SlideShare a Scribd company logo

Next Generation DDoS Services – can we do this with NFV? - CF Chui

MyNOG
MyNOG

Next Generation DDoS Services – can we do this with NFV?

Education
1 of 22
Download to read offline
RIGHT © 2018 NETSCOUT SYSTEMS, INC. 1
RIGHT © 2018 NETSCOUT SYSTEMS, INC. 2 NEXT GENERATION DDoS SERVICES an we do this with NFV? F Chui, Principal Security Technologist
RIGHT © 2018 NETSCOUT SYSTEMS, INC. 3 •  While the size of the very largest attack was down, proportion of volumetric attacks was up overall •  Attackers realized that there is very little you can do with 800 Gbps of firepower that you can’t do with 60 Gbps •  Marked increase in the complexity of attacks olumetric Attacks Are Down in Peak Size 0 200 400 600 800 1000 1200 1400 1600 1800 2000 Jan-17 Feb-17 Mar-17 Apr-17 May-17 Jun-17 Jul-17 Aug-17 Sep-17 Oct-17 Nov-17 Dec-17 Jan-18 Feb-18 Mar-18 DDoS peak attack size (Gbps) - Global
RIGHT © 2018 NETSCOUT SYSTEMS, INC. 4 Attack Innovation Seen at the Edge ulti-vector attacks combine high lume floods, application-layer attacks nd TCP-state exhaustion attacks in a ngle sustained offensive, increasing tigation complexity and attacker's ance for success sing Complexity 20% increase over last year
RIGHT © 2018 NETSCOUT SYSTEMS, INC. 5 Across All Business Types eaponization of botnets and cheap DoS for hire services threaten all usiness types hese same verticals are driving emand for DDoS services oud and IoT are having an impact 22% of ISPs see attacks originating from on-net IoT 36% see attacks targeting cloud services, up from a quarter ot Just ‘The Usual Suspects’
RIGHT © 2018 NETSCOUT SYSTEMS, INC. 6 DN & NFV Proportion of SP with SDN or NFV in production has doubled over previous year Operational Concerns, Interoperability, and Cost leading barriers to SDN / NFV
RIGHT © 2018 NETSCOUT SYSTEMS, INC. 7 What is NFV? Deploy network services on generic x86-based hardware Flexible resource allocation Scale-out architectures Bare-metal or virtual machines Typical router HW architecture
RIGHT © 2018 NETSCOUT SYSTEMS, INC. 8 •  Programmable infrastructure •  Stable, common interface* •  Lifecycle management of virtual network functions •  Must be able to associate services •  Refined control of network path Requirements for NFV
RIGHT © 2018 NETSCOUT SYSTEMS, INC. 9 NFV eco-system – enter ETSI NFV ropean Telecommunications Standards Institute Reference architecture for NFV Developed by European Telecommunications Standards Institute, 2012 Define key components and relationships tp://www.etsi.org/
RIGHT © 2018 NETSCOUT SYSTEMS, INC. 10 NFV reference architecture Virtual infrastructure manager •  Virtual resource allocation and management •  Virtual resource operations •  Example: OpenStack, CloudStack, vCloud Director VNF manager: VNF lifecycle management •  VNF instantiation and termination •  VNF query & configuration •  VNF scaling Service Orchestrator •  Map service requests into VNFs •  Request VNF instantiation and provisioning
RIGHT © 2018 NETSCOUT SYSTEMS, INC. 11 NFV reference architecture utomation and Orchestration selection criteria Orchestration system requirements •  Service templates •  Automatic provisioning Appliance requirements •  APIs •  Prefer REST
RIGHT © 2018 NETSCOUT SYSTEMS, INC. 12 Why would we want NFV? Run network services on 3d party server vendors Reduce maintenance cost and sparing Reduce number of redundant components Reduce time-to-market and time-to-deployment Increase flexibility and agility Increase resource utilization Replace CAPEX (h/w) model to OPEX (subscription) Pay-as-You-Grow model works well
RIGHT © 2018 NETSCOUT SYSTEMS, INC. 13 •  Product deliver challenges –  Packaging –  Multi-vendor integration –  Support –  Licensing –  Integration orchestration systems •  Provisioning challenges –  Service decomposition –  Sevice provisioning –  Service insertion and stitching –  VM orchestration NFV Challenges •  Operation challenges –  High availability –  Auto-scaling –  Service monitoring –  Monitoring an auditing of scale-out infrastructure
RIGHT © 2018 NETSCOUT SYSTEMS, INC. 14 Orchestration and automation –  Service decomposition –  Integration with orchestration/provisioning systems –  Provisioning and configuration automation –  High-availability (auto-healing) –  Auto-scaling –  Service insertion for transparent services –  On-demand service chaining –  No standard deployment process or API Licensing challenges –  Vendors like to license boxes (instances), not throughput NFV Challenges
RIGHT © 2018 NETSCOUT SYSTEMS, INC. 15 •  Reduced CapEx/OpEx, TCO(?) •  COTS hardware •  Autoscaling services: deploy at need, eliminate idle virtual resources •  Programmability means customizability •  Service function chaining romised NFV payoff?
RIGHT © 2018 NETSCOUT SYSTEMS, INC. 16 elco Services offering through NFV •  A way to leapfrog competition •  A way to roll out new services faster •  A way to reach customers not connected to their network Firewall Remote VPN WAF Anti-SPAM Anti-DDoS IPS Vulnerability scanning Endpoint Secuirty Web security GW DLP PKI IDM Security Operations Center
RIGHT © 2018 NETSCOUT SYSTEMS, INC. 17 xperience sharing - implement DDoS mitigation service Choosing MANO vendor Choosing Infra-structure & SDN vendor Choosing NFV vendor
RIGHT © 2018 NETSCOUT SYSTEMS, INC. 18 A superficial review of how things work se Cloudband as an example   Operator creates service templates in the catalog   User logs into portal and subscribes to the service   Portal calls Cloudband Network Director or CBND (NFV-O module)   CBND calls Cloudband Application Manager or CBAM (VNFM module) to create VNFs, OpenStack (VIM) to provision compute resources and calls Nuage (SDN controller) to create a service chain   CBAM deploys VNFs and then monitors their lifecycle NFVO VNFM VIM VNF NFVI Service Catalog Compute Network Storage Portal SDN controller 1 2 3 4 5
RIGHT © 2018 NETSCOUT SYSTEMS, INC. 19 essons learned •  License model which is closer to what user would like to pay for: •  based on actual mitigated/inspected traffic volume (consumption- based license) •  based on clean traffic •  HA support for VNFs. •  Configuration synchronization •  Backup license? •  User Portal console •  Multi-tenancy •  KPIs to monitor VNF health. •  How does VNF-M learn that mitigation device went down? •  KPIs to trigger scale up / scale down •  VNF-M needs to resize VNF – compute and license
RIGHT © 2018 NETSCOUT SYSTEMS, INC. 20 VNFs must have programmable interfaces –  Enhance APIs Element management –  Provide client libraries or orchestration modules –  Python module, Ansible module, NSO NED? Provide customers with sample templates, playbooks –  HOT, TOSCA, NSO VNFD, Ansible Consideration for choosing NFV
RIGHT © 2018 NETSCOUT SYSTEMS, INC. 21 Arbor’s NFV strategy Virtualizing platforms and services –  SP, TMS, APS all virtualized Flexible licensing –  Pay-as-you-grow Orchestration –  Cisco Network Services Orchestrator –  Nokia CloudBand –  OpenStack Tacker
RIGHT © 2018 NETSCOUT SYSTEMS, INC. 22 Thank You. ww.netscout.com ontact: cfchui@arbor.net

