Campus SDN
Transcript of Campus SDN
SDN Solutions Showcase, October 14-17, 2014 © 2014 Open Networking Foundation
SDNSOLUTIONSSHOWCASE
Campus SDN ONF SDN Solutions Showcase Theme Demonstrations
1
SDN Solutions Showcase, October 14-17, 2014 © 2014 Open Networking Foundation
SDNSOLUTIONSSHOWCASE
Scalable Threat Protection for Campus & DC Blue Coat Systems, Advanced Threat Protection Big Switch Networks, SDN Monitoring using Big Tap
2
Advanced Threat Protection
Big Tap Scalable SDN Monitoring Fabric
Datacenter-Wide Security Monitoring & Threat Protection
SDN Solutions Showcase, October 14-17, 2014 © 2014 Open Networking Foundation
SDNSOLUTIONSSHOWCASE
About Blue Coat & Big Switch
3
•! Blue Coat Systems, Inc. –! Advanced Threat Protection / Security Lifecycle Defense
•! Threat Intelligence •! Secure Web Gateway (Proxy++) •! Security Analytics & Forensics •! SSL Visibility / Encrypted Traffic Management •! Malware Analysis Platform
•! Big Switch Networks –! Big Tap Monitoring Fabric
•! Pervasive Monitoring –! TAP every rack, TAP every location
•! Flexible scale-out deployment •! Operational simplicity/programmability •! Significant cost savings (bare-metal switches)
SDN Solutions Showcase, October 14-17, 2014 © 2014 Open Networking Foundation
SDNSOLUTIONSSHOWCASE
Post-Prevention Security Gap
4
84%
Initial Attack to Compromise
78%
Initial Compromise to Discovery
Hours 60%
Days 13%
weeks 2% Seconds
11% Minutes 13%
Months 62%
Weeks
12%
Days
11%
Hours
9% Years
4%
SDN Solutions Showcase, October 14-17, 2014 © 2014 Open Networking Foundation
SDNSOLUTIONSSHOWCASE
Post-Prevention Security Gap
5
NG
FW
IDS
/ IP
S
Hos
t AV
Web
Gat
eway
SIE
M
Em
ail G
atew
ay
DLP
Web
App
licat
ion
Fire
wal
l
Advanced Threat Protection
•! Content
•! Detection
•! Analytics
•! Context
•! Visibility
•! Analysis
•! Intelligence
SIGNATURE-BASED DEFENSE-IN-DEPTH TOOLS
Nation States Cybercriminals
Hacktivists Insider-Threats
Threat Actors
Known Threats Known Malware
Known Files Known IPs/URLs
Traditional Threats
Novel Malware Zero-Day Threats Targeted Attacks Modern Tactics &
Techniques
Advanced Threats
SSL
SDN Solutions Showcase, October 14-17, 2014 © 2014 Open Networking Foundation
SDNSOLUTIONSSHOWCASE
Monitoring Threats with SDN
6
TRADITIONAL ARCHITECTURE
TAP AND TOOL SILOS WITH
NETWORK PACKET BROKERS (NPBs)
1G SPAN
10G SPAN
TAP 1/10G
TAP 1/10G TAP 1/10G
NPB
NPB
NPB
PRODUCTION NETWORK
1G to 10G Migration
10G to 40G Migration
Control Network
NPB NPB
Bar
e M
etal
, Sca
labl
e Fa
bric
1G/10G/40G Tool Farm
NPB Services
Big Tap Controller
Bar
e M
etal
, Sca
labl
e Fa
bric
B
are
Met
al, S
cala
ble
Fabr
ic
Bar
e M
etal
, Sca
labl
e Fa
bric
Tool Farm
Bar
e M
etal
, Sca
labl
e Fa
bric
B
are
Met
al, S
cala
ble
Fabr
ic
Bar
e M
etal
, Sca
labl
e Fa
bric
B
are
Met
al, S
cala
ble
Fabr
ic
Control Network
1G SPAN
10G SPAN
TAP 1/10G
TAP 1/10G TAP 1/10G
PRODUCTION NETWORK
NEXT GENERATION ARCHITECTURE
BARE METAL SDN MONITORING FABRIC
SDN Solutions Showcase, October 14-17, 2014 © 2014 Open Networking Foundation
SDNSOLUTIONSSHOWCASE
Visibility Where Needed
7
NPB
FILL
TER
PO
RTS
DE
LIV
ER
Y P
OR
TS
SERVICE PORTS
1/10/40G ETHERNET MONITORING FABRIC BLUE COAT
NPB
PRIMARY DATA CENTER(S)
CENTRALIZED
BIG TAP CONTROLLER
REMOTE SITES
PRODUCTION NETWORK
L2-GRE Tunnels
1G SPAN
10G SPAN
TAP 1/10G TAP 1/10G
TAP 1/10G
DATA CENTER PRODUCTION
NETWORK Advanced Threat
Protection
SDN Solutions Showcase, October 14-17, 2014 © 2014 Open Networking Foundation
SDNSOLUTIONSSHOWCASE
Scalability in SDN Campus/DC Big Tap
Controller
Control Network
BLUE COAT Threat Protection
Network
SDN Solutions Showcase, October 14-17, 2014 © 2014 Open Networking Foundation
SDNSOLUTIONSSHOWCASE
Dynamic Policy Creation via REST API
9 (c) 2014, BIG SWITCH NETWORKS, INC. PROPRIETARY AND CONFIDENTIAL
SPAN
SPAN
TAP
TAP
PRODUCTION NETWORK
•! Invoke REST API of the Big Tap Monitoring Fabric
•! Dynamically provision / activate / update the policy
•! The Intruder Traffic is now replicated to the malware analysis device
Control Network
NPB NPB
1G/10G/40G Tool Farm
Big Tap Controller
Control Network
F1
D1
D2
Normal packet
Intruder Packet
BLUE COAT SECURITY ANALYTICS
BLUE COAT MALWARE ANALYSIS DEVICE
Big Tap Controller
Tool Farm
D1 D1
D2 D2 D2 D2 D2
BLUE COAT SECURITY
BLUE COAT MALWARE ANALYSIS DEVICE
SDN Solutions Showcase, October 14-17, 2014 © 2014 Open Networking Foundation
SDNSOLUTIONSSHOWCASE
Going to Video…
10
•! Recap –! Today’s security landscape requires rapid response
•! Impossible to block unknown-unknowns –! Effective security tools require DVR functionality, context and
analytics to expedite root cause •! Forensics requires retrospect, context and content
–! SDN enables efficiency and scalability in a cost effective package •! Scalable visibility, tool efficiency
–! API integration enables ‘smart TAP’ functionality for intelligent monitoring
•! Capture interesting or suspect traffic –! Support for partitioned Multi-tenancy
•! Need to securely share ‘co-mingled’ data discretely •! For more information, see us at our booth •! Let’s go to the demo •! Thank you for your time!