Submit Search
Upload
Next Generation DDoS Services – can we do this with NFV? - CF Chui
•
0 likes
•
278 views
MyNOG
Follow
Next Generation DDoS Services – can we do this with NFV?
Read less
Read more
Education
Report
Share
Report
Share
1 of 22
Download now
Download to read offline
Recommended
The Stories of IXP Development and the Way Forward by Che-Hoo Cheng
The Stories of IXP Development and the Way Forward by Che-Hoo Cheng
MyNOG
Internet Noise (A Story About Two Little Subnets - Tom Paseka
Internet Noise (A Story About Two Little Subnets - Tom Paseka
MyNOG
The OTT Challenge - Eric Leung
The OTT Challenge - Eric Leung
MyNOG
DIY Netflow Data Analytic with ELK Stack by CL Lee
DIY Netflow Data Analytic with ELK Stack by CL Lee
MyNOG
IPLC Analytic Dashboard - Mohd Rizal bin Mohd Ramly
IPLC Analytic Dashboard - Mohd Rizal bin Mohd Ramly
MyNOG
Open Connect Appliances - Jocelyn Ooi
Open Connect Appliances - Jocelyn Ooi
MyNOG
DDOS Mitigation Experience from IP ServerOne by CL Lee
DDOS Mitigation Experience from IP ServerOne by CL Lee
MyNOG
Next Gen Monitoring with INT
Next Gen Monitoring with INT
MyNOG
Recommended
The Stories of IXP Development and the Way Forward by Che-Hoo Cheng
The Stories of IXP Development and the Way Forward by Che-Hoo Cheng
MyNOG
Internet Noise (A Story About Two Little Subnets - Tom Paseka
Internet Noise (A Story About Two Little Subnets - Tom Paseka
MyNOG
The OTT Challenge - Eric Leung
The OTT Challenge - Eric Leung
MyNOG
DIY Netflow Data Analytic with ELK Stack by CL Lee
DIY Netflow Data Analytic with ELK Stack by CL Lee
MyNOG
IPLC Analytic Dashboard - Mohd Rizal bin Mohd Ramly
IPLC Analytic Dashboard - Mohd Rizal bin Mohd Ramly
MyNOG
Open Connect Appliances - Jocelyn Ooi
Open Connect Appliances - Jocelyn Ooi
MyNOG
DDOS Mitigation Experience from IP ServerOne by CL Lee
DDOS Mitigation Experience from IP ServerOne by CL Lee
MyNOG
Next Gen Monitoring with INT
Next Gen Monitoring with INT
MyNOG
Traffic Insight Using Netflow and Deepfield Systems
Traffic Insight Using Netflow and Deepfield Systems
MyNOG
SP Routing Innovation with Segment Routing, VXLAN and EVPN - Ismail Ali
SP Routing Innovation with Segment Routing, VXLAN and EVPN - Ismail Ali
MyNOG
Engineering The New IP Transport
Engineering The New IP Transport
MyNOG
The Stakes Have Changed – The Changing Security Landscape by Tony Teo
The Stakes Have Changed – The Changing Security Landscape by Tony Teo
MyNOG
High Speed Fiber Services and Challenges to the Core Network by Seiichi Kawamura
High Speed Fiber Services and Challenges to the Core Network by Seiichi Kawamura
MyNOG
How Data Center Traffic is Changing Your Network by KC Lim
How Data Center Traffic is Changing Your Network by KC Lim
MyNOG
APNIC Updates
APNIC Updates
MyNOG
Next-gen Network Telemetry is Within Your Packets: In-band OAM
Next-gen Network Telemetry is Within Your Packets: In-band OAM
Open Networking Summit
TIME Journey to the SPACE
TIME Journey to the SPACE
MyNOG
The Path to a Programmable Network
The Path to a Programmable Network
MyNOG
ElasticISP
ElasticISP
KHNOG
NovoNet Vision and Operators' Perspective for ONAP
NovoNet Vision and Operators' Perspective for ONAP
ITU
Service Provider Architectures for Tomorrow by Chow Khay Kid
Service Provider Architectures for Tomorrow by Chow Khay Kid
MyNOG
npNOG 2: APNIC IPv6 deployment
npNOG 2: APNIC IPv6 deployment
APNIC
Combating DDoS and why peering is important in Asia
Combating DDoS and why peering is important in Asia
MyNOG
RPKI and Me
RPKI and Me
MyNOG
Introduction to Segment Routing
Introduction to Segment Routing
MyNOG
Traffic Engineering for CDNs
Traffic Engineering for CDNs
MyNOG
100Gbps Core Network Deployment in an African Network - Mark Tinka
100Gbps Core Network Deployment in an African Network - Mark Tinka
MyNOG
Experience of Implementing IPTV in an ISP Network by Thong Hawk Yen
Experience of Implementing IPTV in an ISP Network by Thong Hawk Yen
MyNOG
Cloudify: Open vCPE Design Concepts and Multi-Cloud Orchestration
Cloudify: Open vCPE Design Concepts and Multi-Cloud Orchestration
Cloudify Community
PLNOG15: NFV: Lessons learned from production deployments and current observa...
