SlideShare una empresa de Scribd logo

D-STREAMON - NFV-capable distributed framework for network monitoring

Descargar como PPTX, PDF
Stefano Salsano
Stefano Salsano

Several reasons make NFV an attractive paradigm for IT security: lowers costs, agile operations and better isolation as well as fast security updates, improved incident responses and better level of automation. At the same time, the network threats tend to be increasingly complex and distributed, implying huge traffic scale to be monitored and increasingly strict mitigation delay requirements. Considering the current trend of the networking and the requirements to counteract to the evolution of cyber-threats, it is expected that also network monitoring will move towards NFV based solutions. In this paper, we present Distributed StreaMon (D-StreaMon) an orchestration framework for distributed monitoring on NFV network architectures. D-StreaMon has been designed to face the above described challenges. It relies on the StreaMon platform, a solution for network monitoring originally designed for traditional middleboxes. Changes that allow Streamon to be deployed on NFV network architectures are described. The paper reports a performance evaluation of the realized NFV based solutions and discusses potential benefits in monitoring tenants' VMs for Service Providers.

Internet
1 de 30
D-STREAMON - NFV-capable distributed framework for network monitoring Davide Palmisano(1,2), Pier Luigi Ventre(2), Alberto Caponi(1), Giuseppe Siracusano(2), Stefano Salsano(1,2), Marco Bonola(1), Giuseppe Bianchi(1,2) (1) CNIT – (2) University of Rome “Tor Vergata” Soft5 Workshop - First International Workshop on Softwarized Infrastructures for 5G and Fog Computing, in conjunction with ITC 29 Genoa, Italy - 8th September, 2017
2 Outline • SCISSOR project highlights • Network Monitoring in a Distributed Cloud / NFV environment • From StreaMon to Distributed StreaMon (D-StreaMon) • Deployment of D-StreaMon over a Cloud Infrastructure
3 The SCISSOR Project – Security in trusted SCADA and smart-grids Assystem Engineering and operation services (FR) AGH University of Science and Technology of Krakow (PL) UPMC university Pierre and Marie Curie (FR) SixSq Sàrl (CH) Consorzio Nazionale Interuniversitario per le Telecomunicazioni (IT) RADIO6ENSE (IT) Salzburg Research Forschungsgesellschaft mbH (AT) Katholieke Universiteit Leuven (BE) SEA Società Elettrica di Favignana S.p.a. (IT) The partners
4 SCISSOR in a nutshell A highly scalable ICS/SCADA security monitoring framework • Integration of a wide range of heterogeneous sensors • A dynamically adaptable, distributed data aggregation framework • Advanced detection and correlation models as extensions to a conventional SIEM • Exploitation of modern cloud-computing concepts
5 SCISSOR Architecture
8 Outline SCISSOR project highlights Network Monitoring in a Distributed Cloud / NFV environment From StreaMon to Distributed StreaMon (D-StreaMon) Deployment of D-StreaMon over a Cloud Infrastructure
9 Network Monitoring in a Distributed Cloud / NFV environment •Once upon a time : - physical servers and hosts, physical network devices and wires to be monitored •Nowadays : - Server and hosts are distributed in the cloud - Security systems or hardware based middleboxes are substituted by virtualized network function running on commodity hardware From physical to virtual infrastructure
10 Network Monitoring in a Distributed Cloud / NFV environment •Cyber-threats can easily break the controls performed by the standard procedures which aims at monitor the perimeter of an infrastructure •We need innovative approaches in the defense techniques and the deployment of a widespread monitoring New threats
11 Network Monitoring in a Distributed Cloud / NFV environment Network core Cloud Data Centers Fog Nodes Local Nodes Local sensors/actuators For example, in the SCISSOR project testbed we have a «Cloud in a box» solution, called NuvlaBox installed in an electric cabin in Favignana island
12 Network Monitoring in a Distributed Cloud / NFV environment Network core Cloud Data Centers Fog Nodes Local Nodes Local sensors/actuators Monitoring probes distributed on the Cloud Infrastructure
13 Outline • SCISSOR project highlights • Network Monitoring in a Distributed Cloud / NFV environment • From StreaMon to Distributed StreaMon (D-StreaMon) • Deployment of D-StreaMon over a Cloud Infrastructure
14 StreaMon : architecture of a single probe Stream based analysis • Wire-speed, strict real time • Memory-efficient operation, no on-board DBs • Data reduction, mining only data you really need Very powerful technical approach • Especially when (controlled) approx is OK • Multi-hash data structures (Bloom, sketches, etc) Stream Analysis (on the fly) Raw link traffic (huge rate) (partial) results, filtering
15 StreaMon : architecture of a single probe M1 Metric Layer M2 M3 Feature Layer F1 = M1+M2 F2 = M3/M2 Decision Layer if (f1>200) then ACTION if (f2<.05) then ACTION Event Layer Timeouts Status Table Capture Engine incoming packet state transition timeout update timeout expiration Logic subsystem Measurement subsystem
16 What the programmer describes Define application-specific STATES • If/when needed Specify EVENTS • Triggered by packet arrival: i) matching rule (e.g. TCP SYN) ii) extract flow key • Timeouts Instantiate METRICS (sketch-based & DLEFT-based) Define FEATURES Define STATE MACHINE: transition events, metric updates, conditions, associated ACTIONS No need to know HOW all this is implemented inside the box: just an API!
17 State machine description in XML <event type="packet" selector="proto tcp and dst_port 502 and modbus_fc 8" primary-key="ip_src"> <state id="default"> <use-metric id="m1" vd_update="ip_src-ip_dst" vm_update="ip_src"/> <condition> expression="rate > 10" action=”Publish(log, Suspected scan from %ip_src)" next_state="suspect"> </condition> </state> <state id=”suspect”> <use-metric id=”m1” vd_update=”ip_src-ip_dst” vm_update=”ip_src” /> <condition> expression="rate > 20" action=”Publish(log, Detected scan from %ip_src); Publish(raw, raw)" next_state="" </condition> </state> </event>
18 StreaMon life-cycle is static & on the probe • Designed for a single host • All the steps run on the platform • Static XML configurations • StreaMon is re-compiled at each run • No dynamic re-configuration of parameters • Metric/Feature changes need restart • Hard to retrieve monitoring informations • Monitoring logs at screen Host Host Host Host Host Host Probe Probe Probe
19 StreaMon becomes distributed: D-StreaMon Config. Repository Host Host Host Host Host Host Probe Probe Probe Controller Aggregated Logs Logs Logs Logs Deploy Execute Configure & Compile Deploy Deploy
20 Controller (Management) TITRE DE LA PARTIE •Design and deploy the distributed monitoring network (probes) •Customize probe configuration •Dynamically re-configure probes •Centralized compilation Probes (Execution) •Just run the logic without compilation overhead! •Publish monitoring data on Ømq channels D-StreaMon: decoupling StreaMon management from execution
21 Implementation • Easily configure deployment actions defining playbooks • Playbooks express configurations, deployment, and orchestration • Each Playbook maps a group of hosts to a set of roles • Each role is represented by calls to Ansible call tasks • Abstraction library for sockets • Simple publish/subscribe network communication • Easily aggregate monitoring information using proxy
22 Semaphore based GUI for the control component
23 Outline • SCISSOR project highlights • Network Monitoring in a Distributed Cloud / NFV environment • From StreaMon to Distributed StreaMon (D-StreaMon) • Deployment of D-StreaMon over a Cloud Infrastructure
24 Network Monitoring in a Distributed Cloud / NFV environment Network core Cloud Data Centers Fog Nodes Local Nodes Local sensors/actuators Monitoring probes distributed on the Cloud Infrastructure
25 Network Monitoring in a Distributed Cloud / NFV environment Network core Cloud Data Centers Fog Nodes Local Nodes Local sensors/actuators OS and Drivers Cloud Platform + Container Manager App VM App Container OS and Drivers Cloud Platform + Container Manager App VM App Container
Neutron bridge D-StreaMon Orchestration framework Probes and VMs instantiation Configuration and Management Decisions And Actions Legacy or SDN network (data plane) D-StreaMon SDN Controller Virtual Infrastructure Manager REST Mirroring SSH 0mqLegacy (management plane) VM Probe Cloud Infrastructure Virtual Switch
Neutron bridge D-StreaMon Orchestration framework Probes and VMs instantiation Configuration and Management Decisions And Actions Legacy or SDN network (data plane) D-StreaMon SDN Controller Virtual Infrastructure Manager REST Mirroring SSH 0mqLegacy (management plane) VM Probe Cloud Infrastructure Virtual Switch
28 Probes as processes vs. probes as containers Probes as processes Probes as containers Pros Cons Better performance Less isolation No mirroring overhead Process management Pros Cons Better isolation Performance Simple deployment Mirroring overhead
29 Probes as processes vs. probes as containers
30 Thank you. Questions? Contacts Stefano Salsano University of Rome Tor Vergata / CNIT stefano.salsano@uniroma2.it http://scissor-project.com / The work presented here only covers a subset of the work performed in the project
31 References • SCISSOR project Home Page http://superfluidity.eu/ • D. Palmisano, P. L. Ventre, A. Caponi, G. Siracusano, S. Salsano, M. Bonola, G. Bianchi, “D-STREAMON – NFV-capable distributed framework for network monitoring”, Soft5 Workshop, 1st International Workshop on Softwarized Infrastructures for 5G and Fog Computing, in conjunction with 29th ITC conference, Genoa, Italy, 8th September 2017 • P. L. Ventre, A. Caponi, G. Siracusano, D. Palmisano, S. Salsano, M. Bonola, G. Bianchi, “D-STREAMON: from middlebox to distributed NFV framework for network monitoring”, demo paper, IEEE International Symposium on Local and Metropolitan Area Networks (LANMAN 2017), Osaka, Japan, 2017
32 The SCISSOR project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No. 644425 (Research and Innovation Action). The information given is the author’s view and does not necessarily represent the view of the European Commission (EC). No liability is accepted for any use that may be made of the information contained.

