DOCSLIB.ORG

Deploying and Managing Network Services Over Programmable Virtual Networks

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

UNIVERSIDADE FEDERAL DO RIO GRANDE DO SUL INSTITUTO DE INFORMÁTICA PROGRAMA DE PÓS-GRADUAÇÃO EM COMPUTAÇÃO RICARDO LUIS DOS SANTOS Deploying and Managing Network Services over Programmable Virtual Networks Thesis presented in partial fulfillment of the requirements for the degree of Doctor of Computer Science Advisor: Prof. Dr. Lisandro Zambenedetti Granville Coadvisor: Prof.a Dr.a Liane M. Rockenbach Tarouco Porto Alegre September 2018 CIP – CATALOGING-IN-PUBLICATION Santos, Ricardo Luis dos Deploying and Managing Network Services over Pro- grammable Virtual Networks / Ricardo Luis dos Santos. – Porto Alegre: PPGC da UFRGS, 2018. 177 f.: il. Thesis (Ph.D.) – Universidade Federal do Rio Grande do Sul. Programa de Pós-Graduação em Computação, Porto Alegre, BR– RS, 2018. Advisor: Lisandro Zambenedetti Granville; Coadvisor: Liane M. Rockenbach Tarouco. 1. Network Programmability. 2. Network Marketplace. 3. Network Applications. 4. Programmable Virtual Networks. I. Granville, Lisandro Zambenedetti. II. Tarouco, Liane M. Rock- enbach. III. Título. UNIVERSIDADE FEDERAL DO RIO GRANDE DO SUL Reitor: Prof. Rui Vicente Oppermann Vice-Reitor: Profa. Jane Fraga Tutikian Pró-Reitor de Pós-Graduação: Prof. Celso Giannetti Loureiro Chaves Diretor do Instituto de Informática: Profa. Carla Maria Dal Sasso Freitas Coordenador do PPGC: Prof. João Luiz Dihl Comba Bibliotecária-chefe do Instituto de Informática: Beatriz Regina Bastos Haro “I don’t believe in magic. I believe in hard work.” —RICHIE MCCAW (ALL BLACKS CAPTAIN) ACKNOWLEDGEMENTS Acknowledgements are written in Portuguese because of my family. Meus sinceros agradecimentos para todos aqueles que confiaram em mim e que me apoiaram nos mo- mentos mais difíceis, a saber, minha mãe, meu pai, meu irmão, minha namorada, meu orientador, os verdadeiros amigos, os colegas (de trabalho e da UFRGS) e também todos os conhecidos. Saibam que todos vocês tiveram uma parcela de suma importância e me ajudaram a seguir em frente. Ainda, gostaria de agradecer também todos aqueles que, em algum momento, duvidaram ou colocaram alguma barreira para eu atingir meus objetivos. Saibam que vocês me fortaleceram nos momentos que eu mais precisei. Muito obrigado! ABSTRACT Several companies and standardization bodies have attempted to define standards and find solutions for networks that support virtualization and programmability (also known as Programmable Virtual Networks - PVNs), such as Juniper Junos, Cisco ONE, OpenFlow, ETSI NFV, and IETF ForCES. These solutions provide an Execution Environment (EE) that supports the deployment of Network Applications (NetApps). However, in the case of PVNs, several tasks are complex and repetitive, mainly because the PVN owners must have an extensive knowledge of the device instructions to deploy and manage NetApps. A few years ago, Apple and Google overcame similar shortcomings by introducing online marketplaces. The successful paradigm for mobile application stores could be applied to the networking market, and this could help PVN owners to deploy and manage NetApps in their PVNs. In this thesis, we review the state-of-the-art of network programmability and virtualization, as well as discuss their main drawbacks. Following this, we analyze the historical background of marketplaces with regard to networking paradigms to define the essential design goals for a reference network marketplace. Thus, inspired by the main drawbacks and essential design goals, we propose the App2net ecosystem. App2net empowers PVN owners, who do not know the specific features of the underlying infras- tructure, to deploy and manage NetApps in PVNs formed of different EEs. We conducted a case study to evaluate our ecosystem, which contains all the steps for a third-party de- veloper to describe and publish an innovative network service. Then, we describe the main interactions for a PVN owner when deploying and managing this network service in a PVN with heterogenous EEs. Also, we implemented a prototype of App2net to evaluate the feasibility and the impact in terms of the distribution time, CPU usage, and network overhead. When the baseline results are taken into account, App2net demonstrates an ability to reduce the distribution time and the total network traffic generated. At the same time, our ecosystem increases the CPU usage (required to execute it) and also had mini- mal network overhead. Keywords: Network Programmability. Network Marketplace. Network Applications. Programmable Virtual Networks. Implantando e Gerenciando Serviços de Rede em Redes Virtuais Programáveis RESUMO Várias empresas e órgãos de normalização têm tentado definir padrões e buscar soluções para redes que suportam virtualização e programabilidade (também conhecidas como Re- des