SlideShare a Scribd company logo

Exhibitor sessions: Khipu and Aruba, HPE

Download as PPTX, PDF
Jisc
Jisc

Chair: Ewan Quibell, management systems and service leader, Jisc. 09:15-09:55 - Experiences with vulnerability management as part of a overall security architecture Speaker: Dirk Schrader, CISSP/CISM at Greenbone Networks, Khipu. Integrating vulnerability management into your security architecture, into your workflows. What are some of the best practices for this? What are the advantages, what are possible caveats? 09:55-10:35 - On the airwaves – trends in Wi-Fi and wireless Speaker: Peter Thornycroft, Aruba, HPE. This talk will give a brief overview of forthcoming developments in Wi-Fi networking, including the next Wi-Fi PHY: 802.11ax, some applications of machine learning and the implications for WLAN architectures.

Education
1 of 58
Exhibitor session 2b Chair: Ewan Quibell
Please switch your mobile phones to silent 19:30 No fire alarms scheduled. In the event of an alarm, please follow directions of NCC staff Dinner (now full) Entrance via Goldsmith Street 16:30 - 17:30 Birds of a feather sessions 15:20 - 16:00 Lightning talks
Khipu
Vulnerability Management in your Security Architecture Dirk Schrader
Content & About » Experiences with vulnerability management as part of an overall security architecture » Integrating vulnerability management into your security architecture, into your workflows. » What are some of the best practices for this?What are the advantages, what are possible caveats? » Dirk Schrader CISSP, CISM » Khipu and Greenbone provide the technology behind the JiscVulnerability assessment and information service www.jisc.ac.uk/vulnerability-assessment-and-information-service www.khipu-networks.com www.greenbone.net
Vulnerability Management is required » the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services » a process for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing ISO 27001 control A.12.6.1 asks for the timely identification of vulnerabilities, the assessment of organization’s exposure to a vulnerability. ISO 27002 lists actions like » Make an asset inventory » Deal with vulnerabilities through defined procedures
Vulnerability Management Process prepare identify classify prioritize assign mitigate & remediate store & repeat improve
Vulnerability Management Process prepare identify classify prioritize assign mitigate & remediate store & repeat improve
VM in a Security Architecture prepare identify classify prioritize assign mitigate & remediate store & repeat improve
‚prepare‘ <-> Policies prepare identify classify prioritize assign mitigate & remediate store & repeat improve » Install policies, standards that enforceVulnerability Management » Make sure that responsibilities & actions are defined › asset owner › service owner › system owner, › ownership ≠ responsibility….? » Define secure configurations, whitelist systems and applications » Map to security controls, relate controls to responsibilities » Start simple, enhance stepwise
‚identify, classify, prioritize‘ <-> Workflows &Tools prepare identify classify prioritize assign mitigate & remediate store & repeat improve » Import and/or discover assets » Scan assets, scan them authenticated » use CVSS, CVE, CPE » enhance with add. SecInfo » tag with Asset Criticality info » use Score, Quality of Detection, and available SolutionType » use Asset Information » Attack status confirms
‚identify, classify, prioritize‘ <-> Workflows &Tools prepare identify classify prioritize assign mitigate & remediate store & repeat improve NAC (simplified)
‚identify, classify, prioritize‘ <-> Workflows &Tools prepare identify classify prioritize assign mitigate & remediate store & repeat improve CMDB
‚identify, classify, prioritize‘ <-> Workflows &Tools prepare identify classify prioritize assign mitigate & remediate store & repeat improve Threat Intel / SIEM
‚assign, mitigate & remediate‘ <-> Workflows &Tools prepare identify classify prioritize assign mitigate & remediate store & repeat improve » use Reports, Alerts » based on Knowlegde, Experience, and Role » track and trace assignment » patch and/or upgrade » block and/or isolate » work around » override is also a temporary option
‚assign, mitigate & remediate‘ <-> Workflows &Tools prepare identify classify prioritize assign mitigate & remediate store & repeat improve Ticket System
‚assign, mitigate & remediate‘ <-> Workflows &Tools prepare identify classify prioritize assign mitigate & remediate store & repeat improve Update / Patch Management
‚store & repeat‘ <-> Workflows &Tools prepare identify classify prioritize assign mitigate & remediate store & repeat improve » predict and trend assets » handle changes in infrastructure » time-stamped data supports Forensics » average of 40 high severity flaws published per week › 2017: 1,007 high severity flaws so far in 15 weeks
‚store & repeat‘ <-> Workflows &Tools prepare identify classify prioritize assign mitigate & remediate store & repeat improve Forensics
‚store & repeat‘ <-> Workflows &Tools prepare identify classify prioritize assign mitigate & remediate store & repeat improve half-life of facts
‚improve‘ <-> Workflows &Tools prepare identify classify prioritize assign mitigate & remediate store & repeat improve » Eases implementation of Updates and Changes to Policies, Guidelines, Compliance » Meaningful KPIs for the IT Security documented
‚improve‘ <-> Workflows &Tools prepare identify classify prioritize assign mitigate & remediate store & repeat improve
12/04/2017 Thank you! Any questions?
jisc.ac.uk contact Dirk Schrader Greenbone Networks GmbH Dirk.Schrader@greenbone.net
Thank you
Aruba, HPE
ON THE AIRWAVES – TRENDS IN WI-FI AND WIRELESS Peter Thornycroft April 2017
28 Agenda • 802.11ax high efficiency WLANs • Machine Learning applied to WLANs • Evolving architecture for the enterprise WLAN
802.11AX HIGH EFFICIENCY WLANS
30 802.11ax: Issues Facing Wi-Fi Networks • Many short data frames, many users • Overlapping BSS’s in dense deployments block each other from transmitting • Improving performance in outdoor hotspots 1 2 4 3 4 2 1 2 1 3 4 1 3 4 1 2 1 1 3 >80% of frames under 256B
31 802.11ax: Goals • Enhance operation in 2.4 & 5 GHz bands (11ac was only 5 GHz) • Increase average throughput per station by at least 4x in dense deployments • Improvements both indoor and outdoor • Scenarios include wireless corporate office, outdoor hotspot, dense residential apartments and stadiums • Maintain or improve power efficiency of the stations
32 802.11ax: Timeline (guess products late 2018 / early 2019) 0 mo IEEE 802.11ax TG kick off May ‘14 D0.1 Jan ‘16 D1.0 Dec ‘16 D2.0 May ‘17 Predicted Final Approval Dec ‘18 Predicted WFA AX MTG kick off Apr ‘16 Cert Launch Dec ‘18 Predicted IEEE 802.11ac Sponsor Ballot Mar ‘18 Predicted TG kick off Nov ‘08 D1.0 Jun ‘11 12 mo 24 mo 36 mo D0.1 Jan ‘11 D2.0 Feb ‘12 48 mo D3.0 Jun ‘12 Sponsor Ballot May ‘13 60 mo Final Approval Oct ‘13 Publish Dec ‘13 0 mo 12 mo 24 mo WFA AC MTG kick off Jun ‘10 TTG kick off Aug ‘11 36 mo Plugfest #1 Aug ‘12 PF #5 Jan ‘13 Launch Jun ‘13 2016 2017 20182015 2016 2017 2018 SIG kick off Aug ‘09 2014 SIG kick off Feb ‘14 2019 2019
33 802.11ax: features Outdoor / Longer rangePower Saving High DensitySpectral Efficiency & Area Throughput 8x8 AP 1024 QAM 25% increase in data rate OFDMA Enhanced delay spread protection- long guard interval Scheduled sleep and wake times 20 MHz-only clients Spatial Reuse DL/UL MU-MIMO w/ 8 clients L-STF L-LTF L-SIG RL-SIG HE-SIG-A HE-STF HE-LTF HE-LTF Data... 8µs 8µs 4µs 4µs 16µs 4µs VariabledurationsperHE-LTFsymbol PE 0.8us 11ac 1.6us 11ax Extended range packet structure 3.2us 11ax B e a c o n T F Next TWT B e a c o n T F T F T F TWT element: Implicit TWT, Next TWT, TWT Wake Interval TWT Wake Interval DL/UL MU DL/UL MU DL/UL MU DL/UL MU 80 MHz Capable 20 MHz-only 2x increase in throughput ac ax Up to 20% increase in data rate Long OFDM Symbol
34 802.11ax: OFDMA
35 802.11ax: MU-MIMO, UL MU transmissions • New Trigger control frame • UL MU transmission may be OFDMA or MU- MIMO • Trigger frame can be used as a Beamforming Report Poll, MU-BAR, MU- RTS, Buffer Status Report Poll, Bandwidth Query Report Poll… Trigger frame UL MU PPDU AP STA1 Acknowledge frame UL MU PPDUSTA2 UL MU PPDUSTA3 UL MU PPDUSTA4 Frequency/ Spatialdomain
