Proceedings Article10.1145/1282380.1282382
Ethane: taking control of the enterprise
Martin Casado,Michael J. Freedman,Justin Pettit,Jianying Luo,Nick McKeown,Scott Shenker +5 more
- 27 Aug 2007
- Vol. 37, Iss: 4, pp 1-12
TL;DR: Ethane allows managers to define a single network-wide fine-grain policy, and then enforces it directly, and this design is backwards-compatible with existing hosts and switches.
read more
Abstract: This paper presents Ethane, a new network architecture for the enterprise. Ethane allows managers to define a single network-wide fine-grain policy, and then enforces it directly. Ethane couples extremely simple flow-based Ethernet switches with a centralized controller that manages the admittance and routing of flows. While radical, this design is backwards-compatible with existing hosts and switches.We have implemented Ethane in both hardware and software, supporting both wired and wireless hosts. Our operational Ethane network has supported over 300 hosts for the past four months in a large university network, and this deployment experience has significantly affected Ethane's design.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
CCDM: Central Controller-Based Device Management Architecture and Method to Split Management Scripts
Akihiro Sugiyama,Hideya Ochiai,Hiroshi Esaki +2 more
- 20 Jul 2009
TL;DR: CCDM provides easy management of devices and distributed execution of gateways for sudden network disruptions and separate the management system to the control plane and the data plane.
An Efficient Approach to Resolve Covert Channels.
Muawia A. Elsadig,Yahia A. Fadlalla +1 more
- 01 Jan 2018
TL;DR: A design that is based on the fact that it is impossible inside a system for any process to recognize any user, for whom other processes are invoked, in order to covertly communicate with him or her identities of all users are hidden is proposed.
Isolation in Public Clouds: Threats, Challenges and Defenses
Venkatanathan Varadarajan
- 01 Jan 2015
TL;DR: In this article, the authors propose a method to solve the problem of the problem: this article... ]..,.. )].. [1].
2
•Proceedings Article
Ovid: a software-defined distributed systems framework
Deniz Altinbuken,Robbert van Renesse +1 more
- 20 Jun 2016
TL;DR: Ovid constructs and deploys distributed systems as a collection of simple components, creating systems suited for containerization in the cloud and supports evolution of systems through transformations, which are automated refinements.
Design of Scalable Control Plane via Multiple Controllers
Wenbo Chen,Xining Tian,Zhihao Shang +2 more
- 01 Jan 2016
TL;DR: An extensible SDN controller layer is designed with the use of existing cluster management technology, which avoids single point failure of the controllers and gives full play to every controller.
2
References
A clean slate 4D approach to network control and management
Albert Greenberg,Gisli Hjalmtysson,David A. Maltz,Andy Myers,Jennifer Rexford,Geoffrey G. Xie,Hong Yan,Jibin Zhan,Hui Zhang +8 more
- 06 Oct 2005
TL;DR: This work advocate a complete refactoring of the functionality and proposes three key principles--network-level objectives, network-wide views, and direct control--that it believes should underlie a new architecture, called 4D, after the architecture's four planes: decision, dissemination, discovery, and data.
Implementing a distributed firewall
Sotiris Ioannidis,Angelos D. Keromytis,Steve Bellovin,Jonathan M. Smith +3 more
- 01 Nov 2000
TL;DR: This paper presents the design and implementation of a distributed rewall using the KeyNote trust management system to specify, distribute, and resolve policy, and OpenBSD, an open source UNIX operating system.
•Proceedings Article
SANE: a protection architecture for enterprise networks
Martin Casado,Tal Garfinkel,Aditya Akella,Michael J. Freedman,Dan Boneh,Nick McKeown,Scott Shenker +6 more
- 31 Jul 2006
TL;DR: SANE offers strong attack resistance and containment in the face of compromise, yet is practical for everyday use, and can easily scale to networks of tens of thousands of nodes.
A quantitative study of firewall configuration errors
TL;DR: Analysis of real configuration data show that corporate firewalls are often enforcing rule sets that violate well established security guidelines.
475