Presentation on theme: "Use Cases for I2RS I2RS Interim Meeting Nicolai Leymann, Deutsche Telekom AG 19.04.2013."— Presentation transcript:
Use Cases for I2RS I2RS Interim Meeting Nicolai Leymann, Deutsche Telekom AG
2 Content 1.SDN Concepts and Architecture 2.Use Cases
I2RS Use Cases. Vision for I2RS as one Building Block in the E2E picture. Access Core Network BNG Data Center End-2-End Orchestration Services Access I2RS Transit Trigger Probes e) Customer profile is configured/provisioned End-2-End orchestration provides network connectivity, allocates ressources (e.g. data center) and establishes services based on end user requirements.
I2RS Use Cases. Warding against DDoS Attacks (1 of 2). DDoS protection architecture ensures: Identify DDoS attacks from the Internet (traffic, attack pattern, …) Warding of attacks against infrastructure or business services The architecture should be selective independent of DDoS source Mechanisms activated „on Demand“ (e.g. customers requests) or based on results from network probes DDoS Protection for Business Customers DC Transit BBRAR Peering LER IP Backbone BNG Business Customer DDoS Business Customer
I2RS Use Cases. Warding against DDoS Attacks (2 of 2). If malicious traffic is detected, traffic is redirected towards a data center. Data Center cleans up traffic before sending it towards end customers. Simple interaction with existing routing (might also be applied to specific traffic) Threat Management System TMS /32 most specific route Target address of attack contains malicious traffic Redirection of traffic into filter (DC based)
I2RS Use Cases. Generalization: Flow Aware Traffic Steering. Several problems are solved with different approaches. Goal is to use one common approach (and API) to solve those problems in a similar manner. Previously shown use case basically boils down to injecting/removing routes in near real time Same mechanisms can be easily applied to other higher layer use cases Firewalling in DC, parental control for residential customers, …. Benefit of using a common Interface: Reduces complexity (not different solutions for different problems). Higher flexibility (easy to add additional functionality without updating network node). Decoupling of life cycles (network / data center / service implementation)