Nick Feamster
Total Page:16
File Type:pdf, Size:1020Kb
Load more
Recommended publications
-
Ciena Carrier-Grade Ethernet As a Foundation for Campus Access
CARRIER-GRADE ETHERNET AS A FOUNDATION FOR CAMPUS ACCESS NETWORKS Introduction to Ethernet increase overall network reliability, targeting Existing campus access networks are constrained by dissimilar five- or six-9s availability using classic telecommunications and often stressed data networks—typically using numerous equipment supplier specifications to produce network legacy technologies such as ATM and Frame Relay. These elements with ultra-high reliability. In addition to increased disparate networks are becoming increasingly difficult to reliability, the scalability of carrier-grade Ethernet is several manage, leading to higher operational and maintenance costs. orders of magnitude higher than traditional Local Area Additionally, these legacy networks do not cater to the kinds Network (LAN) designs. of emerging real-time applications that are crucial for an Carrier-grade Ethernet technology has become widely effective Information and Communications Technology (ICT) adopted in the carrier and enterprise environments because environment, including VoIP, video, and cloud-based data of its ability to offer differentiated service at a highly attractive processing. These applications are all IP/Ethernet based, cost. Standards-based carrier Ethernet is defined by the Metro requiring a next-generation, highly resilient, scalable, and Ethernet Forum (MEF) and the Optical Interworking Forum packetized campus access network. (OIF) as a connection-oriented Layer 2 service. Carrier-grade To this end, many government agencies have embarked upon Ethernet enables the ability to offer bandwidth-assured, Layer modernization efforts that intend to transform ageing and 2 Virtual Private Networks (VPNs) with up to eight layers of legacy communications infrastructure into a consolidated, Quality of Service (QoS), allowing differentiated service next-generation network. -
Readdressing Network Layers
Readdressing Network Layers James McCauley Electrical Engineering and Computer Sciences University of California at Berkeley Technical Report No. UCB/EECS-2020-161 http://www2.eecs.berkeley.edu/Pubs/TechRpts/2020/EECS-2020-161.html August 14, 2020 Copyright © 2020, by the author(s). All rights reserved. Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. To copy otherwise, to republish, to post on servers or to redistribute to lists, requires prior specific permission. Readdressing Network Layers By James Ash McCauley A dissertation submitted in partial satisfaction of the requirements for the degree of Doctor of Philosophy in Computer Science in the Graduate Division of the University of California, Berkeley Committee in charge: Professor Scott Shenker, Chair Professor Sylvia Ratnasamy Professor Coye Cheshire Summer 2020 Readdressing Network Layers Copyright 2020 by James Ash McCauley 1 Abstract Readdressing Network Layers by James Ash McCauley Doctor of Philosophy in Computer Science University of California, Berkeley Professor Scott Shenker, Chair It has long been common practice to split the functionality of computer networks into distinct layers. In the context of the most common networks today, there are five such layers, bracketed by hardware at the lowest layer and application software at the highest. While this modularization has generally been a huge success story for the field, networks have now been subject to decades of changes in terms of both technologies and use cases. -
Designing a Robust and Cost-Effective Campus Network
CAMPUS LAN Designing a Robust and Cost-Effective Campus Network Brocade is taking groundbreaking performance and reliability from the data center and extending it across the entire network all the way to the edge. Now, superior performance can be maximized across the entire campus network, giving you a more managed and efficient approach to growth. CAMPUS LAN DESIGN BRIEF CONTENTS Introduction........................................................................................................................................................................................................................................ 3 The Campus LAN............................................................................................................................................................3 Performance and Availability.........................................................................................................................................4 Security...........................................................................................................................................................................4 Management..................................................................................................................................................................4 Reducing Operational Expense.....................................................................................................................................4 Building a Tiered Campus Network ......................................................................................................................................................................................... -
Architectural Support for Security Management in Enterprise Networks
