Scaling Up Your Network Monitoring: From the Garden Hose to the Fire Hose
|
|
- Augustine Welch
- 8 years ago
- Views:
Transcription
1 UNIVERSITY OF CALIFORNIA Scaling Up Your Network Monitoring: From the Garden Hose to the Fire Hose Vincent Stoffer Cyber Security Engineer Technology Exchange October 28, 2014
2 Agenda Intro / overview The problem Device roundup and review Cool new stuff Discussion / Questions
3 Overview Lawrence Berkeley National Laboratory Located in Berkeley, CA "Bringing science solutions to the world" Unclassified DoE research facility operated by University of California Functions much like a research university
4
5
6 Computing overview ~5000 users ~10,000 hosts Distributed computing resources Many guests and visitors Open network to enable collaboration and research
7 The (scaling) problem Orders of magnitude changes in network speeds/bandwidth create big issues for network monitoring What s driving these changes?
8 Courtesy Greg Bell, ESnet
9 Courtesy Greg Bell, ESnet
10 All of that means transitions <1G to 1G 1G to 10G 10G to 40G/100G These transitions mean changing more than network equipment!
11 From 1G to infinity 1G is easy 1-10G is mostly a solved problem >10G is still evolving
12 Monitoring Pipeline Input Tapping Aggregation & Load-balancing Filtering Output Analysis Bulk packet capture Filtering
13
14 Aggregation/load balancing Commercial appliance vendors High performance Custom ASICs Flexible High cost per port
15 Apcons, 10G monitor devices 2007
16 What is Bro? Not your typical IDS/IPS A monitoring platform A standalone network monitor A programmable framework An ecosystem
17
18
19 Everything running smooth Average traffic 1-3 Gbps Peaks to 6-7 Gbps There will always be some amount of packet loss, try to minimize Then...
20 LBLnet redesign 100G border Science DMZ Redundant border routers New distribution layer routers All dual connected
21 New monitoring diagram
22 100G Berkeley Lab approach Duplicate our setup on 10G Moving from duplication to advanced aggregation New device needed
23 100G Device wish list Filtering at ingress & egress Port speed agnostic Aggregation, symmetric loadbalancing No oversubscription limits API for dynamic filtering/shunting
24 100G Device wish list cont d Filtering for arbitrary IP headers / TCP flags Every port can be input/output Create port groups Send output to load-balanced groups and single ports IPv6 support
25 100G Monitoring device options Commercial / Appliance Commodity network (proprietary / hybrid) Commodity network + SDN Roll your own
26 Appliance vendor roundup Vendor Product 100G? Tested? Pros Cons Gigamon HD series Yes No Good feedback Cost! cpacket cvue No Not at 100G LBL reference Cost Endace/ Emulex Endace Access Yes Yes 2 devices, filtering, cost Form factor Others: VSS, IXIA/Anue/Netopics, Apcon,???
27
28 The new hope...delivered! Commodity network vendors SDN/Openflow or tap aggregation code (distribution, telemetry, DANZ, etc.) Lower cost per port Massively scalable
29 Network vendor roundup Vendor Model 100G support? Covers wish list? Pros Cons Arista 7150 LANZ (7280) Yes, with 2nd device Yes API, GUI, SDN 2 devices, IPv6 Brocade MLXe Yes Telemetry Yes Cost, SDN No GUI or API, lower density Cisco Nexxus? Monitor manager Unknown, Cost? not tested Yes Cisco
30
31
32 SDN / Openflow We have not tested yet Hoping to try on Arista / Brocade Advantages over native feature sets? New apps like...
33 Scipass New project built off lessons learned with IU s Flowscale SciPass is an OpenFlow application designed to help network security scale to 100Gbps Wednesday 1:30 session
34 We chose Arista Flexible interface including GUI High density - 6 port 100G line card! Easy to use API dynamic shunting! Relatively low cost Lots of peers using
35
36
37 Output Filtering Analysis Ethernet cards Bro Packet capture
38 Filtering Elephant flows Control traffic Exclusions (IP pairs, netblocks, ports/protocols) Research networks / affiliates Resnet?