36 802.11ax: BSS colouring • To increase capacity in dense environment, we need to increase frequency reuse between BSS’s • BSS Colouring was a mechanism introduced in 802.11ah to assign a different “colour” per BSS, which will be extended to 11ax • New channel access behavior will be assigned based on the colour detected Increased Frequency Reuse (w/ 80 MHz channels) - All same-channel BSS blocking 1 2 4 3 4 2 1 2 1 3 4 1 3 4 1 2 1 1 3 Low Frequency Reuse (w/ 20 MHz channels) 18 19 17 6 7 5 1 2 10 3 11 12 15 4 14 13 16 8 9 Same-channel BSS only blocked on Colour Match 1 2 4 3 2 1 2 1 3 4 3 4 1 2 1 1 2 3 2 3 4 3 4 4 1 3 2 4 4 1 2 3 4 1 3 2 4 1 2 3
37 802.11ax: outdoor and longer-range features • One of the goals of 802.11ax is improved performance outdoors - Longer delay spreads than the 11a/n/ac guard interval of 0.8 usec. 802.11ax modifies the guard intervals options to 0.8, 1.6, and 3.2 usec - Possible multipath bounces off high speed vehicles. A Doppler bit indicates Doppler mode of transmission • To expand the coverage and robustness of an outdoor hotspot - New extended range packet format with more robust preamble - Dual Carrier Modulation (DCM) – replicate the same information on different subcarriers for diversity gain and narrow band interference protection, ~3.5 dB gain - Narrower transmission bandwidth for Data field – 106 tones (~8 MHz) can be used to reduce noise bandwidth L-STF L-LTF L-SIG RL-SIG HE-SIG-A HE-STF HE-LTF HE-LTF Data... 8µs 8µs 4µs 4µs 16µs 4µs Variable durations per HE-LTF symbol PE HE extended range SU PPDU format
38 802.11ax: new PHY data rates 11ax 11ac Data rate (Mbps) Mode gain Data rate (Mbps) Mode Min 0.375 1SS, MCS0, DCM, 26- tone 6.5 1SS, MCS0, 20 MHz Max, 20 MHz 143.4*NSS 1024‐QAM, r=5/6, 13.6 usec symbol 65% 86.7*NSS 256-QAM, r=3/4 (256-QAM, r=5/6 only valid for NSS=3,6), 3.6 usec symbol Max, 40 MHz 286.8*NSS 1024‐QAM, r=5/6, 13.6 usec symbol 43% 200*NSS 256-QAM, r=5/6, 3.6 usec symbol Max, 80 MHz 600.4*NSS 1024‐QAM, r=5/6, 13.6 usec symbol 39% 433.3*NSS 256-QAM, r=5/6, 3.6 usec symbol Max, 160 MHz 600.4*2*NSS 1024‐QAM, r=5/6, 13.6 usec symbol 39% 433.3*2*NSS 256-QAM, r=5/6, 3.6 usec symbol NSS = 1…8 for both 11ac and 11ax
39 802.11ax: Target Wake Time for power save • Target Wake Time (TWT) is a power saving mechanism in 802.11ah which allows the STA to sleep for periods of time, and wake up at pre- scheduled times to exchange information with its AP doc.: IEEE 802.11-12/0823r0 Submission Power Consumption Profiles July 2012 Matthew Fischer, et al. • Baseline PS-POLL Slide 14 Beacon Wake LMSM RM LM/RM TM RM UL BA LM/RM BADL TMRM SM SleepAccess delay Lookup + Access delay Beacon LMSM RM ?M TM RM UL BA BADL TMRM SM Slot delay Wake Sleep LMSM TM RM UL BA BADL TMRM SM Wake Sleep • Beacon-based access • TWT-based access SM: Sleep Mode LM: Listen Mode RM: Receive Mode TM: Transmit Mode
40 802.11ax: 20 MHz-only clients • Provide support for low power, low complexity devices (IOT): wearable devices, sensors and automation, medical equipment, etc.
ARTIFICIAL INTELLIGENCE AND MACHINE LEARNING IN ENTERPRISE NETWORKS
42 Artificial Intelligence and Machine Learning • Drawing inferences from large amounts of data − First obtain a large amount of training data (labelled for supervised learning) − Then train the ML model to get the ‘right’ result from the training data − Now let the model loose on new data • Can be applied to different problems − Network Management − Misbehaving devices or users − Device discovery & classification (e.g. IoT) • Can close the loop with suggested changes or automated actions
43 Architecture for Machine Learning On-premise data collector Network data sources • Span ports • Firewalls • WLAN • Network Management • Authentication • DHCP • … send to cloud Identify anomalies Cluster anomalies Root cause & fixes alerts actions
44 Network management: Benefits Better network operations Real-time insights with root cause analysis and remedy recommendation – “A large fraction of Lync calls fail in building A, because of non-WiFi interference” – “On July 7th, 38 users in building B suffered slow Wi-Fi speed due to suboptimal channel allocation” – “45 users failed to connect to Wi-Fi, because of Radius server overload” Better network planning Macro insights with long-term recommendations – “Compared to similar buildings, users in building A achieve 20% lower data rate” – “In building B, peak hour traffic grows by 2.3% month-to-month. This will become a network bottleneck in 14 months”
45 Network Management: Environment type detection User density Connection life time Cluster 1 • low user density • high connection life time • Example: Office space Cluster 2 • high user density • high connection life time • Example: Lecture hall Cluster 3 • high user density • low connection life time • Example: Cafeteria area Automatic granularity: subdivide buildings based on Wi-Fi characteristics − Example: library entrance area vs. library archive stacks
46 Network management: Data-driven anomaly detection • Detect anomalous values of network metrics, while accounting for the circumstances − AP experiences high air utilization (uplink + downlink + ambient), given time of day and band − Client station has uplink/downlink rate imbalance, given its device type and band − Client station is using low downlink rate, given its RSSI, band and device type − No manual thresholds are needed, separate models for each environment type mantain low false alarm rate
47 Network management: Clustering of issues d1 d2 Cluster 1 • device type: iPhones • ssid: UW • issues: roam-802.11-assoc Cluster 3 • device type: iPad • sta_mac: a888088f4b0c • ssid: CSE-Local • location: CSE basement • bssid: 04bd88337850 • ch: 40 • controller: 113 • issues: roam-802.11-assoc dn Cluster 2 • device type: iPhone & Android • ssid: UW • controller: 8901 • location: KNE.5
48 Security: Automated detection of insider-threats Compromised Users & Hosts Negligent Employees Malicious Insiders ATTACKS AND RISKY BEHAVIORS on the inside
49 Security: behavioural analytics approach Behavioral Analytics UNSUPERVISED + SEMI- SUPERVISED HISTORICAL + PEER GROUP MACHINE LEARNING BASELINES Internal Resource Access Finance servers Authentication AD logins Remote Access VPN logins External Activity C&C, personal email SaaS Activity Office 365, Box Cloud IaaS AWS, Azure Physical Access badge logs Exfiltration DLP, Email
50 Security: finding the malicious in the anomalous Behavioral Analytics SUPERVISED MACHINE LEARNING DLP Sandbox Firewalls STIX Rules Etc. THIRD PARTY ALERTS
51 IoT: Security Starts with Identifying Devices Seeing totals and mix of devices helps understand risk. CCTV cameras from XiongMai Technologies can be an issue. Visibility needed to make accurate planning decisions - bandwidth usage, firewall rules, etc. 1 2 3 Having Information useful during internal and external audits.
52 IoT: Comprehensive Profiler Methods • DHCP Fingerprinting (support for IP-Helper and use of SPAN/RSPAN mirroring) • SNMP/Network Discovery (MIB reads to identify static IP addressed devices) • WMI (useful for Windows) • SSH (useful for Linux) • CDP, LLDP (useful in Cisco networks) • HTTP User-Agent (useful for Apple) • MAC OUI (useful for Android) • ARP Reads, Subnet Scans • Active Sync Plugin • Nmap Port scans • TCP
EVOLUTION OF THE EDGE – ENTERPRISE NETWORK ARCHITECTURE
54 Network architecture • Only at the edge can the network sense • Device radio characteristics • Device authentication status • Unassociated devices • All intrusion attempts Radio information - Signal level - SNR radio 802.11 mgmt 802.11 management - Associated - Data rate - Frame error rate - MAC - Sleeping Auth - Status - Identity - Role - Blacklist L2 - ARP - VLAN - mDNS IP - DHCP - IP address Multicast - IGMP - MC Neighbors L4-7 - Sessions & protocols - Destinations, ports - Rates - QoS Mobility awareness - Origin & location - Roaming history - AP load - Neighbor APs L2 traffic & services L3 traffic & services 802.11 connected device
55 Network architecture Traffic forwarding Policy layer • Abstract the network model to a policy layer • Policy layer interfaces to external APIs • External APIs export sensing information, accept reconfiguration Apps services
56 Network architecture • The network hollows out • The edge is used for sensing and reporting • Policy definitions allow the network to dynamically reconfigure in response to traffic & external events • APIs allow the network to dynamically reconfigure in response to external requirements • Big Data is accumulated locally or in the cloud • Machine Learning is applied to many networking problems
THANK YOU
Thank you

