Presentation is loading. Please wait.

Presentation is loading. Please wait.

Content Aware Networks

Published byWyatt Baker Modified over 11 years ago

Similar presentations

Presentation on theme: "Content Aware Networks"— Presentation transcript:

1 Content Aware Networks
Sailesh Kumar Cisco Research

2 Two Important Applications
Security IDS, IPS, AV, SPAM, App-firewall etc Content Based Forwarding Application Identification Protocol Analysis Field extraction (subscriber, URL, address, etc)

3 Two Important Applications
Security IDS, IPS, AV, SPAM, etc Content Based Forwarding Application Identification Protocol Analysis Field extraction (subscriber, URL, address, etc) Multi-billion $ Market Can become much bigger market

4 Trends Security - regex is popular Content Based Forwarding
Old, outdated approach New techniques such as machine learning (IronPort), anomaly detection, data mining etc are gaining popularity Content Based Forwarding Application Identification (p2p, skype, video over http) Content based admission control (firewall) Protocol analyzer (requires more than pattern matching) Subscriber, content based statistics, billing

5 Industry Trends Vanilla regex acceleration
Vihana (Cisco supported) Netlogic (ASIC) LSI (Tarari acquisition) Sensory (Software regex) Most of these target security market Niche markets – Xambala, GV, Nevis, Exegy, Allot, Tigerme What about content based forwarding? Few startups (P-Cube, Cisco acquired), Cisco products (NBAR, PISA), Juniper has some < few 100 million $

6 Why Content based Forwarding is not Gaining Traction?
Based on discussion with real customers (BT 21CN, Savis, Telecom Italia) 1. Customer friendliness Regular languages are not easy to use by end customers 2. Performance 3. Cost

7 Customer Friendliness
Regex is cumbersome Customers want ability to recognize applications regex is not sufficient Customers want to use important attributes of applications URL, port, MIME mail contents, etc Want a simple interface to specify content classification rules Block facebook.com from all users except marketing Block SMTP if MIME subject contains xyz keyword

8 Challenges We are developing a 100 Gig system for content based forwarding A number of important issues Create efficient rules for application recognition, data analysis We strongly believe that vanilla regex is not the right approach Rules should be composed of grammar, and efficient logic around it Easy to use by customers Extraction of critical attributes of communication TCP normalization Character encoding issues Buffering issues System architecture Co-software, hardware design, interface, etc Unfortunately academia has focused too much on regex

9 For Discussion Can we develop better mechanisms to inspect packet content? Customer friendliness is critical What should be do in face of encryption? What about net-neutrality? Cisco is interested to support content based networking research; academia can show us the right way? University participation through

Download ppt "Content Aware Networks"

Similar presentations

www.dynamicsoft.com Fall VoN 2000 SIP for IP Communications Jonathan Rosenberg Chief Scientist.

Fall VoN 2000 SIP for IP Communications Jonathan Rosenberg Chief Scientist.
Intrusion Detection/Prevention Systems Charles Poff Bearing Point.

Intrusion Detection/Prevention Systems Charles Poff Bearing Point.
New Solutions to New Threats. The Threats, They Are A Changing Page 2 | © 2008 Palo Alto Networks. Proprietary and Confidential.

New Solutions to New Threats. The Threats, They Are A Changing Page 2 | © 2008 Palo Alto Networks. Proprietary and Confidential.
1 Requirements Catalog Scott A. Moseley Farbum Scotus.

1 Requirements Catalog Scott A. Moseley Farbum Scotus.
5-Network Defenses Dr. John P. Abraham Professor UTPA.

5-Network Defenses Dr. John P. Abraham Professor UTPA.
DICOM INTERNATIONAL DICOM INTERNATIONAL CONFERENCE & SEMINAR April 8-10, 2008 Chengdu, China DICOM Security Eric Pan Agfa HealthCare.

DICOM INTERNATIONAL DICOM INTERNATIONAL CONFERENCE & SEMINAR April 8-10, 2008 Chengdu, China DICOM Security Eric Pan Agfa HealthCare.
 Firewalls and Application Level Gateways (ALGs)  Usually configured to protect from at least two types of attack ▪ Control sites which local users.

 Firewalls and Application Level Gateways (ALGs)  Usually configured to protect from at least two types of attack ▪ Control sites which local users.
Snort - an network intrusion prevention and detection system Student: Yue Jiang Professor: Dr. Bojan Cukic CS665 class presentation.

Snort - an network intrusion prevention and detection system Student: Yue Jiang Professor: Dr. Bojan Cukic CS665 class presentation.
11/2/2000Weihong Wang/Content Switch Page 1 Content Switch. Introduction of content web switch.. Some content switch products in the market.. Design of.

11/2/2000Weihong Wang/Content Switch Page 1 Content Switch. Introduction of content web switch.. Some content switch products in the market.. Design of.
Content Switch. Introduction of content web switch.. Some content switch products in the market.. Design of a content switch.

Content Switch. Introduction of content web switch.. Some content switch products in the market.. Design of a content switch.
NetFlow Analyzer Drilldown to the root-QoS Product Overview.

NetFlow Analyzer Drilldown to the root-QoS Product Overview.
11/2/2000Weihong Wang/Content Switch Page 1 Content Web Switch Weihong Wang.

11/2/2000Weihong Wang/Content Switch Page 1 Content Web Switch Weihong Wang.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
Internet Technologies Networking / Internet Protocols (TCP/IP) Server/Client Software Communication via Ports Web Page Technology Recipe of Web Page Development.

Internet Technologies Networking / Internet Protocols (TCP/IP) Server/Client Software Communication via Ports Web Page Technology Recipe of Web Page Development.
Department Of Computer Engineering

Department Of Computer Engineering
23 October 2002Emmanuel Ormancey1 Spam Filtering at CERN Emmanuel Ormancey - 23 October 2002.

23 October 2002Emmanuel Ormancey1 Spam Filtering at CERN Emmanuel Ormancey - 23 October 2002.
BITS Pilani Pilani Campus Losses incurred by the TSPs due to shifting from Voice to VoIP AAYUSH GUPTA 2013B3A3652P PRADEEP BANERJEE 2013A3PS274G.

BITS Pilani Pilani Campus Losses incurred by the TSPs due to shifting from Voice to VoIP AAYUSH GUPTA 2013B3A3652P PRADEEP BANERJEE 2013A3PS274G.
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.

FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.
1 Advanced Application and Web Filtering. 2 Common security attacks Finding a way into the network Exploiting software bugs, buffer overflows Denial of.

1 Advanced Application and Web Filtering. 2 Common security attacks Finding a way into the network Exploiting software bugs, buffer overflows Denial of.
Workpackage 3 New security algorithm design ICS-FORTH Heraklion, 3 rd June 2009.

Workpackage 3 New security algorithm design ICS-FORTH Heraklion, 3 rd June 2009.

Similar presentations

Ads by Google