Presentation is loading. Please wait.

Presentation is loading. Please wait.

Dataplane and Content Security on Optical Networks panel.

Published byJack Maximillian Harrison Modified over 8 years ago

Similar presentations

Presentation on theme: "Dataplane and Content Security on Optical Networks panel."— Presentation transcript:

1 Dataplane and Content Security on Optical Networks panel

2 Agenda Digital Media Security - Laurin Herr Data Encryption - Kim Roberts Firewall Issues - Leon Gommans Discussion.

3 Firewall Issues and the Grid Leon Gommans - University of Amsterdam

4 Perspective “It would be good if grandma went to a retirement home“

5 Perspective “It is a good thing that we have firewalls “

6 Prevent DetectAct Grid Application Issues Network Security Issues Firewall Prevention: both good and bad Network Security Cycle Network safety! My application needs to work!

7 Firewall Issues Research Group Research Group at the Global Grid Forum (www.ggf.org) Scope: Issues with firewall style functions Functional, Control, Performance, Organizational issues Firewalls & NATs, VPN gateways, Application gateways First formal meeting held at june GGF meeting in Chicago. Looking for additional participation from applications

8 Charter items Collect and document issues from the grid viewpoint. Define the categories of issues. Study existing technologies available Identify gaps and define requirements for standards bodies. Issue document also handy for Network Security People. Research alternative ways to ensure network security.

9 Contributions received so far German Aerospace Centre Workflow driven firewall control requirements. Forchungs Zentrum Juelich Authorization requirements Argonne National Laboratory Why Gridftp needs a firewall “garage door opener” External clients using WS End Point References behind a firewall University of Amsterdam Integrate firewalls long haul optical (peer) connections. Using EAP as garage door opener Your contribution?

10 Example: gridftp Firewall administrators don’t want to open 1002 holes in their firewall. Any questions ? Globus recommends to open ports 50.000-51.000 (1001) Gridftp: single control channel port (2811) & multiple data ports in Globus port range. Protocol requires that the sending side do the TCP connect. Information which port(s) will be used is known at last moment. 8 streams per file-transfer has proven to be reasonable. Gridftp needs a “garage-door opener” for individual ports at time of transfer. Door must also automatically close. Thinking about EAP style (like used in 802.1X WLANs) solution where you authenticate an application in stead of a user. Application profiles determine which holes are allowed.

11 Optical long haul network Multi-domain control and management plane Grid App l Grid FTP Fire Wall A Fire Wall B Fire Wall C Fire Wall D Grid App l Grid FTP I nter net DMZ D InternetBypass Grid VO

12 Future documents Requirements towards standards bodies IETF: NSIS, MIDCOM, EAP Trusted Computing group: Trusted Computing Architecture EAP extensions for virus checking Research into new directions Token Based networking High speed encryption Workflow system integration etc.

Download ppt "Dataplane and Content Security on Optical Networks panel."

Similar presentations

Caltech Proprietary Videoconferencing Security in VRVS 3.0 and Future Videoconferencing Security in VRVS 3.0 and Future Kun Wei California Institute of.

Caltech Proprietary Videoconferencing Security in VRVS 3.0 and Future Videoconferencing Security in VRVS 3.0 and Future Kun Wei California Institute of.
© 2006 Open Grid Forum Firewall Models Firewall Issues Research Group - OGF 19 Chapel Hill - Januari 30th 2007 Inder Monga, Leon Gommans.

© 2006 Open Grid Forum Firewall Models Firewall Issues Research Group - OGF 19 Chapel Hill - Januari 30th 2007 Inder Monga, Leon Gommans.
Oct, 26 th, 2010 OGF 29, FVGA-WG: Firewall Virtualization for Grid Applications Firewall Virtualization for Grid Applications - Status update

Oct, 26 th, 2010 OGF 29, FVGA-WG: Firewall Virtualization for Grid Applications Firewall Virtualization for Grid Applications - Status update
Fujitsu Laboratories of Europe © 2004 What is a (Grid) Resource? Dr. David Snelling Fujitsu Laboratories of Europe W3C TAG - Edinburgh September 20, 2005.

Fujitsu Laboratories of Europe © 2004 What is a (Grid) Resource? Dr. David Snelling Fujitsu Laboratories of Europe W3C TAG - Edinburgh September 20, 2005.
New Solutions to New Threats. The Threats, They Are A Changing Page 2 | © 2008 Palo Alto Networks. Proprietary and Confidential.

New Solutions to New Threats. The Threats, They Are A Changing Page 2 | © 2008 Palo Alto Networks. Proprietary and Confidential.
NAT, firewalls and IPv6 Christian Huitema Architect, Windows Networking Microsoft Corporation.

NAT, firewalls and IPv6 Christian Huitema Architect, Windows Networking Microsoft Corporation.
Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.

Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.
Security Daniel Mallmann MWSG meeting Amsterdam 14-15 December 2005.

Security Daniel Mallmann MWSG meeting Amsterdam December 2005.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
Local Wireless Network - An wireless Access Point (AP) which is the bridge the ethernet network and the wireless network -The AP protect its wireless network.

Local Wireless Network - An wireless Access Point (AP) which is the bridge the ethernet network and the wireless network -The AP protect its wireless network.
H. 323 and firewalls: Problem Statement and Solution Framework Author: Melinda Shore, Nokia Presenter: Shannon McCracken.

H. 323 and firewalls: Problem Statement and Solution Framework Author: Melinda Shore, Nokia Presenter: Shannon McCracken.
Generic AAA model in Grids IRTF - AAAARCH meeting IETF 52 – Dec 14 th Salt Lake City Leon Gommans Advanced Internet Research Group.

Generic AAA model in Grids IRTF - AAAARCH meeting IETF 52 – Dec 14 th Salt Lake City Leon Gommans Advanced Internet Research Group.
Page: 1 24-26 October 2006 © 2006 VIVACE Consortium Members. All rights reserved VIVACE FORUM 2 +33 (0)5 61 55 60 86 {mkamel, benzekri, barrere, nasser}

Page: October 2006 © 2006 VIVACE Consortium Members. All rights reserved VIVACE FORUM (0) {mkamel, benzekri, barrere, nasser}
Chapter 12 Network Security.

Chapter 12 Network Security.
1 CS 502: Computing Methods for Digital Libraries Lecture 22 Web browsers.

1 CS 502: Computing Methods for Digital Libraries Lecture 22 Web browsers.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
Circuit & Application Level Gateways CS-431 Dick Steflik.

Circuit & Application Level Gateways CS-431 Dick Steflik.
Firewalls Presented By Hareesh Pattipati. Outline Introduction Firewall Environments Type of Firewalls Future of Firewalls Conclusion.

Firewalls Presented By Hareesh Pattipati. Outline Introduction Firewall Environments Type of Firewalls Future of Firewalls Conclusion.
1 © J. Liebeherr, All rights reserved Virtual Private Networks.

1 © J. Liebeherr, All rights reserved Virtual Private Networks.
1 Enabling Secure Internet Access with ISA Server.

1 Enabling Secure Internet Access with ISA Server.

Similar presentations

Ads by Google