Virtuais Programáveis - Programmable Virtual Networks - PVNs), tais como Juni- per Junos, Cisco ONE, OpenFlow, ETSI NFV e IETF ForCES. Essas soluções fornecem um ambiente de execução (Execution Environment - EE) que suporta a implantação de Aplicações de Rede (Network Applications - NetApps). No entanto, no caso das PVNs, diversas tarefas são complexas e repetitivas, principalmente porque os proprietários de PVNs devem ter um amplo conhecimento das instruções dos dispositivos para implantar e gerenciar os NetApps. Há alguns anos, a Apple e o Google superaram deficiências se- melhantes ao introduzir lojas on-line. O paradigma de sucesso das lojas de aplicativos móveis poderia ser aplicado ao mercado de redes, e isso poderia auxiliar os proprietários de PVN a implantar e gerenciar NetApps em suas PVNs. Nesta tese, nós revisamos o es- tado da arte da virtualização e programabilidade de redes, bem como discutimos as suas principais desvantagens. Em seguida, nós analisamos o histórico das lojas em relação aos paradigmas de rede para definir os objetivos essenciais de projeto para uma loja de rede de referência. Assim, inspirados pelas principais desvantagens e pelos objetivos essenci- ais de projeto, nós propomos o ecosistema App2net. O App2net capacita os proprietários de PVN, que não conhecem os recursos específicos da infraestrutura subjacente, a im- plantar e gerenciar NetApps em PVNs formadas por diferentes EEs. Nós conduzimos um estudo de caso para avaliar nosso ecosistema, o qual contém todos os passos para um desenvolvedor terceirizado descrever e publicar um serviço de rede inovador. Então, nós descrevemos as principais interações para um proprietário de PVN, ao implantar e gerenciar este serviço de rede em uma PVN com EEs heterogêneos. Ainda, nós imple- mentamos um protótipo do App2net para avaliar a viabilidade e o impacto em termos do tempo de distribuição, uso de CPU e sobrecarga da rede. Quando os resultados de base são considerados, App2net demonstra uma habilidade para reduzir o tempo de distribui- ção e o tráfego total de rede gerado. Ao mesmo tempo, nosso ecosistema incrementa o uso da CPU (necessário para executá-lo) e também teve uma sobrecarga de rede mínima. Palavras-chave: Programabilidade de Redes. Loja de Rede. Aplicações de Rede. Redes Virtuais Programáveis.. LIST OF ABBREVIATIONS AND ACRONYMS 3G Third Generation 3GPP 3rd Generation Partnership Project 6Bone IPv6 Backbone ANTS Active Node Transfer System AON Application-Oriented Networking API Application Programming Interface app Application app2net Applications to Network ASIC Application Specific Integrated Circuits AWS Amazon Web Service CAIDA Center for Applied Internet Data Analysis CAPEX Capital Expenditure CE Control Element COTS Commercial Off-The-Shelf CPU Central Processing Unit DARPA Defense Advanced Research Projects Agency DB Database DDoS Distributed Denial-of-Service DoS Denial-of-Service DPI Deep Packet Inspection DSL Digital Subscriber Line EC2 Elastic Compute Cloud EE Execution Environment ETSI European Telecommunications Standards Institute FDM Frequency Division Multiplexing FE Forwarding Element FIFO First In First Out ForCES Forwarding and Control Element Separation FPGA Field Programmable Gate Array GB Gigabyte Gbps Gigabits per second GHz Gigahertz GRE Generic Routing Encapsulation HPE Hewlett-Packard Enterprise HTTP Hypertext Transfer Protocol IETF Internet Engineering Task Force iMPROVE Marketplace for Programmable Virtual Network IoT Internet of Things iOS iPhone Operating System IP Internet Protocol IPSec Internet Protocol Security IPv6 Internet Protocol version 6 ISG Industry Specification Group ISP Internet Service Provider IT Information Technology JDN Juniper Developer Network JPSM Juniper Professional Services Marketplace JSON JavaScript Object Notation JunOS Junos Operating System KB Kilobyte L2 Layer 2 L3 Layer 3 L1VPN Layer 1 Virtual Private Network L2VPN Layer 2 Virtual Private Network L3VPN Layer 3 Virtual Private Network LAN Local Area Network MANO Management & Orchestration MB Megabyte MBone Mutlticast Backbone MIB Management Information Base NACR Network Application Code Repository NAD Network Application Descriptor NAT Network Address Translation NetApp Network Application NETCONF Network configuration NetFPGA Network Field Programmable Gate Array NFV Network Functions Virtualization NIC Network Interface Card NIST National Institute of Standards and Technology NS2 Network Simulator version 2 NS3 Network Simulator version 3 NSD Network Service Descriptor NTP Network Time Protocol NVE Network Virtualization Environment ONE Open Network Environment ONF Open Network Foundation onePK Open Network Environment Platform Kit OPEX Operational Expenditure OPNFV Open Platform for Network Functions Virtualization OS Operating System OSI Open Systems Interconnection
Recommended publications
  • SOLUTIONS Products &