39 Filtering cont d Dynamic via Bro near real time via API (Arista) or scripting holy grail
40 Dumbno Python program for shunting Written by Justin Azoff Uses Arista JSON API to limit to control packets Bro s reaction framework feeds in data Connection details are preserved
41 Dumbno cont d Much more simple than SDN but not as flexible Small amount of code Limited number of ACLs for now Let Bro use the force
42
43 Network cards - Intel pf_ring (LibDNA, zero copy) direct memory access to network hardware high throughput supports multiple tools
44 Network cards - Myricon Sniffer10G Support for Linux, FreeBSD Myricom 10G cards only Supports only one tool in 2.0 (multiple tools in 3.0) Company/IP in some flux
45 Network cards - netmap Framework for high speed packet capture Kernel module for Linux and FreeBSD Will be testing soon as alternative to Myricom
46 Bro Packet bricks Linux/FreeBSD traffic steering daemon based on netmap Load-balancing Duplication Filtering to multiple apps Starting to test
47 Blocking Dynamic blocking via ACLD All our security tools feed data Nullroutes and ACLs on Border routers No interference with science
48
49 Questions / Discussion Thank you! vstoffer@lbl.gov security@lbl.gov
50 References Arista - cpacket - Brocade - Endace - Cisco - SciPass - Dumbno - pf_ring - Myricom - Netmap - Packetbricks - Bro -
100G Network Monitoring with Bro and Time Machine
UNIVERSITY OF CALIFORNIA 100G Network Monitoring with Bro and Time Machine Vincent Stoffer Cyber Security Engineer CENIC Conference March 11th, 2015 Irvine, CA Agenda Intro / overview 100G monitoring challenges
More informationTechnical Bulletin. Enabling Arista Advanced Monitoring. Overview
Technical Bulletin Enabling Arista Advanced Monitoring Overview Highlights: Independent observation networks are costly and can t keep pace with the production network speed increase EOS eapi allows programmatic
More informationLinux KVM Virtual Traffic Monitoring
Linux KVM Virtual Traffic Monitoring East-West traffic visibility Scott Harvey Director of Engineering October 7th, 2015 apcon.com Speaker Bio Scott Harvey Director of Engineering at APCON Responsible
More informationEVALUATING NETWORK BUFFER SIZE REQUIREMENTS
EVALUATING NETWORK BUFFER SIZE REQUIREMENTS for Very Large Data Transfers Michael Smitasin Lawrence Berkeley National Laboratory (LBNL) Brian Tierney Energy Sciences Network (ESnet) [ 2 ] Example Workflow
More informationBROCADE NETWORKING: EXPLORING SOFTWARE-DEFINED NETWORK. Gustavo Barros Systems Engineer Brocade Brasil
BROCADE NETWORKING: EXPLORING SOFTWARE-DEFINED NETWORK Gustavo Barros Systems Engineer Brocade Brasil Software- Defined Networking Summary Separate control and data planes Networks are becoming: More programmatic
More informationSpotlight On Backbone Technologies
Spotlight On Backbone Technologies Shawn Stevens Technical Lead, Data Center Technologies CCIE #4618 shawn.stevens@cdw.com CDW.com/network 800.800.4239 Agenda Overview of Software-Defined Networking (SDN)
More informationThe State of OpenFlow: Advice for Those Considering SDN. Steve Wallace Executive Director, InCNTRE SDN Lab Indiana University ssw@iu.
The State of OpenFlow: Advice for Those Considering SDN Steve Wallace Executive Director, InCNTRE SDN Lab Indiana University ssw@iu.edu 2 3 4 SDN is an architecture Separation of Control and Data Planes
More informationHow To Orchestrate The Clouddusing Network With Andn
ORCHESTRATING THE CLOUD USING SDN Joerg Ammon Systems Engineer Service Provider 2013-09-10 2013 Brocade Communications Systems, Inc. Company Proprietary Information 1 SDN Update -
More informationMulti-Gigabit Intrusion Detection with OpenFlow and Commodity Clusters
Multi-Gigabit Intrusion Detection with OpenFlow and Commodity Clusters Copyright Ali Khalfan / Keith Lehigh 2012. This work is the intellectual property of the authors. Permission is granted for this material
More informationAny-to-any switching with aggregation and filtering reduces monitoring costs
Any-to-any switching with aggregation and filtering reduces monitoring costs Summary Physical Layer Switches can filter and forward packet data to one or many monitoring devices. With intuitive graphical
More informationBROADCOM SDN SOLUTIONS OF-DPA (OPENFLOW DATA PLANE ABSTRACTION) SOFTWARE
BROADCOM SDN SOLUTIONS OF-DPA (OPENFLOW DATA PLANE ABSTRACTION) SOFTWARE Network Switch Business Unit Infrastructure and Networking Group 1 TOPICS SDN Principles Open Switch Options Introducing OF-DPA
More informationCampus Research Network Overview
Campus Research Network Overview Chris Griffin Chief Network Architect University of Florida & Florida LambdaRail 5/6/2013 Agenda Research Networking at UF A brief history CRNv2 Florida LambdaRail What