Recommended

The Stories of IXP Development and the Way Forward by Che-Hoo Cheng
The Stories of IXP Development and the Way Forward by Che-Hoo ChengThe Stories of IXP Development and the Way Forward by Che-Hoo Cheng
The Stories of IXP Development and the Way Forward by Che-Hoo ChengMyNOG
 
Internet Noise (A Story About Two Little Subnets - Tom Paseka
Internet Noise (A Story About Two Little Subnets - Tom PasekaInternet Noise (A Story About Two Little Subnets - Tom Paseka
Internet Noise (A Story About Two Little Subnets - Tom PasekaMyNOG
 
The OTT Challenge - Eric Leung
The OTT Challenge - Eric LeungThe OTT Challenge - Eric Leung
The OTT Challenge - Eric LeungMyNOG
 
DIY Netflow Data Analytic with ELK Stack by CL Lee
DIY Netflow Data Analytic with ELK Stack by CL LeeDIY Netflow Data Analytic with ELK Stack by CL Lee
DIY Netflow Data Analytic with ELK Stack by CL LeeMyNOG
 
IPLC Analytic Dashboard - Mohd Rizal bin Mohd Ramly
IPLC Analytic Dashboard - Mohd Rizal bin Mohd RamlyIPLC Analytic Dashboard - Mohd Rizal bin Mohd Ramly
IPLC Analytic Dashboard - Mohd Rizal bin Mohd RamlyMyNOG
 
Open Connect Appliances - Jocelyn Ooi
Open Connect Appliances - Jocelyn OoiOpen Connect Appliances - Jocelyn Ooi
Open Connect Appliances - Jocelyn OoiMyNOG
 
DDOS Mitigation Experience from IP ServerOne by CL Lee
DDOS Mitigation Experience from IP ServerOne by CL LeeDDOS Mitigation Experience from IP ServerOne by CL Lee
DDOS Mitigation Experience from IP ServerOne by CL LeeMyNOG
 
Next Gen Monitoring with INT
Next Gen Monitoring with INTNext Gen Monitoring with INT
Next Gen Monitoring with INTMyNOG
 

Recommended

The Stories of IXP Development and the Way Forward by Che-Hoo Cheng
The Stories of IXP Development and the Way Forward by Che-Hoo ChengThe Stories of IXP Development and the Way Forward by Che-Hoo Cheng
The Stories of IXP Development and the Way Forward by Che-Hoo ChengMyNOG
 
Internet Noise (A Story About Two Little Subnets - Tom Paseka
Internet Noise (A Story About Two Little Subnets - Tom PasekaInternet Noise (A Story About Two Little Subnets - Tom Paseka
Internet Noise (A Story About Two Little Subnets - Tom PasekaMyNOG
 
The OTT Challenge - Eric Leung
The OTT Challenge - Eric LeungThe OTT Challenge - Eric Leung
The OTT Challenge - Eric LeungMyNOG
 
DIY Netflow Data Analytic with ELK Stack by CL Lee
DIY Netflow Data Analytic with ELK Stack by CL LeeDIY Netflow Data Analytic with ELK Stack by CL Lee
DIY Netflow Data Analytic with ELK Stack by CL LeeMyNOG
 
IPLC Analytic Dashboard - Mohd Rizal bin Mohd Ramly
IPLC Analytic Dashboard - Mohd Rizal bin Mohd RamlyIPLC Analytic Dashboard - Mohd Rizal bin Mohd Ramly
IPLC Analytic Dashboard - Mohd Rizal bin Mohd RamlyMyNOG
 
Open Connect Appliances - Jocelyn Ooi
Open Connect Appliances - Jocelyn OoiOpen Connect Appliances - Jocelyn Ooi
Open Connect Appliances - Jocelyn OoiMyNOG
 
DDOS Mitigation Experience from IP ServerOne by CL Lee
DDOS Mitigation Experience from IP ServerOne by CL LeeDDOS Mitigation Experience from IP ServerOne by CL Lee
DDOS Mitigation Experience from IP ServerOne by CL LeeMyNOG
 
Next Gen Monitoring with INT
Next Gen Monitoring with INTNext Gen Monitoring with INT
Next Gen Monitoring with INTMyNOG
 
Traffic Insight Using Netflow and Deepfield Systems
Traffic Insight Using Netflow and Deepfield SystemsTraffic Insight Using Netflow and Deepfield Systems
Traffic Insight Using Netflow and Deepfield SystemsMyNOG
 
SP Routing Innovation with Segment Routing, VXLAN and EVPN - Ismail Ali
SP Routing Innovation with Segment Routing, VXLAN and EVPN - Ismail AliSP Routing Innovation with Segment Routing, VXLAN and EVPN - Ismail Ali
SP Routing Innovation with Segment Routing, VXLAN and EVPN - Ismail AliMyNOG
 
Engineering The New IP Transport
Engineering The New IP TransportEngineering The New IP Transport
Engineering The New IP TransportMyNOG
 
The Stakes Have Changed – The Changing Security Landscape by Tony Teo
The Stakes Have Changed – The Changing Security Landscape by Tony TeoThe Stakes Have Changed – The Changing Security Landscape by Tony Teo
The Stakes Have Changed – The Changing Security Landscape by Tony TeoMyNOG
 
High Speed Fiber Services and Challenges to the Core Network by Seiichi Kawamura
High Speed Fiber Services and Challenges to the Core Network by Seiichi KawamuraHigh Speed Fiber Services and Challenges to the Core Network by Seiichi Kawamura
High Speed Fiber Services and Challenges to the Core Network by Seiichi KawamuraMyNOG
 
How Data Center Traffic is Changing Your Network by KC Lim
How Data Center Traffic is Changing Your Network by KC LimHow Data Center Traffic is Changing Your Network by KC Lim
How Data Center Traffic is Changing Your Network by KC LimMyNOG
 
APNIC Updates
APNIC UpdatesAPNIC Updates
APNIC UpdatesMyNOG
 
Next-gen Network Telemetry is Within Your Packets: In-band OAM
Next-gen Network Telemetry is Within Your Packets: In-band OAMNext-gen Network Telemetry is Within Your Packets: In-band OAM
Next-gen Network Telemetry is Within Your Packets: In-band OAMOpen Networking Summit
 