PLNOG15: NFV: Lessons learned from production deployments and current observa...
PROIDEA
More Related Content
What's hot
Traffic Insight Using Netflow and Deepfield Systems
Traffic Insight Using Netflow and Deepfield Systems
MyNOG
SP Routing Innovation with Segment Routing, VXLAN and EVPN - Ismail Ali
SP Routing Innovation with Segment Routing, VXLAN and EVPN - Ismail Ali
MyNOG
Engineering The New IP Transport
Engineering The New IP Transport
MyNOG
The Stakes Have Changed – The Changing Security Landscape by Tony Teo
The Stakes Have Changed – The Changing Security Landscape by Tony Teo
MyNOG
High Speed Fiber Services and Challenges to the Core Network by Seiichi Kawamura
High Speed Fiber Services and Challenges to the Core Network by Seiichi Kawamura
MyNOG
How Data Center Traffic is Changing Your Network by KC Lim
How Data Center Traffic is Changing Your Network by KC Lim
MyNOG
APNIC Updates
APNIC Updates
MyNOG
Next-gen Network Telemetry is Within Your Packets: In-band OAM
Next-gen Network Telemetry is Within Your Packets: In-band OAM
Open Networking Summit
TIME Journey to the SPACE
TIME Journey to the SPACE
MyNOG
The Path to a Programmable Network
The Path to a Programmable Network
MyNOG
ElasticISP
ElasticISP
KHNOG
NovoNet Vision and Operators' Perspective for ONAP
NovoNet Vision and Operators' Perspective for ONAP
ITU
Service Provider Architectures for Tomorrow by Chow Khay Kid
Service Provider Architectures for Tomorrow by Chow Khay Kid
MyNOG
npNOG 2: APNIC IPv6 deployment
npNOG 2: APNIC IPv6 deployment
APNIC
Combating DDoS and why peering is important in Asia
Combating DDoS and why peering is important in Asia
MyNOG
RPKI and Me
RPKI and Me
MyNOG
Introduction to Segment Routing
Introduction to Segment Routing
MyNOG
Traffic Engineering for CDNs
Traffic Engineering for CDNs
MyNOG
100Gbps Core Network Deployment in an African Network - Mark Tinka
100Gbps Core Network Deployment in an African Network - Mark Tinka
MyNOG
Experience of Implementing IPTV in an ISP Network by Thong Hawk Yen
Experience of Implementing IPTV in an ISP Network by Thong Hawk Yen
MyNOG
What's hot
(20)
Traffic Insight Using Netflow and Deepfield Systems
Traffic Insight Using Netflow and Deepfield Systems
SP Routing Innovation with Segment Routing, VXLAN and EVPN - Ismail Ali
SP Routing Innovation with Segment Routing, VXLAN and EVPN - Ismail Ali
Engineering The New IP Transport
Engineering The New IP Transport
The Stakes Have Changed – The Changing Security Landscape by Tony Teo
The Stakes Have Changed – The Changing Security Landscape by Tony Teo
High Speed Fiber Services and Challenges to the Core Network by Seiichi Kawamura
High Speed Fiber Services and Challenges to the Core Network by Seiichi Kawamura
How Data Center Traffic is Changing Your Network by KC Lim
How Data Center Traffic is Changing Your Network by KC Lim
APNIC Updates
APNIC Updates
Next-gen Network Telemetry is Within Your Packets: In-band OAM
Next-gen Network Telemetry is Within Your Packets: In-band OAM
TIME Journey to the SPACE
TIME Journey to the SPACE
The Path to a Programmable Network
The Path to a Programmable Network
ElasticISP
ElasticISP
NovoNet Vision and Operators' Perspective for ONAP
NovoNet Vision and Operators' Perspective for ONAP
Service Provider Architectures for Tomorrow by Chow Khay Kid
Service Provider Architectures for Tomorrow by Chow Khay Kid
npNOG 2: APNIC IPv6 deployment
npNOG 2: APNIC IPv6 deployment
