Presentation on theme: "CARAT Access Control and Quality of service in ATM Networks Sylvain GombaultGwenn Gueguen Maryline LaurentOlivier Paul ENST de Bretagne CELAR France Telecom."— Presentation transcript:
CARAT Access Control and Quality of service in ATM Networks Sylvain GombaultGwenn Gueguen Maryline LaurentOlivier Paul ENST de Bretagne CELAR France Telecom - RD
CARAT - Goals Filtering at the ATM and TCP/IP levels. High Speed. –622 Mb/s on cells. QoS preservation. – Delay on the ATM cells filtering can be pre- computed. Easy to manage.
Overview Located between a public and a private network. Made of 3 modules: Can be easily integrated to the existing equipment. Modules are configured through a single language. –Manager. –Signalling filter. –Cell-level filter.
The manager Translates the access control policy expressed by the security officer into a set of access control commands that can be used –by the signalling filter. –by the cell filter.
The signalling filter Based on a SUN ATM signalling protocol stack. Modifications on Q93B module. Signalling messages parsing module. Filter. Signalling messages construction module. –Address masquerading.
Cell-level filter IFT/CNET NICs –622 Mb/s mono-directional. –Analyse of the first AAL5 frame cell –Possible action: commutation Reject : Trash VC. Accept : Leave VC unchanged. –Deterministic cell analysis time. –On the fly configuration modification. Filtering memory ATM Cells Extraction Solaris PC Filtering memory IFT Driver –Remote configuration. –Handles several managers. IFT DriverRPC Demon Configuration library.
Conclusions Good performance (throughput,delay) –Patented Cell Analysis scheme. –Dynamic Configuration Adaptation. Test results complete ISP TCP/IP level ACP (400 rules): –70% memory was used (1.4 M/ 2M). –1.7 s maximum delay. ATM & TCP/IP Access Control Capabilities. –Native ATM Applications Control. Plug-in controller. –Easy Adaptation to the Existing Equipment. –New functions can be easily integrated. Easy to manage