Presentation is loading. Please wait.

Presentation is loading. Please wait.

Content Aware Networks Sailesh Kumar Cisco Research.

Similar presentations


Presentation on theme: "Content Aware Networks Sailesh Kumar Cisco Research."— Presentation transcript:

1 Content Aware Networks Sailesh Kumar Cisco Research

2 Two Important Applications Security –IDS, IPS, AV, SPAM, App-firewall etc Content Based Forwarding –Application Identification –Protocol Analysis –Field extraction (subscriber, URL, email address, etc)

3 Two Important Applications Security –IDS, IPS, AV, SPAM, etc Content Based Forwarding –Application Identification –Protocol Analysis –Field extraction (subscriber, URL, email address, etc) Multi-billion $ Market Can become much bigger market

4 Trends Security - regex is popular –Old, outdated approach –New techniques such as machine learning (IronPort), anomaly detection, data mining etc are gaining popularity Content Based Forwarding –Application Identification (p2p, skype, video over http) –Content based admission control (firewall) –Protocol analyzer (requires more than pattern matching) –Subscriber, content based statistics, billing

5 Industry Trends Vanilla regex acceleration –Vihana (Cisco supported) –Netlogic (ASIC) –LSI (Tarari acquisition) –Sensory (Software regex) –Most of these target security market Niche markets – Xambala, GV, Nevis, Exegy, Allot, Tigerme What about content based forwarding? –Few startups (P-Cube, Cisco acquired), Cisco products (NBAR, PISA), Juniper has some < few 100 million $

6 Why Content based Forwarding is not Gaining Traction? Based on discussion with real customers (BT 21CN, Savis, Telecom Italia) 1. Customer friendliness Regular languages are not easy to use by end customers 2. Performance 3. Cost

7 Customer Friendliness Regex is cumbersome Customers want ability to recognize applications –regex is not sufficient Customers want to use important attributes of applications –URL, port, MIME mail contents, etc Want a simple interface to specify content classification rules –Block facebook.com from all users except marketing –Block SMTP if MIME subject contains xyz keyword

8 Challenges We are developing a 100 Gig system for content based forwarding –A number of important issues –Create efficient rules for application recognition, data analysis We strongly believe that vanilla regex is not the right approach Rules should be composed of grammar, and efficient logic around it –Easy to use by customers –Extraction of critical attributes of communication –TCP normalization –Character encoding issues –Buffering issues –System architecture Co-software, hardware design, interface, etc Unfortunately academia has focused too much on regex

9 For Discussion Can we develop better mechanisms to inspect packet content? –Customer friendliness is critical What should be do in face of encryption? What about net-neutrality? Cisco is interested to support content based networking research; academia can show us the right way? –University participation through www.cisco.com/web/about/ac50/ac207/crc_new/ciscoarea/content.html


Download ppt "Content Aware Networks Sailesh Kumar Cisco Research."

Similar presentations


Ads by Google