Open Hub
Open Hub

 Settings |  Report Duplicate

1
I Use This!
Activity Not Available

News

FAUCET and Project Nozzle
Posted over 6 years ago by [email protected] (Josh Bailey)
https://networkshop.aarnet.edu.au/2018-program/cyber-security-variety-show/SCALABLE AND FLEXIBLE CYBER-SECURITY USING SDN AND WHITE-BOXES Vijay Sivaraman, Professor, UNSW and Craig Russell, Principal Research Engineer, Data61-CSIRO Custom ... [More] middle-boxes for security have traditionally been difficult to scale cost-effectively to high data rates. Project Nozzle aims to build a cyber-security solution using white-box SDN switches and commodity servers. In this talk we will discuss why the SDN paradigm is well-suited to cyber-security; outline our cyber-security architecture that is modular, flexible, and scalable; and demonstrate it operational in two enterprise networks to reveal security vulnerabilities.Vijay Sivaraman is a Professor in Telecommunications at UNSW, and has worked prior in a silicon-valley start-up building switch-routers.Craig Russell is a Principal Research Engineer at Data61-CSIRO, and has worked prior in designing and building carrier networks.They jointly founded the ANZ-SDN Alliance in 2013 to foster the uptake of SDN technology in the region, and have developed multiple SDN solutions that are in operation or trials in live networks. [Less]
FAUCET and Project Nozzle
Posted over 6 years ago by [email protected] (Josh Bailey)
https://networkshop.aarnet.edu.au/2018-program/cyber-security-variety-show/SCALABLE AND FLEXIBLE CYBER-SECURITY USING SDN AND WHITE-BOXES Vijay Sivaraman, Professor, UNSW and Craig Russell, Principal Research Engineer, Data61-CSIRO Custom ... [More] middle-boxes for security have traditionally been difficult to scale cost-effectively to high data rates. Project Nozzle aims to build a cyber-security solution using white-box SDN switches and commodity servers. In this talk we will discuss why the SDN paradigm is well-suited to cyber-security; outline our cyber-security architecture that is modular, flexible, and scalable; and demonstrate it operational in two enterprise networks to reveal security vulnerabilities.Vijay Sivaraman is a Professor in Telecommunications at UNSW, and has worked prior in a silicon-valley start-up building switch-routers.Craig Russell is a Principal Research Engineer at Data61-CSIRO, and has worked prior in designing and building carrier networks.They jointly founded the ANZ-SDN Alliance in 2013 to foster the uptake of SDN technology in the region, and have developed multiple SDN solutions that are in operation or trials in live networks. [Less]
Poseidon quick start
Posted over 6 years ago by [email protected] (Josh Bailey)
https://github.com/cyberreboot/poseidon#installThe Poseidon SDN based traffic classification system has nice new installation option that allows a test instance to be brought up in less than 30 mins on a single machine with OVS (supports both FAUCET and BCF controllers).
IoT testing with DAQ
Posted over 6 years ago by [email protected] (Josh Bailey)
https://www.computer.org/csdl/mags/co/2018/06/mco2018060090-abs.htmlOur colleagues' DAQ project, which automates testing of IoT networks with a FAUCET based approach.
IoT testing with DAQ
Posted over 6 years ago by [email protected] (Josh Bailey)
https://www.computer.org/csdl/mags/co/2018/06/mco2018060090-abs.htmlOur colleagues' DAQ project, which automates testing of IoT networks with a FAUCET based approach.
A non-techie view of production SDN and how NZ is leading the way globally
Posted over 6 years ago by [email protected] (Josh Bailey)
https://www.linkedin.com/pulse/non-techie-view-production-sdn-how-nz-leading-way-globally-nash/?published=tA post by FAUCET Foundation co-chair Ange Nash.
Brad Cowie's talk on FAUCET at NZNOG 18
Posted almost 7 years ago by [email protected] (Josh Bailey)
https://youtu.be/PPGAGV1zKxc?t=3853
Adventures in stacking
Posted about 7 years ago by [email protected] (Josh Bailey)
There's been quite a bit of interest in FAUCET stacking (distributed switching), so over the next couple of weeks I will be adding some more features (including active link/cable verification, and some optimizations to the switching algorithm for ... [More] switches at the edge so that fewer resources are required).For now, here is an example topology with 3 switches, which we will develop upon.vlans:    100:        description: "100"dps:    nf1248:        dp_id: 0x1        hardware: "NoviFlow"        stack:            priority: 1        interfaces:            46:                native_vlan: 100            47:                stack:                    dp: x510                    port: 23            48:                stack:                    dp: x930                    port: 23    x510:        dp_id: 0xeccd6d9936ed        hardware: "Allied-Telesis"        interfaces:            14:                native_vlan: 100            23:                stack:                    dp: nf1248                    port: 47    x930:        dp_id: 0xeccd6ddf6ca4         hardware: "Allied-Telesis"        interfaces:            14:                native_vlan: 100            23:                stack:                    dp: nf1248                     port: 48 [Less]
Adventures in stacking
Posted about 7 years ago by [email protected] (Josh Bailey)
There's been quite a bit of interest in FAUCET stacking (distributed switching), so over the next couple of weeks I will be adding some more features (including active link/cable verification, and some optimizations to the switching algorithm for ... [More] switches at the edge so that fewer resources are required).For now, here is an example topology with 3 switches, which we will develop upon.vlans:    100:        description: "100"dps:    nf1248:        dp_id: 0x1        hardware: "NoviFlow"        stack:            priority: 1        interfaces:            46:                native_vlan: 100            47:                stack:                    dp: x510                    port: 23            48:                stack:                    dp: x930                    port: 23    x510:        dp_id: 0xeccd6d9936ed        hardware: "Allied-Telesis"        interfaces:            14:                native_vlan: 100            23:                stack:                    dp: nf1248                    port: 47    x930:        dp_id: 0xeccd6ddf6ca4         hardware: "Allied-Telesis"        interfaces:            14:                native_vlan: 100            23:                stack:                    dp: nf1248                     port: 48 [Less]
flow table monitoring in Prometheus
Posted about 7 years ago by [email protected] (Josh Bailey)
From next week (8 Jan 2018), Gauge is able to log flow table statistics to Prometheus. This makes graphing ACL counters, packets by Ethernet source and destination etc, possible in Prometheus.You will need this config in gauge.yml: faucet_configs:   ... [More]   - '/etc/ryu/faucet/faucet.yaml' watchers:     port_stats:         dps: ['windscale-faucet-1']         type: 'port_stats'         interval: 10         db: 'prometheus'     flow_table:         dps: ['windscale-faucet-1']         type: 'flow_table'         interval: 10         db: 'prometheus' dbs:     prometheus:         type: 'prometheus'         prometheus_port: 9303         prometheus_addr: '' Then you can graph things like packets by eth_src: [Less]