Combating DDoS and why peering is important in Asia
Combating DDoS and why peering is important in Asia
RPKI and Me
RPKI and Me
Introduction to Segment Routing
Introduction to Segment Routing
Traffic Engineering for CDNs
Traffic Engineering for CDNs
100Gbps Core Network Deployment in an African Network - Mark Tinka
100Gbps Core Network Deployment in an African Network - Mark Tinka
Experience of Implementing IPTV in an ISP Network by Thong Hawk Yen
Experience of Implementing IPTV in an ISP Network by Thong Hawk Yen
Similar to Next Generation DDoS Services – can we do this with NFV? - CF Chui
Cloudify: Open vCPE Design Concepts and Multi-Cloud Orchestration
Cloudify: Open vCPE Design Concepts and Multi-Cloud Orchestration
Cloudify Community
PLNOG15: NFV: Lessons learned from production deployments and current observa...
PLNOG15: NFV: Lessons learned from production deployments and current observa...
PROIDEA
Service Mesh: Two Big Words But Do You Need It?
Service Mesh: Two Big Words But Do You Need It?
DevOps.com
Data Plane Matters! A Deep Dive and Demo on NGINX Service Mesh
Data Plane Matters! A Deep Dive and Demo on NGINX Service Mesh
NGINX, Inc.
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
Cisco Canada
Colt Network On Demand
Colt Network On Demand
Colt Technology Services
Why Network Functions Virtualization sdn?
Why Network Functions Virtualization sdn?
idrajeev
Putting the M in MANO: Major new Ensemble release delivers NFV management and...
Putting the M in MANO: Major new Ensemble release delivers NFV management and...
ADVA
End to End Application Visibility and Troubleshooting Across the Virtual Clou...
End to End Application Visibility and Troubleshooting Across the Virtual Clou...
NETSCOUT
Net-Ace - Vendor-Agnostic Service Orchestration platform
Net-Ace - Vendor-Agnostic Service Orchestration platform
yurid79
Modernizing Application Deployments with HashiCorp Consul on Microsoft Azure
Modernizing Application Deployments with HashiCorp Consul on Microsoft Azure
Mitchell Pronschinske
Who Moved My Network? Mastering Hybrid WANs with ThousandEyes and Cisco
Who Moved My Network? Mastering Hybrid WANs with ThousandEyes and Cisco
ThousandEyes
Achieving Network Deployment Flexibility with Mirantis OpenStack
Achieving Network Deployment Flexibility with Mirantis OpenStack
Eric Zhaohui Ji
uCPE and VNFs Explained
uCPE and VNFs Explained
TelcoBridges Inc.
VM Farms Thrive with Dedicated IP Storage Networks
VM Farms Thrive with Dedicated IP Storage Networks
Brocade
On-Demand Production Infrastructure delivered Just In Time By Shane Guthrie o...
On-Demand Production Infrastructure delivered Just In Time By Shane Guthrie o...
ETCenter
uCPE and VNFs Explained
uCPE and VNFs Explained
Alan Percy
vCloud NFV - Accelerating deployment of the Telco Cloud (SDN NFV Day ITB 2016)
vCloud NFV - Accelerating deployment of the Telco Cloud (SDN NFV Day ITB 2016)
SDNRG ITB
SCF Partners' Day: Technologies for Densification
SCF Partners' Day: Technologies for Densification
Small Cell Forum
Mavenir network function virtualisation
Mavenir network function virtualisation
Myles Freedman
Similar to Next Generation DDoS Services – can we do this with NFV? - CF Chui
(20)
Cloudify: Open vCPE Design Concepts and Multi-Cloud Orchestration
Cloudify: Open vCPE Design Concepts and Multi-Cloud Orchestration
PLNOG15: NFV: Lessons learned from production deployments and current observa...
