Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security in High Performance Networks A Practical View Tony Cataldo 5/19/04.

Published byDarlene Hopkins Modified over 9 years ago

Similar presentations

Presentation on theme: "Security in High Performance Networks A Practical View Tony Cataldo 5/19/04."— Presentation transcript:

1 Security in High Performance Networks A Practical View Tony Cataldo 5/19/04

2 Page 2 Security is about Knowledge  Know your Business  What failures are acceptable – Scope and Concurrency  Know your Applications:  What they do  How they do it  Who wrote them – what are they based on  How were they tested  What were they tested for? –Load, Performance, Locality?  Know the Network  More than the metrics like routers, switches & locations  Architecture and Design – How do things route?  Where are un-routable packets coming from & going to?  Ingress/Egress to the Public Internet and Supplier Networks  Is there a difference?  Should there be a difference?

3 Page 3 Know what Business your Company is in… Cars and Trucks  Design and Engineer  Research  Advanced Engineering  CAD/CAM and CAE  Manufacturing  Industrial Engineering  Materials Scheduling and Logistics  Shipping  Marketing and Sales  Dealers Independently Owned  Ad Campaigns and/or Web presence for all Brands Financing Service All on a Global Basis

4 Page 4 What Makes a High Performance Network – Low?  Bad Protocols – What should/should not run on the Network  Bad Applications – Security is not an afterthought  Testing at the wrong time  Latency  Complexity  Knowing the difference between High-Availability, Disaster- Recovery, Business-Continuity, Robustness and Reliability  Bad Security – “Depth of Security” is important, but so is type:  Router Access Control Lists’  Firewall Diversity and Placement  Analyze the logs – Get a baseline, look for perturbations

5 Page 5 Some Scenarios – Some Tradeoffs  Public Internet Connectivity: u Ford is a Global Company that requires low latency connectivity in its major markets therefore we have Public Internet connections in Europe, US and Singapore. Tradeoff: Simplicity vs. Latency u The connectivity in the US is provided by four different ISP’s split between two US Data Centers. Tradeoff: Disaster Recovery and Robustness vs. Easy Routing to the Public Internet  Monolithic vs. Horizontal or Vertical Scaling u Should the entrance to all Public Facing web sites have Firewall, Load- Balancing and Routing in one pair of devices for performance reasons? u Should Firewalls (weakest performance link) do deep-packet inspection or just a “speed-bump” along the way? u Know your Firewalls’ limits: Concurrent Connections, Connections/Sec. and I/O limits. Thru-put under operating conditions.  Applications Oriented Security u Most Common is Email Relays in/out with virus checking u Reverse Proxy for selected web apps. But it becomes a slippery slope when caching, load-balancing and TCP flow optimization is considered. u SSL/VPN for selected apps but how to scale, up or across?

6 Page 6 Thank You

Download ppt "Security in High Performance Networks A Practical View Tony Cataldo 5/19/04."

Similar presentations

Hosted Revolution Ltd Hosted Exchange October 2009 V2.01.

Hosted Revolution Ltd Hosted Exchange October 2009 V2.01.
Blue Coat and the Blue Coat logo are trademarks of Blue Coat Systems, Inc., and may be registered in certain jurisdictions. All other product or service.

Blue Coat and the Blue Coat logo are trademarks of Blue Coat Systems, Inc., and may be registered in certain jurisdictions. All other product or service.
1 Scalability is King. 2 Internet: Scalability Rules Scalability is : a critical factor in every decision Ease of deployment and interconnection The intelligence.

1 Scalability is King. 2 Internet: Scalability Rules Scalability is : a critical factor in every decision Ease of deployment and interconnection The intelligence.
Introduction to ISA 2004 Dana Epp Microsoft Security MVP.

Introduction to ISA 2004 Dana Epp Microsoft Security MVP.
Web Caching Schemes1 A Survey of Web Caching Schemes for the Internet Jia Wang.

Web Caching Schemes1 A Survey of Web Caching Schemes for the Internet Jia Wang.
Discovering Computers Fundamentals, 2011 Edition Living in a Digital World.

Discovering Computers Fundamentals, 2011 Edition Living in a Digital World.
Network Security Overview Tales from the trenches.

Network Security Overview Tales from the trenches.
Overview Distributed vs. decentralized Why distributed databases

Overview Distributed vs. decentralized Why distributed databases
Firewalls Presented By Hareesh Pattipati. Outline Introduction Firewall Environments Type of Firewalls Future of Firewalls Conclusion.

Firewalls Presented By Hareesh Pattipati. Outline Introduction Firewall Environments Type of Firewalls Future of Firewalls Conclusion.
A Scalable, Commodity Data Center Network Architecture.

A Scalable, Commodity Data Center Network Architecture.
Load Sharing and Balancing - Saravanan Mathialagan Masters in Computer Science Georgia State University.

Load Sharing and Balancing - Saravanan Mathialagan Masters in Computer Science Georgia State University.
Network Diagram with International Standard

Network Diagram with International Standard
1 Review of Important Networking Concepts Introductory material. This slide uses the example from the previous module to review important networking concepts:

1 Review of Important Networking Concepts Introductory material. This slide uses the example from the previous module to review important networking concepts:
CS332 Ch. 28 Spring 2014 Victor Norman. Access delay vs. Queuing Delay Q: What is the difference between access delay and queuing delay? A: I think the.

CS332 Ch. 28 Spring 2014 Victor Norman. Access delay vs. Queuing Delay Q: What is the difference between access delay and queuing delay? A: I think the.
Internet Traffic Management Prafull Suryawanshi Roll No - 04IT6008.

Internet Traffic Management Prafull Suryawanshi Roll No - 04IT6008.
MPLS networking at PSP Co Multi-Protocol Label Switching Presented by: Hamid Sheikhghanbari 1.

MPLS networking at PSP Co Multi-Protocol Label Switching Presented by: Hamid Sheikhghanbari 1.
© 2007 AT&T Knowledge Ventures. All rights reserved. AT&T and the AT&T logo are trademarks of AT&T Knowledge Ventures. Subsidiaries and affiliates of AT&T.

© 2007 AT&T Knowledge Ventures. All rights reserved. AT&T and the AT&T logo are trademarks of AT&T Knowledge Ventures. Subsidiaries and affiliates of AT&T.
Hosted on the Powerful Microsoft Azure Platform, Advent Countdown Lets Companies Run Reliable and Scalable Holiday Marketing Campaigns MICROSOFT AZURE.

Hosted on the Powerful Microsoft Azure Platform, Advent Countdown Lets Companies Run Reliable and Scalable Holiday Marketing Campaigns MICROSOFT AZURE.
F5’s BIG-IP Blade Controller - The Essential Software for Blade Server Systems May 2002 John Bigelow Vice President & General Manager, Software Business.

F5’s BIG-IP Blade Controller - The Essential Software for Blade Server Systems May 2002 John Bigelow Vice President & General Manager, Software Business.
Internet Traffic Management. Basic Concept of Traffic Need of Traffic Management Measuring Traffic Traffic Control and Management Quality and Pricing.

Internet Traffic Management. Basic Concept of Traffic Need of Traffic Management Measuring Traffic Traffic Control and Management Quality and Pricing.

Similar presentations

Ads by Google