Recomendados

New Threats, New Approaches in Modern Data Centers
New Threats, New Approaches in Modern Data CentersNew Threats, New Approaches in Modern Data Centers
New Threats, New Approaches in Modern Data CentersIben Rodriguez
 
The SCISSOR approach to establishing situational awareness in Industrial Cont...
The SCISSOR approach to establishing situational awareness in Industrial Cont...The SCISSOR approach to establishing situational awareness in Industrial Cont...
The SCISSOR approach to establishing situational awareness in Industrial Cont...Stefano Salsano
 
The Potential Impact of Software Defined Networking SDN on Security
The Potential Impact of Software Defined Networking SDN on SecurityThe Potential Impact of Software Defined Networking SDN on Security
The Potential Impact of Software Defined Networking SDN on SecurityBrent Salisbury
 
Ipsn08 tiny ecc-ieee
Ipsn08 tiny ecc-ieeeIpsn08 tiny ecc-ieee
Ipsn08 tiny ecc-ieeeSelva Raj
 
NFV Security PPT
NFV Security PPTNFV Security PPT
NFV Security PPTNisarg Shah
 
Meetup docker using software defined networks
Meetup docker using software defined networksMeetup docker using software defined networks
Meetup docker using software defined networksOCTO Technology
 
What is SDN and how to approach it with Python
What is SDN and how to approach it with PythonWhat is SDN and how to approach it with Python
What is SDN and how to approach it with PythonJustin Park
 
Cisco SDN/NVF Innovations (SDN NVF Day ITB 2016)
Cisco SDN/NVF Innovations (SDN NVF Day ITB 2016)Cisco SDN/NVF Innovations (SDN NVF Day ITB 2016)
Cisco SDN/NVF Innovations (SDN NVF Day ITB 2016)SDNRG ITB
 

Recomendados

New Threats, New Approaches in Modern Data Centers
New Threats, New Approaches in Modern Data CentersNew Threats, New Approaches in Modern Data Centers
New Threats, New Approaches in Modern Data CentersIben Rodriguez
 
The SCISSOR approach to establishing situational awareness in Industrial Cont...
The SCISSOR approach to establishing situational awareness in Industrial Cont...The SCISSOR approach to establishing situational awareness in Industrial Cont...
The SCISSOR approach to establishing situational awareness in Industrial Cont...Stefano Salsano
 
The Potential Impact of Software Defined Networking SDN on Security
The Potential Impact of Software Defined Networking SDN on SecurityThe Potential Impact of Software Defined Networking SDN on Security
The Potential Impact of Software Defined Networking SDN on SecurityBrent Salisbury
 
Ipsn08 tiny ecc-ieee
Ipsn08 tiny ecc-ieeeIpsn08 tiny ecc-ieee
Ipsn08 tiny ecc-ieeeSelva Raj
 
NFV Security PPT
NFV Security PPTNFV Security PPT
NFV Security PPTNisarg Shah
 
Meetup docker using software defined networks
Meetup docker using software defined networksMeetup docker using software defined networks
Meetup docker using software defined networksOCTO Technology
 
What is SDN and how to approach it with Python
What is SDN and how to approach it with PythonWhat is SDN and how to approach it with Python
What is SDN and how to approach it with PythonJustin Park
 
Cisco SDN/NVF Innovations (SDN NVF Day ITB 2016)
Cisco SDN/NVF Innovations (SDN NVF Day ITB 2016)Cisco SDN/NVF Innovations (SDN NVF Day ITB 2016)
Cisco SDN/NVF Innovations (SDN NVF Day ITB 2016)SDNRG ITB
 
Nutanix in de praktijk: dataprotectie strategieën
Nutanix in de praktijk: dataprotectie strategieënNutanix in de praktijk: dataprotectie strategieën
Nutanix in de praktijk: dataprotectie strategieënICT-Partners
 
ZONeSEC in ERNCIP
ZONeSEC in ERNCIPZONeSEC in ERNCIP
ZONeSEC in ERNCIPJosé Ramón Martínez Salio
 
SDN - beyond the obvious
SDN - beyond the obviousSDN - beyond the obvious
SDN - beyond the obviousPeter van der Voort
 
Hong kongopenstack2013 sdn_bluehost
Hong kongopenstack2013 sdn_bluehostHong kongopenstack2013 sdn_bluehost
Hong kongopenstack2013 sdn_bluehostJun Park
 
Technology Innovation That Matters
Technology Innovation That MattersTechnology Innovation That Matters
Technology Innovation That MattersMarketingArrowECS_CZ
 
Zoura Subscribed 2013 LinkBermuda Metered Cloud Services
Zoura Subscribed 2013 LinkBermuda Metered Cloud ServicesZoura Subscribed 2013 LinkBermuda Metered Cloud Services
Zoura Subscribed 2013 LinkBermuda Metered Cloud ServicesWinston Morton
 
네트워크 가상화 보안현황 및 보안연관성
네트워크 가상화 보안현황 및 보안연관성네트워크 가상화 보안현황 및 보안연관성
네트워크 가상화 보안현황 및 보안연관성NAIM Networks, Inc.
 