PLNOG15: NFV: Lessons learned from production deployments and current observa...
Service Mesh: Two Big Words But Do You Need It?
Service Mesh: Two Big Words But Do You Need It?
Data Plane Matters! A Deep Dive and Demo on NGINX Service Mesh
Data Plane Matters! A Deep Dive and Demo on NGINX Service Mesh
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
Colt Network On Demand
Colt Network On Demand
Why Network Functions Virtualization sdn?
Why Network Functions Virtualization sdn?
Putting the M in MANO: Major new Ensemble release delivers NFV management and...
Putting the M in MANO: Major new Ensemble release delivers NFV management and...
End to End Application Visibility and Troubleshooting Across the Virtual Clou...
End to End Application Visibility and Troubleshooting Across the Virtual Clou...
Net-Ace - Vendor-Agnostic Service Orchestration platform
Net-Ace - Vendor-Agnostic Service Orchestration platform
Modernizing Application Deployments with HashiCorp Consul on Microsoft Azure
Modernizing Application Deployments with HashiCorp Consul on Microsoft Azure
Who Moved My Network? Mastering Hybrid WANs with ThousandEyes and Cisco
Who Moved My Network? Mastering Hybrid WANs with ThousandEyes and Cisco
Achieving Network Deployment Flexibility with Mirantis OpenStack
Achieving Network Deployment Flexibility with Mirantis OpenStack
uCPE and VNFs Explained
uCPE and VNFs Explained
VM Farms Thrive with Dedicated IP Storage Networks
VM Farms Thrive with Dedicated IP Storage Networks
On-Demand Production Infrastructure delivered Just In Time By Shane Guthrie o...
On-Demand Production Infrastructure delivered Just In Time By Shane Guthrie o...
uCPE and VNFs Explained
uCPE and VNFs Explained
vCloud NFV - Accelerating deployment of the Telco Cloud (SDN NFV Day ITB 2016)
vCloud NFV - Accelerating deployment of the Telco Cloud (SDN NFV Day ITB 2016)
SCF Partners' Day: Technologies for Densification
SCF Partners' Day: Technologies for Densification
Mavenir network function virtualisation
Mavenir network function virtualisation
More from MyNOG
Peering Personal MyNOG-10
Peering Personal MyNOG-10
MyNOG
Embedded CDNs in 2023
Embedded CDNs in 2023
MyNOG
Edge virtualisation for Carrier Networks
Edge virtualisation for Carrier Networks
MyNOG
Equinix: New Markets, New Frontiers
Equinix: New Markets, New Frontiers
MyNOG
Securing the Onion: 5G Cloud Native Infrastructure
Securing the Onion: 5G Cloud Native Infrastructure
MyNOG
Hierarchical Network Controller
Hierarchical Network Controller
MyNOG
Aether: The First Open Source 5G/LTE Connected Edge Cloud Platform
Aether: The First Open Source 5G/LTE Connected Edge Cloud Platform
MyNOG
Cleaning up your RPKI invalids
Cleaning up your RPKI invalids
MyNOG
Introducing Peering LAN 2.0 at DE-CIX
Introducing Peering LAN 2.0 at DE-CIX
MyNOG
Load balancing and Service in Kubernetes
Load balancing and Service in Kubernetes
MyNOG
Cloud SDN: BGP Peering and RPKI
Cloud SDN: BGP Peering and RPKI
MyNOG
SDM – A New (Subsea) Cable Paradigm
SDM – A New (Subsea) Cable Paradigm
MyNOG
AI in Networking: Transforming Network Operations with Juniper Mist AIDE
AI in Networking: Transforming Network Operations with Juniper Mist AIDE
MyNOG
Malaysia Data Center Landscape, Where is the next hotspot to place your fiber...
Malaysia Data Center Landscape, Where is the next hotspot to place your fiber...
