SDN/NFV DDoS Requirements "The Mobile Use Case – 5G" Bipin Mistry, VP Product Management © 2015 Corero www.corero.com.

Slides:

Advertisements

Similar presentations

Leverage existing residential gateways to securely offload mobile data.

Advertisements

All rights reserved © 2006, Alcatel Grid Standardization & ETSI (May 2006) B. Berde, Alcatel R & I.

Current impacts of cloud migration on broadband network operations and businesses David Sterling Partner, i 3 m 3 Solutions.

Use Cases for I2RS I2RS Interim Meeting Nicolai Leymann, Deutsche Telekom AG

Making Cellular Networks Scalable and Flexible Li Erran Li Bell Labs, Alcatel-Lucent Joint work with collaborators at university of Michigan, Princeton,

Grant agreement n° SDN architectures for orchestration of mobile cloud services with converged control of wireless access and optical transport network.

© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Software Defined Networking.

Tunis, Tunisia, 28 April 2014 Business Values of Virtualization Mounir Ferjani, Senior Product Manager, Huawei Technologies 2.

SDN and Openflow.

Zhang Fu, Marina Papatriantafilou, Philippas Tsigas Chalmers University of Technology, Sweden 1 ACM SAC 2010 ACM SAC 2011.

Unified Logs and Reporting for Hybrid Centralized Management

The End of Internet Architecture Author: Timothy Roscoe Presented by Gross, Zhaosheng Zhu.

1© Copyright 2015 EMC Corporation. All rights reserved. SDN INTELLIGENT NETWORKING IMPLICATIONS FOR END-TO-END INTERNETWORKING Simone Mangiante Senior.

Jaehoon (Paul) Jeong, Hyoungshick Kim, and Jung-Soo Park

1 3 rd SG13 Regional Workshop for Africa on “ITU-T Standardization Challenges for Developing Countries Working for a Connected Africa” (Livingstone, Zambia,

Cloud Usability Framework

1 When Cloud Networking meets Cloud Computing: Software-Defined Networking (SDN) Customer Application Faan DeSwardt Infrastructure Architecture Manager.

N. GSU Slide 1 Chapter 04 Cloud Computing Systems N. Xiong Georgia State University.

Abstraction and Control of Transport Networks (ACTN) BoF

COPYRIGHT © 2012 ALCATEL-LUCENT. ALL RIGHTS RESERVED. COMMUNICATIONS DRIVERS & TRENDS FOR SMART GRIDS Istanbul April 29-30

1 GRUPPO TELECOM ITALIA Software Defined Networking (SDN) and Network Functions Virtualization (NFV) Research issues and trends Antonio Manzalini– Telecom.

Extreme Networks Confidential and Proprietary. © 2010 Extreme Networks Inc. All rights reserved.

Sungkyunkwan University (SKKU) Security Lab. A Framework for Security Services based on Software-Defined Networking Jaehoon (Paul) Jeong 1, Jihyeok Seo.

Akamai Technologies - Overview RSA ® Conference 2013.

Software-Defined Networking - Attributes, candidate approaches, and use cases - MK. Shin, ETRI M. Hoffmann, NSN.

1 Dell World 2014 Reducing IT complexity and improving utilization though convergence infrastructure solutions Dell World 2014 Ravi Pendekanti, Vice President,

The FI-WARE Project – Base Platform for Future Service Infrastructures FI-WARE Interface to the network and Devices Chapter.

A policy-based per-flow mobility management system design

SDN AND OPENFLOW SPECIFICATION SPEAKER: HSUAN-LING WENG DATE: 2014/11/18.

Motivations for Innovations in Operational Excellence Bruce Rodin VP – Wireless Technology Bell Canada.

1 | © 2015 Infinera Open SDN in Metro P-OTS Networks Sten Nordell CTO Metro Business Group

SOFTWARE DEFINED NETWORKING/OPENFLOW: A PATH TO PROGRAMMABLE NETWORKS April 23, 2012 © Brocade Communications Systems, Inc.

Omniran CF00 1 VLANs in relation to P802.1CF NRM Date: Authors: NameAffiliationPhone Max RiegelNokia Networks

Scrapping the Internet Presented by Dhaval Joshi.

A Better Way Huawei Financial Agile Network Solution Success Cases.

HP Network and Service Provider Business Unit Sebastiano Tevarotto February 2003.

CloudMAC: Moving MAC frames processing of the Sink to Cloud.

© 2009 Cisco Systems, Inc. All rights reserved. Cisco Public Presentation_ID 1 Security Requirements of NVO3 draft-hartman-nvo3-security-requirements-00.

Towards more flexible networks -- backyard of IMT Takashi Egawa NEC Corporation Rapporteur, Q.14, SG13 1.

