2018 Technology Exchange

Use Internet2 SiteID

Already have an Internet2 SiteID?
Sign in here.

Internet2 SiteID

Bro NSM in WAN Context

Time 10/16/18 09:00AM-09:50AM

Room Pacifica Ballroom 8/9

Session Abstract

Building out a network security monitor at the speed and scale of a large scientific carrier network is an intricate task. It is also a task that can be accomplished given the right data to guide the endeavor. ESnet has been piloting and expanding the "Bro on the WAN” (BoW) service in an effort to provide better visibility into scan detection, DoS mitigation, and traffic visibility, and to better highlight actionable data. In this talk we will discuss the process involved with prototyping this as an internal service, discuss the data analytics we leveraged to better refine our scope and scale, and explain what lessons were learned along the way.


Speaker Nick Buraglio ESnet (DOE Office of Science - Energy Sciences Network)

Speaker Scott Campbell Lawrence Berkeley National Laboratory (LBNL)

Presentation Media

Primary track Information Security

Secondary tracks Advanced Networking

gold Sponsors

silver Sponsors

bronze Sponsors