MyNOG
FUTURE-PROOFING DATA CENTRES from Connectivity Perspective
FUTURE-PROOFING DATA CENTRES from Connectivity Perspective
MyNOG
Keep Ukraine Connected: A project from the community – for the community by R...
Keep Ukraine Connected: A project from the community – for the community by R...
MyNOG
Solving Civilization’s Long Term Communication Needs by Dinesh Kummaran, Tran...
Solving Civilization’s Long Term Communication Needs by Dinesh Kummaran, Tran...
MyNOG
MyIX Updates by Raja Mohan Marappan, MyIX
MyIX Updates by Raja Mohan Marappan, MyIX
MyNOG
Exploring Quantum Engineering for Networking by Melchior Aelmans, Juniper Net...
Exploring Quantum Engineering for Networking by Melchior Aelmans, Juniper Net...
MyNOG
Quick wins in the NetOps Journey by Vincent Boon, Opengear
Quick wins in the NetOps Journey by Vincent Boon, Opengear
MyNOG
More from MyNOG
(20)
Peering Personal MyNOG-10
Peering Personal MyNOG-10
Embedded CDNs in 2023
Embedded CDNs in 2023
Edge virtualisation for Carrier Networks
Edge virtualisation for Carrier Networks
Equinix: New Markets, New Frontiers
Equinix: New Markets, New Frontiers
Securing the Onion: 5G Cloud Native Infrastructure
Securing the Onion: 5G Cloud Native Infrastructure
Hierarchical Network Controller
Hierarchical Network Controller
Aether: The First Open Source 5G/LTE Connected Edge Cloud Platform
Aether: The First Open Source 5G/LTE Connected Edge Cloud Platform
Cleaning up your RPKI invalids
Cleaning up your RPKI invalids
Introducing Peering LAN 2.0 at DE-CIX
Introducing Peering LAN 2.0 at DE-CIX
Load balancing and Service in Kubernetes
Load balancing and Service in Kubernetes
Cloud SDN: BGP Peering and RPKI
Cloud SDN: BGP Peering and RPKI
SDM – A New (Subsea) Cable Paradigm
SDM – A New (Subsea) Cable Paradigm
AI in Networking: Transforming Network Operations with Juniper Mist AIDE
AI in Networking: Transforming Network Operations with Juniper Mist AIDE
Malaysia Data Center Landscape, Where is the next hotspot to place your fiber...
Malaysia Data Center Landscape, Where is the next hotspot to place your fiber...
FUTURE-PROOFING DATA CENTRES from Connectivity Perspective
FUTURE-PROOFING DATA CENTRES from Connectivity Perspective
Keep Ukraine Connected: A project from the community – for the community by R...
Keep Ukraine Connected: A project from the community – for the community by R...
Solving Civilization’s Long Term Communication Needs by Dinesh Kummaran, Tran...
Solving Civilization’s Long Term Communication Needs by Dinesh Kummaran, Tran...
MyIX Updates by Raja Mohan Marappan, MyIX
MyIX Updates by Raja Mohan Marappan, MyIX
Exploring Quantum Engineering for Networking by Melchior Aelmans, Juniper Net...
Exploring Quantum Engineering for Networking by Melchior Aelmans, Juniper Net...
Quick wins in the NetOps Journey by Vincent Boon, Opengear
Quick wins in the NetOps Journey by Vincent Boon, Opengear
Recently uploaded
CELL CYCLE Division Science 8 quarter IV.pptx
CELL CYCLE Division Science 8 quarter IV.pptx
JiesonDelaCerna
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media Component
InMediaRes1
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
UjwalaBharambe
Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of India
Virag Sontakke
internship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developer
unnathinaik
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communication
nomboosow
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
pboyjonauth
OS-operating systems- ch04 (Threads) ...
OS-operating systems- ch04 (Threads) ...