ARCHITECTURAL SUPPORT FOR SECURITY MANAGEMENT IN ENTERPRISE NETWORKS A DISSERTATION SUBMITTED TO THE DEPARTMENT OF COMPUTER SCIENCE AND THE COMMITTEE ON GRADUATE STUDIES OF STANFORD UNIVERSITY IN PARTIAL FULFILLMENT OF THE REQUIREMENTS FOR THE DEGREE OF DOCTOR OF PHILOSOPHY Martin Casado August 2007 Reproduced with permission of the copyright owner. Further reproduction prohibited without permission. UMI Number: 3281806 INFORMATION TO USERS The quality of this reproduction is dependent upon the quality of the copy submitted. Broken or indistinct print, colored or poor quality illustrations and photographs, print bleed-through, substandard margins, and improper alignment can adversely affect reproduction. In the unlikely event that the author did not send a complete manuscript and there are missing pages, these will be noted. Also, if unauthorized copyright material had to be removed, a note will indicate the deletion. ® UMI UMI Microform 3281806 Copyright 2007 by ProQuest Information and Learning Company. All rights reserved. This microform edition is protected against unauthorized copying under Title 17, United States Code. ProQuest Information and Learning Company 300 North Zeeb Road P.O. Box 1346 Ann Arbor, Ml 48106-1346 Reproduced with permission of the copyright owner. Further reproduction prohibited without permission. (c) Copyright by Martin Casado 2007 All Rights Reserved ii Reproduced with permission of the copyright owner. Further reproduction prohibited without permission. I certify that I have read this dissertation and that, in my opinion, it is fully adequate in scope and quality as a dissertation for the degree of Doctor of Philosophy. f f- f (Nick McKeown) Principal Adviser I certify that I have read this dissertation and that, in my opinion, it is fully adequate in scope and quality as a dissertation for the degree of Doctor of Philosophy. -
Campus Network Security and Management
International Journal of Emerging Trends & Technology in Computer Science (IJETTCS) Web Site: www.ijettcs.org Email: [email protected] Volume 3, Issue 6, November-December 2014 ISSN 2278-6856 CAMPUS NETWORK SECURITY AND MANAGEMENT 1S. Sudharsan, 2M. Naga Srinivas, 3G. Sai Shabareesh, P.Kiran Rao 1 Department of Computer science 2Department of Computer science 3Department of Computer science ABSTRACT organizations, and does not need to “span large This project is totally dedicated to the Network Engineer for geographical distances.” new and smart learning of the Network Structure. In this MAN (Metropolitan Area Network):- A MAN is concept it is possible for the networker to check the Network defined as a network that spans several LAN’s across a Structure of a company spread in the big campus area. The city-wide geographic area. The term “MAN” is less incoming & the outgoing traffic can be maintained along with prevalent than either LAN or WAN. Generally a network some security concepts as well. In this logic we use the is purely based on what TOPOLOGY it is using, generally multiple Routing Protocols in different areas of the company. a computer network topology is the way various The practical shows us the proper movement of the packet components of a network (like nodes, links, peripherals, from one part of the company to the other part of the etc) are arranged. Network topologies define the layout, company. The project comprises of the different Departments of a Campus spread in different buildings. Multiple Routing virtual shape or structure of network, not only physically protocols have been used in different branches of and all the but also logically. -
High Availability Campus Network Design - Routed Access Layer Using EIGRP Or OSPF System Assurance Guide
High Availability Campus Network Design - Routed Access Layer using EIGRP or OSPF System Assurance Guide Cisco Validated Design Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 The Cisco Validated Design Program consists of systems and solutions designed, tested, and documented to facilitate faster, more reliable, and more predictable customer deployments. For more information visit www.cisco.com/go/validateddesigns. ALL DESIGNS, SPECIFICATIONS, STATEMENTS, INFORMATION, AND RECOMMENDATIONS (COLLECTIVELY, "DESIGNS") IN THIS MANUAL ARE PRESENTED "AS IS," WITH ALL FAULTS. CISCO AND ITS SUPPLIERS DISCLAIM ALL WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE. IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THE DESIGNS, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THE DESIGNS ARE SUBJECT TO CHANGE WITHOUT NOTICE. USERS ARE SOLELY RESPONSIBLE FOR THEIR APPLICATION OF THE DESIGNS. THE DESIGNS DO NOT CONSTITUTE THE TECHNICAL OR OTHER PROFESSIONAL ADVICE OF CISCO, ITS SUPPLIERS OR PARTNERS. USERS SHOULD CONSULT THEIR OWN TECHNICAL ADVISORS BEFORE IMPLEMENTING THE DESIGNS. -
Itap: In-Network Traffic Analysis Prevention Using Software-Defined
