Security in High Performance Networks A Practical View Tony Cataldo 5/19/04.

Slides:



Advertisements
Similar presentations
Hosted Revolution Ltd Hosted Exchange October 2009 V2.01.
Advertisements

Blue Coat and the Blue Coat logo are trademarks of Blue Coat Systems, Inc., and may be registered in certain jurisdictions. All other product or service.
1 Scalability is King. 2 Internet: Scalability Rules Scalability is : a critical factor in every decision Ease of deployment and interconnection The intelligence.
Introduction to ISA 2004 Dana Epp Microsoft Security MVP.
Web Caching Schemes1 A Survey of Web Caching Schemes for the Internet Jia Wang.
Discovering Computers Fundamentals, 2011 Edition Living in a Digital World.
Network Security Overview Tales from the trenches.
Overview Distributed vs. decentralized Why distributed databases
Firewalls Presented By Hareesh Pattipati. Outline Introduction Firewall Environments Type of Firewalls Future of Firewalls Conclusion.
A Scalable, Commodity Data Center Network Architecture.
Load Sharing and Balancing - Saravanan Mathialagan Masters in Computer Science Georgia State University.
Network Diagram with International Standard
1 Review of Important Networking Concepts Introductory material. This slide uses the example from the previous module to review important networking concepts:
CS332 Ch. 28 Spring 2014 Victor Norman. Access delay vs. Queuing Delay Q: What is the difference between access delay and queuing delay? A: I think the.
Internet Traffic Management Prafull Suryawanshi Roll No - 04IT6008.
MPLS networking at PSP Co Multi-Protocol Label Switching Presented by: Hamid Sheikhghanbari 1.
© 2007 AT&T Knowledge Ventures. All rights reserved. AT&T and the AT&T logo are trademarks of AT&T Knowledge Ventures. Subsidiaries and affiliates of AT&T.
Hosted on the Powerful Microsoft Azure Platform, Advent Countdown Lets Companies Run Reliable and Scalable Holiday Marketing Campaigns MICROSOFT AZURE.
F5’s BIG-IP Blade Controller - The Essential Software for Blade Server Systems May 2002 John Bigelow Vice President & General Manager, Software Business.
Internet Traffic Management. Basic Concept of Traffic Need of Traffic Management Measuring Traffic Traffic Control and Management Quality and Pricing.
Implementing ISA Server Publishing. Introduction What Are Web Publishing Rules? ISA Server uses Web publishing rules to make Web sites on protected networks.
Emerging Wireless Standards Understanding the Role of IEEE & ZigBee™ in AMR & Submetering Mapping Your Future: From Data to Value AMRA 2003 International.
1 Distributed Systems : Server Load Balancing Dr. Sunny Jeong. Mr. Colin Zhang With Thanks to Prof. G. Coulouris,
IPv4 TO IPv6 TRANSITION AND INTEROPERABILITY FOR TELECOM SERVICE PROVIDER Business Problem In today’s environment of growing connectivity where almost.
Lec4: TCP/IP, Network management model, Agent architectures
Windows 7 Firewall.
Year 10 – Chapter 4 – Computer Networks Lesson 2: Setting up a Network Starter Task – Can you think of reasons to set up a network? Why Use Networks? 1.
Page 1 Intro to Cisco Routers and RIP & IGRP Lecture 6 Hassan Shuja 04/18/2006.
Firewall Basics Technology and Business Applications.
Private Network Addresses IP addresses in a private network can be assigned arbitrarily. – Not registered and not guaranteed to be globally unique Generally,
INTRANETS MR ROSS UNIT 3 IT APPLICATIONS. DEFINITION An intranet is an internal, secured environment that has a similar look and feel to the Internet,
Panther Media for Large Scale Development Network Architecture.
Nexthink V5 Demo ITSM – Users Impacted. Situation › It’s Wednesday morning › Last night the infrastructure team we worked hard on a proxy migration We.
High-Performance Applications in a Secure Environment Michael Tepedino.
Networking Components Quick Guide. Hubs Device that splits a network connection into multiple computers Data is transmitted to all devices attached Computers.
Assignment # 3 Networking Components By: Jeff Long.
Presented By Hareesh Pattipati.  Introduction  Firewall Environments  Type of Firewalls  Future of Firewalls  Conclusion.
Network Processing Systems Design
Enterprise Resources Planning (ERP) Definition 1 Enterprise Resource Planning A method for the effective planning and controlling of ALL these sources.
Network Virtualization Ben Pfaff Nicira Networks, Inc.
Scales Technology FZCO
CompTIA Security+ Study Guide (SY0-401)
Scalable Web Apps Target this solution to brand leaders responsible for customer engagement and roll-out of global marketing campaigns. Implement scenarios.
Discovering Computers 2010: Living in a Digital World Chapter 14
Schlenker, H. , R. Kluge, and J. Koehl
CONNECTING TO THE INTERNET
Internet and Intranet.
Year 11 – Chapter 4 – Computer Networks
Kris, Karthik, Ansley, Sean, Jeremy Dick, David K, Frans, Hari
Scalable Web Apps Target this solution to brand leaders responsible for customer engagement and roll-out of global marketing campaigns. Implement scenarios.
LECTURE 34: WEB PROGRAMMING FOR SCALE
Network Architecture Introductory material
How Global MPLS Service Brings World Altogether?
CompTIA Security+ Study Guide (SY0-401)
Internet and Intranet.
Chapter 1: Introduction
Distributed Content in the Network: A Backbone View
Review of Important Networking Concepts
LECTURE 32: WEB PROGRAMMING FOR SCALE
The Business Value of MPLS VPNs
LECTURE 33: WEB PROGRAMMING FOR SCALE
Firewalls Jiang Long Spring 2002.
Internet and Intranet.
Unit 36: Internet Server Management
Steelhead Customer Presentation (Satellite Provider)
Ron Carovano Manager, Business Development F5 Networks
LECTURE 33: WEB PROGRAMMING FOR SCALE
Internet and Intranet.
NFV and SD-WAN Multi vendor deployment
Presentation transcript:

Security in High Performance Networks A Practical View Tony Cataldo 5/19/04

Page 2 Security is about Knowledge  Know your Business  What failures are acceptable – Scope and Concurrency  Know your Applications:  What they do  How they do it  Who wrote them – what are they based on  How were they tested  What were they tested for? –Load, Performance, Locality?  Know the Network  More than the metrics like routers, switches & locations  Architecture and Design – How do things route?  Where are un-routable packets coming from & going to?  Ingress/Egress to the Public Internet and Supplier Networks  Is there a difference?  Should there be a difference?

Page 3 Know what Business your Company is in… Cars and Trucks  Design and Engineer  Research  Advanced Engineering  CAD/CAM and CAE  Manufacturing  Industrial Engineering  Materials Scheduling and Logistics  Shipping  Marketing and Sales  Dealers Independently Owned  Ad Campaigns and/or Web presence for all Brands Financing Service All on a Global Basis

Page 4 What Makes a High Performance Network – Low?  Bad Protocols – What should/should not run on the Network  Bad Applications – Security is not an afterthought  Testing at the wrong time  Latency  Complexity  Knowing the difference between High-Availability, Disaster- Recovery, Business-Continuity, Robustness and Reliability  Bad Security – “Depth of Security” is important, but so is type:  Router Access Control Lists’  Firewall Diversity and Placement  Analyze the logs – Get a baseline, look for perturbations

Page 5 Some Scenarios – Some Tradeoffs  Public Internet Connectivity: u Ford is a Global Company that requires low latency connectivity in its major markets therefore we have Public Internet connections in Europe, US and Singapore. Tradeoff: Simplicity vs. Latency u The connectivity in the US is provided by four different ISP’s split between two US Data Centers. Tradeoff: Disaster Recovery and Robustness vs. Easy Routing to the Public Internet  Monolithic vs. Horizontal or Vertical Scaling u Should the entrance to all Public Facing web sites have Firewall, Load- Balancing and Routing in one pair of devices for performance reasons? u Should Firewalls (weakest performance link) do deep-packet inspection or just a “speed-bump” along the way? u Know your Firewalls’ limits: Concurrent Connections, Connections/Sec. and I/O limits. Thru-put under operating conditions.  Applications Oriented Security u Most Common is Relays in/out with virus checking u Reverse Proxy for selected web apps. But it becomes a slippery slope when caching, load-balancing and TCP flow optimization is considered. u SSL/VPN for selected apps but how to scale, up or across?

Page 6 Thank You

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.