Recommended

Exhibitor session: Efficient IP
Exhibitor session: Efficient IPExhibitor session: Efficient IP
Exhibitor session: Efficient IPJisc
 
Parallel session: IPv6
Parallel session: IPv6Parallel session: IPv6
Parallel session: IPv6Jisc
 
Strengthen DNS Through Infrastructure Design
Strengthen DNS Through Infrastructure DesignStrengthen DNS Through Infrastructure Design
Strengthen DNS Through Infrastructure DesignAPNIC
 
DNSSEC Measurement APTLD 71
DNSSEC Measurement APTLD 71DNSSEC Measurement APTLD 71
DNSSEC Measurement APTLD 71Siena Perry
 
Prevention first platform for cyber defence the alternative strategy khipu ...
Prevention first platform for cyber defence the alternative strategy khipu ...Prevention first platform for cyber defence the alternative strategy khipu ...
Prevention first platform for cyber defence the alternative strategy khipu ...Jisc
 
Tech 2 Tech IPv6 presentation
Tech 2 Tech IPv6 presentationTech 2 Tech IPv6 presentation
Tech 2 Tech IPv6 presentationJisc
 
IPv6 menti results - Tech 2 Tech
IPv6 menti results - Tech 2 Tech IPv6 menti results - Tech 2 Tech
IPv6 menti results - Tech 2 Tech Jisc
 
IPv6 experience from a large enterprise - Networkshop44
IPv6 experience from a large enterprise - Networkshop44IPv6 experience from a large enterprise - Networkshop44
IPv6 experience from a large enterprise - Networkshop44Jisc
 

Recommended

Exhibitor session: Efficient IP
Exhibitor session: Efficient IPExhibitor session: Efficient IP
Exhibitor session: Efficient IPJisc
 
Parallel session: IPv6
Parallel session: IPv6Parallel session: IPv6
Parallel session: IPv6Jisc
 
Strengthen DNS Through Infrastructure Design
Strengthen DNS Through Infrastructure DesignStrengthen DNS Through Infrastructure Design
Strengthen DNS Through Infrastructure DesignAPNIC
 
DNSSEC Measurement APTLD 71
DNSSEC Measurement APTLD 71DNSSEC Measurement APTLD 71
DNSSEC Measurement APTLD 71Siena Perry
 
Prevention first platform for cyber defence the alternative strategy khipu ...
Prevention first platform for cyber defence the alternative strategy khipu ...Prevention first platform for cyber defence the alternative strategy khipu ...
Prevention first platform for cyber defence the alternative strategy khipu ...Jisc
 
Tech 2 Tech IPv6 presentation
Tech 2 Tech IPv6 presentationTech 2 Tech IPv6 presentation
Tech 2 Tech IPv6 presentationJisc
 
IPv6 menti results - Tech 2 Tech
IPv6 menti results - Tech 2 Tech IPv6 menti results - Tech 2 Tech
IPv6 menti results - Tech 2 Tech Jisc
 
IPv6 experience from a large enterprise - Networkshop44
IPv6 experience from a large enterprise - Networkshop44IPv6 experience from a large enterprise - Networkshop44
IPv6 experience from a large enterprise - Networkshop44Jisc
 
Edupert best practices in supporting end users - Networkshop44
Edupert best practices in supporting end users - Networkshop44Edupert best practices in supporting end users - Networkshop44
Edupert best practices in supporting end users - Networkshop44Jisc
 
Performance Assurance for Cloud Applications
Performance Assurance for Cloud ApplicationsPerformance Assurance for Cloud Applications
Performance Assurance for Cloud ApplicationsDaniel Sproats
 
Internet Resource Management Tutorial at SANOG 24
Internet Resource Management Tutorial at SANOG 24Internet Resource Management Tutorial at SANOG 24
Internet Resource Management Tutorial at SANOG 24APNIC
 
Measuring IPv6 Performance, RIPE73
Measuring IPv6 Performance, RIPE73Measuring IPv6 Performance, RIPE73
Measuring IPv6 Performance, RIPE73APNIC
 
Multipathed, Multiplexed, Multilateral Transport Protocols - Decoupling trans...
Multipathed, Multiplexed, Multilateral Transport Protocols - Decoupling trans...Multipathed, Multiplexed, Multilateral Transport Protocols - Decoupling trans...
Multipathed, Multiplexed, Multilateral Transport Protocols - Decoupling trans...APNIC
 
DDoS Threat Landscape - Challenges faced by Network Operators
DDoS Threat Landscape - Challenges faced by Network OperatorsDDoS Threat Landscape - Challenges faced by Network Operators
DDoS Threat Landscape - Challenges faced by Network OperatorsAPNIC
 
WINS: Peering and IXPs
WINS: Peering and IXPsWINS: Peering and IXPs
WINS: Peering and IXPsAPNIC
 
ONF & iSDX Webinar
ONF & iSDX WebinarONF & iSDX Webinar
ONF & iSDX WebinarKatie Hyman
 
110G networking within JASMIN
110G networking within JASMIN110G networking within JASMIN
110G networking within JASMINJisc
 
EfficientIP presentation used during the SWITCHPOINT NV/SA Quarterly Experien...
EfficientIP presentation used during the SWITCHPOINT NV/SA Quarterly Experien...EfficientIP presentation used during the SWITCHPOINT NV/SA Quarterly Experien...
EfficientIP presentation used during the SWITCHPOINT NV/SA Quarterly Experien...SWITCHPOINT NV/SA
 
Identifier Systems Security, Stability and Resiliency by Champika Wijayatunga
Identifier Systems Security, Stability and Resiliency by Champika WijayatungaIdentifier Systems Security, Stability and Resiliency by Champika Wijayatunga
Identifier Systems Security, Stability and Resiliency by Champika WijayatungaMyNOG
 
How to Quantum-Secure Optical Networks
How to Quantum-Secure Optical Networks How to Quantum-Secure Optical Networks
How to Quantum-Secure Optical NetworksADVA
 
RIPE NCC Measurements Tools Workshop: RIPEstat and RIPE Atlas
RIPE NCC Measurements Tools Workshop: RIPEstat and RIPE AtlasRIPE NCC Measurements Tools Workshop: RIPEstat and RIPE Atlas
RIPE NCC Measurements Tools Workshop: RIPEstat and RIPE AtlasAPNIC
 
Customer distributed denial of service (DDoS) experiences - Networkshop44
Customer distributed denial of service (DDoS) experiences - Networkshop44Customer distributed denial of service (DDoS) experiences - Networkshop44
Customer distributed denial of service (DDoS) experiences - Networkshop44Jisc
 
Abitcool - A vast array of small-scale service providers with gigabit access,...
Abitcool - A vast array of small-scale service providers with gigabit access,...Abitcool - A vast array of small-scale service providers with gigabit access,...
Abitcool - A vast array of small-scale service providers with gigabit access,...APNIC
 
Apnic Update - SANOG 30
Apnic Update - SANOG 30Apnic Update - SANOG 30
Apnic Update - SANOG 30APNIC
 