    SOLUTIONS Products &

    Top Brands • Quality Equipment • Total Solutions Products & Splicing Equipment SOLUTIONS Test Equipment Consumables & Tools Cable Connectivity Cable Assemblies Outside Plant Cable Management Active Components Premise Security 2016–2017 Product Catalog Part of the Group Company Profile ince its formation in 1995, FiberOptic.com has become the number one on-line provider of fiber optic products, Straining and rental solutions. The Fiber Optic Marketplace, LLC began as an on-line business–to–business portal for the fiber optic community, and has expanded its business both domestically and internationally. The company’s customers include Fortune 500 companies, telecommunications providers, the military, installers, contractors and educational institutions from across the globe. In addition to efficient product distribution, FiberOptic.com offers classroom, on– site and on-line training courses for individuals interested in fiber optic theory and installation. Experienced fiber optics instructors conduct training classes throughout the year at our location in Breinigsville, Pennsylvania. On-site training programs are also available for groups of six students or more. The company also offers equipment rentals including fusion splicers and OTDRs. The Fiber Optic Marketplace, LLC is committed to maintaining excellent customer service and client relations. As we continue into the future, the company will continue to offer expertise in the field of fiber optics by providing customized solutions for our customers’ project requirements. We will continue to uphold our status as the number one on-line provider of fiber optic products, training and rental solutions. SHIPPING OPTIONS • Same day shipping for in-stock products ordered before 3PM EST. • You choose your shipping method: UPS, FedEx, DHL or U.S.
  • Extreme Networks EXOS V12.3.6.2 EAL3+ ST

    Extreme Networks EXOS V12.3.6.2 EAL3+ ST

    Extreme Networks, Inc. ExtremeXOS Network Operating System v12.3.6.2 Security Target Evaluation Assurance Level: EAL3+ Document Version: 0.9 Prepared for: Prepared by: Extreme Networks, Inc. Corsec Security, Inc. 3585 Monroe Street 13135 Lee Jackson Memorial Hwy., Suite 220 Santa Clara, CA 95051 Fairfax, VA 22033 Phone: +1 408 579 2800 Phone: +1 703 267 6050 http://www.extremenetworks.com http://www.corsec.c om Security Target , Version 0.9 March 12, 2012 Table of Contents 1 INTRODUCTION ................................................................................................................... 4 1.1 PURPOSE ................................................................................................................................................................ 4 1.2 SECURITY TARGET AND TOE REFERENCES ...................................................................................................... 4 1.3 TOE OVERVIEW ................................................................................................................................................... 5 1.3.1 TOE Environment ................................................................................................................................................... 5 1.4 TOE DESCRIPTION .............................................................................................................................................. 6 1.4.1 Architecture .............................................................................................................................................................
  • Test-Beds and Guidelines for Securing Iot Products and for Secure Set-Up Production Environments

    Test-Beds and Guidelines for Securing Iot Products and for Secure Set-Up Production Environments