TIME Journey to the SPACE
TIME Journey to the SPACETIME Journey to the SPACE
TIME Journey to the SPACEMyNOG
 
The Path to a Programmable Network
The Path to a Programmable NetworkThe Path to a Programmable Network
The Path to a Programmable NetworkMyNOG
 
ElasticISP
ElasticISPElasticISP
ElasticISPKHNOG
 
NovoNet Vision and Operators' Perspective for ONAP
NovoNet Vision and Operators' Perspective for ONAPNovoNet Vision and Operators' Perspective for ONAP
NovoNet Vision and Operators' Perspective for ONAPITU
 
Service Provider Architectures for Tomorrow by Chow Khay Kid
Service Provider Architectures for Tomorrow by Chow Khay KidService Provider Architectures for Tomorrow by Chow Khay Kid
Service Provider Architectures for Tomorrow by Chow Khay KidMyNOG
 
npNOG 2: APNIC IPv6 deployment
npNOG 2: APNIC IPv6 deploymentnpNOG 2: APNIC IPv6 deployment
npNOG 2: APNIC IPv6 deploymentAPNIC
 
Combating DDoS and why peering is important in Asia
Combating DDoS and why peering is important in AsiaCombating DDoS and why peering is important in Asia
Combating DDoS and why peering is important in AsiaMyNOG
 
RPKI and Me
RPKI and MeRPKI and Me
RPKI and MeMyNOG
 
Introduction to Segment Routing
Introduction to Segment RoutingIntroduction to Segment Routing
Introduction to Segment RoutingMyNOG
 
Traffic Engineering for CDNs
Traffic Engineering for CDNsTraffic Engineering for CDNs
Traffic Engineering for CDNsMyNOG
 
100Gbps Core Network Deployment in an African Network - Mark Tinka
100Gbps Core Network Deployment in an African Network - Mark Tinka100Gbps Core Network Deployment in an African Network - Mark Tinka
100Gbps Core Network Deployment in an African Network - Mark TinkaMyNOG
 
Experience of Implementing IPTV in an ISP Network by Thong Hawk Yen
Experience of Implementing IPTV in an ISP Network by Thong Hawk YenExperience of Implementing IPTV in an ISP Network by Thong Hawk Yen
Experience of Implementing IPTV in an ISP Network by Thong Hawk YenMyNOG
 
Cloudify: Open vCPE Design Concepts and Multi-Cloud Orchestration
Cloudify: Open vCPE Design Concepts and Multi-Cloud OrchestrationCloudify: Open vCPE Design Concepts and Multi-Cloud Orchestration
Cloudify: Open vCPE Design Concepts and Multi-Cloud OrchestrationCloudify Community
 
PLNOG15: NFV: Lessons learned from production deployments and current observa...
PLNOG15: NFV: Lessons learned from production deployments and current observa...PLNOG15: NFV: Lessons learned from production deployments and current observa...
PLNOG15: NFV: Lessons learned from production deployments and current observa...PROIDEA
 

More Related Content

What's hot

Traffic Insight Using Netflow and Deepfield Systems
Traffic Insight Using Netflow and Deepfield SystemsTraffic Insight Using Netflow and Deepfield Systems
Traffic Insight Using Netflow and Deepfield SystemsMyNOG
 
SP Routing Innovation with Segment Routing, VXLAN and EVPN - Ismail Ali
SP Routing Innovation with Segment Routing, VXLAN and EVPN - Ismail AliSP Routing Innovation with Segment Routing, VXLAN and EVPN - Ismail Ali
SP Routing Innovation with Segment Routing, VXLAN and EVPN - Ismail AliMyNOG
 
Engineering The New IP Transport
Engineering The New IP TransportEngineering The New IP Transport
Engineering The New IP TransportMyNOG
 
The Stakes Have Changed – The Changing Security Landscape by Tony Teo
The Stakes Have Changed – The Changing Security Landscape by Tony TeoThe Stakes Have Changed – The Changing Security Landscape by Tony Teo
The Stakes Have Changed – The Changing Security Landscape by Tony TeoMyNOG
 
High Speed Fiber Services and Challenges to the Core Network by Seiichi Kawamura
High Speed Fiber Services and Challenges to the Core Network by Seiichi KawamuraHigh Speed Fiber Services and Challenges to the Core Network by Seiichi Kawamura
High Speed Fiber Services and Challenges to the Core Network by Seiichi KawamuraMyNOG
 
How Data Center Traffic is Changing Your Network by KC Lim
How Data Center Traffic is Changing Your Network by KC LimHow Data Center Traffic is Changing Your Network by KC Lim
How Data Center Traffic is Changing Your Network by KC LimMyNOG
 
APNIC Updates
APNIC UpdatesAPNIC Updates
APNIC UpdatesMyNOG
 
Next-gen Network Telemetry is Within Your Packets: In-band OAM
Next-gen Network Telemetry is Within Your Packets: In-band OAMNext-gen Network Telemetry is Within Your Packets: In-band OAM
Next-gen Network Telemetry is Within Your Packets: In-band OAMOpen Networking Summit
 
TIME Journey to the SPACE
TIME Journey to the SPACETIME Journey to the SPACE
TIME Journey to the SPACEMyNOG
 
The Path to a Programmable Network
The Path to a Programmable NetworkThe Path to a Programmable Network
The Path to a Programmable NetworkMyNOG
 
ElasticISP
ElasticISPElasticISP
ElasticISPKHNOG
 
NovoNet Vision and Operators' Perspective for ONAP
NovoNet Vision and Operators' Perspective for ONAPNovoNet Vision and Operators' Perspective for ONAP
NovoNet Vision and Operators' Perspective for ONAPITU
 
Service Provider Architectures for Tomorrow by Chow Khay Kid
Service Provider Architectures for Tomorrow by Chow Khay KidService Provider Architectures for Tomorrow by Chow Khay Kid
Service Provider Architectures for Tomorrow by Chow Khay KidMyNOG
 
npNOG 2: APNIC IPv6 deployment
npNOG 2: APNIC IPv6 deploymentnpNOG 2: APNIC IPv6 deployment
npNOG 2: APNIC IPv6 deploymentAPNIC
 
Combating DDoS and why peering is important in Asia
Combating DDoS and why peering is important in AsiaCombating DDoS and why peering is important in Asia
Combating DDoS and why peering is important in AsiaMyNOG
 
RPKI and Me
RPKI and MeRPKI and Me
RPKI and MeMyNOG
 
Introduction to Segment Routing
Introduction to Segment RoutingIntroduction to Segment Routing
Introduction to Segment RoutingMyNOG
 
Traffic Engineering for CDNs
Traffic Engineering for CDNsTraffic Engineering for CDNs
Traffic Engineering for CDNsMyNOG
 