APNIC Member Services
APNIC Member ServicesAPNIC Member Services
APNIC Member ServicesAPNIC
 
npNOG 2: APNIC activity report
npNOG 2: APNIC activity reportnpNOG 2: APNIC activity report
npNOG 2: APNIC activity reportAPNIC
 
DDoS - a Modern Day Opportunity for Service Providers
DDoS - a Modern Day Opportunity for Service ProvidersDDoS - a Modern Day Opportunity for Service Providers
DDoS - a Modern Day Opportunity for Service ProvidersCorero Network Security
 
Ciena - the journey to the adaptive network
Ciena - the journey to the adaptive networkCiena - the journey to the adaptive network
Ciena - the journey to the adaptive networkJisc
 
Identi fi 3865-series-outdoor-access-point-ds
Identi fi 3865-series-outdoor-access-point-dsIdenti fi 3865-series-outdoor-access-point-ds
Identi fi 3865-series-outdoor-access-point-dsN-TEK Distribution
 
Cisco Unified Wireless Network and Converged access – Design session
Cisco Unified Wireless Network and Converged access – Design sessionCisco Unified Wireless Network and Converged access – Design session
Cisco Unified Wireless Network and Converged access – Design sessionCisco Russia
 

More Related Content

What's hot

Edupert best practices in supporting end users - Networkshop44
Edupert best practices in supporting end users - Networkshop44Edupert best practices in supporting end users - Networkshop44
Edupert best practices in supporting end users - Networkshop44Jisc
 
Performance Assurance for Cloud Applications
Performance Assurance for Cloud ApplicationsPerformance Assurance for Cloud Applications
Performance Assurance for Cloud ApplicationsDaniel Sproats
 
Internet Resource Management Tutorial at SANOG 24
Internet Resource Management Tutorial at SANOG 24Internet Resource Management Tutorial at SANOG 24
Internet Resource Management Tutorial at SANOG 24APNIC
 
Measuring IPv6 Performance, RIPE73
Measuring IPv6 Performance, RIPE73Measuring IPv6 Performance, RIPE73
Measuring IPv6 Performance, RIPE73APNIC
 
Multipathed, Multiplexed, Multilateral Transport Protocols - Decoupling trans...
Multipathed, Multiplexed, Multilateral Transport Protocols - Decoupling trans...Multipathed, Multiplexed, Multilateral Transport Protocols - Decoupling trans...
Multipathed, Multiplexed, Multilateral Transport Protocols - Decoupling trans...APNIC
 
DDoS Threat Landscape - Challenges faced by Network Operators
DDoS Threat Landscape - Challenges faced by Network OperatorsDDoS Threat Landscape - Challenges faced by Network Operators
DDoS Threat Landscape - Challenges faced by Network OperatorsAPNIC
 
WINS: Peering and IXPs
WINS: Peering and IXPsWINS: Peering and IXPs
WINS: Peering and IXPsAPNIC
 
ONF & iSDX Webinar
ONF & iSDX WebinarONF & iSDX Webinar
ONF & iSDX WebinarKatie Hyman
 
110G networking within JASMIN
110G networking within JASMIN110G networking within JASMIN
110G networking within JASMINJisc
 
EfficientIP presentation used during the SWITCHPOINT NV/SA Quarterly Experien...
EfficientIP presentation used during the SWITCHPOINT NV/SA Quarterly Experien...EfficientIP presentation used during the SWITCHPOINT NV/SA Quarterly Experien...
EfficientIP presentation used during the SWITCHPOINT NV/SA Quarterly Experien...SWITCHPOINT NV/SA
 
Identifier Systems Security, Stability and Resiliency by Champika Wijayatunga
Identifier Systems Security, Stability and Resiliency by Champika WijayatungaIdentifier Systems Security, Stability and Resiliency by Champika Wijayatunga
Identifier Systems Security, Stability and Resiliency by Champika WijayatungaMyNOG
 
How to Quantum-Secure Optical Networks
How to Quantum-Secure Optical Networks How to Quantum-Secure Optical Networks
How to Quantum-Secure Optical NetworksADVA
 
RIPE NCC Measurements Tools Workshop: RIPEstat and RIPE Atlas
RIPE NCC Measurements Tools Workshop: RIPEstat and RIPE AtlasRIPE NCC Measurements Tools Workshop: RIPEstat and RIPE Atlas
RIPE NCC Measurements Tools Workshop: RIPEstat and RIPE AtlasAPNIC
 
Customer distributed denial of service (DDoS) experiences - Networkshop44
Customer distributed denial of service (DDoS) experiences - Networkshop44Customer distributed denial of service (DDoS) experiences - Networkshop44
Customer distributed denial of service (DDoS) experiences - Networkshop44Jisc
 
Abitcool - A vast array of small-scale service providers with gigabit access,...
Abitcool - A vast array of small-scale service providers with gigabit access,...Abitcool - A vast array of small-scale service providers with gigabit access,...
Abitcool - A vast array of small-scale service providers with gigabit access,...APNIC
 
Apnic Update - SANOG 30
Apnic Update - SANOG 30Apnic Update - SANOG 30
Apnic Update - SANOG 30APNIC
 
APNIC Member Services
APNIC Member ServicesAPNIC Member Services
APNIC Member ServicesAPNIC
 
npNOG 2: APNIC activity report
npNOG 2: APNIC activity reportnpNOG 2: APNIC activity report
npNOG 2: APNIC activity reportAPNIC
 
DDoS - a Modern Day Opportunity for Service Providers
DDoS - a Modern Day Opportunity for Service ProvidersDDoS - a Modern Day Opportunity for Service Providers
DDoS - a Modern Day Opportunity for Service ProvidersCorero Network Security
 
Ciena - the journey to the adaptive network
Ciena - the journey to the adaptive networkCiena - the journey to the adaptive network
Ciena - the journey to the adaptive networkJisc
 

What's hot (20)

Edupert best practices in supporting end users - Networkshop44
Edupert best practices in supporting end users - Networkshop44Edupert best practices in supporting end users - Networkshop44
Edupert best practices in supporting end users - Networkshop44
 
Performance Assurance for Cloud Applications
Performance Assurance for Cloud ApplicationsPerformance Assurance for Cloud Applications
Performance Assurance for Cloud Applications
 
Internet Resource Management Tutorial at SANOG 24
Internet Resource Management Tutorial at SANOG 24Internet Resource Management Tutorial at SANOG 24
Internet Resource Management Tutorial at SANOG 24
 
Measuring IPv6 Performance, RIPE73
Measuring IPv6 Performance, RIPE73Measuring IPv6 Performance, RIPE73
Measuring IPv6 Performance, RIPE73
 
Multipathed, Multiplexed, Multilateral Transport Protocols - Decoupling trans...
Multipathed, Multiplexed, Multilateral Transport Protocols - Decoupling trans...Multipathed, Multiplexed, Multilateral Transport Protocols - Decoupling trans...
Multipathed, Multiplexed, Multilateral Transport Protocols - Decoupling trans...
 
DDoS Threat Landscape - Challenges faced by Network Operators
DDoS Threat Landscape - Challenges faced by Network OperatorsDDoS Threat Landscape - Challenges faced by Network Operators
DDoS Threat Landscape - Challenges faced by Network Operators
 
WINS: Peering and IXPs
WINS: Peering and IXPsWINS: Peering and IXPs
WINS: Peering and IXPs
 
ONF & iSDX Webinar
ONF & iSDX WebinarONF & iSDX Webinar
ONF & iSDX Webinar
 
110G networking within JASMIN
110G networking within JASMIN110G networking within JASMIN
110G networking within JASMIN
 
EfficientIP presentation used during the SWITCHPOINT NV/SA Quarterly Experien...
EfficientIP presentation used during the SWITCHPOINT NV/SA Quarterly Experien...EfficientIP presentation used during the SWITCHPOINT NV/SA Quarterly Experien...
EfficientIP presentation used during the SWITCHPOINT NV/SA Quarterly Experien...
 
