2014 Internet2 Global Summit

close
Use Internet2 SiteID

Already have an Internet2 SiteID?
Sign in here.

Internet2 SiteID

Your organization not listed? Create a local account to use Internet2 services.

Create SiteID

Firewall on Demand: Multidomain Security Using BGP Flowspec Via a Web Platform Solution

Time 04/09/14 04:30PM-05:30PM

Room Plaza Court 1

Session Abstract

Security is a major concern of today’s networks and in particular reactive protection against network attacks. In this submission a new security provisioning service is presented, named Firewall on Demand (FoD), that was developed in-house by GRNET NOC, using open-source tools. FoD is based on bgp flowspec and it allows users to mitigate attacks in seconds. Currently, it is deployed in GRNET’s production network, in certain PSNC (Poland) metro networks, while there is interest from BELNET (Belgium) to deploy it. Within the next months, the service will be extended in the GEANT domain, allowing for DDoS mitigation closer to their origin. FoD is expected to be added to GEANT’s advanced services portfolio. The points that make FoD unique are its open-source code, the incorporation of a web GUI that speeds up attack mitigations and the interaction with the devices which is carried out by NETCONF. On top of these, and since the service is based on bgp flowspec, add the nature of bgp that allows for deployment in multi-domain environments with minimum overhead. FoD has been used to mitigate several DDoS attacks, the largest of which were a 12Gbps and a 7.5Gbps. Platform: https://fod.grnet.gr, source code : https://code.grnet.gr/projects/flowspy, docs: http://flowspy.readthedocs.org/en/latest/

Speakers

Speaker Leonidas Poulopoulos GRNET

Speaker Wayne Routly GEANT/DANTE

Speaker Jeffrey Haas Juniper Networks

Presentation Media

Primary track Innovative Partnerships, Uses and Applications

Secondary tracks Advanced Network Services and Leadership National/Regional Collaboration Industry Partnership Development and Engagement Innovative Partnerships, Uses and Applications Security Network Planning and Engineering International

platinum Sponsors

gold Sponsors

silver Sponsors

supporter Sponsors