I2NSF Data Center Use Cases draft-zarny-i2nsf-data-center-use-cases-00 M. Zarny: Goldman Sachs S. Magee: F5 networks N. Leymann: Deutsche Telecom L. Dunbar:

Slides:

Advertisements

Similar presentations

Windows Azure IaaS – Deep Dive

Advertisements

Welcome to the GIG Event 1. MICROSOFT ACTIVE DIRECTORY SERVICES Presenter: Avinesh MCP, MCTS 2.

The System Center Family Microsoft. Mobile Device Manager 2008.

IP ADDRESS MANAGEMENT [IPAM]

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 6 Managing and Administering DNS in Windows Server 2008.

Virtualization of Fixed Network Functions on the Oracle Fabric Krishna Srinivasan Director, Product Management Oracle Networking Savi Venkatachalapathy.

Network Management Overview IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.

Chapter 7 HARDENING SERVERS.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.

Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.

Data Security in Local Networks using Distributed Firewalls

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 11 Managing and Monitoring a Windows Server 2008 Network.

A Survey on Interfaces to Network Security

Understanding Active Directory

Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®

Event Viewer Was of getting to event viewer Go to –Start –Control Panel, –Administrative Tools –Event Viewer Go to –Start.

Course 6421A Module 7: Installing, Configuring, and Troubleshooting the Network Policy Server Role Service Presentation: 60 minutes Lab: 60 minutes Module.

Network discovery Multi- server mgmt (MSM) Visibility & audit.. Automatic discovery of DC, DHCP and DNS servers, and dynamic IP addresses.

Data Center Network Redesign using SDN

Real Security for Server Virtualization Rajiv Motwani 2 nd October 2010.

Analysis of Existing Work for I2NSF draft-zhang-gap-analysis-00 H.Rafiee Dacheng Zhang Huawei IETF 91 I2NSF BoF.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.

Using Group Policy to Manage User Environments. Overview Introduction to Managing User Environments Introduction to Administrative Templates Assigning.

Training on ManageEngine Desktop Central

Timothy Heeney| Microsoft Corporation. Discuss the purpose of Identity Federation Explain how to implement Identity Federation Explain how Identity Federation.

Use Case for Distributed Data Center in SUPA

Service Function Chaining Use Cases draft-liu-service-chaining-use-cases IETF 89 London, March 3, 2014 Will Liu, Hongyu Li, Oliver Huang, Huawei Technologies.

Cloud Computing. What is Cloud Computing? Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable.

M.A.Doman Short video intro Model for enabling the delivery of computing as a SERVICE.

20411B 8: Installing, Configuring, and Troubleshooting the Network Policy Server Role Presentation: 60 minutes Lab: 60 minutes After completing this module,

October 8, 2015 University of Tulsa - Center for Information Security Microsoft Windows 2000 DNS October 8, 2015.

Module 4: Planning, Optimizing, and Troubleshooting DHCP

© 2006 Cisco Systems, Inc. All rights reserved. Optimizing Converged Cisco Networks (ONT) Module 6: Implement Wireless Scalability.

Module 2: Installing and Maintaining ISA Server. Overview Installing ISA Server 2004 Choosing ISA Server Clients Installing and Configuring Firewall Clients.

11 MANAGING AND MONITORING DHCP Chapter 2. Chapter 2: MANAGING AND MONITORING DHCP2 MANAGING DHCP: COMMON DHCP ADMINISTRATIVE TASKS  Configure or modify.

Interface to Network Security Functions Nov 2014 Linda Dunbar Myo Zarny

Windows Azure Migrating Applications and Workloads Speaker Title Organization.

RIVERBED INTRODUCES NEW PLATFORM FOR ADC-AS-A-SERVICE New Stingray Services Controller Delivers Hyper-Elastic ADC Platform EXTREME ELASTICITY INSTANTLY.

Hands-On Microsoft Windows Server 2008 Chapter 4-Part 1 Introduction to Active Directory and Account Manager.

Microsoft Windows 2008 Features and Functionality Guy Wilkin.

Development of a Clean Room/Highly Restricted Zone June 12, 2012 Thomas Garrubba - CVS Caremark; Manager, Technical Assessments Group ©2011 The Shared.

Configuring Network Connectivity Lesson 7. Skills Matrix Technology SkillObjective DomainObjective # Using the Network and Sharing Center Use the Network.

