intel Cloud Builder Guide

More information

Taxonomy of Intrusion Detection System

Taxonomy of Intrusion Detection System Taxonomy of Intrusion Detection System Monika Sharma, Sumit Sharma Abstract During the past years, security of computer networks has become main stream in most of everyone's lives. Nowadays as the use

More information

Building on these core skills, customers can work on advanced concepts, such as:

Building on these core skills, customers can work on advanced concepts, such as: OpenStack Training OVERVIEW OnX s OpenStack training courses provide a deep and practical understanding of all aspects of today s most popular cloud platform. Unlike other training providers, OnX offerings

More information

Cloud Security with Stackato

Cloud Security with Stackato Cloud Security with Stackato 1 Survey after survey identifies security as the primary concern potential users have with respect to cloud computing. Use of an external computing environment raises issues

More information

Technical Investigation of Computational Resource Interdependencies

Technical Investigation of Computational Resource Interdependencies Technical Investigation of Computational Resource Interdependencies By Lars-Eric Windhab Table of Contents 1. Introduction and Motivation... 2 2. Problem to be solved... 2 3. Discussion of design choices...

More information