More informationNew Virtual Application Networks Innovations Advance Software-defined Network Leadership
New Virtual Application Networks Innovations Advance Software-defined Network Leadership Simplifying, Scaling and Automating the Network Gartner Hype Cycle 10 Year Cycle 2008 2011 2012 2 Source: Gartner
More informationOpenFlow: Load Balancing in enterprise networks using Floodlight Controller
OpenFlow: Load Balancing in enterprise networks using Floodlight Controller Srinivas Govindraj, Arunkumar Jayaraman, Nitin Khanna, Kaushik Ravi Prakash srinivas.govindraj@colorado.edu, arunkumar.jayaraman@colorado.edu,
More informationSoftware Defined Networking
Software Defined Networking Richard T. B. Ma School of Computing National University of Singapore Material from: Scott Shenker (UC Berkeley), Nick McKeown (Stanford), Jennifer Rexford (Princeton) CS 4226:
More informationScalable Extraction, Aggregation, and Response to Network Intelligence
Scalable Extraction, Aggregation, and Response to Network Intelligence Agenda Explain the two major limitations of using Netflow for Network Monitoring Scalability and Visibility How to resolve these issues
More informationStateful Connection Tracking & Stateful NAT
Stateful Connection Tracking & Stateful NAT Justin Pettit VMware Thomas Graf Noiro Networks, Cisco Agenda Connection Tracking NAT Integration of other stateful services We had a performance problem With
More information2013 ONS Tutorial 2: SDN Market Opportunities
2013 ONS Tutorial 2: SDN Market Opportunities SDN Vendor Landscape and User Readiness Jim Metzler, Ashton, Metzler & Associates Jim@ashtonmetzler.com April 15, 2013 1 1 Goals & Non-Goals Goals: Describe
More informationVPN Lesson 2: VPN Implementation. Summary
VPN Lesson 2: VPN Implementation Summary 1 Notations VPN client (ok) Firewall Router VPN firewall VPN router VPN server VPN concentrator 2 Basic Questions 1. VPN implementation options for remote users
More informationSoftware Defined Networking A quantum leap for Devops?
Software Defined Networking A quantum leap for Devops? TNG Technology Consulting GmbH, http://www.tngtech.com/ Networking is bottleneck in today s devops Agile software development and devops is increasing
More informationBrocade SDN/OpenFlow. Norival Figueira Office of the CTO. January 9, 2015 2014/2015 BROCADE COMMUNICATIONS SYSTEMS, INC. ALL RIGHTS RESERVED.
Brocade SDN/OpenFlow Norival Figueira Office of the CTO January 9, 2015 2014/2015 BROCADE COMMUNICATIONS SYSTEMS, INC. ALL RIGHTS RESERVED. 1 Legal Disclaimer All or some of the products detailed in this
More informationTool Optimization. Benefits. Introduction. Technical Brief. Extend the usage life of tools and avoid costly upgrades
Tool Optimization Technical Brief Benefits Extend the usage life of tools and avoid costly upgrades Increase the accuracy and results of data analysis Extend capacity of storage media by optimizing data
More informationDesigning Virtual Network Security Architectures Dave Shackleford
SESSION ID: CSV R03 Designing Virtual Network Security Architectures Dave Shackleford Sr. Faculty and Analyst SANS @daveshackleford Introduction Much has been said about virtual networking and softwaredefined
More informationSecure Access Complete Visibility
PACKET CAPTURE APPLIANCE PACKET CAPTURE APPLIANCE PACKET CAPTURE APPLIANCE PACKET CAPTURE APPLIANCE Intrusion Detection Switch TAP Data Recorder VoIP Analyzer Switch Secure Access Complete Visibility Web
More information基 於 SDN 與 可 程 式 化 硬 體 架 構 之 雲 端 網 路 系 統 交 換 器
基 於 SDN 與 可 程 式 化 硬 體 架 構 之 雲 端 網 路 系 統 交 換 器 楊 竹 星 教 授 國 立 成 功 大 學 電 機 工 程 學 系 Outline Introduction OpenFlow NetFPGA OpenFlow Switch on NetFPGA Development Cases Conclusion 2 Introduction With the proposal
More informationSOFTWARE-DEFINED NETWORKING AND OPENFLOW
SOFTWARE-DEFINED NETWORKING AND OPENFLOW Eric Choi < echoi@brocade.com> Senior Manager, Service Provider Business Unit, APJ 2012 Brocade Communications Systems, Inc. EPF 7 2012/09/17 Software-Defined Networking
More informationBrocade SDN 2015 NFV
Brocade 2015 SDN NFV BROCADE IP Ethernet SDN! SDN illustration 2015 BROCADE COMMUNICATIONS SYSTEMS, INC. INTERNAL USE ONLY 2015 BROCADE COMMUNICATIONS SYSTEMS, INC. INTERNAL USE ONLY Brocade ICX (campus)
More informationOracle SDN Performance Acceleration with Software-Defined Networking
Oracle SDN Performance Acceleration with Software-Defined Networking Oracle SDN, which delivers software-defined networking, boosts application performance and management flexibility by dynamically connecting
More informationOpenFlow Technology Investigation Vendors Review on OpenFlow implementation
OpenFlow Technology Investigation Vendors Review on OpenFlow implementation Ioan Turus, NORDUnet GN3 JRA1 T1&2, Copenhagen, 21.11.2012 Outline! Software Defined Networks (SDN)! Introduction to OpenFlow!