Identifier Systems Security, Stability and Resiliency by Champika Wijayatunga
Identifier Systems Security, Stability and Resiliency by Champika WijayatungaIdentifier Systems Security, Stability and Resiliency by Champika Wijayatunga
Identifier Systems Security, Stability and Resiliency by Champika Wijayatunga
 
How to Quantum-Secure Optical Networks
How to Quantum-Secure Optical Networks How to Quantum-Secure Optical Networks
How to Quantum-Secure Optical Networks
 
RIPE NCC Measurements Tools Workshop: RIPEstat and RIPE Atlas
RIPE NCC Measurements Tools Workshop: RIPEstat and RIPE AtlasRIPE NCC Measurements Tools Workshop: RIPEstat and RIPE Atlas
RIPE NCC Measurements Tools Workshop: RIPEstat and RIPE Atlas
 
Customer distributed denial of service (DDoS) experiences - Networkshop44
Customer distributed denial of service (DDoS) experiences - Networkshop44Customer distributed denial of service (DDoS) experiences - Networkshop44
Customer distributed denial of service (DDoS) experiences - Networkshop44
 
Abitcool - A vast array of small-scale service providers with gigabit access,...
Abitcool - A vast array of small-scale service providers with gigabit access,...Abitcool - A vast array of small-scale service providers with gigabit access,...
Abitcool - A vast array of small-scale service providers with gigabit access,...
 
Apnic Update - SANOG 30
Apnic Update - SANOG 30Apnic Update - SANOG 30
Apnic Update - SANOG 30
 
APNIC Member Services
APNIC Member ServicesAPNIC Member Services
APNIC Member Services
 
npNOG 2: APNIC activity report
npNOG 2: APNIC activity reportnpNOG 2: APNIC activity report
npNOG 2: APNIC activity report
 
DDoS - a Modern Day Opportunity for Service Providers
DDoS - a Modern Day Opportunity for Service ProvidersDDoS - a Modern Day Opportunity for Service Providers
DDoS - a Modern Day Opportunity for Service Providers
 
Ciena - the journey to the adaptive network
Ciena - the journey to the adaptive networkCiena - the journey to the adaptive network
Ciena - the journey to the adaptive network
 

Similar to Exhibitor sessions: Khipu and Aruba, HPE

Identi fi 3865-series-outdoor-access-point-ds
Identi fi 3865-series-outdoor-access-point-dsIdenti fi 3865-series-outdoor-access-point-ds
Identi fi 3865-series-outdoor-access-point-dsN-TEK Distribution
 
Cisco Unified Wireless Network and Converged access – Design session
Cisco Unified Wireless Network and Converged access – Design sessionCisco Unified Wireless Network and Converged access – Design session
Cisco Unified Wireless Network and Converged access – Design sessionCisco Russia
 
TULIPP overview
TULIPP overviewTULIPP overview
TULIPP overviewTulipp. Eu
 
A Transcat.com Webinar Presented by Aglient Technolgoes: Scope Technology Imp...
A Transcat.com Webinar Presented by Aglient Technolgoes: Scope Technology Imp...A Transcat.com Webinar Presented by Aglient Technolgoes: Scope Technology Imp...
A Transcat.com Webinar Presented by Aglient Technolgoes: Scope Technology Imp...Transcat
 
Webinar: BlueNRG-LP - Bluetooth 5.2 de longo alcance para aplicações industriais
Webinar: BlueNRG-LP - Bluetooth 5.2 de longo alcance para aplicações industriaisWebinar: BlueNRG-LP - Bluetooth 5.2 de longo alcance para aplicações industriais
Webinar: BlueNRG-LP - Bluetooth 5.2 de longo alcance para aplicações industriaisEmbarcados
 
Alexei_Plescan - updated
Alexei_Plescan - updatedAlexei_Plescan - updated
Alexei_Plescan - updatedAlexei Plescan
 
Places in the network (featuring policy)
Places in the network (featuring policy)Places in the network (featuring policy)
Places in the network (featuring policy)Jeff Green
 
Sdn future of networks
Sdn future of networksSdn future of networks
Sdn future of networksAhmed El-Sayed
 
Cloud networking workshop
Cloud networking workshopCloud networking workshop
Cloud networking workshopCisco Canada
 
Master Serial Killer - DEF CON 22 - ICS Village
Master Serial Killer - DEF CON 22 - ICS VillageMaster Serial Killer - DEF CON 22 - ICS Village
Master Serial Killer - DEF CON 22 - ICS VillageChris Sistrunk
 
Cisco 3600 access point datasheet
Cisco 3600 access point datasheetCisco 3600 access point datasheet
Cisco 3600 access point datasheetAmy Huang
 
Unified Access Update - 11AC and Switching Platform
Unified Access Update - 11AC and Switching PlatformUnified Access Update - 11AC and Switching Platform
Unified Access Update - 11AC and Switching PlatformCisco Canada
 
Abdul Muneer k_RESUME
Abdul Muneer k_RESUMEAbdul Muneer k_RESUME
Abdul Muneer k_RESUMEAbdul muneer
 
Splunk App for Stream
Splunk App for StreamSplunk App for Stream
Splunk App for StreamSplunk
 
Havoc industrial electronice and techonology rfid and two-way radios - 2015
Havoc industrial electronice and techonology rfid and two-way radios - 2015Havoc industrial electronice and techonology rfid and two-way radios - 2015
Havoc industrial electronice and techonology rfid and two-way radios - 2015Robin Wright
 
Dynamic Service Chaining
Dynamic Service Chaining Dynamic Service Chaining
Dynamic Service Chaining Tail-f Systems
 
Innovate in new and exciting optical sensing applications in industrial marke...
Innovate in new and exciting optical sensing applications in industrial marke...Innovate in new and exciting optical sensing applications in industrial marke...
Innovate in new and exciting optical sensing applications in industrial marke...Design World
 

Similar to Exhibitor sessions: Khipu and Aruba, HPE (20)

Identi fi 3865-series-outdoor-access-point-ds
Identi fi 3865-series-outdoor-access-point-dsIdenti fi 3865-series-outdoor-access-point-ds
Identi fi 3865-series-outdoor-access-point-ds
 
Cisco Unified Wireless Network and Converged access – Design session
Cisco Unified Wireless Network and Converged access – Design sessionCisco Unified Wireless Network and Converged access – Design session
Cisco Unified Wireless Network and Converged access – Design session
 
Ap3705i ds
Ap3705i dsAp3705i ds
Ap3705i ds
 
TULIPP overview
TULIPP overviewTULIPP overview
TULIPP overview
 
A Transcat.com Webinar Presented by Aglient Technolgoes: Scope Technology Imp...
A Transcat.com Webinar Presented by Aglient Technolgoes: Scope Technology Imp...A Transcat.com Webinar Presented by Aglient Technolgoes: Scope Technology Imp...
A Transcat.com Webinar Presented by Aglient Technolgoes: Scope Technology Imp...
 
Webinar: BlueNRG-LP - Bluetooth 5.2 de longo alcance para aplicações industriais
Webinar: BlueNRG-LP - Bluetooth 5.2 de longo alcance para aplicações industriaisWebinar: BlueNRG-LP - Bluetooth 5.2 de longo alcance para aplicações industriais
Webinar: BlueNRG-LP - Bluetooth 5.2 de longo alcance para aplicações industriais
 
Alexei_Plescan - updated
Alexei_Plescan - updatedAlexei_Plescan - updated
Alexei_Plescan - updated
 
Places in the network (featuring policy)
Places in the network (featuring policy)Places in the network (featuring policy)
Places in the network (featuring policy)
 
Create New Value for You - Huawei Agile Network
Create New Value for You - Huawei Agile NetworkCreate New Value for You - Huawei Agile Network
Create New Value for You - Huawei Agile Network
 
Sdn future of networks
Sdn future of networksSdn future of networks
Sdn future of networks
 
Cloud networking workshop
Cloud networking workshopCloud networking workshop
Cloud networking workshop
 
Master Serial Killer - DEF CON 22 - ICS Village
Master Serial Killer - DEF CON 22 - ICS VillageMaster Serial Killer - DEF CON 22 - ICS Village
Master Serial Killer - DEF CON 22 - ICS Village
 
Cisco 3600 access point datasheet
Cisco 3600 access point datasheetCisco 3600 access point datasheet
Cisco 3600 access point datasheet
 
Swaminathan_Resume_May2015
Swaminathan_Resume_May2015Swaminathan_Resume_May2015
Swaminathan_Resume_May2015
 
Unified Access Update - 11AC and Switching Platform
Unified Access Update - 11AC and Switching PlatformUnified Access Update - 11AC and Switching Platform
Unified Access Update - 11AC and Switching Platform
 
Abdul Muneer k_RESUME
Abdul Muneer k_RESUMEAbdul Muneer k_RESUME
Abdul Muneer k_RESUME
 
Splunk App for Stream
Splunk App for StreamSplunk App for Stream
Splunk App for Stream
 
Havoc industrial electronice and techonology rfid and two-way radios - 2015
Havoc industrial electronice and techonology rfid and two-way radios - 2015Havoc industrial electronice and techonology rfid and two-way radios - 2015
Havoc industrial electronice and techonology rfid and two-way radios - 2015
 
Dynamic Service Chaining
Dynamic Service Chaining Dynamic Service Chaining
Dynamic Service Chaining
 
Innovate in new and exciting optical sensing applications in industrial marke...
Innovate in new and exciting optical sensing applications in industrial marke...Innovate in new and exciting optical sensing applications in industrial marke...
Innovate in new and exciting optical sensing applications in industrial marke...
 