Intel software guard extension
Intel software guard extensionIntel software guard extension
Intel software guard extensionDESMOND YUEN
 
Finding Diversity In Remote Code Injection Exploits
Finding Diversity In Remote Code Injection ExploitsFinding Diversity In Remote Code Injection Exploits
Finding Diversity In Remote Code Injection Exploitsamiable_indian
 
IRJET- SDN Multi-Controller based Framework to Detect and Mitigate DDoS i...
IRJET- SDN Multi-Controller based Framework to Detect and Mitigate DDoS i...IRJET- SDN Multi-Controller based Framework to Detect and Mitigate DDoS i...
IRJET- SDN Multi-Controller based Framework to Detect and Mitigate DDoS i...IRJET Journal
 
Cto’s guide to sdn, nfv and vnf
Cto’s guide to sdn, nfv and vnfCto’s guide to sdn, nfv and vnf
Cto’s guide to sdn, nfv and vnfPaulo R
 
Introduction to SDN
Introduction to SDNIntroduction to SDN
Introduction to SDNMuhammad Moinur Rahman
 
Securing NFV and SDN Integrated OpenStack Cloud: Challenges and Solutions
Securing NFV and SDN Integrated OpenStack Cloud: Challenges and SolutionsSecuring NFV and SDN Integrated OpenStack Cloud: Challenges and Solutions
Securing NFV and SDN Integrated OpenStack Cloud: Challenges and SolutionsTrinath Somanchi
 
Network Intrusion detection and Countermeasure sElection(NICE
Network Intrusion detection and Countermeasure sElection(NICENetwork Intrusion detection and Countermeasure sElection(NICE
Network Intrusion detection and Countermeasure sElection(NICEPranya Prabhakar
 
IEEE 2014 DOTNET PARALLEL DISTRIBUTED PROJECTS Secure and efficient data tran...
IEEE 2014 DOTNET PARALLEL DISTRIBUTED PROJECTS Secure and efficient data tran...IEEE 2014 DOTNET PARALLEL DISTRIBUTED PROJECTS Secure and efficient data tran...
IEEE 2014 DOTNET PARALLEL DISTRIBUTED PROJECTS Secure and efficient data tran...IEEEMEMTECHSTUDENTPROJECTS
 
10 Good Reasons - NetApp for ransomware protection
10 Good Reasons - NetApp for ransomware protection10 Good Reasons - NetApp for ransomware protection
10 Good Reasons - NetApp for ransomware protectionMatt Watts
 
A Rouge Relay Node Attack Detection and Prevention in 4G Multihop Wireless N...
A Rouge Relay Node Attack Detection and Prevention in 4G Multihop Wireless N...A Rouge Relay Node Attack Detection and Prevention in 4G Multihop Wireless N...
A Rouge Relay Node Attack Detection and Prevention in 4G Multihop Wireless N...IRJET Journal
 
Elephant &amp; mice flows
Elephant &amp; mice flowsElephant &amp; mice flows
Elephant &amp; mice flowsJeff Green
 
Distributech_Presentation DTECH_2013
Distributech_Presentation DTECH_2013Distributech_Presentation DTECH_2013
Distributech_Presentation DTECH_2013Dorian Hernandez
 
NSX, un salt natural cap a SDN
NSX, un salt natural cap a SDNNSX, un salt natural cap a SDN
NSX, un salt natural cap a SDNCSUC - Consorci de Serveis Universitaris de Catalunya
 
Why sdn
Why sdnWhy sdn
Why sdnlz1dsb
 
SDN and Security: A Marriage Made in Heaven. Or Not.
SDN and Security: A Marriage Made in Heaven. Or Not.SDN and Security: A Marriage Made in Heaven. Or Not.
SDN and Security: A Marriage Made in Heaven. Or Not.Priyanka Aash
 

Más contenido relacionado

La actualidad más candente

Nutanix in de praktijk: dataprotectie strategieën
Nutanix in de praktijk: dataprotectie strategieënNutanix in de praktijk: dataprotectie strategieën
Nutanix in de praktijk: dataprotectie strategieënICT-Partners
 
Hong kongopenstack2013 sdn_bluehost
Hong kongopenstack2013 sdn_bluehostHong kongopenstack2013 sdn_bluehost
Hong kongopenstack2013 sdn_bluehostJun Park
 
Technology Innovation That Matters
Technology Innovation That MattersTechnology Innovation That Matters
Technology Innovation That MattersMarketingArrowECS_CZ
 
Zoura Subscribed 2013 LinkBermuda Metered Cloud Services
Zoura Subscribed 2013 LinkBermuda Metered Cloud ServicesZoura Subscribed 2013 LinkBermuda Metered Cloud Services
Zoura Subscribed 2013 LinkBermuda Metered Cloud ServicesWinston Morton
 
네트워크 가상화 보안현황 및 보안연관성
네트워크 가상화 보안현황 및 보안연관성네트워크 가상화 보안현황 및 보안연관성
네트워크 가상화 보안현황 및 보안연관성NAIM Networks, Inc.
 
Intel software guard extension
Intel software guard extensionIntel software guard extension
Intel software guard extensionDESMOND YUEN
 
Finding Diversity In Remote Code Injection Exploits
Finding Diversity In Remote Code Injection ExploitsFinding Diversity In Remote Code Injection Exploits
Finding Diversity In Remote Code Injection Exploitsamiable_indian
 
IRJET- SDN Multi-Controller based Framework to Detect and Mitigate DDoS i...
IRJET- SDN Multi-Controller based Framework to Detect and Mitigate DDoS i...IRJET- SDN Multi-Controller based Framework to Detect and Mitigate DDoS i...
IRJET- SDN Multi-Controller based Framework to Detect and Mitigate DDoS i...IRJET Journal
 
Cto’s guide to sdn, nfv and vnf
Cto’s guide to sdn, nfv and vnfCto’s guide to sdn, nfv and vnf
Cto’s guide to sdn, nfv and vnfPaulo R
 
Securing NFV and SDN Integrated OpenStack Cloud: Challenges and Solutions
Securing NFV and SDN Integrated OpenStack Cloud: Challenges and SolutionsSecuring NFV and SDN Integrated OpenStack Cloud: Challenges and Solutions
Securing NFV and SDN Integrated OpenStack Cloud: Challenges and SolutionsTrinath Somanchi
 
