LUCENT S ENTRY INTO NETWORK SECURITY



Similar documents
Ranch Networks for Hosted Data Centers

IBM enetwork VPN Solutions

Virtual Private Networks

IP-VPN Architecture and Implementation O. Satty Joshua 13 December Abstract

November Defining the Value of MPLS VPNs

VoIPon Solutions Tel: +44 (0) Ranch Asterisk VoIP Solution

Local Area Networks (LANs) Blueprint (May 2012 Release)

Outline Introduction to Internet, Intranet and Extranet. What is an Intranet? by Awad. Basic Intranet-enabling Technology [Awad, chapter 4]

Secure Voice over IP (VoIP) Networks

Implementing a Microsoft Windows 2000 Network Infrastructure

Firewalls and VPNs. Principles of Information Security, 5th Edition 1

Global Headquarters: 5 Speen Street Framingham, MA USA P F

High-performance VoIP Traffic Optimizer Client Solution

CISCO WIDE AREA APPLICATION SERVICES (WAAS) OPTIMIZATIONS FOR EMC AVAMAR

Network Services Internet VPN

Data Sheet. M o r e... making networks better

Security Design.

Cornerstones of Security

XRoads Networks, Inc.

Security and the Mitel Teleworker Solution

MITEL. NetSolutions. Flat Rate MPLS VPN

High-performance VoIP Traffic Optimizer Client Solution

WHITE PAPER. Centrally Monitoring Set-tops and Implementing Whole-Home Video Assurance

5.0 Network Architecture. 5.1 Internet vs. Intranet 5.2 NAT 5.3 Mobile Network

IP Telephony Management

Microsoft Exchange Load Balancing. Unique Applied Patent Technology By XRoads Networks

ABOUT AT&T GLOBAL CLEARINGHOUSE

Managed Services The. The Road to Revenue. Pravin Mahajan Session Number Presentation_ID

What is a Firewall? Computer Security. Firewalls. What is a Firewall? What is a Firewall?

Network Security Topologies. Chapter 11

The term Virtual Private Networks comes with a simple three-letter acronym VPN

Recommended IP Telephony Architecture

Delivering Managed Services Using Next Generation Branch Architectures

MPLS: Key Factors to Consider When Selecting Your MPLS Provider Whitepaper

ITC Corporate Connect

How To Get A Better Price For Your Phone In Orange (European)

Steelcape Product Overview and Functional Description

Frame Relay vs. IP VPNs

OpenScape Session Border Controller Delivering security, interoperability and cost savings to the enterprise network border

Secure networks are crucial for IT systems and their

The Internet, Intranets, and Extranets. What is the Internet. What is the Internet cont d.

Cisco Which VPN Solution is Right for You?

District of Columbia Courts Attachment 1 Video Conference Bridge Infrastructure Equipment Performance Specification

Intranet Security Solution

- Introduction to PIX/ASA Firewalls -

Internet Security. Internet Security Voice over IP. Introduction. ETSF10 Internet Protocols ETSF10 Internet Protocols 2011

The Cisco ASA 5500 as a Superior Firewall Solution

4141_02_2002_c , Cisco Systems, Inc. All rights reserved.

Alcatel 7300 ASAM. Advanced Services Access Manager (ETSI Version) Release 4.3/4.4

The need for bandwidth management and QoS control when using public or shared networks for disaster relief work

MPLS VPN Security Best Practice Guidelines

VPLS lies at the heart of our Next Generation Network approach to creating converged, simplified WANs.

MSP Dashboard. Solution Guide

Lecture 4: Introduction to Computer Network Design

PowerLink Bandwidth Aggregation Redundant WAN Link and VPN Fail-Over Solutions

RAS Associates, Inc. Systems Development Proposal. Scott Klarman. March 15, 2009

Gigabit Content Security Router

Enterprise Edge Communications Manager. Data Capabilities

CloudLink - The On-Ramp to the Cloud Security, Management and Performance Optimization for Multi-Tenant Private and Public Clouds

How To Manage A Network Management System (Hitachi)

Security and the Mitel Networks Teleworker Solution (6010) Mitel Networks White Paper

DATA SECURITY 1/12. Copyright Nokia Corporation All rights reserved. Ver. 1.0

Network Platform Makes SP More Brilliant

Enterprise Broadband Customer Service Description

How To Extend Security Policies To Public Clouds

VPN. Date: 4/15/2004 By: Heena Patel

MANAGEMENT INFORMATION SYSTEMS 8/E

ETM System SIP Trunk Support Technical Discussion

Solution Brief. Secure and Assured Networking for Financial Services

Small, Medium and Large Businesses

Site2Site VPN Optimization Solutions

Cisco and EMC Solutions for Application Acceleration and Branch Office Infrastructure Consolidation

Building Voice VPN with Simton IPX

Technical papers Virtual private networks

ALLNET ALL-VPN10. VPN/Firewall WLAN-N WAN Router

Firewalls (IPTABLES)

How To Find A Vpn Wan Solution

Mesh VPN Link Sharing (MVLS) Solutions

Enterprise Network Solution

MOC 6435A Designing a Windows Server 2008 Network Infrastructure

WHITEPAPER MPLS: Key Factors to Consider When Selecting Your MPLS Provider

Citrix MetaFrame Presentation Server 3.0 and Microsoft Windows Server 2003 Value Add Feature Guide

Virtual Server in SP883

Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme. Firewall

ICANWK406A Install, configure and test network security

KM road map. Technology Components of KM. Chapter 5- The Technology Infrastructure. Knowledge Management Systems

8. Firewall Design & Implementation

Review: Lecture 1 - Internet History

ITU-T Kaleidoscope Conference Innovations in NGN. Architecture for Broadband and Mobile VPN over NGN

Securing SIP Trunks APPLICATION NOTE.

z/os Firewall Technology Overview

Firewalls and Virtual Private Networks

SIP Trunking The Provider s Perspective

Stephen Phillips 179 Malmesbury Park Road Charminster Bournemouth BH8 8PU Tel: (H) (M) Steve_Phillips_UK@yahoo.