More from Jisc

Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Jisc
 
International students’ digital experience: understanding and mitigating the ...
International students’ digital experience: understanding and mitigating the ...International students’ digital experience: understanding and mitigating the ...
International students’ digital experience: understanding and mitigating the ...Jisc
 
Digital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptxDigital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptxJisc
 
Open Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptxOpen Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptxJisc
 
Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...Jisc
 
How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...Jisc
 
Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023Jisc
 
Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023Jisc
 
Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023Jisc
 
JISC Presentation.pptx
JISC Presentation.pptxJISC Presentation.pptx
JISC Presentation.pptxJisc
 
Community-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptxCommunity-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptxJisc
 
The Open Access Community Framework (OACF) 2023 (1).pptx
The Open Access Community Framework (OACF) 2023 (1).pptxThe Open Access Community Framework (OACF) 2023 (1).pptx
The Open Access Community Framework (OACF) 2023 (1).pptxJisc
 
Are we onboard yet University of Sussex.pptx
Are we onboard yet University of Sussex.pptxAre we onboard yet University of Sussex.pptx
Are we onboard yet University of Sussex.pptxJisc
 
JiscOAWeek_LAIR_slides_October2023.pptx
JiscOAWeek_LAIR_slides_October2023.pptxJiscOAWeek_LAIR_slides_October2023.pptx
JiscOAWeek_LAIR_slides_October2023.pptxJisc
 
UWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptxUWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptxJisc
 
An introduction to Cyber Essentials
An introduction to Cyber EssentialsAn introduction to Cyber Essentials
An introduction to Cyber EssentialsJisc
 
MarkChilds.pptx
MarkChilds.pptxMarkChilds.pptx
MarkChilds.pptxJisc
 
RStrachanOct23.pptx
RStrachanOct23.pptxRStrachanOct23.pptx
RStrachanOct23.pptxJisc
 
ISDX2 Oct 2023 .pptx
ISDX2 Oct 2023 .pptxISDX2 Oct 2023 .pptx
ISDX2 Oct 2023 .pptxJisc
 
FerrellWalker.pptx
FerrellWalker.pptxFerrellWalker.pptx
FerrellWalker.pptxJisc
 

More from Jisc (20)

Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...
 
International students’ digital experience: understanding and mitigating the ...
International students’ digital experience: understanding and mitigating the ...International students’ digital experience: understanding and mitigating the ...
International students’ digital experience: understanding and mitigating the ...
 
Digital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptxDigital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptx
 
Open Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptxOpen Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptx
 
Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...
 
How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...
 
Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023
 
Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023
 
Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023
 
JISC Presentation.pptx
JISC Presentation.pptxJISC Presentation.pptx
JISC Presentation.pptx
 
Community-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptxCommunity-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptx
 
The Open Access Community Framework (OACF) 2023 (1).pptx
The Open Access Community Framework (OACF) 2023 (1).pptxThe Open Access Community Framework (OACF) 2023 (1).pptx
The Open Access Community Framework (OACF) 2023 (1).pptx
 
Are we onboard yet University of Sussex.pptx
Are we onboard yet University of Sussex.pptxAre we onboard yet University of Sussex.pptx
Are we onboard yet University of Sussex.pptx
 
JiscOAWeek_LAIR_slides_October2023.pptx
JiscOAWeek_LAIR_slides_October2023.pptxJiscOAWeek_LAIR_slides_October2023.pptx
JiscOAWeek_LAIR_slides_October2023.pptx
 
UWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptxUWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptx
 
An introduction to Cyber Essentials
An introduction to Cyber EssentialsAn introduction to Cyber Essentials
An introduction to Cyber Essentials
 
MarkChilds.pptx
MarkChilds.pptxMarkChilds.pptx
MarkChilds.pptx
 
RStrachanOct23.pptx
RStrachanOct23.pptxRStrachanOct23.pptx
RStrachanOct23.pptx
 
ISDX2 Oct 2023 .pptx
ISDX2 Oct 2023 .pptxISDX2 Oct 2023 .pptx
ISDX2 Oct 2023 .pptx
 
FerrellWalker.pptx
FerrellWalker.pptxFerrellWalker.pptx
FerrellWalker.pptx
 

Recently uploaded

Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3JemimahLaneBuaron
 
fourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingfourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingTeacherCyreneCayanan
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)eniolaolutunde
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...christianmathematics
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room servicediscovermytutordmt
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingTechSoup
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Celine George
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxVishalSingh1417
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...fonyou31
 
General AI for Medical Educators April 2024
General AI for Medical Educators April 2024General AI for Medical Educators April 2024
General AI for Medical Educators April 2024Janet Corral
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfagholdier
 
social pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajansocial pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajanpragatimahajan3
 
Disha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfDisha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfchloefrazer622
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpinRaunakKeshri1
 

Recently uploaded (20)

Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3
 
fourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingfourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writing
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptx
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
 
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
 
General AI for Medical Educators April 2024
General AI for Medical Educators April 2024General AI for Medical Educators April 2024
General AI for Medical Educators April 2024
 
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
 
social pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajansocial pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajan
 
Disha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfDisha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdf
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpin
 

