Network solutions for data centre and cloud - IPnett, Christian Vendelbo Petersen, Björn Lindman
-
Upload
mediehuset-ingenioren-live -
Category
Data & Analytics
-
view
57 -
download
6
Transcript of Network solutions for data centre and cloud - IPnett, Christian Vendelbo Petersen, Björn Lindman
IPnett, Nordic Academic Cloud
Services & the DDoS Landscape in DK
NETWORK DATA CENTER SECURITYUNIFIED
COMMUNICATIONS
IPnett - What we do
IPnett Solutions AreasWe deliver complete tailor-made solutions
based on our customers specific needs.
IPnett positioning in the Datacenter
Compute
Storage
Virtualization
Network
Nordic Academic Cloud Services
User
PORTALBPM
Orchestration
Reporting
BillingAuthentication
via
SWAMID
FEIDE
Service Catalogue
Virtual Server
Virtual Network
Virtual Storage
Virtual Backup
Monitoring
IPnett Community Cloud proposal
IaaS
VM Management
OpenStack
Virtual MachinesOpenStack
Server
HTTPS
Service Stack
IPnett
Juniper
EMC
IBM
SuperMicro
Portal
Self Service
Portal
Provisioning API
Bridge
STaaS
Client
Server
(VM)
STaaS
VM
BaaS/AaaS
Archive & BackupClient - TSM
Archive & Backup
Server - TSM
Server
TSM
Storage
NFS NFS
Fast
Storage
Large
Storage
RBD RBD
Client
App
Object
GW
TLS
REST
HTTPS
NFS/
CIFS/
iSCSI
IPsec
Storage
BaaS + STaaS + IaaS – Data-plane
IPnett DC2NREN
Backup Servers
BGP Router DC switch
DC switch
WDM Shelves
Back-end/Mgm VM clusterIPnett DC1
IaaS VMs
BGP RouterDC switch
DC switch
WDM Shelves
Front-end VM cluster
Back-end/Mgm VM cluster
Front-end VM cluster
Juniper Open Contrail
Juniper Virtual Chassis Fabric
• A single entity to manage: Single logical point of management for all interconnected switches
• One spine switch acts as the master device. New master selected with no interruption in service.
• Zero-touch, plug-and-play provisioning
• Configuration and image synchronization
IPnett value proposition
• IPnett streamlines data center resources and radically lowers
capital cost and operational expense by economy of scale for the
community.
• New Business model - The Solution offers a flexible on-Demand
way to consume the cloud services.
• Next-generation data center platform that unites compute,
network, storage and virtualization into a one single scalable
system
• Independent system integrator working with best in class
technologies and open standards
• One partner that take full responsibility
• Best in class competence for all critical components within the
datacenter
The DDoS Landscape in Denmark
DDoS in Denmark – an overview!
• The Danish DDoS Landscape of 2014
• 2015 So far ….
• Generic solutions against DDoS!
Data Collection:
ATLAS - Arbor Networks
• ATLAS: gathering info from ISPs on a global scale!
Data Collection:
ASERT - Arbor Networks
• The team that looks at all the cr….. from the Internet
DDoS in DK: 2014!
Maximum values seen in 2014:
Attacks
(of total events)
Max BPS Max PPS Max Duration
Q1 10685 (11087) 103G 41M 5d:15h:6m:36s
Q2 8731 (9504) 48G 18M 1d:18h:35m:4s
Q3 10834 (11551) 156G 41M 0d:17h:22m:38s
Q4 (no data yet) (no data
yet)
(no data
yet)
(no data yet)
DDoS in DK: 2014!
BPSMean/Median
PPSMean/Median
DurationMean/Median
Q1 2,219G / 737,591M 548,293K / 162,284K 39m:26s / 12m:35s
Q2 1,715G / 469,516M 369,711K / 74,725K 27m:45s / 12m:27s
Q3 3,183G / 985,483M 774,749K / 147,195K 22m:32s / 11m:42s
Q4 (no data yet) (no data yet) (no data yet)
Average and Median
values seen in 2014:
DDoS in DK: 2014!
• In all Quarters Mean-values are much larger than Median-values
• Positively-skewed distribution
• So, many small attacks and few large attacks
• This is most likely due to many ”proof-of-concept” attacks and a few very large attacks
ModeMedian
Mean
Mode: ”most votes”
• Banks in Scandinavia
attacked
– Launched around New Years
– Ports 80 and 443 was
targeted
2015 so far on a global …..
• Good News!!
– The Ramnit, 3.2 million node,
botnet takes a hit!
– … but is not dead yet!
• FREAK
– Force hosts to use 512-bit
encryption
– Eaves dropping attackers,
inject packets that force shorter
key
• DNS Registrar redirect attack
– Google in Vietnam was pointed
to something else!
– www.google.com.vn ->?
The Arbor Ecosystem . . . . . . We See Things Others Can’t
Service Providers Enterprise Networks
Enterprise data center services are now fully available
and secure from advanced threats!
The Arbor ecosystem between service providers & enterprises
offers comprehensive protection from active threats
Thats all for now!
Visit our stand! Several Google
Chromecast to win!