    IoT4CPS – Trustworthy IoT for CPS FFG - ICT of the Future Project No. 863129 Deliverable D7.4 Test-beds and guidelines for securing IoT products and for secure set-up production environments The IoT4CPS Consortium: AIT – Austrian Institute of Technology GmbH AVL – AVL List GmbH DUK – Donau-Universit t Krems I!AT – In"neon Technologies Austria AG #KU – JK Universit t Lin$ / Institute for &ervasive 'om(uting #) – Joanneum )esearch !orschungsgesellschaft mbH *+KIA – No,ia -olutions an. Net/or,s 0sterreich GmbH *1& – *1& -emicon.uctors Austria GmbH -2A – -2A )esearch GmbH -)!G – -al$burg )esearch !orschungsgesellschaft -''H – -oft/are 'om(etence 'enter Hagenberg GmbH -AG0 – -iemens AG 0sterreich TTTech – TTTech 'om(utertechni, AG IAIK – TU Gra$ / Institute for A((lie. Information &rocessing an. 'ommunications ITI – TU Gra$ / Institute for Technical Informatics TU3 – TU 3ien / Institute of 'om(uter 4ngineering 1*4T – 1-Net -ervices GmbH © Copyright 2020, the Members of the IoT4CPS Consortium !or more information on this .ocument or the IoT5'&- (ro6ect, (lease contact8 9ario Drobics7 AIT Austrian Institute of Technology7 mario:.robics@ait:ac:at IoT4C&- – <=>?@A Test-be.s an. guidelines for securing IoT (ro.ucts an. for secure set-up (ro.uction environments Dissemination level8 &U2LI' Document Control Title8 Test-be.s an. gui.elines for securing IoT (ro.ucts an. for secure set-u( (ro.uction environments Ty(e8 &ublic 4.itorBsC8 Katharina Kloiber 4-mail8 ,,;D-net:at AuthorBsC8 Katharina Kloiber, Ni,olaus DEr,, -ilvio -tern )evie/erBsC8 -te(hanie von )E.en, Violeta Dam6anovic, Leo Ha((-2otler Doc ID8 DF:5 Amendment History Version Date Author Description/Comments VG:? ?>:G?:@G@G -ilvio -tern Technology Analysis VG:@ ?G:G>:@G@G -ilvio -tern &ossible )esearch !iel.s for the -2I--ystem VG:> >?:G<:@G@G Katharina Kloiber Initial version (re(are.
  • Github: a Case Study of Linux/BSD Perceptions from Microsoft's

    Github: a Case Study of Linux/BSD Perceptions from Microsoft's

    1 FLOSS != GitHub: A Case Study of Linux/BSD Perceptions from Microsoft’s Acquisition of GitHub Raula Gaikovina Kula∗, Hideki Hata∗, Kenichi Matsumoto∗ ∗Nara Institute of Science and Technology, Japan {raula-k, hata, matumoto}@is.naist.jp Abstract—In 2018, the software industry giants Microsoft made has had its share of disagreements with Microsoft [6], [7], a move into the Open Source world by completing the acquisition [8], [9], the only reported negative opinion of free software of mega Open Source platform, GitHub. This acquisition was not community has different attitudes towards GitHub is the idea without controversy, as it is well-known that the free software communities includes not only the ability to use software freely, of ‘forking’ so far, as it it is considered as a danger to FLOSS but also the libre nature in Open Source Software. In this study, development [10]. our aim is to explore these perceptions in FLOSS developers. We In this paper, we report on how external events such as conducted a survey that covered traditional FLOSS source Linux, acquisition of the open source platform by a closed source and BSD communities and received 246 developer responses. organization triggers a FLOSS developers such the Linux/ The results of the survey confirm that the free community did trigger some communities to move away from GitHub and raised BSD Free Software communities. discussions into free and open software on the GitHub platform. The study reminds us that although GitHub is influential and II. TARGET SUBJECTS AND SURVEY DESIGN trendy, it does not representative all FLOSS communities.
  • Network Devices Configuration Guide for Packetfence Version 6.5.0 Network Devices Configuration Guide by Inverse Inc

    Network Devices Configuration Guide for Packetfence Version 6.5.0 Network Devices Configuration Guide by Inverse Inc

