Research Focused Networking ● Science DMZ ● Network segment topologically close to campus edge, available as a co-location space for research data ● Optimized.

Slides:



Advertisements
Similar presentations
Duke University SDN Approaches and Uses GENI CIO Workshop – July 12, 2012.
Advertisements

Interconnection Networks: Flow Control and Microarchitecture.
Copyright © 2011, Dr. Dharma P. Agrawal and Dr. Qing-An Zeng. All rights reserved. 1 Chapter 09 Network Protocols.
Joining LANs - Bridges. Connecting LANs 4 Repeater –Operates at the Physical layer no decision making, processing signal boosting only 4 Bridges –operates.
IT security Are you protected against hackers?. Why are we in danger?  The Internet is worldwide, publicly accessible  More and more companies and institutes.
Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.
Network Security Philadelphia UniversityAhmad Al-Ghoul Module 11 Exploring Secure Topologies  MModified by :Ahmad Al Ghoul  PPhiladelphia.
Signalling Systems System which allows various network components to exchange information –In particular, it supports call / connection control network.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Services in a Converged WAN Accessing the WAN – Chapter 1.
Chapter 10 Virtual Private Networks. VPN Defined  A segment of the public network made to appear part of a private network so that it can be used to.
Firewalls Presented By Hareesh Pattipati. Outline Introduction Firewall Environments Type of Firewalls Future of Firewalls Conclusion.
Institute of Technology, Sligo Dept of Computing Semester 3, version Semester 3 Chapter 3 VLANs.
Transport SDN: Key Drivers & Elements
Secure Network Design: Designing a Secure Local Area Network IT352 | Network Security |Najwa AlGhamdi1 Case Study
NETWORK CONNECTIVITY DEVICES: REPEATERS, HUBS, BRIDGES, SWITCHES & ROUTERS Michael Armand Danielle DiLuzio Ronnie Hedrick.
SharePoint Farm On Azure IAAS Prepared By : Prakhar Rastogi Premier Field engineer Microsoft India.
Basic Configuration-Modify LAN IP address for DFL Firewall
National Institute of Science & Technology Voice Over Digital Subscriber Line (VoDSL) Vinay TibrewalEE [1] VoDSL: Next Generation Voice Solution.
Software-defined Networking Capabilities, Needs in GENI for VMLab ( Prasad Calyam; Sudharsan Rajagopalan;
Chapter 1 Basics of Networking & Designs of Simple Networks powered by DJ.
Research Opportunities Facilitated via UCR’s Network Infrastructure Presented by Charles Rowley AVC Computing and Communications University of California,
Access Control List (ACL)
1 Kyung Hee University Chapter 15 Connecting LANs, Backbone Networks, and Virtual LANs.
Networking Components James Rouse LTEC Network Administration March 15, 2014 Assignment 3.
15.1 Chapter 15 Connecting LANs, Backbone Networks, and Virtual LANs Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or.
Securing the Network Infrastructure. Firewalls Typically used to filter packets Designed to prevent malicious packets from entering the network or its.
NET 324 D Networks and Communication Department Lec1 : Network Devices.
Connecticut Education Network “Forum” June 14, 2001.
NETWORKING COMPONENTS BY: TRAVIS MARSHALL. HUBS A hub is a device within a network that has multiple Ethernet ports that devices can plug into. The hub.
Cyberinfrastructure: An investment worth making Joe Breen University of Utah Center for High Performance Computing.
Overview of Firewalls. Outline Objective Background Firewalls Software Firewall Hardware Firewall Demilitarized Zone (DMZ) Firewall Types Firewall Configuration.
6.1 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 6: Designing.
P2P is good news “will force us to look for new solutions architectures in resource manegment”
Access Control List (ACL) W.lilakiatsakun. Transport Layer Review (1) TCP (Transmission Control Protocol) – HTTP (Web) – SMTP (Mail) UDP (User Datagram.
BEIJING-LCG Network Yan Xiaofei
Cloud computing: IaaS. IaaS is the simplest cloud offerings. IaaS is the simplest cloud offerings. It is an evolution of virtual private server offerings.
I2RS Overlay usecase 1 Fangwei hu Bhumip Khasnabish.
Copyright 2008 © Mobile Telephone Networks. All rights reserved. MTN Business Hosting Services: Efficient Localization of Web & Digital Content Tolulope.
Presented By Hareesh Pattipati.  Introduction  Firewall Environments  Type of Firewalls  Future of Firewalls  Conclusion.
CN2668 Routers and Switches Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+
August 22, 2001 Traffic and Cost Model for RPR versus 1GbE and 10GbE Architectures A Carriers’ Carrier Perspective Stevan Plote Director of Technology.
Ben Rogers August 18,  High Performance Computing  Data Storage  Hadoop Pilot  Secure Remote Desktop  Training Opportunities  Grant Collaboration.
Central Management of 300 Firewalls and Access-Lists Fabian Mauchle TNC 2012 Reykjavík, 21-May-2012.
INTRODUCTION NETWORKING CONCEPTS AND ADMINISTRATION CSIS 3723
Networking in the Enterprise
Fermilab T1 infrastructure
CCNA Networking Fundamentals
Zueyong Zhu† and J. William Atwood‡
Tapeless And Security.
Part III Datalink Layer 10.
Connecting Devices LANs or WANs do not normally operate in isolation. They are connected to one another or to the Internet. To connect LANs or WANs, we.
Connecting LANs, Backbone Networks
Edge Transport servers and Hybrid: Why, or why not?
Network Layer Goals: Overview:
Cryptography and Network Security Chapter 16
1.
CS4470 Computer Networking Protocols
Virtual LANs.
Network Classification
Sizing …today. T: Here’s how. .
Access Control Lists CCNA 2 v3 – Module 11
Connecting LANs, Backbone Networks,
An Introduction to Computer Networking
Big-Data around the world
Cloud computing mechanisms
Chapter 3 VLANs Chaffee County Academy
Part III Datalink Layer 10.
Network Architecture By Dr. Shadi Masadeh 1.
L3-L7 Connectivity Policies
Presentation transcript:

Research Focused Networking ● Science DMZ ● Network segment topologically close to campus edge, available as a co-location space for research data ● Optimized for exchanging large data sets with off-campus collaborators ● 10Gb/s connection to Internet-2 ● No firewalls between DMZ and the world; simple security filters only ● This means higher performance with off-campus peers, at the cost of sophistication in security

Science DMZ Logical Topology

Science DMZ Performance ● 10Gb/s connections to Internet-2 ● Connections between the DMZ and campus buildings are also at 10Gb/s, but must traverse campus firewalls; this has performance overhead ● Jumbo frames supported throughout ● Optimized for data transfers to off-campus peers over on-campus locations

Science DMZ Security ● There is a security layer between the DMZ and the world, but it is not stateful ● Packet-by-packet filtering only ● High performance, but cannot identify connection patterns or traffic profiles

Science DMZ Extensibility ● There may be situations where use of the Science DMZ topology is not practical as a co-location approach ● In some areas it may be possible to extend the DMZ into campus buildings if co-locating equipment is impractical

Science DMZ Extensibility

● Note: this is accomplished by constructing a virtualized path for research traffic, not by building a new physical path ● So---performance on the research DMZ network will still be limited by the capabilities of the physical network into the building ● Please ask us if you're interested in exploring this option; we'll consult on each case individually!

Research Network Performance Feedback ● How well does the current data network infrastructure work for your research efforts? ● Does it meet your research needs? ● How would you like to see it improved? ● We're interested in your input as we determine where and how to make improvements in the network infrastructure for research use

Survey ● Please complete our survey! Your input will be invaluable in helping us allocate resources for research infrastructure improvements!