Extreme Networks BoF on Security

The role of the network to defend against security attacks

Tuesday, 16 May, 17:45 - 19:30, Le Ciminiere - Room C

In order to defend effectively against security attacks the network needs to provide an intelligent, open –XML- based API interfaceto allow security devices to communicate with the internal network. The result is a secure network that constantly monitors behavior and makes instant decisions on all traffic, even at 10 Gigabit speeds, forwarding only the relevant information to a specific security device. Based on the analysis of this security device the network can respond automatically, mitigating the security threat even before it is launched.

Hackers continue to target new software vulnerabilities, as shown by the recent “Zotob.B” worm, which attacked many businesses in the US in August last year. Zotob.B targeted the Windows 2000 software platform; however, these attacks continue across various components of the infrastructure (servers, desktops, switches and routers) and all operating systems including Linux and Solaris-based machines.

For security administrators, who are responsible for isolating and curing infected end-points on multiple software operating systems, it was doubly frustrating to find hackers as eleven variants of Zobot.B were created in just four days. Businesses relying on existing “signature-based” security solutions were proven vulnerable against Zotob.B, and many of them suffered setbacks as well as costly network downtime. For example, San Diego county officials were reported to have assembled a 200-person team to mend their infected computers at the rate of 3000 systems per day – incurring astronomical costs for protecting against just one attack.

Zotob.B represents a class of deadly attacks, also termed as “Rapidly Propagating Threats” (RPT), which are difficult to detect using traditional in-line security techniques. More challenging, the mitigation counter-measures necessary to stop RPTs can take a long time to install. By definition, the impact of RPTs is large, as the scope and distribution of the infection has a wide reach in a very short period of time. RPTs will at best cause delay and disruption and at worst have major transactional implications to organizations, along with a linear impact upon financial results.

The 'day zero' vulnerability exposure to these RPT’s is fast becoming the top priority for IT departments to resolve. Signature based security solutions only protect against known security threats. To protect against ‘day zero’ vulnerabilities, the network plays an important role to identify traffic patterns related to RPT’s. After identification of a possible threat, the relevant information needs to be forwarded to the appropriate security devices for in-depth analysis and appropriate countermeasures. Open XML-based interfaces are the way forward to integrate the network infrastructure with the specific security appliances, allowing to use the network as a wirespeed security filter.

BoF on the Exchange of Ideas for New Services

Tuesday, 16 May, 17:45 - 19:30, Le Ciminiere, Room F

Or killing the "not invented here syndrome"

New requirements from the users, customers and from other external partners (other NRENs, government, service providers) give the NRENs an increasing workload. Cooperation and co-development is one way to be able to implement new service in the expected time frame, and to be able to deliver comparable service portfolios.

One of the work areas for the LCPM (Life Cycle and Portfolio Management) task force is to identify ideas for new services, promote exchange of ideas and identify ways to cooperate. As a start on this work area, we are organising this BoF on exchange of ideas for new services. Anyone interested in sharing ideas, discussing ways to develop new services or cooperate with other NRENs in developing new services is welcome to attend this BoF.

The BoF will give a short introduction to the TF-LCPM work area, and some short presentations of ideas and how it is possible to cooperate/co-develop new services.

The BoF will try to answer the following questions:

  • Is there anything we can do to improve the ways we exchange ideas?
  • Are there better ways to promote co development of new services?

Nortel BoF on Photonic Networks

Tuesday, 16 May, 17:45 - 19:30, Le Ciminiere, Room B

Photonic networks providing routing functions at Layer-0 are a reality. Many applications take advantage of the performance and flexibility of photonic networks and in doing so open up new opportunities. This session will provide an overview of the state of photonic network technology and will highlight network architectures which optimise application deployment in practical networks.

Speaker: Jan Willem Elion, design consultant at Nortel, Netherlands

BoF on VoIP and issues related to the SIP protocol

Tuesday, 16 May, 17:45 - 19:30, Le Ciminiere, Room D

Communication based on SIP is gaining in importance. Although euphoria from the past years was damped, it can still be affirmed on the basis of market development and tendencies of product manufacturer, that SIP is spreading rapidly. Apart from several private companies, many academic institutions start to deal seriously with this subject too. The aim of this session is to interchange experiences and discuss about the role of NRENs in this development.