INTERNATIONAL NETWORKS At Indiana University Hans Addleman TransPAC Engineer, International Networks...

INTERNATIONALNETWORKS

At Indiana University

Hans Addleman

TransPAC Engineer, International Networks

University Information Technology Services

Indiana University

addlema@iu.edu

Supported by the National Science Foundation

Denial of Service Mitigation with OpenFlow and SciPass

• Provide adequate security at 100Gbps speed

• Detect Distributed Denial of Service (DDOS) attacks

• Stop attack inside the Wide Area Network (WAN)

• Automated process

• Do not impede legitimate traffic

Intrusion Detection System

• Deep packet inspection• Look for known traffic patterns and signatures

that signal an attack• Useful for identifying DDOS

SciPass

• Indiana University developed SDN Application• Adaptive IDS cluster load balancing• Reactive white and blacklisting• Web Service API for IDS Feedback• Designed primarily for Science DMZ

Background: Campus Networks

• Campus Networks• Firewalls• May not be large flow optimized• There may be a better path for

science / research traffic.

Background: ScienceDMZ

• Support high performance science applications• Reduce loss that impacts TCP performance• faster / bigger connection to regional / national /

international networks• Integrate and allow for test points• Provide some security at 100Gbps• https://fasterdata.es.net/science-dmz/

SciPass: Approach• Create a Reactive System

• OpenFlow Switch• Intrusion Detection • PerfSonar

• Default traffic to slow path

• Use IDS to detect what goes on fast path

SciPass: Default• Traffic follows default

• Traffic mirrored to array of Intrusion Detection Systems.

SciPass: Detection• IDS identifies science /

defined flow

• IDS signals SciPass to setup fast path

SciPass: Bypass• Based on IDS input

SciPass installs OpenFlow rules to bypass the firewall / take best path.

SciPass Blacklist Feature

• Can match:• Source / Destination IP• Source / Destination Port• Ethernet Type

• SciPass sends OpenFlow rules to switch• Flow Based: Block HTTP traffic from Host A to B• Prefix Based: Block all traffic to 192.168.0.1/32• Prefix Based: Block all traffic to or from 192.168.1.0/24

• IDS signals bad traffic to SciPass via web services

Mitigation

• IDS detects malicious traffic

• IDS signals SciPass to block traffic

• SciPass creates openflow rules on switch to block traffic.

SciPass Black List Example

Path Forward

• Lab Deployment• SciPass + Brocade MLXe + IDS (Bro)• Generate test traffic• Squash false positives• Feasibility / Scale

• TransPAC4 Field Deployment in logging mode

• TransPAC4 Field Deployment in automatic mode

Questions / Comments?

• http://globalnoc.iu.edu/sdn/scipass.html

• http://internationalnetworking.iu.edu

• Hans Addleman - addlema@iu.edu

• TransPAC4 NSF IRNC Award: #1450904

INTERNATIONAL NETWORKS At Indiana University Hans Addleman TransPAC Engineer, International Networks...

Documents

Economic Impact Assessment: Townsville Ocean Terminal Projecteisdocs.dsdip.qld.gov.au/Townsville Ocean Terminal... · Disclaimer: Transpac Consulting Pty Ltd has prepared this report

Fossils of Indiana of Indiana of Indiana

Indiana Auctioneer Commission - IN.gov · Indiana Auctioneer Commission Laws and Regulations A compilation of the Indiana Code and Indiana Administrative Code April 2014 Edition Indiana

IndIana WRESTLInG INDIANA WRESTLING

Addleman Terry Dianne 1973 PuertoRito

INDIANAUNIVERSITYINDIANAUNIVERSITY Spring 2001 TransPAC Engineering and Future Plans James Williams williams@iu.edu and Chris Robb chrobb@iu.edu

Addleman Terry Dianne 1977 PuertoRico

INDIANAUNIVERSITYINDIANAUNIVERSITY TransPAC John Hicks TransPAC HPCC Engineer Indiana University APAN Conference – Shanghai 27-August-2002

INDIANAUNIVERSITYINDIANAUNIVERSITY Confidential TransPAC Extension and International R/E Networking Future Direction James Williams TransPAC Executive

INDIANAUNIVERSITYINDIANAUNIVERSITY TransPAC High-performance connectivity between the US and the Asia-Pacific region James Williams williams@iu.edu TransPAC

INDIANAUNIVERSITYINDIANAUNIVERSITY TransPAC Engineering 2003-2004 Chris Robb Indiana University chrobb@indiana.edu

Duke Energy Indiana Presentation to Indiana Utility ......Duke Energy Indiana Presentation to Indiana Utility Regulatory Commission Jim Stanley, President, Duke Energy Indiana May

N International Connection D Opportunities for VLBI · 2006-05-02 · International Connection Opportunities for VLBI James Williams TransPAC Executive Investigator Indiana University

TransPAC Annual Report - STAR · PDF fileTransPAC Annual Report ... ITMC - International Transmission Maintenance Center ITSC - International Transport Service Center seconda ry repo

Topeka Indiana LaGrange/ Elkhart Counties Indiana Plain ...ddcclinic.org/docs/cme-presentations/Jared_Beasley_Angela_Scheid... · Topeka Indiana . LaGrange/ Elkhart Counties . Indiana

Gratitude Report - imgix...Carolyn Abbott Sakuko Abe Tamiko Abe Lola Abrahamian Momoko Adachi Cheryl J Addleman Abby Adekube Janice Adelman Paula Adkins Louise Agnew Dolores Agres

Are You Smarter Than The MSA? Kristin Addleman and Kim Bibeault Anne Arundel County Public Schools Maryland Assessment Group Conference November 19 – 21,

Pacheco Transit Center Regional Express Bus Hub and Park and Ride Project Description and Background TRANSPAC TAC Meeting November 19, 2009

TP4 Y2 annual - International Networks at Indiana University Y2 annual web.pdf · ! 2! the!TransPAC!award!supports!tool!development,!SDN!experimental!work,! measurement!deployments,!and!security!activities.!

Transpac Primer 09 (Pdf)