automating the automating the configuration of flow
play

Automating the Automating the configuration of flow configuration - PowerPoint PPT Presentation

Sep 12, 2022 •160 likes •303 views

Zurich Research Laboratory Automating the Automating the configuration of flow configuration of flow monitoring probes monitoring probes Xenofontas (Fontas) Dimitropoulos (xed@zurich.ibm.com) Andreas Kind (ank@zurich.ibm.com) IBM | Dec 07

  1. Zurich Research Laboratory Automating the Automating the configuration of flow configuration of flow monitoring probes monitoring probes Xenofontas (Fontas) Dimitropoulos (xed@zurich.ibm.com) Andreas Kind (ank@zurich.ibm.com) IBM | Dec 07 | Systems Department www.zurich.ibm.com

  2. Zurich Research Laboratory Outline � Background and motivation. � Probe configuration architecture: – Requirements and goals. – Design. – Implementation. � Future work and conclusions. X Dimitropoulos | Systems Department | IBM Research 2

  3. Zurich Research Laboratory Netw ork configuration � Network elements are typically configured with low-level commands, e.g., Cisco IOS commands. � Network administrators manage numerous network Configuration file length elements with lengthy file length (in lines) configuration files. distribution in an enterprise network � Network configuration is an error-prone and time-consuming process. � Configuration errors can be costly, e.g.: – network outages – violations of SLAs router ID (sorted by file size) Source of figure: 100x100 project X Dimitropoulos | Systems Department | IBM Research 3

  4. Zurich Research Laboratory Probe configuration � The configuration of monitoring probes is part of the more general network configuration problem. � Monitoring probes are gradually becoming more intelligent, for example, using advanced sampling and data aggregation techniques. Consequently, their configuration becomes more involved. � Flexible Netflow (FNF) and IPFIX provide numerous configuration options that were not available earlier: – FNF has 58 different configuration commands. – FNF provides 65 different fields, arbitrary combinations of which can be used in the definition of flow key and non-key fields. � Certain network operation applications need to dynamically change configuration to: – adapt to changing traffic conditions. – investigate on-going network anomalies. X Dimitropoulos | Systems Department | IBM Research 4

  5. Zurich Research Laboratory Configuration requirements network traffic anomaly application traffic billing operation profiling detection identification engineering applications application needs data Probe configuration } network monitoring probes low-level configuration � Probe configuration should: 1. take into account application needs. 2. be aware of the available monitoring probes. 3. generate low-level configuration commands. 4. configure or update the configuration of probes. X Dimitropoulos | Systems Department | IBM Research 5

  6. Zurich Research Laboratory Probe configuration architecture � Three modules: – the measurements module describes different measurements, i.e., application needs. – the inventory module describes the monitoring probes of a network. – the back-end module provides necessary information for generating low-level commands. � The specification identifies application needs. � The configurator: – uses the modules and specification to generate low-level commands. – configures the probes X Dimitropoulos | Systems Department | IBM Research 6

  7. Zurich Research Laboratory Design goals for simplifying configuration 1. Abstraction: hide low-level configuration commands. 2. Objective-oriented configuration expression: – express configuration in terms of measurement objectives. – focus on measurements instead of devices. 3. Network-wide configuration: configure a network instead of configuring individual devices. 4. Re-usability: make parts of configuration network-independent. 5. Extensibility: easily introduce support for new commands, measurements, etc. X Dimitropoulos | Systems Department | IBM Research 7

  8. Zurich Research Laboratory Configuration abstraction hierarchy � 1 st level: vendor-specific configuration commands. � 2 nd level: probe elements (pe), i.e., Measurement logical components of a probe, like service interface, flow cache, exporter. � 3 rd level: configlet, i.e., a set of specific Configlet probe elements that realizes a measurement. Probe elements � 4 th level: measurement services, i.e., a configlet with certain probe selection rules. Vendor-specific commands X Dimitropoulos | Systems Department | IBM Research 8