More informationThe Software Defined Hybrid Packet Optical Datacenter Network SDN AT LIGHT SPEED TM. 2012-13 CALIENT Technologies www.calient.
The Software Defined Hybrid Packet Optical Datacenter Network SDN AT LIGHT SPEED TM 2012-13 CALIENT Technologies www.calient.net 1 INTRODUCTION In datacenter networks, video, mobile data, and big data
More informationWhat is SDN (Software Defined Networking) and Openflow? SDN/OF Part of Kernel / SoC to provide security, steering & monitoring
What is SDN (Software Defined Networking) and Openflow? Control and Data Plane Separation Control SDN/OF Part of Kernel / SoC to provide security, steering & monitoring External Use 1 Software Defined
More informationTechnical Note. ForeScout CounterACT: Virtual Firewall
ForeScout CounterACT: Contents Introduction... 3 What is the vfw?.... 3 Technically, How Does vfw Work?.... 4 How Does vfw Compare to a Real Firewall?.... 4 How Does vfw Compare to other Blocking Methods?...
More informationSDN. WHITE PAPER Intel Ethernet Switch FM6000 Series - Software Defined Networking. Recep Ozdag Intel Corporation
WHITE PAPER Intel Ethernet Switch FM6000 Series - Software Defined Networking Intel Ethernet Switch FM6000 Series - Software Defined Networking Recep Ozdag Intel Corporation Software Defined Networking
More informationOpen SDN for Network Visibility
SOLUTION GUIDE Open SDN for Network Visibility Simplifying large scale network monitoring systems with Big Tap 1 This solution guide describes how Big Tap, a network monitoring application from Big Switch
More informationMulti Stage Filtering
Multi Stage Filtering Technical Brief With the increasing traffic volume in modern data centers, largely driven by e-business and mobile devices, network and application performance monitoring has become
More informationSDN Overview. Southern Partnership in Advanced Networking John Hicks, jhicks@internet2.edu November 3, 2015
SDN Overview Southern Partnership in Advanced Networking John Hicks, jhicks@internet2.edu November 3, 2015 Slide material excerpted from presentations at the OIN workshop series and other sources. Acknowledgement
More informationOpenFlow - the key standard of Software-Defined Networks. Dmitry Orekhov, Epam Systems
OpenFlow - the key standard of Software-Defined Networks Dmitry Orekhov, Epam Systems Software-defined network The Need for a New Network Architecture Limitations of Current Networking Technologies Changing
More informationData Center SDN. ONF SDN Solutions Showcase Theme Demonstrations SDN SOLUTIONS SHOWCASE
Data Center ONF Solutions Showcase Theme Demonstrations Data Center -Enabled Science- DMZ Demonstration Brocade & Indiana University Adaptive Traffic Forwarding for Large Data Flows Using SciPass 2014
More informationOpen Source Network: Software-Defined Networking (SDN) and OpenFlow
Open Source Network: Software-Defined Networking (SDN) and OpenFlow Insop Song, Ericsson LinuxCon North America, Aug. 2012, San Diego CA Objectives Overview of OpenFlow Overview of Software Defined Networking
More informationScalable Network Monitoring with SDN-Based Ethernet Fabrics
Scalable Network Monitoring with SDN-Based Ethernet Fabrics Prashant Gandhi VP, Product Management & Strategy Big Switch Networks 1 Agenda Trends in Network Monitoring SDN s Role in Network Monitoring
More informationFirewalls P+S Linux Router & Firewall 2013
Firewalls P+S Linux Router & Firewall 2013 Firewall Techniques What is a firewall? A firewall is a hardware or software device which is configured to permit, deny, or proxy data through a computer network
More informationDatacenter Networks Are In My Way
Datacenter Networks Are In My Way Principals of Amazon James Hamilton, 2010.10.28 e: James@amazon.com blog: perspectives.mvdirona.com With Albert Greenberg, Srikanth Kandula, Dave Maltz, Parveen Patel,
More informationOF 1.3 Testing and Challenges
OF 1.3 Testing and Challenges May 1 st, 2014 Ash Bhalgat (Senior Director, Products), Luxoft Santa Clara, CA USA April-May 2014 1 Agenda OpenFlow : What and Why? State of OpenFlow Conformance Challenges
More informationCisco PIX vs. Checkpoint Firewall
Cisco PIX vs. Checkpoint Firewall Introduction Firewall technology ranges from packet filtering to application-layer proxies, to Stateful inspection; each technique gleaning the benefits from its predecessor.