Dr. Mazin Mohamed alkathiri
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Celine George
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptx
thorishapillay1
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptx
OH TEIK BIN
भारत-रोम व्यापार.pptx, Indo-Roman Trade,
भारत-रोम व्यापार.pptx, Indo-Roman Trade,
Virag Sontakke
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
NirmalaLoungPoorunde1
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
iammrhaywood
Biting mechanism of poisonous snakes.pdf
Biting mechanism of poisonous snakes.pdf
adityarao40181
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Sumit Tiwari
History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
socialsciencegdgrohi
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
iammrhaywood
DATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginners
Sabitha Banu
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptx
manuelaromero2013
Recently uploaded
(20)
CELL CYCLE Division Science 8 quarter IV.pptx
CELL CYCLE Division Science 8 quarter IV.pptx
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media Component
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of India
internship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developer
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communication
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
OS-operating systems- ch04 (Threads) ...
OS-operating systems- ch04 (Threads) ...
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptx
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptx
भारत-रोम व्यापार.pptx, Indo-Roman Trade,
भारत-रोम व्यापार.pptx, Indo-Roman Trade,
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
Biting mechanism of poisonous snakes.pdf
Biting mechanism of poisonous snakes.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
DATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginners
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptx
Next Generation DDoS Services – can we do this with NFV? - CF Chui
1.
RIGHT © 2018
NETSCOUT SYSTEMS, INC. 1
2.
RIGHT © 2018
NETSCOUT SYSTEMS, INC. 2 NEXT GENERATION DDoS SERVICES an we do this with NFV? F Chui, Principal Security Technologist
3.
RIGHT © 2018
NETSCOUT SYSTEMS, INC. 3 • While the size of the very largest attack was down, proportion of volumetric attacks was up overall • Attackers realized that there is very little you can do with 800 Gbps of firepower that you can’t do with 60 Gbps • Marked increase in the complexity of attacks olumetric Attacks Are Down in Peak Size 0 200 400 600 800 1000 1200 1400 1600 1800 2000 Jan-17 Feb-17 Mar-17 Apr-17 May-17 Jun-17 Jul-17 Aug-17 Sep-17 Oct-17 Nov-17 Dec-17 Jan-18 Feb-18 Mar-18 DDoS peak attack size (Gbps) - Global
4.
RIGHT © 2018
NETSCOUT SYSTEMS, INC. 4 Attack Innovation Seen at the Edge ulti-vector attacks combine high lume floods, application-layer attacks nd TCP-state exhaustion attacks in a ngle sustained offensive, increasing tigation complexity and attacker's ance for success sing Complexity 20% increase over last year
5.
RIGHT © 2018
NETSCOUT SYSTEMS, INC. 5 Across All Business Types eaponization of botnets and cheap DoS for hire services threaten all usiness types hese same verticals are driving emand for DDoS services oud and IoT are having an impact 22% of ISPs see attacks originating from on-net IoT 36% see attacks targeting cloud services, up from a quarter ot Just ‘The Usual Suspects’
6.
RIGHT © 2018
NETSCOUT SYSTEMS, INC. 6 DN & NFV Proportion of SP with SDN or NFV in production has doubled over previous year Operational Concerns, Interoperability, and Cost leading barriers to SDN / NFV
7.
RIGHT © 2018
NETSCOUT SYSTEMS, INC. 7 What is NFV? Deploy network services on generic x86-based hardware Flexible resource allocation Scale-out architectures Bare-metal or virtual machines Typical router HW architecture
8.
RIGHT © 2018
NETSCOUT SYSTEMS, INC. 8 • Programmable infrastructure • Stable, common interface* • Lifecycle management of virtual network functions • Must be able to associate services • Refined control of network path Requirements for NFV
9.
RIGHT © 2018
NETSCOUT SYSTEMS, INC. 9 NFV eco-system – enter ETSI NFV ropean Telecommunications Standards Institute Reference architecture for NFV Developed by European Telecommunications Standards Institute, 2012 Define key components and relationships tp://www.etsi.org/
10.
RIGHT © 2018
NETSCOUT SYSTEMS, INC. 10 NFV reference architecture Virtual infrastructure manager • Virtual resource allocation and management • Virtual resource operations • Example: OpenStack, CloudStack, vCloud Director VNF manager: VNF lifecycle management • VNF instantiation and termination • VNF query & configuration • VNF scaling Service Orchestrator • Map service requests into VNFs • Request VNF instantiation and provisioning
11.
RIGHT © 2018
NETSCOUT SYSTEMS, INC. 11 NFV reference architecture utomation and Orchestration selection criteria Orchestration system requirements • Service templates • Automatic provisioning Appliance requirements • APIs • Prefer REST
12.