  9. Zurich Research Laboratory Back-end module <!– Pro be E le me nt E xpo rte r --> <pe id=‘ g e ne ric _e xpo rte r'> � Specifies different probe <pa ra ms> <pa ra m id='po rt'>90</ pa ra m> elements. <pa ra m id='tra nspo rt'>udp</ pa ra m> <pa ra m id='de stina tio n'>192.0.0.1</ pa ra m> � A probe element specification: <pa ra m id='la be l'>E XPORT E R</ pa ra m> </ pa ra ms> – is written in XML. <te mpla te > – has a unique id. <io s> – identifies parameters flo w e xpo rte r $la be l and parameter default de stina tio n $de stina tio n tra nspo rt $tra nspo rt $po rt values. </ io s> – determines the low-level <ya f> vendor-specific commands. --o ut $de stina tio n --ipfix $tra nspo rt --ipfix-po rt $po rt </ ya f> <juno s> </ juno s> </ te mpla te > </ pe > X Dimitropoulos | Systems Department | IBM Research 9

  10. Zurich Research Laboratory <pro be id='tra ba nt.zuric h.ibm.c o m'> <a ddre ss>9.4.68.154</ a ddre ss> Inventory module <lo c a tio n> <c ity>Zuric h</ c ity> <sta te >Ce ntra l CH</ sta te > <c o untry>Switze rla nd</ c o untry> </ lo c a tio n> � Specifies network probes, i.e., lists the characteristics that can be <syste m> <o s>io s</ o s> useful for their configuration. <ve rsio n>12.4</ ve rsio n> </ syste m> <inte rfa c e id='F a stE the rne t0/ 0'> <c a pa c ity>100Mbits</ c a pa c ity> � Besides describing location, <ta g >inte rna l</ ta g > system, and interface information, </ inte rfa c e > it declares tags that can be used <inte rfa c e id='F a stE the rne t0/ 1'> for grouping probes and for probe <c a pa c ity>100Mbits</ c a pa c ity> selection. <ta g >c usto me r</ ta g > </ inte rfa c e > <ta g s> <ta g >e dg e </ ta g > </ ta g s> </ pro be > X Dimitropoulos | Systems Department | IBM Research 10

  11. Zurich Research Laboratory Measurements <!-- Pro b e e le me nt c ha in --> module <c o nfig le t> <pe > <na me >e xpo rte r</ na me > <!-- Mo nito r ho w muc h tra ffic is se nd --> <pa ra ms> <!-- be twe e n I P blo c ks. --> <pa ram id='labe l'>T M_E XPORT E R</ para m> <rule s> <msr id='tra ffic _ma trix'> <pa ra m id='de stina tio n'>$c o lle c to r_a ddre ss</ pa ra m> <inte rfa c e > <pa ra m id='po rt'>$c o lle c to r_po rt</ pa ra m> if ( $inte rfa c e .ta g e q “e xte rna l" a nd <pa ra ms> <!-- De fa ult pa ra me te r va lue s --> <pa ra m id='tra nspo rt'>$c o lle c to r_tra nspo rt</ pa ra m> $pro be .ta g e q "e dg e " ) { <pa ra m id='c o lle c to r_a ddre ss'>lo c a lho st</ pa ra m> </ pa ra ms> re turn 1; <pa ra m id='c o lle c to r_po rt'>2055</ pa ram> </ pe > } e lse { <pa ra m id='c o lle c to r_tra nspo rt'>tc p</ pa ra m> <pe > re turn 0; </ pa ra ms> <na me >flo w_c a c he </ na me > } <pa ra ms> </ inte rfa c e > <!-- Pro be e le me nt c ha in --> <pa ra m id='la b e l'>T M_CACHE </ pa ra m> </ rule s> <c o nfig le t> <pa ra m id='re c o rd'>SRC_DST _PRE F I X_RE C</ pa ra m> </ c o nfig le t> <pa ra m id='e xpo rt'>T M_E XPORT E R</ pa ra m> </ pa ra ms> <rule s> </ pe > </ rule s> <pe > <na me >inte rfa c e </ na me > </ msr> <pa ra ms> <pa ra m id='mo nito r'>T M_CACHE </ pa ra m> <pa ra m id='inte rfa c e '>$inte rfa c e ->id</ pa ra m> <pa ra m id='dire c tio n'>o utput</ pa ra m> </ pa ra ms> </ pe > </ c o nfig le t> X Dimitropoulos | Systems Department | IBM Research 11