100Gbps Core Network Deployment in an African Network - Mark Tinka
100Gbps Core Network Deployment in an African Network - Mark Tinka100Gbps Core Network Deployment in an African Network - Mark Tinka
100Gbps Core Network Deployment in an African Network - Mark TinkaMyNOG
 
Experience of Implementing IPTV in an ISP Network by Thong Hawk Yen
Experience of Implementing IPTV in an ISP Network by Thong Hawk YenExperience of Implementing IPTV in an ISP Network by Thong Hawk Yen
Experience of Implementing IPTV in an ISP Network by Thong Hawk YenMyNOG
 

What's hot (20)

Traffic Insight Using Netflow and Deepfield Systems
Traffic Insight Using Netflow and Deepfield SystemsTraffic Insight Using Netflow and Deepfield Systems
Traffic Insight Using Netflow and Deepfield Systems
 
SP Routing Innovation with Segment Routing, VXLAN and EVPN - Ismail Ali
SP Routing Innovation with Segment Routing, VXLAN and EVPN - Ismail AliSP Routing Innovation with Segment Routing, VXLAN and EVPN - Ismail Ali
SP Routing Innovation with Segment Routing, VXLAN and EVPN - Ismail Ali
 
Engineering The New IP Transport
Engineering The New IP TransportEngineering The New IP Transport
Engineering The New IP Transport
 
The Stakes Have Changed – The Changing Security Landscape by Tony Teo
The Stakes Have Changed – The Changing Security Landscape by Tony TeoThe Stakes Have Changed – The Changing Security Landscape by Tony Teo
The Stakes Have Changed – The Changing Security Landscape by Tony Teo
 
High Speed Fiber Services and Challenges to the Core Network by Seiichi Kawamura
High Speed Fiber Services and Challenges to the Core Network by Seiichi KawamuraHigh Speed Fiber Services and Challenges to the Core Network by Seiichi Kawamura
High Speed Fiber Services and Challenges to the Core Network by Seiichi Kawamura
 
How Data Center Traffic is Changing Your Network by KC Lim
How Data Center Traffic is Changing Your Network by KC LimHow Data Center Traffic is Changing Your Network by KC Lim
How Data Center Traffic is Changing Your Network by KC Lim
 
APNIC Updates
APNIC UpdatesAPNIC Updates
APNIC Updates
 
Next-gen Network Telemetry is Within Your Packets: In-band OAM
Next-gen Network Telemetry is Within Your Packets: In-band OAMNext-gen Network Telemetry is Within Your Packets: In-band OAM
Next-gen Network Telemetry is Within Your Packets: In-band OAM
 
TIME Journey to the SPACE
TIME Journey to the SPACETIME Journey to the SPACE
TIME Journey to the SPACE
 
The Path to a Programmable Network
The Path to a Programmable NetworkThe Path to a Programmable Network
The Path to a Programmable Network
 
ElasticISP
ElasticISPElasticISP
ElasticISP
 
NovoNet Vision and Operators' Perspective for ONAP
NovoNet Vision and Operators' Perspective for ONAPNovoNet Vision and Operators' Perspective for ONAP
NovoNet Vision and Operators' Perspective for ONAP
 
Service Provider Architectures for Tomorrow by Chow Khay Kid
Service Provider Architectures for Tomorrow by Chow Khay KidService Provider Architectures for Tomorrow by Chow Khay Kid
Service Provider Architectures for Tomorrow by Chow Khay Kid
 
npNOG 2: APNIC IPv6 deployment
npNOG 2: APNIC IPv6 deploymentnpNOG 2: APNIC IPv6 deployment
npNOG 2: APNIC IPv6 deployment
 
Combating DDoS and why peering is important in Asia
Combating DDoS and why peering is important in AsiaCombating DDoS and why peering is important in Asia
Combating DDoS and why peering is important in Asia
 
RPKI and Me
RPKI and MeRPKI and Me
RPKI and Me
 
Introduction to Segment Routing
Introduction to Segment RoutingIntroduction to Segment Routing
Introduction to Segment Routing
 
Traffic Engineering for CDNs
Traffic Engineering for CDNsTraffic Engineering for CDNs
Traffic Engineering for CDNs
 
100Gbps Core Network Deployment in an African Network - Mark Tinka
100Gbps Core Network Deployment in an African Network - Mark Tinka100Gbps Core Network Deployment in an African Network - Mark Tinka
100Gbps Core Network Deployment in an African Network - Mark Tinka
 
Experience of Implementing IPTV in an ISP Network by Thong Hawk Yen
Experience of Implementing IPTV in an ISP Network by Thong Hawk YenExperience of Implementing IPTV in an ISP Network by Thong Hawk Yen
Experience of Implementing IPTV in an ISP Network by Thong Hawk Yen
 

Similar to Next Generation DDoS Services – can we do this with NFV? - CF Chui

Cloudify: Open vCPE Design Concepts and Multi-Cloud Orchestration
Cloudify: Open vCPE Design Concepts and Multi-Cloud OrchestrationCloudify: Open vCPE Design Concepts and Multi-Cloud Orchestration
Cloudify: Open vCPE Design Concepts and Multi-Cloud OrchestrationCloudify Community
 
PLNOG15: NFV: Lessons learned from production deployments and current observa...
PLNOG15: NFV: Lessons learned from production deployments and current observa...PLNOG15: NFV: Lessons learned from production deployments and current observa...
PLNOG15: NFV: Lessons learned from production deployments and current observa...PROIDEA
 
Service Mesh: Two Big Words But Do You Need It?
Service Mesh: Two Big Words But Do You Need It?Service Mesh: Two Big Words But Do You Need It?
Service Mesh: Two Big Words But Do You Need It?DevOps.com
 
Data Plane Matters! A Deep Dive and Demo on NGINX Service Mesh
Data Plane Matters! A Deep Dive and Demo on NGINX Service MeshData Plane Matters! A Deep Dive and Demo on NGINX Service Mesh
Data Plane Matters! A Deep Dive and Demo on NGINX Service MeshNGINX, Inc.
 
