Presentation is loading. Please wait.

Presentation is loading. Please wait.

SANE: A Protection Architecture for Enterprise Networks Offense by: Amit Mondal Bert Gonzalez.

Similar presentations


Presentation on theme: "SANE: A Protection Architecture for Enterprise Networks Offense by: Amit Mondal Bert Gonzalez."— Presentation transcript:

1 SANE: A Protection Architecture for Enterprise Networks Offense by: Amit Mondal Bert Gonzalez

2 SANE or INSANE?

3 Single-point-of-failure SANE design essentially reduces the whole network to a single DC. If this DC fails or is compromised, the entire network is at stake. Even with multiple DCs, the network is at a greater risk because there always a single point-of-failure Compare with “Tesseract: A 4D Network Control Plane”

4 Performance Huge performance overhead! Decryption is involved at every intermediate switches Compare with IPSec Computation burden on the network switches? Bottleneck! Decryption per packet

5 Scalability Is SANE architecture scalable?  Every sender needs to get capabilities (encrypted source routes) from the DC to communicate with any other hosts  DC becomes a bottleneck! Route computation, capability computation etc.

6 Network Visibility Network switches are reduced to dumb entities  Network Monitoring  Troubleshooting Traceroute  Failure detection Dynamic failover Convergence time? Network partitioning

7 Packet Forwarding in Dark Strict switch-level source routing  Dynamic load balancing  Traffic Engineering Virus, worm propagation Prevents deployment of advanced transport protocols e.g. XCP

8 Resiliency against attack Resource exhaustion  “ … simply generates a new key; this invalidates all existing capabilities …” What about the ongoing behaved flows? They are just victim of DoS attack Attack against routing infrastructure  Misbehaving switch Advertise fake paths to DC! Compromised DC?

9 Implementation and Evaluation “– interconnecting seven physical hosts on 100 Mb Ethernet … ” “ … only a few domain controller are necessary to handle DC requests from ten of thousands of end host.”  No justification, no evaluation!

10 Multiple DC? Consistency among multiple DC? If someone can configure and manage multiple DCs then what’s the big difference from configuring and managing firewalls, NATs and ACLs?

11 Performance bottleneck Encryption/Decryption overhead “ – 99% of CPU time was spent on decryption alone – leading to poor throughput performance”

12 Hardware Implementation Cisco Catalyst 6513 Switch (Latest Model)  “Can perform MAC level encryption at 10 Gb/s” Misleading: Model support 10 Gbps Ethernet, does not mean it encrypts at that speed.  Cisco states with the use of a Service Module, 2 Gbps of encryption can be provided.

13 Security Tests Revocation  Not Tested DoS Attacks  Not Tested Flooding Attacks  Not Tested Malicious DCs  Not Tested  Only one DC! Evaluations show that SANE can fit into a network but does not show that it makes a network more secure! Secure Architecture for the Networked Enterprise SANE: A Protection Architecture for Enterprise Networks


Download ppt "SANE: A Protection Architecture for Enterprise Networks Offense by: Amit Mondal Bert Gonzalez."

Similar presentations


Ads by Google