iTAP: In-network Traffic Analysis Prevention using Software-Defined Networks https://itap.ethz.ch Roland Meier David Gugelmann Laurent Vanbever ETH Zürich ETH Zürich ETH Zürich [email protected] [email protected] [email protected] ABSTRACT CCS Concepts Advances in layer 2 networking technologies have fostered •Security and privacy ! Pseudonymity, anonymity and the deployment of large, geographically distributed LANs. untraceability; Network security; •Networks ! Network Due to their large diameter, such LANs provide many van- privacy and anonymity; Programmable networks; tage points for wiretapping. As an example, Google’s inter- nal network was reportedly tapped by governmental agen- Keywords cies, forcing the Web giant to encrypt its internal traffic. While using encryption certainly helps, eavesdroppers can Anonymous communication; wiretapping; SDN still access traffic metadata which often reveals sensitive information, such as who communicates with whom and 1. INTRODUCTION which are the critical hubs in the infrastructure. Since the Snowden revelations, it is well-known that net- This paper presents iTAP, a system for providing strong work eavesdropping was (and probably still is) performed in anonymity guarantees within a network. iTAP is network- the Internet core, particularly on undersea cables [22]. While based and can be partially deployed. Akin to onion rout- worrying, these threats can be mitigated to a large degree ing, iTAP rewrites packet headers at the network edges by by hiding connection metadata (e.g., using Tor [14]) and by leveraging SDN devices. As large LANs can see millions relying on pervasive encryption (e.g., using VPNs). of flows, the key challenge is to rewrite headers in a way However, network eavesdropping is not limited to the that guarantees strong anonymity while, at the same time, Internet backbone. -
ALE Converged Campus Network Solution
ALCATEL-LUCENT ENTERPRISE CONVERGED CAMPUS NETWORK SOLUTION Deliver a consistent, high-quality user experience, streamline operations, and reduce costs For more info contact Sol Distribution Ltd. Tel: 01691 680 830 Email: [email protected] Web: www.sol-distribution.co.uk CHALLENGES TO BECOMING A NEXT-GENERATION ORGANIZATION Technology is essential for enterprises to be efficient and to differentiate in a dynamic and demanding market. Network infrastructure is the backbone that, if done correctly, enables the successful adoption of this technology. Corporations are adopting major trends, such as support for next-generation devices, mobility, the bring-your-own-device (BYOD) phenomena, and the movement to the cloud. These trends are driving new demands on the network and creating increased complexity to existing network infrastructures. The rapid growth of real-time applications such as Voice over Internet Protocol (VoIP), video and collaboration suites, and their importance to organizations, push legacy networks to their limit with increasing demands for bandwidth and enhanced quality of service (QoS). Furthermore, a large number of new applications, both business and personal, are competing for available bandwidth. It is important to have visibility into the applications traversing the network and to provide mechanisms to prioritize business-critical applications. Many new devices, such as smartphones, IP cameras, smart boards and feature-rich next-generation IP phones demand additional bandwidth that are above the limits of today’s networks. Many employees insist on using their own devices, such as smartphones and tablets, and need to connect them to corporate networks. This new use of personal devices, combined with the need to support mobility, not only creates an unpredictable bandwidth use but also increases security risks. -
A New Approach to Network Function Virtualization
A New Approach to Network Function Virtualization By Aurojit Panda A dissertation submitted in partial satisfaction of the requirements for the degree of Doctor of Philosophy in Computer Science in the Graduate Division of the University of California, Berkeley Committee in charge: Professor Scott J. Shenker, Chair Professor Sylvia Ratnasamy Professor Ion Stoica Professor Deirdre Mulligan Summer 2017 A New Approach to Network Function Virtualization Copyright 2017 by Aurojit Panda 1 Abstract A New Approach to Network Function Virtualization by Aurojit Panda Doctor of Philosophy in Computer Science University of California, Berkeley Professor Scott J. Shenker, Chair Networks provide functionality beyond just packet routing and delivery. Network functions such as firewalls, caches, WAN optimizers, etc. are crucial for scaling networks and in supporting new applications. While traditionally network functions were implemented using dedicated hardware middleboxes, recent efforts have resulted in them being implemented as software and deployed in virtualized environment . This move towards virtualized network function is commonly referred to as network function virtualization (NFV). While the NFV proposal has been enthusiastically accepted by carriers and enterprises, actual efforts to deploy NFV have not been as successful. In this thesis we argue that this is because the current deployment strategy which relies on operators to ensure that network functions are configured to correctly implement policies, and then deploys these network functions as virtual machines (or containers), connected by virtual switches are ill- suited to NFV workload. In this dissertation we propose an alternative NFV framework based on the use of static tech- niques such as type checking and formal verification. -
A Higher Education Networking Solution Guide