Introduction to Active Directory

Jeff Wettlaufer Sr. Technical Product Manager System Center SESSION CODE: MGT308 B T jeffwettlaufer E

Service Pack 2 System Center Configuration Manager 2007.

Microsoft ® Official Course Module 6 Managing Software Distribution and Deployment by Using Packages and Programs.

Introduction to Avaya’s SDN Architecture February 2015.

Boris Ulík Technology Solutions Professional Microsoft Slovakia Microsoft ® System Center 2012: System Center Endpoint Protection 2012.

Microsoft NDA Material Adwait Joshi Sr. Technical Product Manager Microsoft Corporation.

WINDOWS AZURE AND THE HYBRID CLOUD. Hybrid Concepts and Cloud Services.

1 Internal Use Only Network on Demand OVM Demo Script March 2016.

IT Professionals David Tesar | Microsoft Technical Evangelist David Aiken | Microsoft Group Technical Product Manager 12 | Hybrid Cloud with System Center.

Software Defined Networking BY RAVI NAMBOORI. Overview  Origins of SDN.  What is SDN ?  Original Definition of SDN.  What = Why We need SDN ?  Conclusion.

Barracuda NG Firewall ™

Use Case for Distributed Data Center in SUPA

Module Overview Installing and Configuring a Network Policy Server

Configuring and Troubleshooting DHCP

Lead SQL BankofAmerica Blog: SQLHarry.com

HUAWEI eSight Secure Center Feature Introduction

CIS 332 Course Experience Tradition / snaptutorial.com

Use Cases and Requirements for I2NSF_

Full Exam Name: Microsoft Dynamics CRM 2016 Online Deployment

* Essential Network Security Book Slides.

Chapter 9 MANAGING SOFTWARE.

IS4680 Security Auditing for Compliance

AWS Boulder - Denver Meetup – January 2017

Cisco Prime LMS: Getting Started

AD FS Installation Active Directory Federation Services (AD FS) 7.1

Keeping Data Secure In Azure

Presentation transcript:

I2NSF Data Center Use Cases draft-zarny-i2nsf-data-center-use-cases-00 M. Zarny: Goldman Sachs S. Magee: F5 networks N. Leymann: Deutsche Telecom L. Dunbar: Huawei

On-demand, elastic FWs Different types of customers/clients, e.g. residential with (very) limited/no control business with full control on fw Internal/infrastructure driven, e.g. automatic updates driven by information from probes

Client Specific Security Policies App 1=IP11 App 2=IP12 App 3=IP13 App 4=IP14 … App 3 App 2 App 1 App 4 App 1=IP1 App 2=IP2 App 3=IP3 App 4=IP4 … App 3 App 2 App 1 App 4 Config 2: Config 1 ： Policies for Firewall IP1===>IP3 IP1===>IP4 IP2=X=>IP3 IP2===>IP4 IP3 ===>IP1 IP3 ===>IP2 IP4=X=>IP1 IP4 ===>IP2 Change of the policies ： IP11===>IP12 IP11===>IP14 IP13===>IP12 IP13===>IP14 … IP12=X=>IP11 IP12=X=>IP13 IP14=X=>I1P1 IP14 =X=>IP13 … Zones ： Yellow zone Green zone … Security Policy ： Yellow===>Yellow, Green Green ===> Green Prohibited Green=X=>Yellow

Role of I2NSF Intent Driven Network Security policies for clients Third party Apps DC Clients I2NSF Intent based Policies Controller (Translation) Physical Resource Vendor Specific Setting

Key Requirement (1 of 2) Dynamic creation, enablement, disablement, and removal of network security applications; Policy-driven placement of new service instances in the right administrative domain; Attachment of appropriate security and traffic policies to the service instances Management of deployed instances in terms of fault monitoring, utilization monitoring, event logging, inventory, etc. Support of distributed architectures/deployments

Key Requirement (2 of 2) Translation of security policies into functional tasks. – Security policies may be carried out by one or more security service functions. For example, a security policy may be translated into an IDS/IPS policy and a firewall policy for a given application type. Translation of functional tasks into vendor-specific configuration sets. – For example, a firewall policy needs to be converted to vendor-specific configurations. Retrieval of information such as configuration, utilization, status, etc. – Such information may be used for monitoring, auditing, troubleshooting purposes. The above functions should be available in single- or multi-tenant environments as well as on premise or off- premise clouds.