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...Cisco Canada
 
Why Network Functions Virtualization sdn?
Why Network Functions Virtualization sdn?Why Network Functions Virtualization sdn?
Why Network Functions Virtualization sdn?idrajeev
 
Putting the M in MANO: Major new Ensemble release delivers NFV management and...
Putting the M in MANO: Major new Ensemble release delivers NFV management and...Putting the M in MANO: Major new Ensemble release delivers NFV management and...
Putting the M in MANO: Major new Ensemble release delivers NFV management and...ADVA
 
End to End Application Visibility and Troubleshooting Across the Virtual Clou...
End to End Application Visibility and Troubleshooting Across the Virtual Clou...End to End Application Visibility and Troubleshooting Across the Virtual Clou...
End to End Application Visibility and Troubleshooting Across the Virtual Clou...NETSCOUT
 
Net-Ace - Vendor-Agnostic Service Orchestration platform
Net-Ace - Vendor-Agnostic Service Orchestration platformNet-Ace - Vendor-Agnostic Service Orchestration platform
Net-Ace - Vendor-Agnostic Service Orchestration platformyurid79
 
Modernizing Application Deployments with HashiCorp Consul on Microsoft Azure
Modernizing Application Deployments with HashiCorp Consul on Microsoft AzureModernizing Application Deployments with HashiCorp Consul on Microsoft Azure
Modernizing Application Deployments with HashiCorp Consul on Microsoft AzureMitchell Pronschinske
 
Who Moved My Network? Mastering Hybrid WANs with ThousandEyes and Cisco
Who Moved My Network? Mastering Hybrid WANs with ThousandEyes and CiscoWho Moved My Network? Mastering Hybrid WANs with ThousandEyes and Cisco
Who Moved My Network? Mastering Hybrid WANs with ThousandEyes and CiscoThousandEyes
 
Achieving Network Deployment Flexibility with Mirantis OpenStack
Achieving Network Deployment Flexibility with Mirantis OpenStackAchieving Network Deployment Flexibility with Mirantis OpenStack
Achieving Network Deployment Flexibility with Mirantis OpenStackEric Zhaohui Ji
 
VM Farms Thrive with Dedicated IP Storage Networks
VM Farms Thrive with Dedicated IP Storage NetworksVM Farms Thrive with Dedicated IP Storage Networks
VM Farms Thrive with Dedicated IP Storage NetworksBrocade
 
On-Demand Production Infrastructure delivered Just In Time By Shane Guthrie o...
On-Demand Production Infrastructure delivered Just In Time By Shane Guthrie o...On-Demand Production Infrastructure delivered Just In Time By Shane Guthrie o...
On-Demand Production Infrastructure delivered Just In Time By Shane Guthrie o...ETCenter
 
uCPE and VNFs Explained
uCPE and VNFs ExplaineduCPE and VNFs Explained
uCPE and VNFs ExplainedAlan Percy
 
vCloud NFV - Accelerating deployment of the Telco Cloud (SDN NFV Day ITB 2016)
vCloud NFV - Accelerating deployment of the Telco Cloud (SDN NFV Day ITB 2016)vCloud NFV - Accelerating deployment of the Telco Cloud (SDN NFV Day ITB 2016)
vCloud NFV - Accelerating deployment of the Telco Cloud (SDN NFV Day ITB 2016)SDNRG ITB
 
SCF Partners' Day: Technologies for Densification
SCF Partners' Day: Technologies for DensificationSCF Partners' Day: Technologies for Densification
SCF Partners' Day: Technologies for DensificationSmall Cell Forum
 
Mavenir network function virtualisation
Mavenir network function virtualisationMavenir network function virtualisation
Mavenir network function virtualisationMyles Freedman
 

Similar to Next Generation DDoS Services – can we do this with NFV? - CF Chui (20)

Cloudify: Open vCPE Design Concepts and Multi-Cloud Orchestration
Cloudify: Open vCPE Design Concepts and Multi-Cloud OrchestrationCloudify: Open vCPE Design Concepts and Multi-Cloud Orchestration
Cloudify: Open vCPE Design Concepts and Multi-Cloud Orchestration
 
PLNOG15: NFV: Lessons learned from production deployments and current observa...
PLNOG15: NFV: Lessons learned from production deployments and current observa...PLNOG15: NFV: Lessons learned from production deployments and current observa...
PLNOG15: NFV: Lessons learned from production deployments and current observa...
 
Service Mesh: Two Big Words But Do You Need It?
Service Mesh: Two Big Words But Do You Need It?Service Mesh: Two Big Words But Do You Need It?
Service Mesh: Two Big Words But Do You Need It?
 
Data Plane Matters! A Deep Dive and Demo on NGINX Service Mesh
Data Plane Matters! A Deep Dive and Demo on NGINX Service MeshData Plane Matters! A Deep Dive and Demo on NGINX Service Mesh
Data Plane Matters! A Deep Dive and Demo on NGINX Service Mesh
 
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
 
Colt Network On Demand
Colt Network On DemandColt Network On Demand
Colt Network On Demand
 
Why Network Functions Virtualization sdn?
Why Network Functions Virtualization sdn?Why Network Functions Virtualization sdn?
Why Network Functions Virtualization sdn?
 
Putting the M in MANO: Major new Ensemble release delivers NFV management and...
Putting the M in MANO: Major new Ensemble release delivers NFV management and...Putting the M in MANO: Major new Ensemble release delivers NFV management and...
Putting the M in MANO: Major new Ensemble release delivers NFV management and...
 
End to End Application Visibility and Troubleshooting Across the Virtual Clou...
End to End Application Visibility and Troubleshooting Across the Virtual Clou...End to End Application Visibility and Troubleshooting Across the Virtual Clou...
End to End Application Visibility and Troubleshooting Across the Virtual Clou...
 
Net-Ace - Vendor-Agnostic Service Orchestration platform
Net-Ace - Vendor-Agnostic Service Orchestration platformNet-Ace - Vendor-Agnostic Service Orchestration platform
Net-Ace - Vendor-Agnostic Service Orchestration platform
 
Modernizing Application Deployments with HashiCorp Consul on Microsoft Azure
Modernizing Application Deployments with HashiCorp Consul on Microsoft AzureModernizing Application Deployments with HashiCorp Consul on Microsoft Azure
Modernizing Application Deployments with HashiCorp Consul on Microsoft Azure
 
Who Moved My Network? Mastering Hybrid WANs with ThousandEyes and Cisco
Who Moved My Network? Mastering Hybrid WANs with ThousandEyes and CiscoWho Moved My Network? Mastering Hybrid WANs with ThousandEyes and Cisco
Who Moved My Network? Mastering Hybrid WANs with ThousandEyes and Cisco
 
Achieving Network Deployment Flexibility with Mirantis OpenStack
Achieving Network Deployment Flexibility with Mirantis OpenStackAchieving Network Deployment Flexibility with Mirantis OpenStack
Achieving Network Deployment Flexibility with Mirantis OpenStack
 
uCPE and VNFs Explained
uCPE and VNFs ExplaineduCPE and VNFs Explained
uCPE and VNFs Explained
 
VM Farms Thrive with Dedicated IP Storage Networks
VM Farms Thrive with Dedicated IP Storage NetworksVM Farms Thrive with Dedicated IP Storage Networks
VM Farms Thrive with Dedicated IP Storage Networks
 
On-Demand Production Infrastructure delivered Just In Time By Shane Guthrie o...
On-Demand Production Infrastructure delivered Just In Time By Shane Guthrie o...On-Demand Production Infrastructure delivered Just In Time By Shane Guthrie o...
On-Demand Production Infrastructure delivered Just In Time By Shane Guthrie o...
 