Exhibitor sessions: Khipu and Aruba, HPE

  • 2. Please switch your mobile phones to silent 19:30 No fire alarms scheduled. In the event of an alarm, please follow directions of NCC staff Dinner (now full) Entrance via Goldsmith Street 16:30 - 17:30 Birds of a feather sessions 15:20 - 16:00 Lightning talks
  • 4. Vulnerability Management in your Security Architecture Dirk Schrader
  • 5. Content & About » Experiences with vulnerability management as part of an overall security architecture » Integrating vulnerability management into your security architecture, into your workflows. » What are some of the best practices for this?What are the advantages, what are possible caveats? » Dirk Schrader CISSP, CISM » Khipu and Greenbone provide the technology behind the JiscVulnerability assessment and information service www.jisc.ac.uk/vulnerability-assessment-and-information-service www.khipu-networks.com www.greenbone.net
  • 6. Vulnerability Management is required » the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services » a process for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing ISO 27001 control A.12.6.1 asks for the timely identification of vulnerabilities, the assessment of organization’s exposure to a vulnerability. ISO 27002 lists actions like » Make an asset inventory » Deal with vulnerabilities through defined procedures
  • 7. Vulnerability Management Process prepare identify classify prioritize assign mitigate & remediate store & repeat improve
  • 9. VM in a Security Architecture prepare identify classify prioritize assign mitigate & remediate store & repeat improve
  • 10. ‚prepare‘ <-> Policies prepare identify classify prioritize assign mitigate & remediate store & repeat improve » Install policies, standards that enforceVulnerability Management » Make sure that responsibilities & actions are defined › asset owner › service owner › system owner, › ownership ≠ responsibility….? » Define secure configurations, whitelist systems and applications » Map to security controls, relate controls to responsibilities » Start simple, enhance stepwise
  • 11. ‚identify, classify, prioritize‘ <-> Workflows &Tools prepare identify classify prioritize assign mitigate & remediate store & repeat improve » Import and/or discover assets » Scan assets, scan them authenticated » use CVSS, CVE, CPE » enhance with add. SecInfo » tag with Asset Criticality info » use Score, Quality of Detection, and available SolutionType » use Asset Information » Attack status confirms
  • 12. ‚identify, classify, prioritize‘ <-> Workflows &Tools prepare identify classify prioritize assign mitigate & remediate store & repeat improve NAC (simplified)
  • 13. ‚identify, classify, prioritize‘ <-> Workflows &Tools prepare identify classify prioritize assign mitigate & remediate store & repeat improve CMDB
  • 14. ‚identify, classify, prioritize‘ <-> Workflows &Tools prepare identify classify prioritize assign mitigate & remediate store & repeat improve Threat Intel / SIEM
  • 15. ‚assign, mitigate & remediate‘ <-> Workflows &Tools prepare identify classify prioritize assign mitigate & remediate store & repeat improve » use Reports, Alerts » based on Knowlegde, Experience, and Role » track and trace assignment » patch and/or upgrade » block and/or isolate » work around » override is also a temporary option
  • 16. ‚assign, mitigate & remediate‘ <-> Workflows &Tools prepare identify classify prioritize assign mitigate & remediate store & repeat improve Ticket System
  • 17. ‚assign, mitigate & remediate‘ <-> Workflows &Tools prepare identify classify prioritize assign mitigate & remediate store & repeat improve Update / Patch Management
  • 18. ‚store & repeat‘ <-> Workflows &Tools prepare identify classify prioritize assign mitigate & remediate store & repeat improve » predict and trend assets » handle changes in infrastructure » time-stamped data supports Forensics » average of 40 high severity flaws published per week › 2017: 1,007 high severity flaws so far in 15 weeks
  • 19. ‚store & repeat‘ <-> Workflows &Tools prepare identify classify prioritize assign mitigate & remediate store & repeat improve Forensics
  • 20. ‚store & repeat‘ <-> Workflows &Tools prepare identify classify prioritize assign mitigate & remediate store & repeat improve half-life of facts
  • 21. ‚improve‘ <-> Workflows &Tools prepare identify classify prioritize assign mitigate & remediate store & repeat improve » Eases implementation of Updates and Changes to Policies, Guidelines, Compliance » Meaningful KPIs for the IT Security documented
  • 22. ‚improve‘ <-> Workflows &Tools prepare identify classify prioritize assign mitigate & remediate store & repeat improve
  • 24. jisc.ac.uk contact Dirk Schrader Greenbone Networks GmbH Dirk.Schrader@greenbone.net
  • 27. ON THE AIRWAVES – TRENDS IN WI-FI AND WIRELESS Peter Thornycroft April 2017
  • 28. 28 Agenda • 802.11ax high efficiency WLANs • Machine Learning applied to WLANs • Evolving architecture for the enterprise WLAN
  • 30. 30 802.11ax: Issues Facing Wi-Fi Networks • Many short data frames, many users • Overlapping BSS’s in dense deployments block each other from transmitting • Improving performance in outdoor hotspots 1 2 4 3 4 2 1 2 1 3 4 1 3 4 1 2 1 1 3 >80% of frames under 256B
  • 31. 31 802.11ax: Goals • Enhance operation in 2.4 & 5 GHz bands (11ac was only 5 GHz) • Increase average throughput per station by at least 4x in dense deployments • Improvements both indoor and outdoor • Scenarios include wireless corporate office, outdoor hotspot, dense residential apartments and stadiums • Maintain or improve power efficiency of the stations
  • 32. 32 802.11ax: Timeline (guess products late 2018 / early 2019) 0 mo IEEE 802.11ax TG kick off May ‘14 D0.1 Jan ‘16 D1.0 Dec ‘16 D2.0 May ‘17 Predicted Final Approval Dec ‘18 Predicted WFA AX MTG kick off Apr ‘16 Cert Launch Dec ‘18 Predicted IEEE 802.11ac Sponsor Ballot Mar ‘18 Predicted TG kick off Nov ‘08 D1.0 Jun ‘11 12 mo 24 mo 36 mo D0.1 Jan ‘11 D2.0 Feb ‘12 48 mo D3.0 Jun ‘12 Sponsor Ballot May ‘13 60 mo Final Approval Oct ‘13 Publish Dec ‘13 0 mo 12 mo 24 mo WFA AC MTG kick off Jun ‘10 TTG kick off Aug ‘11 36 mo Plugfest #1 Aug ‘12 PF #5 Jan ‘13 Launch Jun ‘13 2016 2017 20182015 2016 2017 2018 SIG kick off Aug ‘09 2014 SIG kick off Feb ‘14 2019 2019
  • 33. 33 802.11ax: features Outdoor / Longer rangePower Saving High DensitySpectral Efficiency & Area Throughput 8x8 AP 1024 QAM 25% increase in data rate OFDMA Enhanced delay spread protection- long guard interval Scheduled sleep and wake times 20 MHz-only clients Spatial Reuse DL/UL MU-MIMO w/ 8 clients L-STF L-LTF L-SIG RL-SIG HE-SIG-A HE-STF HE-LTF HE-LTF Data... 8µs 8µs 4µs 4µs 16µs 4µs VariabledurationsperHE-LTFsymbol PE 0.8us 11ac 1.6us 11ax Extended range packet structure 3.2us 11ax B e a c o n T F Next TWT B e a c o n T F T F T F TWT element: Implicit TWT, Next TWT, TWT Wake Interval TWT Wake Interval DL/UL MU DL/UL MU DL/UL MU DL/UL MU 80 MHz Capable 20 MHz-only 2x increase in throughput ac ax Up to 20% increase in data rate Long OFDM Symbol
  • 35. 35 802.11ax: MU-MIMO, UL MU transmissions • New Trigger control frame • UL MU transmission may be OFDMA or MU- MIMO • Trigger frame can be used as a Beamforming Report Poll, MU-BAR, MU- RTS, Buffer Status Report Poll, Bandwidth Query Report Poll… Trigger frame UL MU PPDU AP STA1 Acknowledge frame UL MU PPDUSTA2 UL MU PPDUSTA3 UL MU PPDUSTA4 Frequency/ Spatialdomain
  • 36. 36 802.11ax: BSS colouring • To increase capacity in dense environment, we need to increase frequency reuse between BSS’s • BSS Colouring was a mechanism introduced in 802.11ah to assign a different “colour” per BSS, which will be extended to 11ax • New channel access behavior will be assigned based on the colour detected Increased Frequency Reuse (w/ 80 MHz channels) - All same-channel BSS blocking 1 2 4 3 4 2 1 2 1 3 4 1 3 4 1 2 1 1 3 Low Frequency Reuse (w/ 20 MHz channels) 18 19 17 6 7 5 1 2 10 3 11 12 15 4 14 13 16 8 9 Same-channel BSS only blocked on Colour Match 1 2 4 3 2 1 2 1 3 4 3 4 1 2 1 1 2 3 2 3 4 3 4 4 1 3 2 4 4 1 2 3 4 1 3 2 4 1 2 3
  • 37. 37 802.11ax: outdoor and longer-range features • One of the goals of 802.11ax is improved performance outdoors - Longer delay spreads than the 11a/n/ac guard interval of 0.8 usec. 802.11ax modifies the guard intervals options to 0.8, 1.6, and 3.2 usec - Possible multipath bounces off high speed vehicles. A Doppler bit indicates Doppler mode of transmission • To expand the coverage and robustness of an outdoor hotspot - New extended range packet format with more robust preamble - Dual Carrier Modulation (DCM) – replicate the same information on different subcarriers for diversity gain and narrow band interference protection, ~3.5 dB gain - Narrower transmission bandwidth for Data field – 106 tones (~8 MHz) can be used to reduce noise bandwidth L-STF L-LTF L-SIG RL-SIG HE-SIG-A HE-STF HE-LTF HE-LTF Data... 8µs 8µs 4µs 4µs 16µs 4µs Variable durations per HE-LTF symbol PE HE extended range SU PPDU format
  • 38. 38 802.11ax: new PHY data rates 11ax 11ac Data rate (Mbps) Mode gain Data rate (Mbps) Mode Min 0.375 1SS, MCS0, DCM, 26- tone 6.5 1SS, MCS0, 20 MHz Max, 20 MHz 143.4*NSS 1024‐QAM, r=5/6, 13.6 usec symbol 65% 86.7*NSS 256-QAM, r=3/4 (256-QAM, r=5/6 only valid for NSS=3,6), 3.6 usec symbol Max, 40 MHz 286.8*NSS 1024‐QAM, r=5/6, 13.6 usec symbol 43% 200*NSS 256-QAM, r=5/6, 3.6 usec symbol Max, 80 MHz 600.4*NSS 1024‐QAM, r=5/6, 13.6 usec symbol 39% 433.3*NSS 256-QAM, r=5/6, 3.6 usec symbol Max, 160 MHz 600.4*2*NSS 1024‐QAM, r=5/6, 13.6 usec symbol 39% 433.3*2*NSS 256-QAM, r=5/6, 3.6 usec symbol NSS = 1…8 for both 11ac and 11ax
  • 39. 39 802.11ax: Target Wake Time for power save • Target Wake Time (TWT) is a power saving mechanism in 802.11ah which allows the STA to sleep for periods of time, and wake up at pre- scheduled times to exchange information with its AP doc.: IEEE 802.11-12/0823r0 Submission Power Consumption Profiles July 2012 Matthew Fischer, et al. • Baseline PS-POLL Slide 14 Beacon Wake LMSM RM LM/RM TM RM UL BA LM/RM BADL TMRM SM SleepAccess delay Lookup + Access delay Beacon LMSM RM ?M TM RM UL BA BADL TMRM SM Slot delay Wake Sleep LMSM TM RM UL BA BADL TMRM SM Wake Sleep • Beacon-based access • TWT-based access SM: Sleep Mode LM: Listen Mode RM: Receive Mode TM: Transmit Mode
  • 40. 40 802.11ax: 20 MHz-only clients • Provide support for low power, low complexity devices (IOT): wearable devices, sensors and automation, medical equipment, etc.
  • 41. ARTIFICIAL INTELLIGENCE AND MACHINE LEARNING IN ENTERPRISE NETWORKS
  • 42. 42 Artificial Intelligence and Machine Learning • Drawing inferences from large amounts of data − First obtain a large amount of training data (labelled for supervised learning) − Then train the ML model to get the ‘right’ result from the training data − Now let the model loose on new data • Can be applied to different problems − Network Management − Misbehaving devices or users − Device discovery & classification (e.g. IoT) • Can close the loop with suggested changes or automated actions
  • 43. 43 Architecture for Machine Learning On-premise data collector Network data sources • Span ports • Firewalls • WLAN • Network Management • Authentication • DHCP • … send to cloud Identify anomalies Cluster anomalies Root cause & fixes alerts actions
  • 44. 44 Network management: Benefits Better network operations Real-time insights with root cause analysis and remedy recommendation – “A large fraction of Lync calls fail in building A, because of non-WiFi interference” – “On July 7th, 38 users in building B suffered slow Wi-Fi speed due to suboptimal channel allocation” – “45 users failed to connect to Wi-Fi, because of Radius server overload” Better network planning Macro insights with long-term recommendations – “Compared to similar buildings, users in building A achieve 20% lower data rate” – “In building B, peak hour traffic grows by 2.3% month-to-month. This will become a network bottleneck in 14 months”
  • 45. 45 Network Management: Environment type detection User density Connection life time Cluster 1 • low user density • high connection life time • Example: Office space Cluster 2 • high user density • high connection life time • Example: Lecture hall Cluster 3 • high user density • low connection life time • Example: Cafeteria area Automatic granularity: subdivide buildings based on Wi-Fi characteristics − Example: library entrance area vs. library archive stacks
  • 46. 46 Network management: Data-driven anomaly detection • Detect anomalous values of network metrics, while accounting for the circumstances − AP experiences high air utilization (uplink + downlink + ambient), given time of day and band − Client station has uplink/downlink rate imbalance, given its device type and band − Client station is using low downlink rate, given its RSSI, band and device type − No manual thresholds are needed, separate models for each environment type mantain low false alarm rate
  • 47. 47 Network management: Clustering of issues d1 d2 Cluster 1 • device type: iPhones • ssid: UW • issues: roam-802.11-assoc Cluster 3 • device type: iPad • sta_mac: a888088f4b0c • ssid: CSE-Local • location: CSE basement • bssid: 04bd88337850 • ch: 40 • controller: 113 • issues: roam-802.11-assoc dn Cluster 2 • device type: iPhone & Android • ssid: UW • controller: 8901 • location: KNE.5
  • 48. 48 Security: Automated detection of insider-threats Compromised Users & Hosts Negligent Employees Malicious Insiders ATTACKS AND RISKY BEHAVIORS on the inside
  • 49. 49 Security: behavioural analytics approach Behavioral Analytics UNSUPERVISED + SEMI- SUPERVISED HISTORICAL + PEER GROUP MACHINE LEARNING BASELINES Internal Resource Access Finance servers Authentication AD logins Remote Access VPN logins External Activity C&C, personal email SaaS Activity Office 365, Box Cloud IaaS AWS, Azure Physical Access badge logs Exfiltration DLP, Email
  • 50. 50 Security: finding the malicious in the anomalous Behavioral Analytics SUPERVISED MACHINE LEARNING DLP Sandbox Firewalls STIX Rules Etc. THIRD PARTY ALERTS
  • 51. 51 IoT: Security Starts with Identifying Devices Seeing totals and mix of devices helps understand risk. CCTV cameras from XiongMai Technologies can be an issue. Visibility needed to make accurate planning decisions - bandwidth usage, firewall rules, etc. 1 2 3 Having Information useful during internal and external audits.
  • 52. 52 IoT: Comprehensive Profiler Methods • DHCP Fingerprinting (support for IP-Helper and use of SPAN/RSPAN mirroring) • SNMP/Network Discovery (MIB reads to identify static IP addressed devices) • WMI (useful for Windows) • SSH (useful for Linux) • CDP, LLDP (useful in Cisco networks) • HTTP User-Agent (useful for Apple) • MAC OUI (useful for Android) • ARP Reads, Subnet Scans • Active Sync Plugin • Nmap Port scans • TCP
  • 53. EVOLUTION OF THE EDGE – ENTERPRISE NETWORK ARCHITECTURE
  • 54. 54 Network architecture • Only at the edge can the network sense • Device radio characteristics • Device authentication status • Unassociated devices • All intrusion attempts Radio information - Signal level - SNR radio 802.11 mgmt 802.11 management - Associated - Data rate - Frame error rate - MAC - Sleeping Auth - Status - Identity - Role - Blacklist L2 - ARP - VLAN - mDNS IP - DHCP - IP address Multicast - IGMP - MC Neighbors L4-7 - Sessions & protocols - Destinations, ports - Rates - QoS Mobility awareness - Origin & location - Roaming history - AP load - Neighbor APs L2 traffic & services L3 traffic & services 802.11 connected device
  • 55. 55 Network architecture Traffic forwarding Policy layer • Abstract the network model to a policy layer • Policy layer interfaces to external APIs • External APIs export sensing information, accept reconfiguration Apps services
  • 56. 56 Network architecture • The network hollows out • The edge is used for sensing and reporting • Policy definitions allow the network to dynamically reconfigure in response to traffic & external events • APIs allow the network to dynamically reconfigure in response to external requirements • Big Data is accumulated locally or in the cloud • Machine Learning is applied to many networking problems

