Presentation is loading. Please wait.

Presentation is loading. Please wait.

Defense Communications as a Scarce Resource Sandeep K. Singhal, Ph.D Director, Windows Networking Microsoft Corporation.

Similar presentations


Presentation on theme: "Defense Communications as a Scarce Resource Sandeep K. Singhal, Ph.D Director, Windows Networking Microsoft Corporation."— Presentation transcript:

1

2 Defense Communications as a Scarce Resource Sandeep K. Singhal, Ph.D Director, Windows Networking Microsoft Corporation

3 Agenda Trends in enterprise networking Windows networking vision and roadmap Windows Vista and Windows Server 2008: Features at a glance Collaboration with MoD Looking into the future Summary

4 Trends in Enterprise Networking Server consolidation and growth of data centers Increasingly mobile and remote staff Evolving security requirements

5 Trends in Enterprise Networking Single networking fabric for web, file, database, and backup Increased network traffic load on servers Increased load on Internet firewalls Server consolidation and growth of data centers Increasingly mobile and remote staff Evolving security requirements

6 Trends in Enterprise Networking Single networking fabric for web, file, database, and backup Increased network traffic load on servers Increased load on Internet firewalls Server consolidation and growth of data centers Remote access solutions stretch experience, support, and management Greater reliance on WAN (over Internet) links from branch offices Multiple client access technologies and devices Increasingly mobile and remote staff Evolving security requirements

7 Trends in Enterprise Networking Single networking fabric for web, file, database, and backup Increased network traffic load on servers Increased load on Internet firewalls Server consolidation and growth of data centers Remote access solutions stretch experience, support, and management Greater reliance on WAN (over Internet) links from branch offices Multiple client access technologies and devices Increasingly mobile and remote staff Enterprise edge disappearing with mobile workforce & devices Diverse user population (contractors, vendors) require securing resources in addition to networks Federation and regulatory needs require policy-based isolation domains Evolving security requirements

8 Windows Networking Vision: Secure Seamless Network IPsec Isolation

9 Elements of a Secure, Seamless Network End to end connectivity over the Internet using IPv6 All communications authenticated using end to end IPsec – Connection-by-connection – Access controlled by identity Trust boundaries defined by policy instead of topology – Traffic management at the edges Network access protection (NAP) systems keeps systems healthy and protected from unhealthy systems Existing applications just work Policy-based secure access to resources from anywhere

10 Windows Networking Roadmap Win Server 2003/ Win XP End host security Integrated Windows Firewall Win Server 2008/ Win Vista Intranet security domains Server and Domain Isolation (S&DI) Network Access Protection (NAP) IPv6 native and transition solutions for enterprises Future: Secure seamless networks Internet security domains Easy to deploy Easy to manage

11 Windows Vista and Windows Server 2008: Networking Features At A Glance TrendProblemVista/WS08Impact Server consolidation and growth of data centers Slow data replication between data centers despite high speed connectivity Compound TCP enables data transfers at multi-gigabit speeds 200% increase in replication speed between Microsoft Redmond and Bay Area data centers Increasing network load limiting server scalability Built-in hardware offload and CPU load balancing for network traffic 50% increase in web requests/sec on same hardware (as measured by webbench)

12 Windows Vista and Windows Server 2008: Networking Features At A Glance TrendProblemVista/WS08Impact Remote and Mobile workforce High latency limits network performance in branch offices Automatic tuning to optimize for WAN links File copy speed from US to Microsoft Australia increased by 1000% DCE* testing showed 200% improvement over 2Mbps satellite links Network losses limit throughput on WLAN, WWAN Loss detection and automatic recovery Loss recovery time reduced by 40% over satellite links in DCE testing Mobile PCs expose enterprise networks to viruses as they roam between networks Network access protection (NAP) solutions IT security compliance increased by 80% after deploying NAP on Microsoft network *Defense Communications Efficiency: Joint project between Microsoft and UK MoD

13 Windows Vista and Windows Server 2008: Networking Features At A Glance TrendProblemVista/WS08Impact Remote and Mobile workforce Overlapping private addresses make remote management hard Full IPv6 support enabled end to end connectivity IPv6 enabled throughout Microsoft by deploying only few new servers Ad-hoc collaboration in war zones, conferences hard in absence of infrastructure setup Windows Meeting Space allows sharing presentations, files, notes Windows Meeting Space widely used within Microsoft for ad-hoc collaboration Hard to deploy quality of service solutions to manage expensive WAN resources Policy based enterprise QoS (eQoS) eQoS deployed on Microsoft WAN links with existing router hardware to prefer certain app traffic

14 Windows Vista and Windows Server 2008: Networking Features At A Glance TrendProblemVista/WS08Impact SecurityMobility and de- perimeterization increasing threat surface Server and domain isolation (SDI) solutions enable policy based security solutions Universidade de Vila Velha (UVV) deployed SDI to increase security and simplify management Security policy management hard to deploy and manage -Group policy based SDI deployment solution -IPsec management integrated with Windows Firewall City of Sopporo, Japan deployed SDI with Nil cost for 12000 users across 870 different departments

15 Case Study: Defense Communication Efficiency UK MoD Microsoft Players 2004 Started Improving efficiency on satellite networks Goal Phased engagement consisting of problem definition, joint solution development, joint testing, feedback and refinement Approach Windows Server 08/Vista autotuning, Compound TCP, and loss recovery improvements Outcome GBP 500M per year spending on satellite links – even 10% efficiency improvement is significant savings Benefits to MoD Microsoft: Validation of algorithms on Large Network Emulator as well as on real satellite network as part of JWID 05 Benefits to Microsoft

16 Case Study: Defense Communication Efficiency UK MoD Microsoft Players 2004 Started Improving efficiency on satellite networks Goal Phased engagement consisting of problem definition, joint solution development, joint testing, feedback and refinement Approach Windows Server 08/Vista autotuning, Compound TCP, and loss recovery improvements Outcome GBP 500M per year spending on satellite links – even 10% efficiency improvement is significant savings Benefits to MoD Microsoft: Validation of algorithms on Large Network Emulator as well as on real satellite network as part of JWID 05 Benefits to Microsoft Engagement continuing beyond Windows Server 2008/Windows Vista Several areas identified such as IPv6, compression, QoS Framework for managing IP: Facilitates free flow of ideas and testing results

17 Looking into the Future Remote work – Easy and reliable network access from anywhere – Better manageability of mobile PCs – Extend Intranet NAP and isolation to remote worker Branch offices – Further efficiency in fetching data over WAN links – Preserve end to end security solutions Security domains – Easier deployment – Easier management – Easier support

18 Summary Plan and prepare for secure seamless networks Trends in enterprise networking demand such networks IPv6, IPsec and NAP are key building blocks for these networks Windows Server 2008 and Windows Vista enable enterprises to deploy these networks Windows Server 08 and Windows Vista Provide substantial advances that address key issues faced by evolving enterprise networks Influenced by partnership with MoD Address business issues impacting MoD

19 QUESTIONS Sandeep K. Singhal, Ph.D Director, Windows Networking Sandeep.Singhal@microsoft.com +1 (425) 706-6570

20 Backup

21 Lab Guest Windows Networking Vision: Secure Seamless Networks Internet IS your network Applications just work All communications authenticated – Connection-by-connection – Access controlled by identity Trust boundaries defined by policy instead of topology – Traffic management at the edges – Network Immune Systems

22


Download ppt "Defense Communications as a Scarce Resource Sandeep K. Singhal, Ph.D Director, Windows Networking Microsoft Corporation."

Similar presentations


Ads by Google