    Network Devices Configuration Guide for PacketFence version 6.5.0 Network Devices Configuration Guide by Inverse Inc. Version 6.5.0 - Jan 2017 Copyright © 2017 Inverse inc. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the section entitled "GNU Free Documentation License". The fonts used in this guide are licensed under the SIL Open Font License, Version 1.1. This license is available with a FAQ at: http:// scripts.sil.org/OFL Copyright © Łukasz Dziedzic, http://www.latofonts.com, with Reserved Font Name: "Lato". Copyright © Raph Levien, http://levien.com/, with Reserved Font Name: "Inconsolata". Table of Contents About this Guide ............................................................................................................... 1 Other sources of information ..................................................................................... 1 Note on Inline enforcement support ................................................................................... 2 List of supported Network Devices ..................................................................................... 3 Switch configuration .......................................................................................................... 4 Assumptions ............................................................................................................
  • Glossaire Des Protocoles Réseau

    Glossaire Des Protocoles Réseau

    Glossaire des protocoles réseau - EDITION LIVRES POUR TOUS - http://www.livrespourtous.com/ Mai 2009 A ALOHAnet ALOHAnet, également connu sous le nom ALOHA, est le premier réseau de transmission de données faisant appel à un média unique. Il a été développé par l'université d'Hawaii. Il a été mis en service en 1970 pour permettre les transmissions de données par radio entre les îles. Bien que ce réseau ne soit plus utilisé, ses concepts ont été repris par l'Ethernet. Histoire C'est Norman Abramson qui est à l'origine du projet. L'un des buts était de créer un réseau à faible coût d'exploitation pour permettre la réservation des chambres d'hôtels dispersés dans l'archipel d'Hawaï. Pour pallier l'absence de lignes de transmissions, l'idée fut d'utiliser les ondes radiofréquences. Au lieu d'attribuer une fréquence à chaque transmission comme on le faisait avec les technologies de l'époque, tout le monde utiliserait la même fréquence. Un seul support (l'éther) et une seule fréquence allaient donner des collisions entre paquets de données. Le but était de mettre au point des protocoles permettant de résoudre les collisions qui se comportent comme des perturbations analogues à des parasites. Les techniques de réémission permettent ainsi d'obtenir un réseau fiable sur un support qui ne l'est pas. APIPA APIPA (Automatic Private Internet Protocol Addressing) ou IPv4LL est un processus qui permet à un système d'exploitation de s'attribuer automatiquement une adresse IP, lorsque le serveur DHCP est hors service. APIPA utilise la plage d'adresses IP 169.254.0.0/16 (qu'on peut également noter 169.254.0.0/255.255.0.0), c'est-à-dire la plage dont les adresses vont de 169.254.0.0 à 169.254.255.255.
  • KINTSUGI Identifying & Addressing Challenges in Embedded Binary

    KINTSUGI Identifying & Addressing Challenges in Embedded Binary

    KINTSUGI Identifying & addressing challenges in embedded binary security jos wetzels Supervisors: Prof. dr. Sandro Etalle Ali Abbasi, MSc. Department of Mathematics and Computer Science Eindhoven University of Technology (TU/e) June 2017 Jos Wetzels: Kintsugi, Identifying & addressing challenges in embed- ded binary security, © June 2017 To my family Kintsugi ("golden joinery"), is the Japanese art of repairing broken pottery with lacquer dusted or mixed with powdered gold, silver, or platinum. As a philosophy, it treats breakage and repair as part of the history of an object, rather than something to disguise. —[254] ABSTRACT Embedded systems are found everywhere from consumer electron- ics to critical infrastructure. And with the growth of the Internet of Things (IoT), these systems are increasingly interconnected. As a re- sult, embedded security is an area of growing concern. Yet a stream of offensive security research, as well as real-world incidents, contin- ues to demonstrate how vulnerable embedded systems actually are. This thesis focuses on binary security, the exploitation and miti- gation of memory corruption vulnerabilities. We look at the state of embedded binary security by means of quantitative and qualitative analysis and identify several gap areas and show embedded binary security to lag behind the general purpose world significantly. We then describe the challenges and limitations faced by embedded exploit mitigations and identify a clear open problem area that war- rants attention: deeply embedded systems. Next, we outline the cri- teria for a deeply embedded exploit mitigation baseline. Finally, as a first step to addressing this problem area, we designed, implemented and evaluated µArmor : an exploit mitigation baseline for deeply em- bedded systems.
  • Junos OS NAT Configuration Examples for Screenos Users

