Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

2017 conferencia-uets-mobilecongress l∓m

314 views

Published on

VI Barcelona Telecoms Day - Conferencia L&M Data

Published in: Business
  • Be the first to comment

  • Be the first to like this

2017 conferencia-uets-mobilecongress l∓m

  1. 1. Training and Consulting in Information and Communications Technologies Sean McCarthy L&M Data Communications
  2. 2. Insecurity & Complexity 2
  3. 3. Communications networks' current situation • Currently all the networks, services and applications are based on Internet technologies: TCP/IP Communication Protocols • Any current device (PCs, Tablets, Telephones, Game Stations, TV, control equipment, etc.) includes these TCP/IP protocols • TCP/IP DNA: – Designed in the 70s for the interconnection of heterogeneous global networks – Introduced in the early 80s on the Local Area Networks – The target was to interconnect heterogeneous networks and equipment, without taking into account security or efficiency • Internet was not designed with security in mind 3
  4. 4. Where is the Problem? TCP/IP Communications Architecture • The user can fiddle with the communications 4 TCP IP ETH A PHY A PHY C ETH C App App App App App IP IP net Internet Aplication Service is provided by TCP and controlled by the user TCP App Service Demarcation Service Demarcation Network Edge Network Edge
  5. 5. POTS (Plain Old Telephone Service) versus Internet TCP/IP • All the communications are handled and controlled by the Telephone Operator 5 Service Demarcation Service Demarcation Network Edge Network Edge
  6. 6. Internet Insecurity (Insecurity everywhere) In this insecure TCP/IP environment you can do everything, or almost everything • Use a fake IP address (origin / destination) • Impersonation of user´s identity, network equipment, services, applications, etc. • Intercept communications from anywhere • Datagrams modification (changing data) • Denial of service attacks • Malicious use of the innumerable auxiliary communications protocols • And many more bad things… 6
  7. 7. What companies and organizations are doing • Installing new, complex and expensive secure systems – Firewalls – VPNs (Virtual Private Networks) – Encryption & Authentication & Integrity Protocols – Digital signature – Additional Security Protocols – Intrusion Detection Systems – Secure Network Devices – Policies, Audits, PENtesting .... Time and $$$$$$$$$ • The result is always frustrating, because after removing the known security holes, new vulnerabilities appear 7
  8. 8. Firewalls, are they really secure? 8
  9. 9. Communication networks must be, and can be: Secure, simple and more efficient But to achieve this, we have to change the way we are doing it 9 If I had asked people what they wanted, they would have said faster horses. (Henry Ford)
  10. 10. Disruptive Technologies Breaking the rules and the way everybody does it • Simple, not complex – Fewer technologies and techniques – More complex equipment = less secure – No longer adding more and more security layers • “Built-in Security”: as the POTS (Plain Old Telephone Service) – Old circuit switching tech… but in TCP/IP networks • Reduce the “Cyber Attack Surface” close to zero – Today, everyone from anywhere can launch a cyber-attack leaving no trace 10 Insanity: doing the same thing over and over again and expecting different results (Albert Einstein)
  11. 11. We want this idyllic scenario: • Network equipment (the LAN switches where all the computers are connected to) must provide the following security features: – No more additional protocols and no more complex configuration – Prevent “Fake Internet Addresses” – Block and disable hacking tools – Native firewalling features. No rules, no configuration – Foolproof and automatic attack detection – Hide the network to outside users to minimize the "attack surface" – Instantly identify the attack source and block it • A deep knowledge of networking and how to modify it, to dramatically improve security, is required to achieve these goals 11
  12. 12. •12
  13. 13. PHY B Link B IP Transport TCP IP Link A PHY A PHY A PHY CPHY C Link A Link C Link C Transport TCP App App App IP App App App IP IP PHY B Link B IP Subnet 1 Subnet 2 Subnet 3 •13
  14. 14. PHY B Link B IP Transport TCP IP Link A PHY A PHY A PHY CPHY C Link A Link C Link C Transport TCP App App App IP App App App IP IP PHY B Link B IP Subnet 1 Subnet 2 Subnet 3 •14
  15. 15. PHY B Link B IP Transport TCP IP Link A PHY A PHY A PHY CPHY C Link A Link C Link C Transport TCP App App App IP App App App IP IP PHY B Link B IP Subnet 1 Subnet 2 Subnet 3 •15
  16. 16. •16
  17. 17. What can we do to secure the TCP / IP communications without any change to the applications, infrastructures or users' computers? 17
  18. 18. 18
  19. 19. What is UETS? An L&M Data Communications idea, patented in U.S. and Spain • Simple Communications Architecture which uses circuit switching to transmit Ethernet datagrams – Provide both the end users and the applications, fully transparent and compatible IP services – All the communications are handled and controlled by the Network equipment – Non-hijacking communications, rendering eavesdropping and cyber-attacks to network infrastructures impossible • Radically opposed to the current strategy of adding new security layers and complexity 19
  20. 20. PHY B Transport TCP IP Link A PHY A PHY A PHY CPHY C Link C Transport TCP App App App App App App IP PHY B UETS with no changes to the user’s computer 20
  21. 21. TCP IP Link A ETH A TCP IP Link C ETH C IP Link A ETH A IP Link B ETH B IP Link B ETH B IP Link C ETH C UETS Highest level of security (NO TCP/IP on the user's computer) App App App App App App 21
  22. 22. PHY B ETHERNET PHY A PHY A PHY CPHY C ETHERNET App App App App App App PHY B EtherNET UETS Highest level of security (NO TCP/IP on the user’s computer) 22
  23. 23. UETS Key aspects • Circuit technology in Ethernet networks • High security: NO TCP/IP NO TCP/IP attacks • Full Backward IP Compatibility • Using standard TCP / IP applications • Removing Complexities to the minimum • Eliminating complex solutions 23
  24. 24. INTERNET UETS Demonstration Platform LAN UNI 0 0 0 0 1 1 1 1 UETS SWITCH Transport Network and Core outside the scope of concept`s proof 24
  25. 25. SNMP over IP & SNMP over UETS (Trace Wireshark) SNMP over IP SNMP over UETS } }
  26. 26. It's time for change 26

×