Higher Education Networking Guide Building the Foundation for Tomorrow’s Digital Campus: A higher education networking solution guide Technology has become integral to the lives of many post When designing a campus network, it must meet the secondary students. Most don’t remember a time without technology expectations of students, but the university the internet. A time before it became so ubiquitous. Today, administration, staff, faculty, and IT department should also be considered. For IT, security will be one of the students expect to be able to connect with any device, primary concerns, but other concerns include deployment anywhere on campus — whether it’s to communicate, and procurement costs, device on-boarding, network be entertained, or to access educational resources. speed and coverage, and training and operational For modern students, the way a college or university integrates issues. University administrators will want to leverage information technology (IT) into the fabric of campus life can be technology to create an environment that attracts more just as important as their chosen field of study or the structure students, enhances the success rates of existing students, of the curriculum. enables access to advanced research, and improves the rankings and reputation of the school. The administration In response to the wide adoption of technology, the methods will also have budget concerns but most will understand used for student learning continue to evolve. Digital learning the importance of building a strong and secure network, processes and experiences are now equal in importance to with excellent coverage for the entire campus. traditional lectures and seminars for many students. -
Federated Computing Research Conference, FCRC’96, Which Is David Wise, Steering Being Held May 20 - 28, 1996 at the Philadelphia Downtown Marriott
CRA Workshop on Academic Careers Federated for Women in Computing Science 23rd Annual ACM/IEEE International Symposium on Computing Computer Architecture FCRC ‘96 ACM International Conference on Research Supercomputing ACM SIGMETRICS International Conference Conference on Measurement and Modeling of Computer Systems 28th Annual ACM Symposium on Theory of Computing 11th Annual IEEE Conference on Computational Complexity 15th Annual ACM Symposium on Principles of Distributed Computing 12th Annual ACM Symposium on Computational Geometry First ACM Workshop on Applied Computational Geometry ACM/UMIACS Workshop on Parallel Algorithms ACM SIGPLAN ‘96 Conference on Programming Language Design and Implementation ACM Workshop of Functional Languages in Introductory Computing Philadelphia Skyline SIGPLAN International Conference on Functional Programming 10th ACM Workshop on Parallel and Distributed Simulation Invited Speakers Wm. A. Wulf ACM SIGMETRICS Symposium on Burton Smith Parallel and Distributed Tools Cynthia Dwork 4th Annual ACM/IEEE Workshop on Robin Milner I/O in Parallel and Distributed Systems Randy Katz SIAM Symposium on Networks and Information Management Sponsors ACM CRA IEEE NSF May 20-28, 1996 SIAM Philadelphia, PA FCRC WELCOME Organizing Committee Mary Jane Irwin, Chair Penn State University Steve Mahaney, Vice Chair Rutgers University Alan Berenbaum, Treasurer AT&T Bell Laboratories Frank Friedman, Exhibits Temple University Sampath Kannan, Student Coordinator Univ. of Pennsylvania Welcome to the second Federated Computing Research Conference, FCRC’96, which is David Wise, Steering being held May 20 - 28, 1996 at the Philadelphia downtown Marriott. This second Indiana University FCRC follows the same model of the highly successful first conference, FCRC’93, in Janice Cuny, Careers which nine constituent conferences participated. -
Private Area Network” for Smooth As Well As Hassle-Free Computing in the University Campus
IOSR Journal of Electronics and Communication Engineering (IOSR-JECE) e-ISSN: 2278-2834,p- ISSN: 2278-8735.Volume 11, Issue 1, Ver. I (Jan. - Feb .2016), PP 72-77 www.iosrjournals.org Design and Implementation of a Cost-effective and Secured “Private Area Network” for smooth as well as hassle-free Computing in the University Campus Joysankar Bhattacharjee Master of Technology, Electronics & Communication Engineering Visionary Entrepreneur; New Delhi, India Abstract: In recent days, the wide use of computer networks has been marked its sign to the modern civilization. Almost in all the organizations, various types of computer networks, namely, LAN, MAN, WAN, PAN, CAN, SAN etc. are used. While using a computer network, the main factors, which arise are, 1. Construction of the network, 2. Type of the network, 3. Good features of the network for smooth computing, and 4. Security of the network. In this theoretical paper, a different concept, „Private Area Network‟ is designed which should be implemented in the university or college campuses for cost effective, smooth and secured routing. This paper is basically a combinational implementation of „Cisco EIGRP‟, „ACL mechanism‟ and a different „CAN (Campus Area Network)‟ with Networking Security Concept. In this system, the higher authority can directly contact to the desired department with secured and hassle-free computing. The network should be implemented with the help of construction plans mentioned in this paper. Protocols must be maintained according to the guidelines and then the security concept will prevent the network from various attacks. Keywords: ACL, Campus Network, EIGRP, Firewall, Network Security, Security Management, VLAN, VPN.