    Junos OS NAT Configuration Examples for Screenos Users

    Network Configuration Example Junos OS NAT Configuration Examples for ScreenOS Users Published: 2014-01-10 Copyright © 2014, Juniper Networks, Inc. Juniper Networks, Inc. 1194 North Mathilda Avenue Sunnyvale, California 94089 USA 408-745-2000 www.juniper.net Juniper Networks, Junos, Steel-Belted Radius, NetScreen, and ScreenOS are registered trademarks of Juniper Networks, Inc. in the United States and other countries. The Juniper Networks Logo, the Junos logo, and JunosE are trademarks of Juniper Networks, Inc. All other trademarks, service marks, registered trademarks, or registered service marks are the property of their respective owners. Juniper Networks assumes no responsibility for any inaccuracies in this document. Juniper Networks reserves the right to change, modify, transfer, or otherwise revise this publication without notice. Network Configuration Example Junos OS NAT Configuration Examples for ScreenOS Users NCE0073 Copyright © 2014, Juniper Networks, Inc. All rights reserved. The information in this document is current as of the date on the title page. YEAR 2000 NOTICE Juniper Networks hardware and software products are Year 2000 compliant. Junos OS has no known time-related limitations through the year 2038. However, the NTP application is known to have some difficulty in the year 2036. END USER LICENSE AGREEMENT The Juniper Networks product that is the subject of this technical documentation consists of (or is intended for use with) Juniper Networks software. Use of such software is subject to the terms and conditions of the End User License Agreement (“EULA”) posted at http://www.juniper.net/support/eula.html. By downloading, installing or using such software, you agree to the terms and conditions of that EULA.
  • Juniper Networks Inc

    Juniper Networks Inc

    JUNIPER NETWORKS INC FORM 10-K (Annual Report) Filed 02/26/13 for the Period Ending 12/31/12 Address 1194 NORTH MATHILDA AVE SUNNYVALE, CA 94089 Telephone 4087452000 CIK 0001043604 Symbol JNPR SIC Code 3576 - Computer Communications Equipment Industry Communications Equipment Sector Technology Fiscal Year 12/31 http://www.edgar-online.com © Copyright 2013, EDGAR Online, Inc. All Rights Reserved. Distribution and use of this document restricted under EDGAR Online, Inc. Terms of Use. Table of Contents UNITED STATES SECURITIES AND EXCHANGE COMMISSION Washington, D.C. 20549 Form 10-K (Mark One) ANNUAL REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934 For the fiscal year ended December 31, 2012 OR TRANSITION REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934 For the transition period from__________ to____________ Commission file number 001-34501 JUNIPER NETWORKS, INC. (Exact name of registrant as specified in its charter) Delaware 77-0422528 (State or other jurisdiction of incorporation or organization) (IRS Employer Identification No.) 1194 North Mathilda Avenue Sunnyvale, California 94089 (408) 745-2000 (Address of principal executive offices)(Zip Code) ( Registrant's telephone number, including area code) Securities registered pursuant to Section 12(b) of the Act: Title of Each Class Name of Each Exchange on Which Registered Common Stock, par value $0.00001 per share New York Stock Exchange Securities registered pursuant to Section 12(g) of the Act: None Indicate by check mark if the registrant is a well-known seasoned issuer, as defined in Rule 405 of the Securities Act.
  • Sintesi Catalogo Competenze 2

    Sintesi Catalogo Competenze 2

    Internet of Things Competenze Campi di applicazione • Progettazione e sviluppo di firmware su micro • Monitoraggio ambientale meteorologico di para- controllori a basso e bassissimo consumo quali ad metri climatici e parametri della qualità dell’aria, esempio Arduino, Microchip, NXP, Texas Instru- anche in mobilità ments e Freescale • Monitoraggio ambientale distribuito per l’agricol- • Sviluppo su PC embedded basati su processori tura di precisione ARM e sistema operativo Linux quali ad esempio • Monitoraggio della qualità dell’acqua e dei parame- Portux, Odroid, RaspberryPI ed Nvidia Jetson tri di rischio ambientale (alluvioni, frane, ecc.) • Progettazione e sviluppo di Wired e Wireless Sen- • Monitoraggio di ambienti indoor (scuole, bibliote- sor Networks basate su standard quali ZigBee, che, uffici pubblici, ecc) SimpliciTI, 6LoWPAN, 802.15.4 e Modbus • Smart building: efficienza energetica, comfort am- • Progettazione e sviluppo di sistemi ad alimentazio- bientale e sicurezza ne autonoma e soluzioni di Energy harvesting • Utilizzo di piattaforme microUAV per misure distri- • Ottimizzazione di software e protocolli wireless buite, per applicazioni di fotogrammetria, teleme- per l’uso efficiente dell’energia all’interno di nodi tria e cartografia, per sistemi di navigazione auto- ad alimentazione autonoma matica basata su sensoristica e image processing, • Design e prototipazione (con strumenti CAD, pianificazione e gestione delle missioni stampante 3D, ecc) di circuiti elettronici per l’inte- • Smart Grid locale per l’ottimizzazione
  • Deploying IBM Spectrum Accelerate on Cloud