Editor's Notes

  1. Jetzt ein Blick auf das Release 4
  2. Jetzt ein Blick auf das Release 4
  3. Jetzt ein Blick auf das Release 4
  4. Virtualization makes definition of responsibilities kind of difficult Actions & Consequences
  5. NAC CMDB Threat Intel
  6. NAC CMDB Threat Intel
  7. NAC CMDB Threat Intel
  8. NAC CMDB Threat Intel / SIEM
  9. Ticket System, IT Service Management UpdateServer
  10. Ticket System, IT Service Management UpdateServer
  11. Ticket System, IT Service Management UpdateServer, i.e WSUS, SCCM
  12. OK rather a rare case VM of course provides Data for Analysis, Timeline Review, identifying the ‚window of vulnerability‘ of an affected system for the actual attack.
  13. Ever changing landscape of vulnerabilities (new ones and updates to known ones) A known vulnerability sometimes changes its characteristics Half-time value of facts gathered about your security posture
  14. Improve questions to ask: Where do people try to circumvent security policies and why? One contributing factor to non-compliance by users is an extensive workload caused by security mechanisms. That is: 1) There is no clear reason to comply 2) The cost of compliance is too high 3) There is an inability to comply (encrypted USB drives too small to carry the needed files) Recommended reading ‘The psychology of Information Security’