Presentation is loading. Please wait.

Presentation is loading. Please wait.

Garrett Drown Tianyi Xing Group #4 CSE548 – Advanced Computer Network Security.

Published byAdam Cobb Modified over 9 years ago

Similar presentations

Presentation on theme: "Garrett Drown Tianyi Xing Group #4 CSE548 – Advanced Computer Network Security."— Presentation transcript:

1 Garrett Drown Tianyi Xing Group #4 CSE548 – Advanced Computer Network Security

2 What are Virtual Trusted Domains? A virtual trusted domain (VTD) is a collection of virtual machines, regardless of physical boundaries, that trust one another and share the same security policy.

3  Create and manage virtual trusted domains for virtual machines through the use of a NetFPGA.  Provide the virtual machines with reliable, secure, and fast connections to others in their virtual trusted domain.

4  Low-cost platform, primarily designed as a tool for teaching networking hardware and router design

5  PCI card containing a large Xilinx FPGA  4 Gigabit Ethernet ports  Double-date Rate(DDR2) Dynamic RAM(DRAM)  Reprogrammable CPCI bus  NetFPGA packages(NFPs) containing source code(both for hard/software)

6

7  Line-Rate Processes back-to-back packets ○ Without dropping packets ○ At full rate of Gigabit Ethernet Links Operating on packet headers ○ For switching, routing, and firewall rules And packet payloads ○ For content processing and intrusion prevention

8  Open-source hardware Similar to open-source software ○ Full source code available ○ BSD-style License But harder, because: ○ Hardware modules must meet timing ○ Verilog& VHDL components have more complex interfaces ○ Hardware designers need high confidence in specification of modules

9 PC PING OpenFlow protocol NetFPGA Controller controller ofprotocol openflow_switch.bit ofdatapath.ko ofdatapath_netfpga.ko UserspaceKernel / Hardware 192.168.1.1 192.168.2.1

10 Tasks:  Research how to program NetFPGAs.  Research and design an implementation for Virtual Trusted Domains on a NetFPGA.  Research Path Splicing, which implements similar features that we would like to use in our project.  Create/find/edit a program to manage Virtual Trusted Domains by way of a NetFPGA.  Deploy the program and setup a test-bed on a NetFPGA.  Test, debug, and troubleshoot.

11 Tasks (distribution among team members):  Research how to program NetFPGAs.  Garrett, 50%  Tianyi, 50%  Research and design an implementation for Virtual Trusted Domains on a NetFPGA.  Garrett, 50%  Tianyi, 50%  Research Path Splicing, which implements similar features that we would like to use in our project.  Garrett, 50%  Tianyi, 50%

12 Tasks (distribution among team members):  Create/find/edit a program to manage Virtual Trusted Domains by way of a NetFPGA.  Garrett, 50%  Tianyi, 50%  Deploy the program and setup a test-bed on a NetFPGA.  Test, debug, and troubleshoot.  Garrett, 50%  Tianyi, 50%

13 Software & Hardware Used:

14 Network Topology & Requirements NetFPGA Computer Windows (OS) App... Application... Controller OpenFlow Switches App

15  Network security  Mobility management  Network-wide energy management  New naming/addressing schemes  Network access control

16  Commercial vendor won’t open software and hardware development environment Complexity of support Market protection and barrier to entry  Hard to build your own Prototypes are flakey Software only: too slow Hardware/software: Fan-out too small

17

18

19

20 Controller

21

22

23 Roadmap of project:  By midterm:  Research how to program NetFPGAs.  Research and design an implementation for Virtual Trusted Domains on a NetFPGA.  Research Path Splicing, which implements similar features that we would like to use in our project.  Begin coding our program to create and manage Virtual Trusted Domains on a NetFPGA  Set up a similar solution(if there is…) for VTDs as a basis for our future work.  By final:  Modify the existing solution which can or potentially can implement the VTD.  Deploy the program and setup a test-bed on a NetFPGA.  Tested and debugged.  Final documents completed.

24  Novel Aspects of this Project  Establish virtual trusted domain for virtual machines in a cloud system.  Provide fast access to other virtual machines in a secure manner.  Divide bandwidth into multiple pieces based on the different requirements (like security level).  Risks and Challenges  May not be possible to find an existing similar solution that we can work from.  Potential Applications and Benefits  Virtual trusted –based network/VM management system.

25

Download ppt "Garrett Drown Tianyi Xing Group #4 CSE548 – Advanced Computer Network Security."

Similar presentations

Berlin – November 10th, 2011 NetFPGA Programmable Networking for High-Speed Network Prototypes, Research and Teaching Presented by: Andrew W. Moore (University.