Network Intrusion detection and Countermeasure sElection(NICE
Network Intrusion detection and Countermeasure sElection(NICENetwork Intrusion detection and Countermeasure sElection(NICE
Network Intrusion detection and Countermeasure sElection(NICEPranya Prabhakar
 
IEEE 2014 DOTNET PARALLEL DISTRIBUTED PROJECTS Secure and efficient data tran...
IEEE 2014 DOTNET PARALLEL DISTRIBUTED PROJECTS Secure and efficient data tran...IEEE 2014 DOTNET PARALLEL DISTRIBUTED PROJECTS Secure and efficient data tran...
IEEE 2014 DOTNET PARALLEL DISTRIBUTED PROJECTS Secure and efficient data tran...IEEEMEMTECHSTUDENTPROJECTS
 
10 Good Reasons - NetApp for ransomware protection
10 Good Reasons - NetApp for ransomware protection10 Good Reasons - NetApp for ransomware protection
10 Good Reasons - NetApp for ransomware protectionMatt Watts
 
A Rouge Relay Node Attack Detection and Prevention in 4G Multihop Wireless N...
A Rouge Relay Node Attack Detection and Prevention in 4G Multihop Wireless N...A Rouge Relay Node Attack Detection and Prevention in 4G Multihop Wireless N...
A Rouge Relay Node Attack Detection and Prevention in 4G Multihop Wireless N...IRJET Journal
 
Elephant &amp; mice flows
Elephant &amp; mice flowsElephant &amp; mice flows
Elephant &amp; mice flowsJeff Green
 
Distributech_Presentation DTECH_2013
Distributech_Presentation DTECH_2013Distributech_Presentation DTECH_2013
Distributech_Presentation DTECH_2013Dorian Hernandez
 

La actualidad más candente (20)

Nutanix in de praktijk: dataprotectie strategieën
Nutanix in de praktijk: dataprotectie strategieënNutanix in de praktijk: dataprotectie strategieën
Nutanix in de praktijk: dataprotectie strategieën
 
ZONeSEC in ERNCIP
ZONeSEC in ERNCIPZONeSEC in ERNCIP
ZONeSEC in ERNCIP
 
SDN - beyond the obvious
SDN - beyond the obviousSDN - beyond the obvious
SDN - beyond the obvious
 
Hong kongopenstack2013 sdn_bluehost
Hong kongopenstack2013 sdn_bluehostHong kongopenstack2013 sdn_bluehost
Hong kongopenstack2013 sdn_bluehost
 
Technology Innovation That Matters
Technology Innovation That MattersTechnology Innovation That Matters
Technology Innovation That Matters
 
Zoura Subscribed 2013 LinkBermuda Metered Cloud Services
Zoura Subscribed 2013 LinkBermuda Metered Cloud ServicesZoura Subscribed 2013 LinkBermuda Metered Cloud Services
Zoura Subscribed 2013 LinkBermuda Metered Cloud Services
 
네트워크 가상화 보안현황 및 보안연관성
네트워크 가상화 보안현황 및 보안연관성네트워크 가상화 보안현황 및 보안연관성
네트워크 가상화 보안현황 및 보안연관성
 
Intel software guard extension
Intel software guard extensionIntel software guard extension
Intel software guard extension
 
Finding Diversity In Remote Code Injection Exploits
Finding Diversity In Remote Code Injection ExploitsFinding Diversity In Remote Code Injection Exploits
Finding Diversity In Remote Code Injection Exploits
 
IRJET- SDN Multi-Controller based Framework to Detect and Mitigate DDoS i...
IRJET- SDN Multi-Controller based Framework to Detect and Mitigate DDoS i...IRJET- SDN Multi-Controller based Framework to Detect and Mitigate DDoS i...
IRJET- SDN Multi-Controller based Framework to Detect and Mitigate DDoS i...
 
Cto’s guide to sdn, nfv and vnf
Cto’s guide to sdn, nfv and vnfCto’s guide to sdn, nfv and vnf
Cto’s guide to sdn, nfv and vnf
 
Introduction to SDN
Introduction to SDNIntroduction to SDN
Introduction to SDN
 
Securing NFV and SDN Integrated OpenStack Cloud: Challenges and Solutions
Securing NFV and SDN Integrated OpenStack Cloud: Challenges and SolutionsSecuring NFV and SDN Integrated OpenStack Cloud: Challenges and Solutions
Securing NFV and SDN Integrated OpenStack Cloud: Challenges and Solutions
 
Network Intrusion detection and Countermeasure sElection(NICE
Network Intrusion detection and Countermeasure sElection(NICENetwork Intrusion detection and Countermeasure sElection(NICE
Network Intrusion detection and Countermeasure sElection(NICE
 
IEEE 2014 DOTNET PARALLEL DISTRIBUTED PROJECTS Secure and efficient data tran...
IEEE 2014 DOTNET PARALLEL DISTRIBUTED PROJECTS Secure and efficient data tran...IEEE 2014 DOTNET PARALLEL DISTRIBUTED PROJECTS Secure and efficient data tran...
IEEE 2014 DOTNET PARALLEL DISTRIBUTED PROJECTS Secure and efficient data tran...
 
10 Good Reasons - NetApp for ransomware protection
10 Good Reasons - NetApp for ransomware protection10 Good Reasons - NetApp for ransomware protection
10 Good Reasons - NetApp for ransomware protection
 
A Rouge Relay Node Attack Detection and Prevention in 4G Multihop Wireless N...
A Rouge Relay Node Attack Detection and Prevention in 4G Multihop Wireless N...A Rouge Relay Node Attack Detection and Prevention in 4G Multihop Wireless N...
A Rouge Relay Node Attack Detection and Prevention in 4G Multihop Wireless N...
 
Elephant &amp; mice flows
Elephant &amp; mice flowsElephant &amp; mice flows
Elephant &amp; mice flows
 
Distributech_Presentation DTECH_2013
Distributech_Presentation DTECH_2013Distributech_Presentation DTECH_2013
Distributech_Presentation DTECH_2013
 
NSX, un salt natural cap a SDN
NSX, un salt natural cap a SDNNSX, un salt natural cap a SDN
NSX, un salt natural cap a SDN
 

Similar a D-STREAMON - NFV-capable distributed framework for network monitoring

Why sdn
Why sdnWhy sdn
Why sdnlz1dsb
 
SDN and Security: A Marriage Made in Heaven. Or Not.
SDN and Security: A Marriage Made in Heaven. Or Not.SDN and Security: A Marriage Made in Heaven. Or Not.
SDN and Security: A Marriage Made in Heaven. Or Not.Priyanka Aash
 
TechWiseTV Workshop: OpenDNS and AnyConnect
TechWiseTV Workshop: OpenDNS and AnyConnectTechWiseTV Workshop: OpenDNS and AnyConnect
TechWiseTV Workshop: OpenDNS and AnyConnectRobb Boyd
 
SDN 101: Software Defined Networking Course - Sameh Zaghloul/IBM - 2014
SDN 101: Software Defined Networking Course - Sameh Zaghloul/IBM - 2014SDN 101: Software Defined Networking Course - Sameh Zaghloul/IBM - 2014
SDN 101: Software Defined Networking Course - Sameh Zaghloul/IBM - 2014SAMeh Zaghloul
 
