82nd IETF Taipei, 13-18 Nov 2011 IETF BMWG Security Effectiveness Benchmarking Kenneth Green.

Slides:



Advertisements
Similar presentations
Basic BGP Data Plane Convergence Benchmarking -Rajiv Papneja - Mohan Nanduri -Bhavani Parise - Eric Brendel -Susan Hares - Jay Karthik.
Advertisements

1 Content-Aware Device Benchmarking Methodology/Terminology (draft-hamilton-bmwg-ca-bench-meth-06) (draft-hamilton-bmwg-ca-bench-term-00) BMWG Meeting.
69th IETF Chicago IETF BMWG WLAN Switch Benchmarking Tarunesh Ahuja, Tom Alexander, Scott Bradner, Sanjay Hooda, Jerry Perser, Muninder Sambi.
Benchmarking Methodology WG (bmwg) 60th IETF – San Diego, CA Thursday, August 5, 2004, Chairs: –Kevin Dubray –Al Morton.
1 MIS 2000 Class 22 System Security Update: Winter 2015.
1 Benchmarking Methodology WG (bmwg) 84th IETF Thursday, August 2, 2012 (1730 Vancouver Local Time, GMT-7:00) Chairs: –Al Morton If.
1 Benchmarking Methodology WG (bmwg) Virtual Interim Meeting prior to 76th IETF Friday, October 30, 2009, GMT Chairs: –Al Morton
Lecture 1: Overview modified from slides of Lawrie Brown.
SIP Performance Metrics 66 th IETF – Montreal Daryl Malas.
1 Secure DNS Solutions Rooster. 2 Introduction What does security mean for DNS? What security problems exist for DNS, what is being done about them, and.
Domain Name System Security Extensions (DNSSEC) Hackers 2.
Draft-novak-bmwg-ipflow-meth-05.txt IP Flow Information Accounting and Export Benchmarking Methodology
66th IETF Meeting Montreal IETF BMWG WLAN Switch & Mesh Benchmarking Jerry Perser
67th IETF San Diego IETF BMWG WLAN Switch Benchmarking Jerry Perser, Tom Alexander, Muninder Singh Sambi,
1 Benchmarking Methodology WG (bmwg) 70th IETF – Vancouver, Canada Thursday, December 6, 2007, 9:00-11:30 (Oak) Chairs: –Al Morton If.
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Fundamentals of Information Systems Security.
1 Benchmarking Methodology WG (bmwg) 80th IETF Tuesday, March 29, 2011, CDT (Central Europe Daylight Time, GMT+2:00) Chairs: –Al Morton
Quality of Service Option for Proxy Mobile IPv6 draft-ietf-netext-pmip6-qos-00.txt S. Gundavelli, J. Korhonen, M. Liebsch, P. Seite, H. Yokota IETF84,
1 Proposal for BENCHMARKING SIP NETWORKING DEVICES draft-poretsky-sip-bench-term-01.txt draft-poretsky-sip-bench-meth-00.txt Co-authors are Scott Poretsky.
1 Benchmarking Methodology WG (bmwg) 82nd IETF Monday, November 14, 2011, (Taipei Local Time, GMT+8:00) Chairs: –Al Morton
Dennis Beard Sandra Murphy Yi Yang March 2003 Threats to Routing Protocols.
Detecting Targeted Attacks Using Shadow Honeypots Authors: K.G. Anagnostakis, S. Sidiroglou, P. Akritidis, K. Xinidis, E. Markatos, A.D. Keromytis Published:
Proposal for new Working Group Item: Core Router Software Accelerated Life Testing (draft-poretsky-routersalt-term-00.txt) Authors: Scott Poretsky, Avici.
24/10/2015draft-novak-bmwg-ipflow-meth- 03.txt 1 IP Flow Information Accounting and Export Benchmarking Methodology
1 TCP/IP based TML for ForCES Protocol Hormuzd Khosravi Furquan Ansari Jon Maloy 61 st IETF Meeting, DC.
1 Benchmarking Methodology WG (bmwg) 85th IETF Tuesday, November 6, 2012 (1520 Atlanta Local Time, GMT-5:00) Chairs: –Al Morton – PLEASE.
1 Content-Aware Device Benchmarking Methodology/Terminology (draft-ietf-bmwg-ca-bench-meth-00) BMWG Meeting IETF-82 Taipei November 2011 Mike Hamilton.
1 TCP/IP based TML (Transport Mapping Layer) for ForCES Protocol Hormuzd Khosravi Shuchi Chawla Furquan Ansari Jon Maloy 62 nd IETF Meeting, Minneapolis.
Conficker Update John Crain. What is Conficker? An Internet worm  Malicious code that is self-replicating and distributed over a network A blended threat.
ROLL Working Group Meeting IETF-81, Quebec City July 2011 Online Agenda and Slides at: bin/wg/wg_proceedings.cgi Co-chairs:
1 SIP Performance Benchmarking draft-poretsky-sip-bench-term-04.txt draft-poretsky-bmwg-sip-bench-meth-02.txt BMWG, IETF-70 Vancouver Dec 2007 Davids IIT.
1 Benchmarking Methodology WG (bmwg) 77th IETF Monday, March 22, 2010, PDT (GMT – 7:00, due to DST in US) Chairs: –Al Morton
1 Benchmarking Methodology WG (bmwg) 86th IETF Tuesday, July 30, 2013 ( Berlin Local Time, GMT+2:00) Chairs: –Al Morton (acmorton(at)att.com)
SIP Performance Benchmarking draft-ietf-bmwg-sip-bench-term-01 draft-ietf-bmwg-sip-bench-meth-01 March 22, 2010 Prof. Carol Davids, Illinois Inst. of Tech.
1 Content-Aware Device Benchmarking Methodology (draft-hamilton-bmwg-ca-bench-meth-04) BMWG Meeting Maastricht July 2010 Mike Hamilton
26Jul BGP Data-Plane Benchmarking Applicable to Modern Routers Rajiv Papneja Ilya Varlashkin Bhavani Parise Dean Lee Sue Hares.
1 SIP Performance Benchmarking draft-poretsky-sip-bench-term-03.txt draft-poretsky-bmwg-sip-bench-meth-01.txt BMWG, IETF-69 Chicago July 2007 Poretsky,
1 Benchmarking Methodology WG (bmwg) 79th IETF Thursday, November 11, 2010, CST (China Standard Time GMT +8:00) Chairs: –Al Morton
July 28, 2010IETF 78 – Maastricht, Netherlands1 IP Multicast Performance Monitoring: update on IPPM experience Vero Zheng Alberto Tempia Bonda.
SDP Simple Capability Negotiation (SDP Simcap) draft-andreasen-mmusic-sdp-simcap-reqts-00.txt draft-andreasen-mmusic-sdp-simcap-01.txt 50th IETF - March.
Security Knowledge Should be Embedded Inside the Protocol RFCs The corresponding implementations should come out robust even if the implementers blindly.
Sub-IP Layer Protection Mechanism Performance Benchmarking draft-ietf-bmwg-protection-term-04.txt draft-ietf-bmwg-protection-meth-03.txt BMWG, IETF-72.
1 Benchmarking Methodology WG (bmwg) 67th IETF – San Diego CA, USA Tuesday, November 7, 2006, 13:00-15:00 (Spinnaker) Chairs: –Al Morton
Requirements and Selection Process for RADIUS Crypto-Agility December 5, 2007 David B. Nelson IETF 70 Vancouver, BC.
Assessment Information Evening 17 th September 2015.
Role Of Network IDS in Network Perimeter Defense.
1 Benchmarking Methodology WG (bmwg) 71st IETF – Philadelphia, PA USA Monday, March 10, 2008, 13:00-15:00 (Salon J) Chairs: –Al Morton
28 July BGP Data-Plane Benchmarking Applicable to Modern Routers Ilya Varlashkin Rajiv Papneja Bhavani Parise presented by Grégory CAUCHIE.
Benchmarking Methodology WG (bmwg) 57th IETF – Vienna, Austria Tuesday, July 15, 2003, and Chairs: –Kevin Dubray
Congestion Notification Process for Real-Time Traffic draft-babiarz-tsvwg-rtecn-04.txt Jozef Babiarz Kwok Ho Chan
1 Content-Aware Device Benchmarking Methodology (draft-hamilton-bmwg-ca-bench-meth-05) BMWG Meeting IETF-79 Beijing November 2010 Mike Hamilton
1 Benchmarking Methodology WG (bmwg) 78th IETF Thursday, July 29, 2010, CET (GMT – 0:00, due to DST in Europe) Chairs: –Al Morton
How to use C OBI T implementation resources Brian Selby Director of C OBI T Initiatives ISACA.
Draft-ietf-ccamp-lmp-02.txt Link Management Protocol (LMP) LMP draft updates…  draft-ietf-ccamp-lmp-07.txt  draft-ietf-ccamp-lmp-wdm-01.txt  draft-ietf-ccamp-lmp-test-sonet-sdh-00.txt.
Data Center Benchmarking Drafts
Authors: Scott Poretsky, Quarry Technologies Brent Imhoff, LightCore
Host of Troubles : Multiple Host Ambiguities in HTTP Implementations
IETF BMWG FRR Related Benchmarking Drafts Status and Update
Terminology for IPv6 Benchmarking <draft-ietf-martin-term-ipv6-00
IETF BMWG FRR Related Benchmarking Drafts Status and Update
Firewalls.
draft-dthakore-tls-authz
Outcome TFCS-11// February Washington DC
SIP Performance Metrics
$DN Software Defined Networking Benchmarking SDN
Consideration on applying ICN to Edge Computing
Networking for Home and Small Businesses – Chapter 8
Networking for Home and Small Businesses – Chapter 8
Networking for Home and Small Businesses – Chapter 8
M. Boucadair, J. Touch, P. Levis and R. Penno
Presentation transcript:

82nd IETF Taipei, Nov 2011 IETF BMWG Security Effectiveness Benchmarking Kenneth Green

2 Critical Functions of Content Aware Devices Content-aware security devices perform the following key functions: 1. Categorise traffic as either legal or illegal 2. Log/notify about illegal traffic (in-band/out-of-band) 3. Block illegal traffic (in-band) 4. Forward legal traffic (in-band) All devices must implement categorisation as it is fundamental to the other functions.

3 Distinguishing Performance and Effectiveness Security Performance = how well a content-aware device forwards good traffic with security features enabled and in the presence of illegal traffic. This has begun to be addressed by: draft-hamilton-bmwg-ca-bench_xxx Security Effectiveness = how well the device categorises traffic. No false negatives = accurately identifies all evil traffic No false positives = never flags good traffic as evil This is not currently addressed.

4 The Proposed Drafts Two drafts: Terminology and methodology for Security Effectiveness benchmarking Terminology draft will cover items specific to Security Effectiveness testing Legal traffic, Illegal traffic (taking RFC2647 as a starting point) Vulnerability, Malware, Virus, Trojan, Rootkit … False positive, false negative … Wildlist Others TBD (as required by the Methodology draft)

5 The Proposed Drafts (cont.) Methodology draft will provide general information on test setups and test results, then describe the specific benchmark metrics and tests Maximum Attack Blocking Rate Useful Attack Blocking Rate Attack Blocking Effectiveness Others TBD Results to include details of all attacks and identify those blocked and those not blocked.

6 Why Do We Need To Do This? The nature of this testing is orthogonal to that of performance testing and is not covered by existing RFCs or IDs. A security device with high forwarding performance is of little use if it misses malicious traffic. Currently there is no standard way to validate effectiveness of security solutions and hence no mechanism exists for realistic apples-to-apples comparisons of the breadth and currency of competing solutions. The range of security challenges grows exponentially Existing exploits and malware remain a risk and effectiveness against them must be validated for both new and updated products. New exploits and malware appear all the time requiring re-validation of the effectiveness of existing devices and solution updates.

7 Next steps Continue to solicit comments, feedback, and support Submit initial drafts based on comments and input received Initial methodology draft: draft-green-bmwg-seceff-bench-meth-00.txt Comments?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.