More informationSoftware Defined Networking & Openflow
Software Defined Networking & Openflow Autonomic Computer Systems, HS 2015 Christopher Scherb, 01.10.2015 Overview What is Software Defined Networks? Brief summary on routing and forwarding Introduction
More informationSoftware-Defined Networking for the Data Center. Dr. Peer Hasselmeyer NEC Laboratories Europe
Software-Defined Networking for the Data Center Dr. Peer Hasselmeyer NEC Laboratories Europe NW Technology Can t Cope with Current Needs We still use old technology... but we just pimp it To make it suitable
More informationWhere IT perceptions are reality. Test Report. OCe14000 Performance. Featuring Emulex OCe14102 Network Adapters Emulex XE100 Offload Engine
Where IT perceptions are reality Test Report OCe14000 Performance Featuring Emulex OCe14102 Network Adapters Emulex XE100 Offload Engine Document # TEST2014001 v9, October 2014 Copyright 2014 IT Brand
More informationSoftware Defined Cloud Networking
Introduction Ethernet networks have evolved significantly since their inception back in the 1980s, with many generational changes to where we are today. Networks are orders of magnitude faster with 10Gbps
More informationLustre Networking BY PETER J. BRAAM
Lustre Networking BY PETER J. BRAAM A WHITE PAPER FROM CLUSTER FILE SYSTEMS, INC. APRIL 2007 Audience Architects of HPC clusters Abstract This paper provides architects of HPC clusters with information
More informationNetwork Virtualization and Software-defined Networking. Chris Wright and Thomas Graf Red Hat June 14, 2013
Network Virtualization and Software-defined Networking Chris Wright and Thomas Graf Red Hat June 14, 2013 Agenda Problem Statement Definitions Solutions She can't take much more of this, captain! Challenges
More informationWedge Networks: Transparent Service Insertion in SDNs Using OpenFlow
Wedge Networks: EXECUTIVE SUMMARY In this paper, we will describe a novel way to insert Wedge Network s multiple content security services (such as Anti-Virus, Anti-Spam, Web Filtering, Data Loss Prevention,
More informationSoftware Defined Networking & OpenFlow
Software Defined Networking & OpenFlow Steven Wallace Executive Director, InCNTRE ssw@iu.edu http://tinyurl.com/i-light-2013 Universities are like time machines to the future two decades of BYOD 15 years
More informationUse Cases for the NPS the Revolutionary C-Programmable 7-Layer Network Processor. Sandeep Shah Director, Systems Architecture EZchip
Use Cases for the NPS the Revolutionary C-Programmable 7-Layer Network Processor Sandeep Shah Director, Systems Architecture EZchip Linley Processor Conference Oct. 6-7, 2015 1 EZchip Overview Fabless
More informationChoosing Tap or SPAN for Data Center Monitoring
Choosing Tap or SPAN for Data Center Monitoring Technical Brief Key Points Taps are passive, silent, and deliver a perfect record of link traffic, but require additional hardware and create a point of
More informationPacket Capture in 10-Gigabit Ethernet Environments Using Contemporary Commodity Hardware
Packet Capture in 1-Gigabit Ethernet Environments Using Contemporary Commodity Hardware Fabian Schneider Jörg Wallerich Anja Feldmann {fabian,joerg,anja}@net.t-labs.tu-berlin.de Technische Universtität
More informationA Dell Technical White Paper Dell PowerConnect Team
Flow Control and Network Performance A Dell Technical White Paper Dell PowerConnect Team THIS WHITE PAPER IS FOR INFORMATIONAL PURPOSES ONLY, AND MAY CONTAIN TYPOGRAPHICAL ERRORS AND TECHNICAL INACCURACIES.