Berlin – November 10th, 2011 NetFPGA Programmable Networking for High-Speed Network Prototypes, Research and Teaching Presented by: Andrew W. Moore (University.
RIP V1 W.lilakiatsakun.

RIP V1 W.lilakiatsakun.
An Overview of Software-Defined Network Presenter: Xitao Wen.

An Overview of Software-Defined Network Presenter: Xitao Wen.
OpenFlow : Enabling Innovation in Campus Networks SIGCOMM 2008 Nick McKeown, Tom Anderson, et el. Stanford University California, USA 2011. 04. 11 Presented.

OpenFlow : Enabling Innovation in Campus Networks SIGCOMM 2008 Nick McKeown, Tom Anderson, et el. Stanford University California, USA Presented.
© 2007-2010 Cisco Systems, Inc. All rights reserved. Cisco Public ITE PC v4.1 Chapter 4 1 Chapter 12: Advanced Troubleshooting IT Essentials v5.0.

© Cisco Systems, Inc. All rights reserved. Cisco Public ITE PC v4.1 Chapter 4 1 Chapter 12: Advanced Troubleshooting IT Essentials v5.0.
Traffic Management - OpenFlow Switch on the NetFPGA platform Chun-Jen Chung(1203584897) SriramGopinath(1203800749)

Traffic Management - OpenFlow Switch on the NetFPGA platform Chun-Jen Chung( ) SriramGopinath( )
1 Version 3.0 Module 8 Virtual LANs. 2 Version 3.0.

1 Version 3.0 Module 8 Virtual LANs. 2 Version 3.0.
1 GENI: Global Environment for Network Innovations Jennifer Rexford On behalf of Allison Mankin (NSF)

1 GENI: Global Environment for Network Innovations Jennifer Rexford On behalf of Allison Mankin (NSF)
The Stanford Clean Slate Program A couple of platforms (Or: “Why can’t I innovate in my wiring closet?”) Nick McKeown

The Stanford Clean Slate Program A couple of platforms (Or: “Why can’t I innovate in my wiring closet?”) Nick McKeown
OpenFlow on top of NetFPGA Part I: Introduction to OpenFlow NetFPGA Spring School 2010 Some slides with permission from Prof. Nick McKeown. OpenFlow was.

OpenFlow on top of NetFPGA Part I: Introduction to OpenFlow NetFPGA Spring School 2010 Some slides with permission from Prof. Nick McKeown. OpenFlow was.
1 25\10\2010 Unit-V Connecting LANs Unit – 5 Connecting DevicesConnecting Devices Backbone NetworksBackbone Networks Virtual LANsVirtual LANs.

1 25\10\2010 Unit-V Connecting LANs Unit – 5 Connecting DevicesConnecting Devices Backbone NetworksBackbone Networks Virtual LANsVirtual LANs.
An Overview of Software-Defined Network Presenter: Xitao Wen.

An Overview of Software-Defined Network Presenter: Xitao Wen.
Networking, Hardware Issues, SQL Server and Terminal Services Session VII.

Networking, Hardware Issues, SQL Server and Terminal Services Session VII.
Identity Management and DNS Services Tianyi XING.

Identity Management and DNS Services Tianyi XING.
Garrett Drown Tianyi Xing Group #4 CSE548 – Advanced Computer Network Security.

Garrett Drown Tianyi Xing Group #4 CSE548 – Advanced Computer Network Security.
Data Center Network Redesign using SDN

Data Center Network Redesign using SDN
Enabling Innovation Inside the Network Jennifer Rexford Princeton University

Enabling Innovation Inside the Network Jennifer Rexford Princeton University
Aug 20 th, 2002 Sigcomm Education Workshop 1 Teaching tools for a network infrastructure teaching lab The Virtual Router and NetFPGA Sigcomm Education.

Aug 20 th, 2002 Sigcomm Education Workshop 1 Teaching tools for a network infrastructure teaching lab The Virtual Router and NetFPGA Sigcomm Education.
Information-Centric Networks10b-1 Week 13 / Paper 1 OpenFlow: enabling innovation in campus networks –Nick McKeown, Tom Anderson, Hari Balakrishnan, Guru.

Information-Centric Networks10b-1 Week 13 / Paper 1 OpenFlow: enabling innovation in campus networks –Nick McKeown, Tom Anderson, Hari Balakrishnan, Guru.
Sumit Kumar Archana Kumar Group # 4 CSE 591 : Virtualization and Cloud Computing.

Sumit Kumar Archana Kumar Group # 4 CSE 591 : Virtualization and Cloud Computing.

Similar presentations

Ads by Google