    Deploying IBM Spectrum Accelerate on Cloud

    Front cover Deploying IBM Spectrum Accelerate on Cloud Bert Dufrasne Nancy Kinney Donald Mathisen Christopher Moore Markus Oscheka Ralf Wohlfarth Eric Zhang Redpaper International Technical Support Organization Deploying IBM Spectrum Accelerate on Cloud December 2015 REDP-5261-00 Note: Before using this information and the product it supports, read the information in “Notices” on page v. First Edition (December 2015) This edition applies to IBM Spectrum Accelerate Version 11.5 © Copyright International Business Machines Corporation 2015. All rights reserved. Note to U.S. Government Users Restricted Rights -- Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp. Contents Notices . .v Trademarks . vi IBM Redbooks promotions . vii Preface . ix Authors. ix Now you can become a published author, too . xi Comments welcome. xi Stay connected to IBM Redbooks . xi Chapter 1. Introducing IBM SoftLayer and IBM Spectrum Accelerate . 1 1.1 IBM Cloud computing overview. 2 1.2 IBM SoftLayer Cloud overview . 3 1.3 IBM Spectrum Accelerate . 6 1.3.1 IBM Spectrum Accelerate on Cloud . 7 Chapter 2. IBM Spectrum Accelerate on Cloud . 9 2.1 Description of service . 10 2.2 Customer responsibilities . 11 2.3 Configuration types . 11 2.4 Hardware in SoftLayer data centers . 12 2.5 Ordering process. 12 2.5.1 Order process flow . 12 2.6 Changes to the existing configuration . 13 2.6.1 Increasing capacity and performance . 13 2.6.2 Capacity and performance reduction . 13 2.6.3 Termination of service. 13 2.7 Restrictions . 14 2.7.1 Ordering for use in customer SoftLayer account. 14 2.8 Connectivity.
  • Certification Report Juniper Junos OS 20.2R1 for SRX345, SRX345-DUAL-AC, SRX380 and SRX1500

    Certification Report Juniper Junos OS 20.2R1 for SRX345, SRX345-DUAL-AC, SRX380 and SRX1500

    Australasian Information Security Evaluation Program Certification Report Juniper Junos OS 20.2R1 for SRX345, SRX345-DUAL-AC, SRX380 and SRX1500 Version 1.0, 03 December 2020 Table of contents Executive summary 1 Introduction 3 Overview 3 Purpose 3 Identification 3 Target of Evaluation 5 Overview 5 Description of the TOE 5 TOE Functionality 5 TOE physical boundary 5 Architecture 8 Clarification of scope 9 Evaluated functionality 9 Non-TOE hardware/software/firmware 9 Non-evaluated functionality and services 9 Security 9 Usage 10 Evaluated configuration 10 Secure delivery 10 Installation of the TOE 11 Version verification 11 Documentation and guidance 11 Secure usage 11 ii Evaluation 13 Overview 13 Evaluation procedures 13 Functional testing 13 Entropy testing 13 Penetration testing 13 Certification 14 Overview 14 Assurance 14 Certification result 14 Recommendations 14 Annex A – References and abbreviations 16 References 16 Abbreviations 17 iii Executive summary This report describes the findings of the IT security evaluation of Juniper Networks Junos OS 20.2R1 for SRX345, SRX345-DUAL-AC, SRX380 and SRX1500 appliances against Common Criteria approved Protection Profiles (PPs). Each Juniper Networks SRX Services Gateway appliance is a security system that supports a variety of high-speed interfaces for medium/large networks and network applications. Juniper Networks appliances share common Junos firmware, features, and technology for compatibility across platforms. This report concludes that the Target of Evaluation (TOE) has complied with the following PPs [4]: . collaborative Protection Profile for Network Devices, version 2.1, 24 September 2018 (NDcPP) . PP-Module for Stateful Traffic Filter Firewalls, Version 1.3, 27 September 2019 (FW_MOD) .