uCPE and VNFs Explained
uCPE and VNFs ExplaineduCPE and VNFs Explained
uCPE and VNFs Explained
 
vCloud NFV - Accelerating deployment of the Telco Cloud (SDN NFV Day ITB 2016)
vCloud NFV - Accelerating deployment of the Telco Cloud (SDN NFV Day ITB 2016)vCloud NFV - Accelerating deployment of the Telco Cloud (SDN NFV Day ITB 2016)
vCloud NFV - Accelerating deployment of the Telco Cloud (SDN NFV Day ITB 2016)
 
SCF Partners' Day: Technologies for Densification
SCF Partners' Day: Technologies for DensificationSCF Partners' Day: Technologies for Densification
SCF Partners' Day: Technologies for Densification
 
Mavenir network function virtualisation
Mavenir network function virtualisationMavenir network function virtualisation
Mavenir network function virtualisation
 

More from MyNOG

Peering Personal MyNOG-10
Peering Personal MyNOG-10Peering Personal MyNOG-10
Peering Personal MyNOG-10MyNOG
 
Embedded CDNs in 2023
Embedded CDNs in 2023Embedded CDNs in 2023
Embedded CDNs in 2023MyNOG
 
Edge virtualisation for Carrier Networks
Edge virtualisation for Carrier NetworksEdge virtualisation for Carrier Networks
Edge virtualisation for Carrier NetworksMyNOG
 
Equinix: New Markets, New Frontiers
Equinix: New Markets, New FrontiersEquinix: New Markets, New Frontiers
Equinix: New Markets, New FrontiersMyNOG
 
Securing the Onion: 5G Cloud Native Infrastructure
Securing the Onion: 5G Cloud Native InfrastructureSecuring the Onion: 5G Cloud Native Infrastructure
Securing the Onion: 5G Cloud Native InfrastructureMyNOG
 
Hierarchical Network Controller
Hierarchical Network ControllerHierarchical Network Controller
Hierarchical Network ControllerMyNOG
 
Aether: The First Open Source 5G/LTE Connected Edge Cloud Platform
Aether: The First Open Source 5G/LTE Connected Edge Cloud PlatformAether: The First Open Source 5G/LTE Connected Edge Cloud Platform
Aether: The First Open Source 5G/LTE Connected Edge Cloud PlatformMyNOG
 
Cleaning up your RPKI invalids
Cleaning up your RPKI invalidsCleaning up your RPKI invalids
Cleaning up your RPKI invalidsMyNOG
 
Introducing Peering LAN 2.0 at DE-CIX
Introducing Peering LAN 2.0 at DE-CIXIntroducing Peering LAN 2.0 at DE-CIX
Introducing Peering LAN 2.0 at DE-CIXMyNOG
 
Load balancing and Service in Kubernetes
Load balancing and Service in KubernetesLoad balancing and Service in Kubernetes
Load balancing and Service in KubernetesMyNOG
 
Cloud SDN: BGP Peering and RPKI
Cloud SDN: BGP Peering and RPKICloud SDN: BGP Peering and RPKI
Cloud SDN: BGP Peering and RPKIMyNOG
 
SDM – A New (Subsea) Cable Paradigm
SDM – A New (Subsea) Cable ParadigmSDM – A New (Subsea) Cable Paradigm
SDM – A New (Subsea) Cable ParadigmMyNOG
 
AI in Networking: Transforming Network Operations with Juniper Mist AIDE
AI in Networking: Transforming Network Operations with Juniper Mist AIDEAI in Networking: Transforming Network Operations with Juniper Mist AIDE
AI in Networking: Transforming Network Operations with Juniper Mist AIDEMyNOG
 
Malaysia Data Center Landscape, Where is the next hotspot to place your fiber...
Malaysia Data Center Landscape, Where is the next hotspot to place your fiber...Malaysia Data Center Landscape, Where is the next hotspot to place your fiber...
Malaysia Data Center Landscape, Where is the next hotspot to place your fiber...MyNOG
 
FUTURE-PROOFING DATA CENTRES from Connectivity Perspective
FUTURE-PROOFING DATA CENTRES from Connectivity PerspectiveFUTURE-PROOFING DATA CENTRES from Connectivity Perspective
FUTURE-PROOFING DATA CENTRES from Connectivity PerspectiveMyNOG
 
Keep Ukraine Connected: A project from the community – for the community by R...
Keep Ukraine Connected: A project from the community – for the community by R...Keep Ukraine Connected: A project from the community – for the community by R...
Keep Ukraine Connected: A project from the community – for the community by R...MyNOG
 
Solving Civilization’s Long Term Communication Needs by Dinesh Kummaran, Tran...
Solving Civilization’s Long Term Communication Needs by Dinesh Kummaran, Tran...Solving Civilization’s Long Term Communication Needs by Dinesh Kummaran, Tran...
Solving Civilization’s Long Term Communication Needs by Dinesh Kummaran, Tran...MyNOG
 
MyIX Updates by Raja Mohan Marappan, MyIX
MyIX Updates by Raja Mohan Marappan, MyIXMyIX Updates by Raja Mohan Marappan, MyIX
MyIX Updates by Raja Mohan Marappan, MyIXMyNOG
 
Exploring Quantum Engineering for Networking by Melchior Aelmans, Juniper Net...
Exploring Quantum Engineering for Networking by Melchior Aelmans, Juniper Net...Exploring Quantum Engineering for Networking by Melchior Aelmans, Juniper Net...
Exploring Quantum Engineering for Networking by Melchior Aelmans, Juniper Net...MyNOG
 
Quick wins in the NetOps Journey by Vincent Boon, Opengear
Quick wins in the NetOps Journey by Vincent Boon, OpengearQuick wins in the NetOps Journey by Vincent Boon, Opengear
Quick wins in the NetOps Journey by Vincent Boon, OpengearMyNOG
 

More from MyNOG (20)

Peering Personal MyNOG-10
Peering Personal MyNOG-10Peering Personal MyNOG-10
Peering Personal MyNOG-10
 
Embedded CDNs in 2023
Embedded CDNs in 2023Embedded CDNs in 2023
Embedded CDNs in 2023
 
Edge virtualisation for Carrier Networks
Edge virtualisation for Carrier NetworksEdge virtualisation for Carrier Networks
Edge virtualisation for Carrier Networks
 
Equinix: New Markets, New Frontiers
Equinix: New Markets, New FrontiersEquinix: New Markets, New Frontiers
Equinix: New Markets, New Frontiers
 
Securing the Onion: 5G Cloud Native Infrastructure
Securing the Onion: 5G Cloud Native InfrastructureSecuring the Onion: 5G Cloud Native Infrastructure
Securing the Onion: 5G Cloud Native Infrastructure
 
Hierarchical Network Controller
Hierarchical Network ControllerHierarchical Network Controller
Hierarchical Network Controller
 
Aether: The First Open Source 5G/LTE Connected Edge Cloud Platform
Aether: The First Open Source 5G/LTE Connected Edge Cloud PlatformAether: The First Open Source 5G/LTE Connected Edge Cloud Platform
Aether: The First Open Source 5G/LTE Connected Edge Cloud Platform
 