Virtual Leased Line (VLL) for Enterprise to Branch Office Communications

COMSATS Institute of Information Technology, Abbottabad Department of Computer Science

Private Cloud Solutions Virtual Onsite Data Center

Huawei esight Brief Product Brochure

End to End WiMAX Network Solution

SVN5800 Secure Access Gateway

Transcription:

LUCENT S ENTRY INTO NETWORK SECURITY and Distributed System Security Symposium March 12, 1998 H. M. Gittleson Director, Internet Security Products Group 1

Traffic Growth In Voice And Data Services 250 Data Traffic Growth 300% CAGR Relative Capacity 200 150 100 50 Voice Traffic Growth 5% CAGR 0 1996 1997 1998 1999 2000 2001 Source: Vint Cerf, MCI 2

Changing Traffic Types Traffic Mix by Protocol US WANs 100% 80% 60% 40% Others IPX SNA TCP/IP 20% 0% 1994 1996 1998 2000 2002 Source: Gartner Group, The Changing Protocol Mix in Enterprise s 4/1/97... and the traffic mix will be dominated by TCP/IP 3

Standards-Based Data Communications Architecture Target Architecture for Data Communications Business Applications Messaging Collaboration Information Publishing Transactions Systems/Application Integration (New and Legacy) Example Services Fax email Universal Video Groupware Screenshare DB Host Intranet Push Web Host Transaction Process Electronic Fulfill Virtual Private Data Resource Management (Configuration, QOS, BW allocation) Management, SNMP (e.g., OpenView) Security, (authentication, privacy, access control) Data transport (IP and legacy - IPX, SNA, DECNet) Infrastructure Broadband Access and Wide-area infrastructure 4

Value-Added Service Offerings Value-added Services Demand Service Implications Quality of Service Guaranteed Bandwidth Redundancy Security Authorization Authentication Encryption User Privilege End-to-End Management Fault Management Configuration Management Billing Usage Based Services Based on QOS and Security 3500 3000 2500 2000 1500 1000 500 0 ISP Security Services Revenue 1996 1997 1998 1999 2000 Source: IDC QOS Security * Multiple Price Levels Per Service Price Price There Is a Demand for a Number of Value-Added IP Services That Current ILEC Data s Don t Support 5

Lessons Learned In Designing The Next Generation Firewall Hardening a Flawed OS Is Just Delaying Disaster NT and UNIX Do Not Provide Secure Foundations for Firewall Design Firewalls Should Be Invisible to the Firewalls Are Chokepoints by Design Thus They Must Be Fast and Reliable Security Needs To Be Distributed Separate Management and Security Functions Must Be Part of the Initial Design Capability to Share a Firewall Is Needed Important for Service Providers and Intranets Management Server Should Be Platform Independent and Easy to Use 6

Next Generation Firewall We Took the Best of What is Out There - Stateful Packet Filtering Proxy Application Gateway Bridge Level Firewall T3+ Throughput Performance Central Administration of Multiple Firewalls Address Translation Virtual Private ing Based on IPSEC Standards 7

Next Generation Firewall And Made It Much Better - Created a Separate Firewall Appliance Built it on a Real-Time, Secure OS (Inferno) Added Support For Multiple Security Policy Zones * Supported Secure Multimedia Applications Without Proxies * Added Advanced Web-based Administration Separated Administration From Policy Management Provided a Central Audit Facility With Dynamic Alarms and Reports Provided Future Expansion With Support of Remote Proxies * * Patents pending 8

Multiple Policies On A Single Firewall Internet Security Policy #1 ( Public ) Public Web Servers Extranet Security Policy #2 (Corporate Intranet) Corporate Backbone Security Management Server One Firewall Can Support More Than One Security Policy* Control of Each Policy Is Restricted to a Unique Security Administrator * Patent Pending for Bell Labs Technology 9

Single Policy On Multiple Firewalls Region #1 Region #2 Region #1 Sales Single Sales Security Policy Region #2 Sales Policies Are Defined Logically, Not Physically or Geographically Internet The Same Security Policy Can Be Applied to Multiple Firewalls Region #1 Human Resources Region #2 Human Resources Single H.R. Security Policy 10

Enterprise Security Model Public Policy NOC Policy Public Web Servers Operations Extranet R Shipping Policy Internet R Corporate Backbone R Intranet Policy Shipping The Enterprise Is Segmented Into Internet, Extranet and Intranet Zones Security is an enabler that increases overall productivity--both within and outside the company Payroll/Accounting Systems Finance Finance Policy Trading Partners can access information to meet their specific needs 11

Service Provider Model Customer #1 Security Zone Customer #1 Customer #2 Security Zone R CSU/ DSU ISP s Operations Service Providers/ISPs Can Easily Offer Firewall Management Service Value-Add with Lower Total Cost of Ownership=Increased Profits Customer #2 Customer #N Security Zone Customer #N R R CSU/ DSU CSU/ DSU ISP s Backbone Increase Customer Loyalty, Reduce Churn Understand Customer Needs for New Services ISP s CPE 12

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information