More informationReal-World Insights from an SDN Lab. Ron Milford Manager, InCNTRE SDN Lab Indiana University
Real-World Insights from an SDN Lab Ron Milford Manager, InCNTRE SDN Lab Indiana University 1 A bit about IU, the GlobalNOC, and InCNTRE... Indiana University s Network History 1998 University Corporation
More informationHow To Write A Network Plan In Openflow V1.3.3 (For A Test)
OpenFlowand IPv6 Two great tastes that taste great together! Scott Hogg, CTO GTRI Chair Emeritus RMv6TF Infoblox IPv6 COE Today s Outline Software-Defined Networking Background Introduction to OpenFlow
More informationBusiness Cases for Brocade Software-Defined Networking Use Cases
Business Cases for Brocade Software-Defined Networking Use Cases Executive Summary Service providers (SP) revenue growth rates have failed to keep pace with their increased traffic growth and related expenses,
More informationCisco Nexus Data Broker: Deployment Use Cases with Cisco Nexus 3000 Series Switches
White Paper Cisco Nexus Data Broker: Deployment Use Cases with Cisco Nexus 3000 Series Switches What You Will Learn Network Traffic monitoring using taps and Switched Port Analyzer (SPAN) is not a new
More informationCisco IOS Flexible NetFlow Technology
Cisco IOS Flexible NetFlow Technology Last Updated: December 2008 The Challenge: The ability to characterize IP traffic and understand the origin, the traffic destination, the time of day, the application
More informationCS 91: Cloud Systems & Datacenter Networks Networks Background
CS 91: Cloud Systems & Datacenter Networks Networks Background Walrus / Bucket Agenda Overview of tradibonal network topologies IntroducBon to soeware- defined networks Layering and terminology Topology
More informationOpenFlow and Software Defined Networking presented by Greg Ferro. OpenFlow Functions and Flow Tables
OpenFlow and Software Defined Networking presented by Greg Ferro OpenFlow Functions and Flow Tables would like to thank Greg Ferro and Ivan Pepelnjak for giving us the opportunity to sponsor to this educational
More informationSOFTWARE-DEFINED NETWORKING AND OPENFLOW
SOFTWARE-DEFINED NETWORKING AND OPENFLOW Freddie Örnebjär TREX Workshop 2012 2012 Brocade Communications Systems, Inc. 2012/09/14 Software-Defined Networking (SDN): Fundamental Control
More informationThe Role of Virtual Routers In Carrier Networks
The Role of Virtual Routers In Carrier Networks Sterling d Perrin Senior Analyst, Heavy Reading Agenda Definitions of SDN and NFV Benefits of SDN and NFV Challenges and Inhibitors Some Use Cases Some Industry
More informationBro at 10 Gps: Current Testing and Plans
U.S. Department of Energy Bro at 10 Gps: Current Testing and Plans Office of Science Brian L. Tierney Lawrence Berkeley National Laboratory Bro s Use at LBL Operational 24 7 since 1996 Monitors traffic
More informationEnhancing Cisco Networks with Gigamon // White Paper
The Smart Route To Visibility Enhancing Cisco s with Many Fortune 000 companies and beyond implement a Cisco switching architecture. When implementing a large scale Cisco network, the infrastructure to
More informationFoundation for High-Performance, Open and Flexible Software and Services in the Carrier Network. Sandeep Shah Director, Systems Architecture EZchip
Foundation for High-Performance, Open and Flexible Software and Services in the Carrier Network Sandeep Shah Director, Systems Architecture EZchip Linley Carrier Conference June 10, 2015 1 EZchip Overview
More informationConsolidating Multiple Network Appliances
October 2010 Consolidating Multiple s Space and power are major concerns for enterprises and carriers. There is therefore focus on consolidating the number of physical servers in data centers. Application
More informationProgrammable Networking with Open vswitch
Programmable Networking with Open vswitch Jesse Gross LinuxCon September, 2013 2009 VMware Inc. All rights reserved Background: The Evolution of Data Centers Virtualization has created data center workloads
More informationSoftware Defined Networking (SDN) OpenFlow and OpenStack. Vivek Dasgupta Principal Software Maintenance Engineer Red Hat