Cleaning up your RPKI invalids
Cleaning up your RPKI invalidsCleaning up your RPKI invalids
Cleaning up your RPKI invalids
 
Introducing Peering LAN 2.0 at DE-CIX
Introducing Peering LAN 2.0 at DE-CIXIntroducing Peering LAN 2.0 at DE-CIX
Introducing Peering LAN 2.0 at DE-CIX
 
Load balancing and Service in Kubernetes
Load balancing and Service in KubernetesLoad balancing and Service in Kubernetes
Load balancing and Service in Kubernetes
 
Cloud SDN: BGP Peering and RPKI
Cloud SDN: BGP Peering and RPKICloud SDN: BGP Peering and RPKI
Cloud SDN: BGP Peering and RPKI
 
SDM – A New (Subsea) Cable Paradigm
SDM – A New (Subsea) Cable ParadigmSDM – A New (Subsea) Cable Paradigm
SDM – A New (Subsea) Cable Paradigm
 
AI in Networking: Transforming Network Operations with Juniper Mist AIDE
AI in Networking: Transforming Network Operations with Juniper Mist AIDEAI in Networking: Transforming Network Operations with Juniper Mist AIDE
AI in Networking: Transforming Network Operations with Juniper Mist AIDE
 
Malaysia Data Center Landscape, Where is the next hotspot to place your fiber...
Malaysia Data Center Landscape, Where is the next hotspot to place your fiber...Malaysia Data Center Landscape, Where is the next hotspot to place your fiber...
Malaysia Data Center Landscape, Where is the next hotspot to place your fiber...
 
FUTURE-PROOFING DATA CENTRES from Connectivity Perspective
FUTURE-PROOFING DATA CENTRES from Connectivity PerspectiveFUTURE-PROOFING DATA CENTRES from Connectivity Perspective
FUTURE-PROOFING DATA CENTRES from Connectivity Perspective
 
Keep Ukraine Connected: A project from the community – for the community by R...
Keep Ukraine Connected: A project from the community – for the community by R...Keep Ukraine Connected: A project from the community – for the community by R...
Keep Ukraine Connected: A project from the community – for the community by R...
 
Solving Civilization’s Long Term Communication Needs by Dinesh Kummaran, Tran...
Solving Civilization’s Long Term Communication Needs by Dinesh Kummaran, Tran...Solving Civilization’s Long Term Communication Needs by Dinesh Kummaran, Tran...
Solving Civilization’s Long Term Communication Needs by Dinesh Kummaran, Tran...
 
MyIX Updates by Raja Mohan Marappan, MyIX
MyIX Updates by Raja Mohan Marappan, MyIXMyIX Updates by Raja Mohan Marappan, MyIX
MyIX Updates by Raja Mohan Marappan, MyIX
 
Exploring Quantum Engineering for Networking by Melchior Aelmans, Juniper Net...
Exploring Quantum Engineering for Networking by Melchior Aelmans, Juniper Net...Exploring Quantum Engineering for Networking by Melchior Aelmans, Juniper Net...
Exploring Quantum Engineering for Networking by Melchior Aelmans, Juniper Net...
 
Quick wins in the NetOps Journey by Vincent Boon, Opengear
Quick wins in the NetOps Journey by Vincent Boon, OpengearQuick wins in the NetOps Journey by Vincent Boon, Opengear
Quick wins in the NetOps Journey by Vincent Boon, Opengear
 

Recently uploaded

CELL CYCLE Division Science 8 quarter IV.pptx
CELL CYCLE Division Science 8 quarter IV.pptxCELL CYCLE Division Science 8 quarter IV.pptx
CELL CYCLE Division Science 8 quarter IV.pptxJiesonDelaCerna
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentInMediaRes1
 
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfFraming an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfUjwalaBharambe
 
Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaPainted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaVirag Sontakke
 
internship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerinternship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerunnathinaik
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationnomboosow
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Celine George
 
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxthorishapillay1
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxOH TEIK BIN
 
भारत-रोम व्यापार.pptx, Indo-Roman Trade,
भारत-रोम व्यापार.pptx, Indo-Roman Trade,भारत-रोम व्यापार.pptx, Indo-Roman Trade,
भारत-रोम व्यापार.pptx, Indo-Roman Trade,Virag Sontakke
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxiammrhaywood
 
Biting mechanism of poisonous snakes.pdf
Biting mechanism of poisonous snakes.pdfBiting mechanism of poisonous snakes.pdf
Biting mechanism of poisonous snakes.pdfadityarao40181
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfSumit Tiwari
 
History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptxHistory Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptxsocialsciencegdgrohi
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTiammrhaywood
 
DATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersDATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersSabitha Banu
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxmanuelaromero2013
 

Recently uploaded (20)

CELL CYCLE Division Science 8 quarter IV.pptx
CELL CYCLE Division Science 8 quarter IV.pptxCELL CYCLE Division Science 8 quarter IV.pptx
CELL CYCLE Division Science 8 quarter IV.pptx
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media Component
 
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfFraming an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
 
Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaPainted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of India
 
internship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerinternship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developer
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communication
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 
OS-operating systems- ch04 (Threads) ...
OS-operating systems- ch04 (Threads) ...OS-operating systems- ch04 (Threads) ...
OS-operating systems- ch04 (Threads) ...
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
 
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptx
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptx
 
भारत-रोम व्यापार.pptx, Indo-Roman Trade,
भारत-रोम व्यापार.pptx, Indo-Roman Trade,भारत-रोम व्यापार.pptx, Indo-Roman Trade,
भारत-रोम व्यापार.pptx, Indo-Roman Trade,
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
 
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
 
Biting mechanism of poisonous snakes.pdf
Biting mechanism of poisonous snakes.pdfBiting mechanism of poisonous snakes.pdf
Biting mechanism of poisonous snakes.pdf
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
 
History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptxHistory Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
 
DATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersDATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginners
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptx
 

