16–20 Oct 2017
KEK
Asia/Tokyo timezone

Network Automation for Intrusion Detection System

18 Oct 2017, 16:50
25m
KEK

KEK

1-1 Oho, Tsukuba, Ibaraki 305-0801 Japan 36°09'01.0"N 140°04'28.1"E 36.150290, 140.074485
Security & Networking Networking and security

Speaker

Adam Lukasz Krajewski (CERN)

Description

CERN networks are dealing with an ever-increasing volume of network traffic. The traffic leaving and entering CERN must be precisely monitored and analysed to properly protect the networks from potential security breaches. To provide the required monitoring capabilities, the Computer Security team and the Networking team at CERN have joined efforts in designing and deploying a scalable Intrusion Detection System (IDS). The initial setup, presented at the HEPiX Fall 2016 Workshop in Berkeley, featured a Brocade MLXe configured with OpenFlow to provide dynamic offload and selecting mirroring capabilities. Due to technical requirements, the setup has been evolved and currently leverages the Brocade SLX platform with network automation software (StackStorm / Brocade Workflow Composer) deployed for additional programmability and flexibility. The new technology stack is under testing with a promising perspective of production deployment in 2018.

Desired length 20

Primary author

Co-authors

Presentation materials