Software Defined Networking (SDN) OpenFlow and OpenStack Vivek Dasgupta Principal Software Maintenance Engineer Red Hat CONTENTS Introduction SDN and components SDN Architecture, Components SDN Controller
More informationUsing SDN-OpenFlow for High-level Services
Using SDN-OpenFlow for High-level Services Nabil Damouny Sr. Director, Strategic Marketing Netronome Vice Chair, Marketing Education, ONF ndamouny@netronome.com Open Server Summit, Networking Applications
More informationThe Hybrid- Open ( HOpen ) router architecture. Brian Field / Comcast
The Hybrid- Open ( HOpen ) router architecture Brian Field / Comcast 1 Background Lots of excitement in the SDN space Programmability (config) Network virtualizaqon (exisqng features) What if I need a
More informationEthernet-based Software Defined Network (SDN) Cloud Computing Research Center for Mobile Applications (CCMA), ITRI 雲 端 運 算 行 動 應 用 研 究 中 心
Ethernet-based Software Defined Network (SDN) Cloud Computing Research Center for Mobile Applications (CCMA), ITRI 雲 端 運 算 行 動 應 用 研 究 中 心 1 SDN Introduction Decoupling of control plane from data plane
More informationMonitoring Network Traffic using ntopng
Monitoring Network Traffic using ntopng Luca Deri Outlook What are the main activities of ntop.org? ntop s view on network monitoring. From ntop to ntopng. ntopng architecture and design.
More informationNetworking Goes Open-Source. Michael Zimmerman VP Marketing, Tilera mzimmerman@tilera.com
Networking Goes Open-Source Michael Zimmerman VP Marketing, Tilera mzimmerman@tilera.com Open Server Summit, October 23, 2013 Networking Goes Open-Source ? Networking Goes Open-Source Are they connected
More informationFrom traditional to alternative approach to storage and analysis of flow data. Petr Velan, Martin Zadnik
From traditional to alternative approach to storage and analysis of flow data Petr Velan, Martin Zadnik Introduction Network flow monitoring Visibility of network traffic Flow analysis and storage enables
More informationTITANXR Multi-Switch Management Software
TITANXR Multi-Switch Management Software Centralized management of APCON network monitoring switches Features Centralized APCON system management View status and alerts Configurable Dashboards Monitor
More information- Introduction to PIX/ASA Firewalls -
1 Cisco Security Appliances - Introduction to PIX/ASA Firewalls - Both Cisco routers and multilayer switches support the IOS firewall set, which provides security functionality. Additionally, Cisco offers
More informationSimplify IT. With Cisco Application Centric Infrastructure. Roberto Barrera rbarrera@grupo-dice.com. VERSION May, 2015
Simplify IT With Cisco Application Centric Infrastructure Roberto Barrera rbarrera@grupo-dice.com VERSION May, 2015 Content Understanding Software Definded Network (SDN) Why SDN? What is SDN and Its Benefits?
More informationAchieving Low-Latency Security
Achieving Low-Latency Security In Today's Competitive, Regulatory and High-Speed Transaction Environment Darren Turnbull, VP Strategic Solutions - Fortinet Agenda 1 2 3 Firewall Architecture Typical Requirements
More informationSDN and FTTH Software defined networking for fiber networks
SDN and FTTH Software defined networking for fiber networks A new method to simplify management of FTTH networks What is SDN Software Defined Networking (SDN) revolutionizes service deployment and service
More informationOpen vswitch and the Intelligent Edge
Open vswitch and the Intelligent Edge Justin Pettit OpenStack 2014 Atlanta 2014 VMware Inc. All rights reserved. Hypervisor as Edge VM1 VM2 VM3 Open vswitch Hypervisor 2 An Intelligent Edge We view the
More informationSoftware Defined Networking (SDN) - Open Flow
Software Defined Networking (SDN) - Open Flow Introduction Current Internet: egalitarian routing/delivery based on destination address, best effort. Future Internet: criteria based traffic management,
More information10 Gbit Hardware Packet Filtering Using Commodity Network Adapters. Luca Deri <deri@ntop.org> Joseph Gasparakis <joseph.gasparakis@intel.