Software Define Network, a new security paradigm ?
Software Define Network, a new security paradigm ?Software Define Network, a new security paradigm ?
Software Define Network, a new security paradigm ?Jean-Marc ANDRE
 
SDN - a new security paradigm?
SDN - a new security paradigm?SDN - a new security paradigm?
SDN - a new security paradigm?Sophos Benelux
 
IRJET- SDN Simulation in Mininet to Provide Security Via Firewall
IRJET- SDN Simulation in Mininet to Provide Security Via FirewallIRJET- SDN Simulation in Mininet to Provide Security Via Firewall
IRJET- SDN Simulation in Mininet to Provide Security Via FirewallIRJET Journal
 
IEEE HPSR 2017 Keynote: Softwarized Dataplanes and the P^3 trade-offs: Progra...
IEEE HPSR 2017 Keynote: Softwarized Dataplanes and the P^3 trade-offs: Progra...IEEE HPSR 2017 Keynote: Softwarized Dataplanes and the P^3 trade-offs: Progra...
IEEE HPSR 2017 Keynote: Softwarized Dataplanes and the P^3 trade-offs: Progra...Christian Esteve Rothenberg
 
Data center webinar_v2_1
Data center webinar_v2_1Data center webinar_v2_1
Data center webinar_v2_1Lancope, Inc.
 
Enabling SDN for Service Providers by Khay Kid Chow
Enabling SDN for Service Providers by Khay Kid ChowEnabling SDN for Service Providers by Khay Kid Chow
Enabling SDN for Service Providers by Khay Kid ChowMyNOG
 
People Counting: Internet of Things in Motion at JavaOne 2013
People Counting: Internet of Things in Motion at JavaOne 2013People Counting: Internet of Things in Motion at JavaOne 2013
People Counting: Internet of Things in Motion at JavaOne 2013Eurotech
 
ICCT2017: A user mode implementation of filtering rule management plane using...
ICCT2017: A user mode implementation of filtering rule management plane using...ICCT2017: A user mode implementation of filtering rule management plane using...
ICCT2017: A user mode implementation of filtering rule management plane using...Ruo Ando
 
Sdn future of networks
Sdn future of networksSdn future of networks
Sdn future of networksAhmed El-Sayed
 
Java in the Air: A Case Study for Java-based Environment Monitoring Stations
Java in the Air: A Case Study for Java-based Environment Monitoring StationsJava in the Air: A Case Study for Java-based Environment Monitoring Stations
Java in the Air: A Case Study for Java-based Environment Monitoring StationsEurotech
 
Multicloud as the Next Generation of Cloud Infrastructure
Multicloud as the Next Generation of Cloud Infrastructure Multicloud as the Next Generation of Cloud Infrastructure
Multicloud as the Next Generation of Cloud Infrastructure Brad Eckert
 
ONOS-based Location and Load aware Virtually Dedicated Container Networking o...
ONOS-based Location and Load aware Virtually Dedicated Container Networking o...ONOS-based Location and Load aware Virtually Dedicated Container Networking o...
ONOS-based Location and Load aware Virtually Dedicated Container Networking o...APNIC
 
Towards the extinction of mega data centres? To which extent should the Clou...
Towards the extinction of mega data centres? To which extent should the Clou... Towards the extinction of mega data centres? To which extent should the Clou...
Towards the extinction of mega data centres? To which extent should the Clou...Thierry Coupaye
 

Similar a D-STREAMON - NFV-capable distributed framework for network monitoring (20)

Why sdn
Why sdnWhy sdn
Why sdn
 
SDN and Security: A Marriage Made in Heaven. Or Not.
SDN and Security: A Marriage Made in Heaven. Or Not.SDN and Security: A Marriage Made in Heaven. Or Not.
SDN and Security: A Marriage Made in Heaven. Or Not.
 
TechWiseTV Workshop: OpenDNS and AnyConnect
TechWiseTV Workshop: OpenDNS and AnyConnectTechWiseTV Workshop: OpenDNS and AnyConnect
TechWiseTV Workshop: OpenDNS and AnyConnect
 
SDN 101: Software Defined Networking Course - Sameh Zaghloul/IBM - 2014
SDN 101: Software Defined Networking Course - Sameh Zaghloul/IBM - 2014SDN 101: Software Defined Networking Course - Sameh Zaghloul/IBM - 2014
SDN 101: Software Defined Networking Course - Sameh Zaghloul/IBM - 2014
 
Software Define Network, a new security paradigm ?
Software Define Network, a new security paradigm ?Software Define Network, a new security paradigm ?
Software Define Network, a new security paradigm ?
 
SDN - a new security paradigm?
SDN - a new security paradigm?SDN - a new security paradigm?
SDN - a new security paradigm?
 
IRJET- SDN Simulation in Mininet to Provide Security Via Firewall
IRJET- SDN Simulation in Mininet to Provide Security Via FirewallIRJET- SDN Simulation in Mininet to Provide Security Via Firewall
IRJET- SDN Simulation in Mininet to Provide Security Via Firewall
 
IEEE HPSR 2017 Keynote: Softwarized Dataplanes and the P^3 trade-offs: Progra...
IEEE HPSR 2017 Keynote: Softwarized Dataplanes and the P^3 trade-offs: Progra...IEEE HPSR 2017 Keynote: Softwarized Dataplanes and the P^3 trade-offs: Progra...
IEEE HPSR 2017 Keynote: Softwarized Dataplanes and the P^3 trade-offs: Progra...
 
Data center webinar_v2_1
Data center webinar_v2_1Data center webinar_v2_1
Data center webinar_v2_1
 
Enabling SDN for Service Providers by Khay Kid Chow
Enabling SDN for Service Providers by Khay Kid ChowEnabling SDN for Service Providers by Khay Kid Chow
Enabling SDN for Service Providers by Khay Kid Chow
 
People Counting: Internet of Things in Motion at JavaOne 2013
People Counting: Internet of Things in Motion at JavaOne 2013People Counting: Internet of Things in Motion at JavaOne 2013
People Counting: Internet of Things in Motion at JavaOne 2013
 
ICCT2017: A user mode implementation of filtering rule management plane using...
ICCT2017: A user mode implementation of filtering rule management plane using...ICCT2017: A user mode implementation of filtering rule management plane using...
ICCT2017: A user mode implementation of filtering rule management plane using...
 
CloudComp 2015 - SDN-Cloud Testbed with Hyper-convergent SmartX Boxes
CloudComp 2015 - SDN-Cloud Testbed with Hyper-convergent SmartX BoxesCloudComp 2015 - SDN-Cloud Testbed with Hyper-convergent SmartX Boxes
CloudComp 2015 - SDN-Cloud Testbed with Hyper-convergent SmartX Boxes
 
SDN basics
SDN basicsSDN basics
SDN basics
 
Sdn future of networks
Sdn future of networksSdn future of networks
Sdn future of networks
 
Java in the Air: A Case Study for Java-based Environment Monitoring Stations
Java in the Air: A Case Study for Java-based Environment Monitoring StationsJava in the Air: A Case Study for Java-based Environment Monitoring Stations
Java in the Air: A Case Study for Java-based Environment Monitoring Stations
 
Multicloud as the Next Generation of Cloud Infrastructure
Multicloud as the Next Generation of Cloud Infrastructure Multicloud as the Next Generation of Cloud Infrastructure
Multicloud as the Next Generation of Cloud Infrastructure
 
ONOS-based Location and Load aware Virtually Dedicated Container Networking o...
ONOS-based Location and Load aware Virtually Dedicated Container Networking o...ONOS-based Location and Load aware Virtually Dedicated Container Networking o...
ONOS-based Location and Load aware Virtually Dedicated Container Networking o...
 