Corero DDoS Protection for your Network and Services Bipin Mistry VP Product Management.

Copyright © Ciena Corporation All rights reserved. Confidential & Proprietary. Different by design Simon Parry 13 th September 2013 Creating networks.

Clouding with Microsoft Azure

SDN & NFV Driving Additional Value into Managed Services.

Dell EMC Service Provider Cloud Infrastructure.

Dell EMC NFV Validated Systems: vCPE & SD-WAN.

Instructor Materials Chapter 7: Network Evolution

Dell EMC Service Provider Cloud Infrastructure

Progress of Network Architecture Work in FG IMT-2020

Digital Transformation for Modern Service Providers

Juniper Software-Defined Secure Network

University of Maryland College Park

Dell EMC Service Provider

Real-time protection for web sites and web apps against ATTACKS

1st Draft for Defining IoT (1)

How Smart Networks are Changing Corporate Networks

ETSI Multi-Access Edge Computing

Mobile edge computing Report by Weiqing huang.

به نام خدا Big Data and a New Look at Communication Networks Babak Khalaj Sharif University of Technology Department of Electrical Engineering.

5G Architecture Standardization Landscape in 3GPP

Casablanca Platform Enhancements to Support 5G Use Case (Network Deployment, Slicing, Network Optimization and Automation Framework) 5G Use Case Team.

Software Defined Networking (SDN)

ETSI Multi-access Edge Computing:

Casablanca Platform Enhancements to Support 5G Use Case (Network Deployment, Slicing, Network Optimization and Automation Framework) 5G Use Case Team.

See your OpenStack Network Like Never Before

CLIENT/SERVER COMPUTING ENVIRONMENT

Thoughts on IEEE 802 network integration with respect to P802.1CF

Make it easy to be secure E.g. derived credentials test lab

AT&T Network Based Firewall with NetBond® for Cloud

Thoughts on IEEE 802 network integration with respect to P802.1CF

Utilizing the Network Edge

Presentation transcript:

SDN/NFV DDoS Requirements "The Mobile Use Case – 5G" Bipin Mistry, VP Product Management © 2015 Corero

The Shift from Transport Centric to Service Centric Architectures  Yesterday’s SP Network – Access Access Edge, Pre-Agg, Aggregation, Transport Core, Centralized Services/services complex Not open Security - maybe as an overlay, some level of encryption - DDoS – either RTBH, scrubbed or passed on downstream © 2015 Corero 2

Example: 4G/LTE Mobile Network 3 User plane Control+user plane Control plane Trusted Untrusted DDoS Mitigation IoT Public Wifi

Threat mitigation 3GPP addresses security of interfaces mainly  Security specified for radio interface, backhaul link, core interfaces  protects traffic against interception, modification, replay  Subscriber authentication  protects against theft of service, impersonation of other subscribers, fraud  There’s a new trend in 3GPP to cover also platform security – by  standardizing requirements (solutions are proprietary)  This leaves a lot to address otherwise:  Flooding, crashing or compromising nodes by exploiting implementation flaws,  compromising network elements via weak O&M procedures, …  IP network security, network element security  Out of scope here: physical site protection, organizational security measures (e.g. malicious insider threat)

The Shift from Transport Centric to Service Centric Architectures  Tomorrow’s SP Network Architecture: Service/subscriber centric Virtualized - At the Network and Application level Programmable Server Centric - Not appliance centric - White box solutions Elastic Intelligent – Analytics driven Service Velocity Has to be SECURE!!!! – What type of security ? © 2015 Corero 5

5G – as an example

Smart network convergence An open ecosystem for innovation New network and service capabilities Business models based on shared resources Better sustainability and scalability The “5G Vision” Technology Enablers Software Defined Networks (SDN) Mobile Edge Computing (MEC) Network Function Virtualization (NFV) Big Data and Machine Learning Source: “5G Vision” (5GPPP) © 2015 Corero

8 The Big Picture: Software-Defined Mobility Cloud Radio Access Networks Network Function Virtualization RRH BBU Base station workloads shift onto virtualized compute (Macro/Small Cell) vEPC, vePDG Gi/SGi-LAN Programmable infrastructure for separation of Control/Forwarding Plane, granular control of service paths through virtual functions infrastructure through abstraction layers Orchestrators/Big Data Apps Mobile Edge Computing Highly distributed computing environment that can be used to deploy applications and services in close proximity to mobile users Service support functions and applications shift to open standards IMS OSS/BSS Apps Software Defined Networking

Security – Specifically DDoS

 Our average customer sees almost 4.5 attacks per day!  Some customers see many more  Across all verticals and segments  No one is immune! The Problem is Real – and Pervasive 10 © 2015 Corero

The “5G Vision” 13 Source: “5G Vision” (5GPPP) © 2015 Corero

Thank You