  12. Zurich Research Laboratory Input specification <!-- Pro be s to apply me a sure me nts o n --> <pro be id='wasse n.zuric h.ibm.c o m'></ pro be > <pro be id='traba nt.zuric h.ibm.c o m'></ pro be > � Lists the measurements and the <!-- Me a sure me nts --> probes in which to enable these <msr id='tra ffic _ma trix'> measurements. <pa ra ms> <!-- o ve rwrite de fa ult va lue s --> <pa ra m id='c o lle c to r_a ddre ss'>9.4.68.204</ pa ra m> <pa ra m id='c o lle c to r_po rt'>2055</ pa ram> <pa ra m id='c o lle c to r_tra nspo rt'>udp</ pa ra m> � Is the user interface and can be </ pa ra ms> </ msr> generated through a GUI. <msr id='app_mo nito ring '> <pa ra ms> <!-- o ve rwrite de fa ult va lue s --> <pa ra m id='c o lle c to r_a ddre ss'>9.4.68.205</ pa ra m> <pa ra m id='c o lle c to r_po rt'>2055</ pa ram> <pa ra m id='c o lle c to r_tra nspo rt'>udp</ pa ra m> </ pa ra ms> </ msr> X Dimitropoulos | Systems Department | IBM Research 12

Recommend

Automating batch fecundity measurements Automating batch fecundity measurements using digital

Automating batch fecundity measurements Automating batch fecundity measurements using digital

W orking Group on Acoustic and Egg Surveys for Sardine and Anchovy in I CES Areas VI I I and I X, Nantes, 2 4 -2 8 / 1 1 / 2 0 0 8 Automating batch fecundity measurements Automating batch fecundity measurements using digital image analysis

391 views • 13 slides
SCAP for VoIP Automating Configuration Compliance 6 th Annual IT Security Automation Conference

SCAP for VoIP Automating Configuration Compliance 6 th Annual IT Security Automation Conference

SCAP for VoIP Automating Configuration Compliance 6 th Annual IT Security Automation Conference Presentation Overview 1. The Business Challenge 2. Securing Voice over IP Networks 3. The ISA VoIP Security Project 4. Next Steps With SCAP 5. Summary

388 views • 23 slides
Automating the Configuration of Algorithms for Solving Hard Computational Problems Ph.D. Thesis

Automating the Configuration of Algorithms for Solving Hard Computational Problems Ph.D. Thesis

Automating the Configuration of Algorithms for Solving Hard Computational Problems Ph.D. Thesis Defence Frank Hutter Supervisory committee: Prof. Holger Hoos (supervisor) Prof. Kevin Leyton-Brown (co-supervisor) Prof. Kevin Murphy

1.24k views • 108 slides
RANDOMIZING AND RANDOMIZING AND AUTOMATING ASSESSMENT AUTOMATING ASSESSMENT WITH R WITH R exams

RANDOMIZING AND RANDOMIZING AND AUTOMATING ASSESSMENT AUTOMATING ASSESSMENT WITH R WITH R exams

RANDOMIZING AND RANDOMIZING AND AUTOMATING ASSESSMENT AUTOMATING ASSESSMENT WITH R WITH R exams exams 1 THE THE exams exams PACKAGE PACKAGE by @AchimZeileis and others, Statistics, Universitt Innsbruck www.r-exams.org latest release

379 views • 14 slides
Automating Authority Work Automating authority work, or, Be your own authority control vendor

Automating Authority Work Automating authority work, or, Be your own authority control vendor

Mike Monaco Coordinator, Cataloging Services May 14, 2018 Automating Authority Work Automating authority work, or, Be your own authority control vendor Ohio Valley Group of Technical Services Librarians Mike Monaco 2018 Conference, May