Towards the extinction of mega data centres? To which extent should the Clou...
Towards the extinction of mega data centres? To which extent should the Clou... Towards the extinction of mega data centres? To which extent should the Clou...
Towards the extinction of mega data centres? To which extent should the Clou...
 
Network Softwarization
Network SoftwarizationNetwork Softwarization
Network Softwarization
 

Más de Stefano Salsano

Dataplane programming with eBPF: architecture and tools
Dataplane programming with eBPF: architecture and toolsDataplane programming with eBPF: architecture and tools
Dataplane programming with eBPF: architecture and toolsStefano Salsano
 
SRv6 experience for italy iPv6 council
SRv6 experience for italy iPv6 councilSRv6 experience for italy iPv6 council
SRv6 experience for italy iPv6 councilStefano Salsano
 
Ieee nfv-sdn-2020-srv6-tutorial
Ieee nfv-sdn-2020-srv6-tutorialIeee nfv-sdn-2020-srv6-tutorial
Ieee nfv-sdn-2020-srv6-tutorialStefano Salsano
 
Testbeds IntErconnections with L2 overlays - SRv6 for SFC
Testbeds IntErconnections with L2 overlays - SRv6 for SFCTestbeds IntErconnections with L2 overlays - SRv6 for SFC
Testbeds IntErconnections with L2 overlays - SRv6 for SFCStefano Salsano
 
Energy-efficient Path Allocation Heuristic for Service Function Chaining
Energy-efficient Path Allocation Heuristic for Service Function ChainingEnergy-efficient Path Allocation Heuristic for Service Function Chaining
Energy-efficient Path Allocation Heuristic for Service Function ChainingStefano Salsano
 
Extending OpenVIM R3 to support Unikernels (and Xen)
Extending OpenVIM R3 to support Unikernels (and Xen)Extending OpenVIM R3 to support Unikernels (and Xen)
Extending OpenVIM R3 to support Unikernels (and Xen)Stefano Salsano
 
RDCL 3D, a Model Agnostic Web Framework for the Design and Composition of NFV...
RDCL 3D, a Model Agnostic Web Framework for the Design and Composition of NFV...RDCL 3D, a Model Agnostic Web Framework for the Design and Composition of NFV...
RDCL 3D, a Model Agnostic Web Framework for the Design and Composition of NFV...Stefano Salsano
 
Superfluid networking for 5G: vision and state of the art
Superfluid networking for 5G: vision and state of the artSuperfluid networking for 5G: vision and state of the art
Superfluid networking for 5G: vision and state of the artStefano Salsano
 
Superfluid Deployment of Virtual Functions: Exploiting Mobile Edge Computing ...
Superfluid Deployment of Virtual Functions: Exploiting Mobile Edge Computing ...Superfluid Deployment of Virtual Functions: Exploiting Mobile Edge Computing ...
Superfluid Deployment of Virtual Functions: Exploiting Mobile Edge Computing ...Stefano Salsano
 
Extending ETSI VNF descriptors and OpenVIM to support Unikernels
Extending ETSI VNF descriptors and OpenVIM to support UnikernelsExtending ETSI VNF descriptors and OpenVIM to support Unikernels
Extending ETSI VNF descriptors and OpenVIM to support UnikernelsStefano Salsano
 
Superfluid Orchestration of heterogeneous Reusable Functional Blocks for 5G n...
Superfluid Orchestration of heterogeneous Reusable Functional Blocks for 5G n...Superfluid Orchestration of heterogeneous Reusable Functional Blocks for 5G n...
Superfluid Orchestration of heterogeneous Reusable Functional Blocks for 5G n...Stefano Salsano
 
Deploying of Unikernels in the NFV Infrastructure
Deploying of Unikernels in the NFV InfrastructureDeploying of Unikernels in the NFV Infrastructure
Deploying of Unikernels in the NFV InfrastructureStefano Salsano
 
Tuning VIM performance for unikernels
Tuning VIM performance for unikernelsTuning VIM performance for unikernels
Tuning VIM performance for unikernelsStefano Salsano
 
Superfluid NFV: VMs and Virtual Infrastructure Managers speed-up for instanta...
Superfluid NFV: VMs and Virtual Infrastructure Managers speed-up for instanta...Superfluid NFV: VMs and Virtual Infrastructure Managers speed-up for instanta...
Superfluid NFV: VMs and Virtual Infrastructure Managers speed-up for instanta...Stefano Salsano
 
Input for Cloud and mobile
Input for Cloud and mobileInput for Cloud and mobile
Input for Cloud and mobileStefano Salsano
 
Generalized Virtual Networking, an enabler for Service Centric Networking and...
Generalized Virtual Networking, an enabler for Service Centric Networking and...Generalized Virtual Networking, an enabler for Service Centric Networking and...
Generalized Virtual Networking, an enabler for Service Centric Networking and...Stefano Salsano
 
OSHI - Open Source Hybrid IP/SDN networking @EWSDN14
OSHI - Open Source Hybrid IP/SDN networking @EWSDN14OSHI - Open Source Hybrid IP/SDN networking @EWSDN14
OSHI - Open Source Hybrid IP/SDN networking @EWSDN14Stefano Salsano
 

Más de Stefano Salsano (18)

Dataplane programming with eBPF: architecture and tools
Dataplane programming with eBPF: architecture and toolsDataplane programming with eBPF: architecture and tools
Dataplane programming with eBPF: architecture and tools
 
SRv6 experience for italy iPv6 council
SRv6 experience for italy iPv6 councilSRv6 experience for italy iPv6 council
SRv6 experience for italy iPv6 council
 
Ieee nfv-sdn-2020-srv6-tutorial
Ieee nfv-sdn-2020-srv6-tutorialIeee nfv-sdn-2020-srv6-tutorial
Ieee nfv-sdn-2020-srv6-tutorial
 
hpsr-2020-srv6-tutorial
hpsr-2020-srv6-tutorialhpsr-2020-srv6-tutorial
hpsr-2020-srv6-tutorial
 
Testbeds IntErconnections with L2 overlays - SRv6 for SFC
Testbeds IntErconnections with L2 overlays - SRv6 for SFCTestbeds IntErconnections with L2 overlays - SRv6 for SFC
Testbeds IntErconnections with L2 overlays - SRv6 for SFC
 
Energy-efficient Path Allocation Heuristic for Service Function Chaining
Energy-efficient Path Allocation Heuristic for Service Function ChainingEnergy-efficient Path Allocation Heuristic for Service Function Chaining
Energy-efficient Path Allocation Heuristic for Service Function Chaining
 
Extending OpenVIM R3 to support Unikernels (and Xen)
Extending OpenVIM R3 to support Unikernels (and Xen)Extending OpenVIM R3 to support Unikernels (and Xen)
Extending OpenVIM R3 to support Unikernels (and Xen)
 
RDCL 3D, a Model Agnostic Web Framework for the Design and Composition of NFV...
RDCL 3D, a Model Agnostic Web Framework for the Design and Composition of NFV...RDCL 3D, a Model Agnostic Web Framework for the Design and Composition of NFV...
RDCL 3D, a Model Agnostic Web Framework for the Design and Composition of NFV...
 