10 Gbit Hardware Packet Filtering Using Commodity Network Adapters Luca Deri Joseph Gasparakis 10 Gbit Monitoring Challenges [1/2] High number of packets to
More informationOpenDaylight Project Proposal Dynamic Flow Management
OpenDaylight Project Proposal Dynamic Flow Management Ram (Ramki) Krishnan, Varma Bhupatiraju et al. (Brocade Communications) Sriganesh Kini et al. (Ericsson) Debo~ Dutta, Yathiraj Udupi (Cisco) 1 Table
More informationSDN Building Blocks. Edward Balas Sept 17th, 2014
SDN Quick Overview Southern Partnership in Advanced Networking Ma; Zekauskas, ma;@internet2.edu April 8, 2015 Slide material shamelessly excerpted from the presentajons at the OIN workshop in Pi;sburgh,
More informationIntroduction to Software Defined Networking (SDN) and how it will change the inside of your DataCentre
Introduction to Software Defined Networking (SDN) and how it will change the inside of your DataCentre Wilfried van Haeren CTO Edgeworx Solutions Inc. www.edgeworx.solutions Topics Intro Edgeworx Past-Present-Future
More informationSecurity Challenges & Opportunities in Software Defined Networks (SDN)
Security Challenges & Opportunities in Software Defined Networks (SDN) June 30 th, 2015 SEC2 2015 Premier atelier sur la sécurité dans les Clouds Nizar KHEIR Cyber Security Researcher Orange Labs Products
More informationFrom Active & Programmable Networks to.. OpenFlow & Software Defined Networks. Prof. C. Tschudin, M. Sifalakis, T. Meyer, M. Monti, S.
From Active & Programmable Networks to.. OpenFlow & Software Defined Networks Prof. C. Tschudin, M. Sifalakis, T. Meyer, M. Monti, S. Braun University of Basel Cs321 - HS 2012 (Slides material from www.bigswitch.com)
More informationCisco NetFlow Generation Appliance (NGA) 3140
Q&A Cisco NetFlow Generation Appliance (NGA) 3140 General Overview Q. What is Cisco NetFlow Generation Appliance (NGA) 3140? A. Cisco NetFlow Generation Appliance 3140 is purpose-built, high-performance
More informationCS244 Lecture 5 Architecture and Principles
CS244 Lecture 5 Architecture and Principles Network Virtualiza/on in Mul/- tenant Datacenters, NSDI 2014. Guido Appenzeller Background Why is SDN Happening? CLOSED & PROPRIETARY NETWORKING EQUIPMENT Vertically
More informationEnabling Visibility for Wireshark across Physical, Virtual and SDN. Patrick Leong, CTO Gigamon
Enabling Visibility for Wireshark across Physical, Virtual and SDN Patrick Leong, CTO Gigamon 1 Agenda A review of the network then and now Challenges in network monitoring and security Introduction to
More informationUnderneath OpenStack Quantum: Software Defined Networking with Open vswitch
Underneath OpenStack Quantum: Software Defined Networking with Open vswitch Principal Software Engineer Red Hat, Inc. April 24, 2013 1 Part One Why Open vswitch? Open vswitch enables Linux to become part
More informationOpen Ethernet. April 29 2014
Open Ethernet April 29 2014 The Evolution of SDN Switches are a build of closed software being sold as a package from switch vendors Stanford guys wanted to change the networking world using OpenFlow SDN
More informationStateful Inspection Technology
Stateful Inspection Technology Security Requirements TECH NOTE In order to provide robust security, a firewall must track and control the flow of communication passing through it. To reach control decisions
More informationSoftware Networking & The New IP. A Technical Perspective
Software Networking & The New IP A Technical Perspective The New IP Architecture for the 3 rd Platform SCALE ARCH COMPUTE NETWORK % of IT Spend 14 18 Social Billions/ Trillions Open Virtualized SW-driven
More informationTransform Your Business and Protect Your Cisco Nexus Investment While Adopting Cisco Application Centric Infrastructure
White Paper Transform Your Business and Protect Your Cisco Nexus Investment While Adopting Cisco Application Centric Infrastructure What You Will Learn The new Cisco Application Centric Infrastructure
More informationPerformance of Software Switching
Performance of Software Switching Based on papers in IEEE HPSR 2011 and IFIP/ACM Performance 2011 Nuutti Varis, Jukka Manner Department of Communications and Networking (COMNET) Agenda Motivation Performance
More informationQualifying SDN/OpenFlow Enabled Networks
Qualifying SDN/OpenFlow Enabled Networks Dean Lee Senior Director, Product Management Ixia Santa Clara, CA USA April-May 2014 1 Agenda SDN/NFV a new paradigm shift and challenges Benchmarking SDN enabled
More information