1.06k views • 67 slides
Automating Registrar Onboarding What is AROS? A utomated R egistrar O nboarding S ystem

Automating Registrar Onboarding What is AROS? A utomated R egistrar O nboarding S ystem

Automating Registrar Onboarding What is AROS? A utomated R egistrar O nboarding S ystem Replacing the current paper/fax based accreditation system Automating what can be automated Providing a better user experience Improving

232 views • 8 slides
Automating the NDR Kerry Blinston: Global Commercial Director Introduction What is

Automating the NDR Kerry Blinston: Global Commercial Director Introduction What is

Automating the NDR Kerry Blinston: Global Commercial Director Introduction What is automation? Why bother? Implications for the NDR community How do we address them? 2 CGG: Automating the NDR Public What is automation?

722 views • 19 slides
Automating MySQL Deployments on Kubernetes Calin Don &amp; Flavius Mecea Presslabs Automating

Automating MySQL Deployments on Kubernetes Calin Don &amp; Flavius Mecea Presslabs Automating

Automating MySQL Deployments on Kubernetes Calin Don &amp; Flavius Mecea Presslabs Automating MySQL Deployments on Kubernetes Percona Live 2018 00. Who are we? Calin Don Flavius Mecea Co-founder &amp; CTO Project Lead @Presslabs

595 views • 40 slides
with Dynamic Information Flow Analysis Mona Attariyan Jason Flinn University of Michigan

with Dynamic Information Flow Analysis Mona Attariyan Jason Flinn University of Michigan

Automating Configuration Troubleshooting with Dynamic Information Flow Analysis Mona Attariyan Jason Flinn University of Michigan Configuration Troubleshooting Is Difficult Software systems Users make mistakes difficult to configure Mona

644 views • 60 slides
Session Objectives Improve the safety of your patients Ensure compliance with regulatory

Session Objectives Improve the safety of your patients Ensure compliance with regulatory

Automating Informed Consent Automating Informed Consent Are You Overlooking a Safety Opportunity? Are You Overlooking a Safety Opportunity? Automating Informed Consent Are You Overlooking a Safety Opportunity? Neil H. Baum, MD

446 views • 27 slides
Automating and Simplifying your External Reporting by Integrating XBRL Ken Pavell &amp; Steve

Automating and Simplifying your External Reporting by Integrating XBRL Ken Pavell &amp; Steve

6/20/2013 Automating and Simplifying your External Reporting by Integrating XBRL Ken Pavell &amp; Steve Sheekey Thursday, June 20, 2013 Automating &amp; Simplifying External Reporting General Information Share the webinar Ask a

825 views • 30 slides
Approaching Automation Necessary for introducing a task Prioritize automation steps based

Approaching Automation Necessary for introducing a task Prioritize automation steps based

Learning objectives Understand the main purposes of automating software analysis and testing Identify activities that can be fully or partially Automating Analysis and Test automated Understand cost and benefit trade-offs in

799 views • 12 slides
Automating &amp; &amp; O Optimizing J Job A Advertising with AI AI-En Enabled Algorithms

Automating &amp; &amp; O Optimizing J Job A Advertising with AI AI-En Enabled Algorithms

Automating &amp; &amp; O Optimizing J Job A Advertising with AI AI-En Enabled Algorithms ITS THE FASTEST WAY THROUGH THE RECRUITMENT MARKETING FUNNEL [ IF DONE CORRECTLY ] Employers Spend Job Advertising Strategies Employer Branding 30%

503 views • 22 slides
Automating Production of Cross Media Automating Production of Cross Media Content for

Automating Production of Cross Media Automating Production of Cross Media Content for

AXMEDIS project slides http://www.axmedis.org Automating Production of Cross Media Automating Production of Cross Media Content for Multichannel Distribution Content for Multichannel Distribution AXMEDIS Tool Core for AXMEDIS Tool Core for

250 views • 9 slides
The CLOSER: Automating Resource Management in Java Isil Dillig Thomas Dillig Eran Yahav Satish