Next Generation DDoS Services – can we do this with NFV? - CF Chui

  • 1. RIGHT © 2018 NETSCOUT SYSTEMS, INC. 1
  • 2. RIGHT © 2018 NETSCOUT SYSTEMS, INC. 2 NEXT GENERATION DDoS SERVICES an we do this with NFV? F Chui, Principal Security Technologist
  • 3. RIGHT © 2018 NETSCOUT SYSTEMS, INC. 3 •  While the size of the very largest attack was down, proportion of volumetric attacks was up overall •  Attackers realized that there is very little you can do with 800 Gbps of firepower that you can’t do with 60 Gbps •  Marked increase in the complexity of attacks olumetric Attacks Are Down in Peak Size 0 200 400 600 800 1000 1200 1400 1600 1800 2000 Jan-17 Feb-17 Mar-17 Apr-17 May-17 Jun-17 Jul-17 Aug-17 Sep-17 Oct-17 Nov-17 Dec-17 Jan-18 Feb-18 Mar-18 DDoS peak attack size (Gbps) - Global
  • 4. RIGHT © 2018 NETSCOUT SYSTEMS, INC. 4 Attack Innovation Seen at the Edge ulti-vector attacks combine high lume floods, application-layer attacks nd TCP-state exhaustion attacks in a ngle sustained offensive, increasing tigation complexity and attacker's ance for success sing Complexity 20% increase over last year
  • 5. RIGHT © 2018 NETSCOUT SYSTEMS, INC. 5 Across All Business Types eaponization of botnets and cheap DoS for hire services threaten all usiness types hese same verticals are driving emand for DDoS services oud and IoT are having an impact 22% of ISPs see attacks originating from on-net IoT 36% see attacks targeting cloud services, up from a quarter ot Just ‘The Usual Suspects’
  • 6. RIGHT © 2018 NETSCOUT SYSTEMS, INC. 6 DN & NFV Proportion of SP with SDN or NFV in production has doubled over previous year Operational Concerns, Interoperability, and Cost leading barriers to SDN / NFV
  • 7. RIGHT © 2018 NETSCOUT SYSTEMS, INC. 7 What is NFV? Deploy network services on generic x86-based hardware Flexible resource allocation Scale-out architectures Bare-metal or virtual machines Typical router HW architecture
  • 8. RIGHT © 2018 NETSCOUT SYSTEMS, INC. 8 •  Programmable infrastructure •  Stable, common interface* •  Lifecycle management of virtual network functions •  Must be able to associate services •  Refined control of network path Requirements for NFV
  • 9. RIGHT © 2018 NETSCOUT SYSTEMS, INC. 9 NFV eco-system – enter ETSI NFV ropean Telecommunications Standards Institute Reference architecture for NFV Developed by European Telecommunications Standards Institute, 2012 Define key components and relationships tp://www.etsi.org/
  • 10. RIGHT © 2018 NETSCOUT SYSTEMS, INC. 10 NFV reference architecture Virtual infrastructure manager •  Virtual resource allocation and management •  Virtual resource operations •  Example: OpenStack, CloudStack, vCloud Director VNF manager: VNF lifecycle management •  VNF instantiation and termination •  VNF query & configuration •  VNF scaling Service Orchestrator •  Map service requests into VNFs •  Request VNF instantiation and provisioning
  • 11. RIGHT © 2018 NETSCOUT SYSTEMS, INC. 11 NFV reference architecture utomation and Orchestration selection criteria Orchestration system requirements •  Service templates •  Automatic provisioning Appliance requirements •  APIs •  Prefer REST
  • 12. RIGHT © 2018 NETSCOUT SYSTEMS, INC. 12 Why would we want NFV? Run network services on 3d party server vendors Reduce maintenance cost and sparing Reduce number of redundant components Reduce time-to-market and time-to-deployment Increase flexibility and agility Increase resource utilization Replace CAPEX (h/w) model to OPEX (subscription) Pay-as-You-Grow model works well
  • 13. RIGHT © 2018 NETSCOUT SYSTEMS, INC. 13 •  Product deliver challenges –  Packaging –  Multi-vendor integration –  Support –  Licensing –  Integration orchestration systems •  Provisioning challenges –  Service decomposition –  Sevice provisioning –  Service insertion and stitching –  VM orchestration NFV Challenges •  Operation challenges –  High availability –  Auto-scaling –  Service monitoring –  Monitoring an auditing of scale-out infrastructure
  • 14. RIGHT © 2018 NETSCOUT SYSTEMS, INC. 14 Orchestration and automation –  Service decomposition –  Integration with orchestration/provisioning systems –  Provisioning and configuration automation –  High-availability (auto-healing) –  Auto-scaling –  Service insertion for transparent services –  On-demand service chaining –  No standard deployment process or API Licensing challenges –  Vendors like to license boxes (instances), not throughput NFV Challenges
  • 15. RIGHT © 2018 NETSCOUT SYSTEMS, INC. 15 •  Reduced CapEx/OpEx, TCO(?) •  COTS hardware •  Autoscaling services: deploy at need, eliminate idle virtual resources •  Programmability means customizability •  Service function chaining romised NFV payoff?
  • 16. RIGHT © 2018 NETSCOUT SYSTEMS, INC. 16 elco Services offering through NFV •  A way to leapfrog competition •  A way to roll out new services faster •  A way to reach customers not connected to their network Firewall Remote VPN WAF Anti-SPAM Anti-DDoS IPS Vulnerability scanning Endpoint Secuirty Web security GW DLP PKI IDM Security Operations Center
  • 17. RIGHT © 2018 NETSCOUT SYSTEMS, INC. 17 xperience sharing - implement DDoS mitigation service Choosing MANO vendor Choosing Infra-structure & SDN vendor Choosing NFV vendor
  • 18. RIGHT © 2018 NETSCOUT SYSTEMS, INC. 18 A superficial review of how things work se Cloudband as an example   Operator creates service templates in the catalog   User logs into portal and subscribes to the service   Portal calls Cloudband Network Director or CBND (NFV-O module)   CBND calls Cloudband Application Manager or CBAM (VNFM module) to create VNFs, OpenStack (VIM) to provision compute resources and calls Nuage (SDN controller) to create a service chain   CBAM deploys VNFs and then monitors their lifecycle NFVO VNFM VIM VNF NFVI Service Catalog Compute Network Storage Portal SDN controller 1 2 3 4 5
  • 19. RIGHT © 2018 NETSCOUT SYSTEMS, INC. 19 essons learned •  License model which is closer to what user would like to pay for: •  based on actual mitigated/inspected traffic volume (consumption- based license) •  based on clean traffic •  HA support for VNFs. •  Configuration synchronization •  Backup license? •  User Portal console •  Multi-tenancy •  KPIs to monitor VNF health. •  How does VNF-M learn that mitigation device went down? •  KPIs to trigger scale up / scale down •  VNF-M needs to resize VNF – compute and license
  • 20. RIGHT © 2018 NETSCOUT SYSTEMS, INC. 20 VNFs must have programmable interfaces –  Enhance APIs Element management –  Provide client libraries or orchestration modules –  Python module, Ansible module, NSO NED? Provide customers with sample templates, playbooks –  HOT, TOSCA, NSO VNFD, Ansible Consideration for choosing NFV
  • 21. RIGHT © 2018 NETSCOUT SYSTEMS, INC. 21 Arbor’s NFV strategy Virtualizing platforms and services –  SP, TMS, APS all virtualized Flexible licensing –  Pay-as-you-grow Orchestration –  Cisco Network Services Orchestrator –  Nokia CloudBand –  OpenStack Tacker
  • 22. RIGHT © 2018 NETSCOUT SYSTEMS, INC. 22 Thank You. ww.netscout.com ontact: cfchui@arbor.net