Frank Chao San Antonio 11/22/2004.1AE Management Info.

Slides:



Advertisements
Similar presentations
Discussion of KaY Key Exchange and Management Interface to SecY
Advertisements

An Alternative Approach for Enhancing Security of WMANs using Physical Layer Encryption By Arpan Pal Wireless Group Center of Excellence for Embedded Systems.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 8: Monitoring the Network Connecting Networks.
SNMP v3.
1 Jim Binkley SNMPv2 Overview Network Mgmt/Sec.. 2 Jim Binkley Outline u intro u SMI u protocol (changes) u MIB (changes) u conclusion.
Internet Security CSCE 813 IPsec
A. Steffen, , 03-DataLinkLayer.pptx 1 Information Security 2 (InfSi2) Prof. Dr. Andreas Steffen Institute for Internet Technologies and Applications.
Implementing a Highly Available Network
IP Security IPSec 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 24 Network Management: SNMP.
5/31/05CS118/Spring051 twisted pair hub 10BaseT, 100BaseT, hub r T= Twisted pair (copper wire) r Nodes connected to a hub, 100m max distance r Hub: physical.
TCP/IP Protocol Suite 1 Chapter 21 Upon completion you will be able to: Network Management: SNMP Understand the SNMP manager and the SNMP agent Understand.
1 Interconnection ECS 152A. 2 Interconnecting with hubs r Backbone hub interconnects LAN segments r Extends max distance between nodes r But individual.
Internet Security CSCE 813 IPsec. CSCE Farkas2 Reading Today: – Oppliger: IPSec: Chapter 14 – Stalllings: Network Security Essentials, 3 rd edition,
IP Security. IPSEC Objectives n Band-aid for IPv4 u Spoofing a problem u Not designed with security or authentication in mind n IP layer mechanism for.
COMP4690, by Dr Xiaowen Chu, HKBU
1 Network Management and SNMP  What is Network Management?  ISO Network Management Model (FCAPS)  Network Management Architecture  SNMPv1 and SNMPv2.
SNMP Simple Network Management Protocol
Remote Network Monitoring (RMON)
Chapter 17 TACACS+.
Ch. 31 Q and A CS332 Spring Network management more than just Ethernet Q: Comer mentions that network managers need to be able to account for different.
Chapter 6 Overview Simple Network Management Protocol
McGraw-Hill The McGraw-Hill Companies, Inc., 2000 SNMP Simple Network Management Protocol.
Experiences in Analyzing Network Traffic Shou-Chuan Lai National Tsing Hua University Computer and Communication Center Nov. 20, 2003.
SNMP (Simple Network Management Protocol)
1 Version 3.1 Module 4 Learning About Other Devices.
Cisco S4C6 Frame Relay.
Wireless security & privacy Authors: M. Borsc and H. Shinde Source: IEEE International Conference on Personal Wireless Communications 2005 (ICPWC 2005),
Workflow Manager and General Tuning Tips. Topics to discuss… Working with Workflows Working with Tasks General Tuning Tips.
Communication and Functional Models
SNMP Simple Network Management Protocol. SNMP and UDP Uses UDP as transport protocol Connectionless Connectionless Port 161 for sending and receiving.
Lec 3: Infrastructure of Network Management Part2 Organized by: Nada Alhirabi NET 311.
Dr. Clincy1 Chapter 6 Delivery & Forwarding of IP Packets Lecture #4 Items you should understand by now – before routing Physical Addressing – with in.
© 2006 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice HP Library Encryption - LTO4 Key.
IETF - LTANS, March 2004P. Sylvester, Edelweb & A. Jerman Blazic, SETCCE Introduction The following slides were prepared as a result of analysis and discussion.
1 SSL - Secure Sockets Layer The Internet Engineering Task Force (IETF) standard called Transport Layer Security (TLS) is based on SSL.
Real-time Flow Management 2 BOF: Remote Packet Capture Extensions Jürgen Quittek NEC Europe Ltd, Heidelberg, Germany Georg Carle GMD.
IPsec Introduction 18.2 Security associations 18.3 Internet Security Association and Key Management Protocol (ISAKMP) 18.4 Internet Key Exchange.
IPSec ● IP Security ● Layer 3 security architecture ● Enables VPN ● Delivers authentication, integrity and secrecy ● Implemented in Linux, Cisco, Windows.
無線網路安全 WEP. Requirements of Network Security Information Security Confidentiality Integrity Availability Non-repudiation Attack defense Passive Attack.
SNMP.
Bulk Data Retrieval Implemented as MIB extensions Bryan Levin draft-ietf-eos-snmp-bulkdata-01.txt MPLS, 18-mar-2002 David Battle.
EAP-FAST Version 2 draft-zhou-emu-eap-fastv2-00.txt Hao Zhou Nancy Cam-Winget Joseph Salowey Stephen Hanna March 2011.
Stein-67 Slide 1 PWsec draft-stein-pwe3-pwsec-00.txt PWE3 – 67 th IETF 7 November 2006 Yaakov (J) Stein.
NetCP - NWAL API Flow. NetCP (HW,SW) Overview NWAL Feature Overview Data path offload Control configuration –Blocking / Non Blocking support –L2: MAC.
Doc.: IEEE /296r1 SubmissionMitch Buchman May 2001 Slide 1 TGi Draft 1Clause Comments IEEE P802.11E Security/D1.0 Letter Ballot# 25.
Encapsulated Security Payload Header ● RFC 2406 ● Services – Confidentiality ● Plus – Connectionless integrity – Data origin authentication – Replay protection.
Authentication Header ● RFC 2402 ● Services – Connectionless integrity – Data origin authentication – Replay protection – As much header authentication.
ABAP/4 Defining Data Defining Data: –Data statement –Parameters statement –Tables statement –Constants statement –Data statement to define field strings.
EFM Common MIB Issues. Common MIB or OAM MIB? “Common” MIB currently covers OAM Does not have anything common between EFM subjects –OAM, EoCu, and EPON.
Lecture 2 Recap.
Space Data Link Secure Protocol Interoperability Testing Interfaces Definition Proposal Bruno Saba DCT/TV/IN 26/04/2010.
IPSec is a suite of protocols defined by the Internet Engineering Task Force (IETF) to provide security services at the network layer. standard protocol.
1 IPSec: An Overview Dr. Rocky K. C. Chang 4 February, 2002.
1 SNMP Standard MIBs Mi-Jung Choi Dept. of Computer Science KNU
Ch. 31 Q and A IS 333 Spring 2016 Victor Norman. SNMP, MIBs, and ASN.1 SNMP defines the protocol used to send requests and get responses. MIBs are like.
CGA-MIBCSI, IETF-72 1 CGA-MIB draft-garcia-martinez-cgamib-00 Alberto Garcia-Martinez
Manajemen Jaringan, Sukiswo ST, MT 1 Remote Network Monitoring (RMON) Sukiswo
Simple Network Management Protocol
VPNs and IPSec Review VPN concepts Encryption IPSec Lab.
Chapter 6 Delivery & Forwarding of IP Packets
Flow Stats Module James Moscola September 12, 2007.
Hubs Hubs are essentially physical-layer repeaters:
Point to Point Data Link Control
IEEE Interim May 2004 Allyn Romanow
Hubs Hubs are essentially physical-layer repeaters:
Chapter 6 Delivery & Forwarding of IP Packets
VPNs and IPSec Review VPN concepts Encryption IPSec Lab.
Flow Stats Module James Moscola September 6, 2007.
Chapter 8: Monitoring the Network
Presentation transcript:

Frank Chao San Antonio 11/22/2004.1AE Management Info

Event APIs Configuration APIs SNMPCLIEAP.1af LMI (data structure) Common port Controlled port Uncontrolled port User controlled port.1AE.1AE Management Info

LMI (Layer Management Interface) –Data Structure –Accessed by.1AE,.1af, SNMP/MIB, EAP –Containing.1AE and.1af configuration, protocol states, and counter/diagnosis information. –.1AE uses LMI to control the MACsec packet processing directly or through APIs. –Change the data in LMI may cause actions in SecY or KaY

.1AE Management Info MACsec Mgmt Information –Multiple Control Flags to control MACsec status. (global objects) (To have the transition of deployment smoothly.) –Status of MACsec (macSecStatus) –rxSecYSCCapability : number peer receiving SCs per SecY can have. SecY Mgmt Information –Table indexed by InterfaceIndex (IF-MIB). –ValidateRxFrames : flag for validation process in receiving. (10.5.3) –ProtectTxFrames : flag for protection process in transmitting. –Current Cipher Suite. (10.5.4) (Row Pointer) –adminPointToPointMAC, operPointToPointMAC (6.5)

.1AE Management Info –RxReplayChk : flag for rx replay check. (10.6.2) –Tx SC : transmit SC informaiton. –Rx SCs : receive SCs informaiton. (will be in another table.) –lastUnknownSC : an SCI information to record last rx unknown SC (10.6.1) with time stamp.