RIGHT © 2018
NETSCOUT SYSTEMS, INC. 12 Why would we want NFV? Run network services on 3d party server vendors Reduce maintenance cost and sparing Reduce number of redundant components Reduce time-to-market and time-to-deployment Increase flexibility and agility Increase resource utilization Replace CAPEX (h/w) model to OPEX (subscription) Pay-as-You-Grow model works well
13.
RIGHT © 2018
NETSCOUT SYSTEMS, INC. 13 • Product deliver challenges – Packaging – Multi-vendor integration – Support – Licensing – Integration orchestration systems • Provisioning challenges – Service decomposition – Sevice provisioning – Service insertion and stitching – VM orchestration NFV Challenges • Operation challenges – High availability – Auto-scaling – Service monitoring – Monitoring an auditing of scale-out infrastructure
14.
RIGHT © 2018
NETSCOUT SYSTEMS, INC. 14 Orchestration and automation – Service decomposition – Integration with orchestration/provisioning systems – Provisioning and configuration automation – High-availability (auto-healing) – Auto-scaling – Service insertion for transparent services – On-demand service chaining – No standard deployment process or API Licensing challenges – Vendors like to license boxes (instances), not throughput NFV Challenges
15.
RIGHT © 2018
NETSCOUT SYSTEMS, INC. 15 • Reduced CapEx/OpEx, TCO(?) • COTS hardware • Autoscaling services: deploy at need, eliminate idle virtual resources • Programmability means customizability • Service function chaining romised NFV payoff?
16.
RIGHT © 2018
NETSCOUT SYSTEMS, INC. 16 elco Services offering through NFV • A way to leapfrog competition • A way to roll out new services faster • A way to reach customers not connected to their network Firewall Remote VPN WAF Anti-SPAM Anti-DDoS IPS Vulnerability scanning Endpoint Secuirty Web security GW DLP PKI IDM Security Operations Center
17.
RIGHT © 2018
NETSCOUT SYSTEMS, INC. 17 xperience sharing - implement DDoS mitigation service Choosing MANO vendor Choosing Infra-structure & SDN vendor Choosing NFV vendor
18.
RIGHT © 2018
NETSCOUT SYSTEMS, INC. 18 A superficial review of how things work se Cloudband as an example Operator creates service templates in the catalog User logs into portal and subscribes to the service Portal calls Cloudband Network Director or CBND (NFV-O module) CBND calls Cloudband Application Manager or CBAM (VNFM module) to create VNFs, OpenStack (VIM) to provision compute resources and calls Nuage (SDN controller) to create a service chain CBAM deploys VNFs and then monitors their lifecycle NFVO VNFM VIM VNF NFVI Service Catalog Compute Network Storage Portal SDN controller 1 2 3 4 5
19.
RIGHT © 2018
NETSCOUT SYSTEMS, INC. 19 essons learned • License model which is closer to what user would like to pay for: • based on actual mitigated/inspected traffic volume (consumption- based license) • based on clean traffic • HA support for VNFs. • Configuration synchronization • Backup license? • User Portal console • Multi-tenancy • KPIs to monitor VNF health. • How does VNF-M learn that mitigation device went down? • KPIs to trigger scale up / scale down • VNF-M needs to resize VNF – compute and license
20.
RIGHT © 2018
NETSCOUT SYSTEMS, INC. 20 VNFs must have programmable interfaces – Enhance APIs Element management – Provide client libraries or orchestration modules – Python module, Ansible module, NSO NED? Provide customers with sample templates, playbooks – HOT, TOSCA, NSO VNFD, Ansible Consideration for choosing NFV
21.
RIGHT © 2018
NETSCOUT SYSTEMS, INC. 21 Arbor’s NFV strategy Virtualizing platforms and services – SP, TMS, APS all virtualized Flexible licensing – Pay-as-you-grow Orchestration – Cisco Network Services Orchestrator – Nokia CloudBand – OpenStack Tacker
22.
RIGHT © 2018
NETSCOUT SYSTEMS, INC. 22 Thank You. ww.netscout.com ontact: cfchui@arbor.net
Download now