Superfluid networking for 5G: vision and state of the art
Superfluid networking for 5G: vision and state of the artSuperfluid networking for 5G: vision and state of the art
Superfluid networking for 5G: vision and state of the art
 
Superfluid Deployment of Virtual Functions: Exploiting Mobile Edge Computing ...
Superfluid Deployment of Virtual Functions: Exploiting Mobile Edge Computing ...Superfluid Deployment of Virtual Functions: Exploiting Mobile Edge Computing ...
Superfluid Deployment of Virtual Functions: Exploiting Mobile Edge Computing ...
 
Extending ETSI VNF descriptors and OpenVIM to support Unikernels
Extending ETSI VNF descriptors and OpenVIM to support UnikernelsExtending ETSI VNF descriptors and OpenVIM to support Unikernels
Extending ETSI VNF descriptors and OpenVIM to support Unikernels
 
Superfluid Orchestration of heterogeneous Reusable Functional Blocks for 5G n...
Superfluid Orchestration of heterogeneous Reusable Functional Blocks for 5G n...Superfluid Orchestration of heterogeneous Reusable Functional Blocks for 5G n...
Superfluid Orchestration of heterogeneous Reusable Functional Blocks for 5G n...
 
Deploying of Unikernels in the NFV Infrastructure
Deploying of Unikernels in the NFV InfrastructureDeploying of Unikernels in the NFV Infrastructure
Deploying of Unikernels in the NFV Infrastructure
 
Tuning VIM performance for unikernels
Tuning VIM performance for unikernelsTuning VIM performance for unikernels
Tuning VIM performance for unikernels
 
Superfluid NFV: VMs and Virtual Infrastructure Managers speed-up for instanta...
Superfluid NFV: VMs and Virtual Infrastructure Managers speed-up for instanta...Superfluid NFV: VMs and Virtual Infrastructure Managers speed-up for instanta...
Superfluid NFV: VMs and Virtual Infrastructure Managers speed-up for instanta...
 
Input for Cloud and mobile
Input for Cloud and mobileInput for Cloud and mobile
Input for Cloud and mobile
 
Generalized Virtual Networking, an enabler for Service Centric Networking and...
Generalized Virtual Networking, an enabler for Service Centric Networking and...Generalized Virtual Networking, an enabler for Service Centric Networking and...
Generalized Virtual Networking, an enabler for Service Centric Networking and...
 
OSHI - Open Source Hybrid IP/SDN networking @EWSDN14
OSHI - Open Source Hybrid IP/SDN networking @EWSDN14OSHI - Open Source Hybrid IP/SDN networking @EWSDN14
OSHI - Open Source Hybrid IP/SDN networking @EWSDN14
 

Último

How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)Damian Radcliffe
 
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...SofiyaSharma5
 
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl ServiceRussian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl Servicegwenoracqe6
 
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Callshivangimorya083
 
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024APNIC
 
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.soniya singh
 
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call GirlVIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girladitipandeya
 
Radiant Call girls in Dubai O56338O268 Dubai Call girls
Radiant Call girls in Dubai O56338O268 Dubai Call girlsRadiant Call girls in Dubai O56338O268 Dubai Call girls
Radiant Call girls in Dubai O56338O268 Dubai Call girlsstephieert
 
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine ServiceHot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Servicesexy call girls service in goa
 
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With RoomVIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Roomgirls4nights
 
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...Sheetaleventcompany
 
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxAWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxellan12
 
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls KolkataVIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providersMoving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providersDamian Radcliffe
 
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With RoomVIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Roomishabajaj13
 
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607dollysharma2066
 

Último (20)

How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)
 
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
 
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
 
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl ServiceRussian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
 
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
 
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
 
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
 
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
 
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call GirlVIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
 
Radiant Call girls in Dubai O56338O268 Dubai Call girls
Radiant Call girls in Dubai O56338O268 Dubai Call girlsRadiant Call girls in Dubai O56338O268 Dubai Call girls
Radiant Call girls in Dubai O56338O268 Dubai Call girls
 
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine ServiceHot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
 
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With RoomVIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
 
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
 
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxAWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
 
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls KolkataVIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providersMoving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
 
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICECall Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
 
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With RoomVIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
 
