1. Network Architecture and Security Ten Years Out Internet2 Member Meeting; Fall 2005 Deke Kassabian – University of Pennsylvania Mark Poepping – Carnegie Mellon

2. Of Possible Interest To- Researchers, CIOs, network & security professional who: –find that today's networks and tools cannot both meet the needs of general information security requirements and advanced applications. –find that today's network problems and security incidents are increasingly difficult to troubleshoot, due to the complexity of networks with many disjoint, non-coordinated security control points. –are interested in next-gen networks with new capabilities, and that might support advanced high bandwidth and realtime application requirements without sacrificing security.

3. Outline A Brief Introduction to Salsa Introduction to RTP Related Efforts The “Why” and “Who” of RTP Reconnections Workshop

4. Salsa recap… Internet2 campus leaders in networking and security who advise on network security initiatives Focus on technology issues and operational imperatives Collaboration, cross-membership with EduCause/Internet2 Security Task Force

5. Salsa Activities Next Week – Immediate issues (TFN) –Incident Security WG –REN-ISAC focus groups Next Year – Medium-term improvement (TFT) –netAuth architecture –FWNA – visiting scientist Next Decade – Long-term issues (RTP) –Reconnections workshop

6. Salsa RTP: “Rethinking the Problem” Salsa Working Group exploring some of the problems with today’s model for networking and security Collaborating with those considering 'clean slate’ design for Internets First step is a small workshop to explore the possibility of new design principles for future networks

7. Which Problem are we “Re-Thinking?” Internet Design Principles User and Application Expectations Available Security Solutions You!

8. Salsa RTP Exploring problems in today’s model for networking and security –Applications can (partially or fully) fail without feedback to the application or user, because of security policy implemented in firewalls, traffic shapers, etc. –Personal lambdas provide new capabilities, and create new challenges –Problem diagnosis has become much more difficult

9. New Requirements; New Principles Collaborating with those considering 'clean slate’ design for Internets –Basic Internet design principles which have served us well for more than 30 years need to be reviewed –New principles that better meet emerging needs for research and advanced applications may emerge –Example: Take a fresh look at the implications of trust fabrics on future network designs

10. Interact with Other Efforts Issues, Motivations, Concerns; e.g. IRTF End-to-End Research Group report www.ir.bbn.com/~craig/e2e-vision.pdf SIGCOMM July, 2005 DARPA Report http://www.isi.edu/newarch Research, Design, Experimentation; e.g. NSF GENI - http://www.nsf.gov/cise/geni http://www.nsf.gov/cise/geni PlanetLab Manageability doesn’t appear as a requirement elsewhere

11. Re-thinking Example (1 of 2) Revisiting basic design principles such as the data plane / control plane model A general data plane - network core just forwards packets knowledge of the application is at the edges, in the attached hosts A parallel control plane used for managing the network infrastructure, without knowledge of the applications being run. This division facilitates innovation and deployment of new applications But it has a drawback: the core doesn’t know what the user is trying to accomplish, so it can’t detect when the user is experiencing a failure.

12. Re-thinking Example (2 of 2) In 10 years, the Internet should be augmented to provide a linkage between application intentions and network behavior. (above paraphrased from the IRTF e2e report mentioned above)

13. RTP: Why is Salsa involved? Campus network and security professionals manage networks today, and feel the pain of being pulled in many directions As interesting new designs for Internets come to light as research, we’ll be working with researchers to instantiate them When the time comes to put real people and real applications and real load on new networks to do real work, we’ll be asked to help make that happen We know something about “Manageability”

14. Our role from the perspective of… Researchers: we host and help to provision many of your experiments; we broker the real traffic to the experiment Funders: we're generally the first to transition the experiment into less friendly environs, and so share in the risk Vendors: we buy or install and/or manage your products for our enterprises and the researchers with their testbeds

15. First Effort: “Reconnections” workshop Fall 2005: explore RTP issues in a small group Participation Small, Invitation-only workshop Principals from other long-term efforts Network Researchers Campus Network and Security Architecture and Engineering

16. First Effort: “Reconnections” workshop Process & Focus Working through identification of problems, and long term design approaches to deal with them Focus on “Manageability” in Enterprise Networks Consider policy and experience with trust fabric in future designs

17. First Effort: “Reconnections” workshop Outcomes and Output Workshop notes Whitepaper on early conclusions Suggestions for follow-up and connections to other efforts

18. Network Architecture and Security Ten Years Out Internet2 Member Meeting; Fall 2005 Deke Kassabian – University of Pennsylvania Mark Poepping – Carnegie Mellon