.1AE Management Info Tx SC Mgmt Information –scState : state of this transmit SC ? (rolled from saState informaiton.) –SCI : the SCI for the SC used by SecY for transmit. (10.5) –txEncodingSA : current SA number. (Integer) (10.5.1) –txEncipheringSA : previous SA number. (Integer) (10.5.4) Tx SA : (table with 4 entries) –Table indexed by InterfaceIndex and AN. –saState : state of this transmit SA. –saCmd : command executing in the SA. –txSAK : key for transmitting. (7.1, ) (not in the MIB.) –txNextPN : next packet number (PN). (10.5.2)

.1AE Management Info Rx SCs Mgmt Information –Table indexed by InterfaceIndex and SCI. –scState : state of this receive SC ? (rolled from saState). –SCI : the SCI for the SC used by SecY for receive. (10.5) –rxCurrentSA : current using SA number in the SC. (Integer) (10.6.1) –lastUnknownSA : last un-resolved AN with timestamp. (10.6.1)

.1AE Management Info Rx SA Mgmt Information –Table indexed by InterfaceIndex and SCI and AN. –saState : state of this receive SA. –saCmd : command excecuting in the SA. –rxSAK : key for receiving. (7.1, ) (not in the MIB.) –rxLastPN : last received packet number (PN). (10.6.2) –rxLastValidatedPN : last received validated PN. (10.6.2)

.1AE Management Info Cipher Suites : –Name : name of this cipher suite, could be MIB table index. –Description : information about the Cipher Suite. –Confidentiality : flag indicate the cipher suite with confidentiality ability. –SecureDataLengthChange : a flag to indicate the length of ciphered text is different from the length of plain text. –ICV length : the length of generated ICV.

.1AE Management Info SA Rx Counters : –Table indexed by InterfaceIndex and SCI and AN –InCntReinitTime : A timestamp for the counters’ discontinuity in this SA. –OutCntStopTime : A timestamp for the counters’ discontinuity in this SA, stop time. –InXcastPktsNotReceived (the name will be modified to represent the real meaning.) –InXcastPktsInvalid –InXcastPktsReplayed –InXcastPktsMisordered

–InXcastPktsOrdered –InXcastPktsEncrypted –InXcastPktsDecrypted –InXcastOctetsEncrypted (MSDU) –InXcastOctetsDecrypted (MSDU).1AE Management Info

SC Rx counters : –Indexed by InterfaceIndex and SCI –InXcastPktsNotReceived –InXcastPktsInvalid –InXcastPktsReplayed –InXcastPktsMisordered –InXcastPktsOrdered –InXcastPktsEncrypted –InXcastPktsDecrypted –InXcastOctetsEncrypted (MSDU) –InXcastOctetsDecrypted (MSDU).1AE Management Info

SecY Rx Counters : –Table Indexed by InterfaceIndex –InXcastPktsNoTag –InXcastPktsBadTag –InXcastPktsUnknownSCI –InXcastPktsUntagged –InXcastPktsUnchecked –InXcastPktsNotReceived –InXcastPktsInvalid –InXcastPktsReplayed –InXcastPktsMisordered –InXcastPktsOrdered –InXcastPktsEncrypted –InXcastPktsDecrypted –InXcastOctetsEncrypted (MSDU) –InXcastOctetsDecrypted (MSDU).1AE Management Info

SA Tx counters : –Table indexed by InterfaceIndex and AN –OutCntReinitTime : A timestamp for the counters’ discontinuity in this SA, re-initialization time. –OutCntStopTime : A timestamp for the counters’ discontinuity in this SA, stop time. –OutPktsPnExhausted –OutPktsToolong –OutXcastPktsProtected –OutXcastPktsUntagged –OutXcastPktsEncrypted –OutXcastOctetsEncrypted (MSDU).1AE Management Info

SecY Tx Counters : –Table indexed by InterfaceIndex –OutPktsPnExhausted –OutPktsToolong –OutXcastPktsProtected –OutXcastPktsUntagged –OutXcastPktsEncrypted –OutXcastOctetsEncrypted (MSDU).1AE Management Info

RFC2863 : Interface MIB counters ifInOctets Counter32, ifInUcastPkts Counter32, ifInDiscards Counter32, ifInErrors Counter32, ifInUnknownProtos Counter32, ifOutOctets Counter32, ifOutUcastPkts Counter32, ifOutDiscards Counter32, ifOutErrors Counter32, ifInMulticastPkts Counter32, ifInBroadcastPkts Counter32, ifOutMulticastPkts Counter32, ifOutBroadcastPkts Counter32, ifHCInOctets Counter64, ifHCInUcastPkts Counter64, ifHCInMulticastPkts Counter64, ifHCInBroadcastPkts Counter64, ifHCOutOctets Counter64, ifHCOutUcastPkts Counter64, ifHCOutMulticastPkts Counter64, ifHCOutBroadcastPkts Counter64.1AE Management Info

MIB Design –Will follow the MIB-REVIEW-GUIDELINES, ops-mib-review-guidelines-03.txt, valid to Dec ops-mib-review-guidelines-03.txt –SNMPv3 access only ?.1AE Management Info

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.