The CLOSER: Automating Resource Management in Java Isil Dillig Thomas Dillig Eran Yahav Satish

The CLOSER: Automating Resource Management in Java The CLOSER: Automating Resource Management in Java Isil Dillig Thomas Dillig Eran Yahav Satish Chandra Computer Science Department IBM T.J. Watson Research Center Stanford University ISMM

1.54k views • 104 slides
The CLOSER: Automating Resource Management in Java Isil Dillig Thomas Dillig Eran Yahav Satish

The CLOSER: Automating Resource Management in Java Isil Dillig Thomas Dillig Eran Yahav Satish

The CLOSER: Automating Resource Management in Java The CLOSER: Automating Resource Management in Java Isil Dillig Thomas Dillig Eran Yahav Satish Chandra Computer Science Department IBM T.J. Watson Research Center Stanford University ISMM

1.37k views • 119 slides
REDHAT KICKSTART REDHAT KICKSTART Automating Linux Installation Automating Linux Installation

REDHAT KICKSTART REDHAT KICKSTART Automating Linux Installation Automating Linux Installation

REDHAT KICKSTART REDHAT KICKSTART Automating Linux Installation Automating Linux Installation John Schulz John Schulz December 11, 2001 December 11, 2001 1 Kickstart Kickstart What is Kickstart? Review of Features Observations

678 views • 40 slides
Automating Second Language Acquisition Research: Integrating Information Visualisation and

Automating Second Language Acquisition Research: Integrating Information Visualisation and

Introdution Dataset System Case study Conclusions Automating Second Language Acquisition Research: Integrating Information Visualisation and Machine Learning Helen Yannakoudakis, Ted Briscoe, Theodora Alexopoulou University of Cambridge

945 views • 53 slides
From Stochastic Search to Programming by Optimisation: My Quest for Automating the Design of

From Stochastic Search to Programming by Optimisation: My Quest for Automating the Design of

From Stochastic Search to Programming by Optimisation: My Quest for Automating the Design of High-Performance Algorithms Holger H. Hoos Department of Computer Science University of British Columbia Canada TAO Seminar Universit e de Paris

1.22k views • 97 slides
Monkeys in Lab Coats Automating Failure Testing Research at The whole is greater than the sum of

Monkeys in Lab Coats Automating Failure Testing Research at The whole is greater than the sum of

Monkeys in Lab Coats Automating Failure Testing Research at The whole is greater than the sum of its parts. - Aristotle [Metaphysics] The Professor vs The Practitioner Peter Alvaro Kolton Andrus Ex-Berkeley, Ex-Industry Ex-Netflix,

1.18k views • 84 slides
Automating Linux installations An introduction to Red Hat Kickstart and SUSE AutoYaST

Automating Linux installations An introduction to Red Hat Kickstart and SUSE AutoYaST

Automating Linux installations An introduction to Red Hat Kickstart and SUSE AutoYaST installation tools Agenda The manual install process (very brief) Network booting in a PC environment (very brief) PXE, DHCP, TFTP

494 views • 46 slides
Automating Document Accessibility Best Practices for Document Accessibility Automation About

Automating Document Accessibility Best Practices for Document Accessibility Automation About

Automating Document Accessibility Best Practices for Document Accessibility Automation About Crawford Technologies Founded in 1995 - is now a global software and services solutions company Known and respected for robust, innovative and

704 views • 52 slides
Automating Accessibility Testing with Axe Presented by:

Automating Accessibility Testing with Axe Presented by:

W9 Accessibility Testing Wednesday, October 2nd, 2019 1:30 PM Automating Accessibility Testing with Axe Presented by: Dylan Barrell

452 views • 13 slides
Extending Catalog zones another approach in automating maintenance Leo Vandewoestijne

Extending Catalog zones another approach in automating maintenance Leo Vandewoestijne

Extending Catalog zones another approach in automating maintenance Leo Vandewoestijne dns.company Rev 0.000 Spoilers/Warnings - Not much new; working in Bind already - This presentation was prepared while having lack of time

578 views • 12 slides

More recommend