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
 

D-STREAMON - NFV-capable distributed framework for network monitoring

  • 1. D-STREAMON - NFV-capable distributed framework for network monitoring Davide Palmisano(1,2), Pier Luigi Ventre(2), Alberto Caponi(1), Giuseppe Siracusano(2), Stefano Salsano(1,2), Marco Bonola(1), Giuseppe Bianchi(1,2) (1) CNIT – (2) University of Rome “Tor Vergata” Soft5 Workshop - First International Workshop on Softwarized Infrastructures for 5G and Fog Computing, in conjunction with ITC 29 Genoa, Italy - 8th September, 2017
  • 2. 2 Outline • SCISSOR project highlights • Network Monitoring in a Distributed Cloud / NFV environment • From StreaMon to Distributed StreaMon (D-StreaMon) • Deployment of D-StreaMon over a Cloud Infrastructure
  • 3. 3 The SCISSOR Project – Security in trusted SCADA and smart-grids Assystem Engineering and operation services (FR) AGH University of Science and Technology of Krakow (PL) UPMC university Pierre and Marie Curie (FR) SixSq Sàrl (CH) Consorzio Nazionale Interuniversitario per le Telecomunicazioni (IT) RADIO6ENSE (IT) Salzburg Research Forschungsgesellschaft mbH (AT) Katholieke Universiteit Leuven (BE) SEA Società Elettrica di Favignana S.p.a. (IT) The partners
  • 4. 4 SCISSOR in a nutshell A highly scalable ICS/SCADA security monitoring framework • Integration of a wide range of heterogeneous sensors • A dynamically adaptable, distributed data aggregation framework • Advanced detection and correlation models as extensions to a conventional SIEM • Exploitation of modern cloud-computing concepts
  • 6. 8 Outline SCISSOR project highlights Network Monitoring in a Distributed Cloud / NFV environment From StreaMon to Distributed StreaMon (D-StreaMon) Deployment of D-StreaMon over a Cloud Infrastructure
  • 7. 9 Network Monitoring in a Distributed Cloud / NFV environment •Once upon a time : - physical servers and hosts, physical network devices and wires to be monitored •Nowadays : - Server and hosts are distributed in the cloud - Security systems or hardware based middleboxes are substituted by virtualized network function running on commodity hardware From physical to virtual infrastructure
  • 8. 10 Network Monitoring in a Distributed Cloud / NFV environment •Cyber-threats can easily break the controls performed by the standard procedures which aims at monitor the perimeter of an infrastructure •We need innovative approaches in the defense techniques and the deployment of a widespread monitoring New threats
  • 9. 11 Network Monitoring in a Distributed Cloud / NFV environment Network core Cloud Data Centers Fog Nodes Local Nodes Local sensors/actuators For example, in the SCISSOR project testbed we have a «Cloud in a box» solution, called NuvlaBox installed in an electric cabin in Favignana island
  • 10. 12 Network Monitoring in a Distributed Cloud / NFV environment Network core Cloud Data Centers Fog Nodes Local Nodes Local sensors/actuators Monitoring probes distributed on the Cloud Infrastructure
  • 11. 13 Outline • SCISSOR project highlights • Network Monitoring in a Distributed Cloud / NFV environment • From StreaMon to Distributed StreaMon (D-StreaMon) • Deployment of D-StreaMon over a Cloud Infrastructure
  • 12. 14 StreaMon : architecture of a single probe Stream based analysis • Wire-speed, strict real time • Memory-efficient operation, no on-board DBs • Data reduction, mining only data you really need Very powerful technical approach • Especially when (controlled) approx is OK • Multi-hash data structures (Bloom, sketches, etc) Stream Analysis (on the fly) Raw link traffic (huge rate) (partial) results, filtering
  • 13. 15 StreaMon : architecture of a single probe M1 Metric Layer M2 M3 Feature Layer F1 = M1+M2 F2 = M3/M2 Decision Layer if (f1>200) then ACTION if (f2<.05) then ACTION Event Layer Timeouts Status Table Capture Engine incoming packet state transition timeout update timeout expiration Logic subsystem Measurement subsystem
  • 14. 16 What the programmer describes Define application-specific STATES • If/when needed Specify EVENTS • Triggered by packet arrival: i) matching rule (e.g. TCP SYN) ii) extract flow key • Timeouts Instantiate METRICS (sketch-based & DLEFT-based) Define FEATURES Define STATE MACHINE: transition events, metric updates, conditions, associated ACTIONS No need to know HOW all this is implemented inside the box: just an API!
  • 15. 17 State machine description in XML <event type="packet" selector="proto tcp and dst_port 502 and modbus_fc 8" primary-key="ip_src"> <state id="default"> <use-metric id="m1" vd_update="ip_src-ip_dst" vm_update="ip_src"/> <condition> expression="rate > 10" action=”Publish(log, Suspected scan from %ip_src)" next_state="suspect"> </condition> </state> <state id=”suspect”> <use-metric id=”m1” vd_update=”ip_src-ip_dst” vm_update=”ip_src” /> <condition> expression="rate > 20" action=”Publish(log, Detected scan from %ip_src); Publish(raw, raw)" next_state="" </condition> </state> </event>
  • 16. 18 StreaMon life-cycle is static & on the probe • Designed for a single host • All the steps run on the platform • Static XML configurations • StreaMon is re-compiled at each run • No dynamic re-configuration of parameters • Metric/Feature changes need restart • Hard to retrieve monitoring informations • Monitoring logs at screen Host Host Host Host Host Host Probe Probe Probe
  • 17. 19 StreaMon becomes distributed: D-StreaMon Config. Repository Host Host Host Host Host Host Probe Probe Probe Controller Aggregated Logs Logs Logs Logs Deploy Execute Configure & Compile Deploy Deploy
  • 18. 20 Controller (Management) TITRE DE LA PARTIE •Design and deploy the distributed monitoring network (probes) •Customize probe configuration •Dynamically re-configure probes •Centralized compilation Probes (Execution) •Just run the logic without compilation overhead! •Publish monitoring data on Ømq channels D-StreaMon: decoupling StreaMon management from execution
  • 19. 21 Implementation • Easily configure deployment actions defining playbooks • Playbooks express configurations, deployment, and orchestration • Each Playbook maps a group of hosts to a set of roles • Each role is represented by calls to Ansible call tasks • Abstraction library for sockets • Simple publish/subscribe network communication • Easily aggregate monitoring information using proxy
  • 20. 22 Semaphore based GUI for the control component
  • 21. 23 Outline • SCISSOR project highlights • Network Monitoring in a Distributed Cloud / NFV environment • From StreaMon to Distributed StreaMon (D-StreaMon) • Deployment of D-StreaMon over a Cloud Infrastructure
  • 22. 24 Network Monitoring in a Distributed Cloud / NFV environment Network core Cloud Data Centers Fog Nodes Local Nodes Local sensors/actuators Monitoring probes distributed on the Cloud Infrastructure
  • 23. 25 Network Monitoring in a Distributed Cloud / NFV environment Network core Cloud Data Centers Fog Nodes Local Nodes Local sensors/actuators OS and Drivers Cloud Platform + Container Manager App VM App Container OS and Drivers Cloud Platform + Container Manager App VM App Container
  • 24. Neutron bridge D-StreaMon Orchestration framework Probes and VMs instantiation Configuration and Management Decisions And Actions Legacy or SDN network (data plane) D-StreaMon SDN Controller Virtual Infrastructure Manager REST Mirroring SSH 0mqLegacy (management plane) VM Probe Cloud Infrastructure Virtual Switch
  • 25. Neutron bridge D-StreaMon Orchestration framework Probes and VMs instantiation Configuration and Management Decisions And Actions Legacy or SDN network (data plane) D-StreaMon SDN Controller Virtual Infrastructure Manager REST Mirroring SSH 0mqLegacy (management plane) VM Probe Cloud Infrastructure Virtual Switch
  • 26. 28 Probes as processes vs. probes as containers Probes as processes Probes as containers Pros Cons Better performance Less isolation No mirroring overhead Process management Pros Cons Better isolation Performance Simple deployment Mirroring overhead
  • 27. 29 Probes as processes vs. probes as containers
  • 28. 30 Thank you. Questions? Contacts Stefano Salsano University of Rome Tor Vergata / CNIT stefano.salsano@uniroma2.it http://scissor-project.com / The work presented here only covers a subset of the work performed in the project
  • 29. 31 References • SCISSOR project Home Page http://superfluidity.eu/ • D. Palmisano, P. L. Ventre, A. Caponi, G. Siracusano, S. Salsano, M. Bonola, G. Bianchi, “D-STREAMON – NFV-capable distributed framework for network monitoring”, Soft5 Workshop, 1st International Workshop on Softwarized Infrastructures for 5G and Fog Computing, in conjunction with 29th ITC conference, Genoa, Italy, 8th September 2017 • P. L. Ventre, A. Caponi, G. Siracusano, D. Palmisano, S. Salsano, M. Bonola, G. Bianchi, “D-STREAMON: from middlebox to distributed NFV framework for network monitoring”, demo paper, IEEE International Symposium on Local and Metropolitan Area Networks (LANMAN 2017), Osaka, Japan, 2017
  • 30. 32 The SCISSOR project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No. 644425 (Research and Innovation Action). The information given is the author’s view and does not necessarily represent the view of the European Commission (EC). No liability is accepted for any use that may be made of the information contained.