SANE: A Protection Architecture for Enterprise Networks - PowerPoint PPT Presentation

About This Presentation
Title:

SANE: A Protection Architecture for Enterprise Networks

Description:

SANE: A Protection Architecture for Enterprise Networks. Offense by: Amit Mondal. Bert Gonzalez. SANE or INSANE? Single-point-of-failure ... – PowerPoint PPT presentation

Number of Views:57
Avg rating:3.0/5.0
Slides: 14
Provided by: abcde7
Category:

less

Transcript and Presenter's Notes

Title: SANE: A Protection Architecture for Enterprise Networks


1
SANE A Protection Architecture for Enterprise
Networks
  • Offense by
  • Amit Mondal
  • Bert Gonzalez

2
SANE or INSANE?
3
Single-point-of-failure
  • SANE design essentially reduces the whole network
    to a single DC.
  • If this DC fails or is compromised, the entire
    network is at stake.
  • Even with multiple DCs, the network is at a
    greater risk because there always a single
    point-of-failure
  • Compare with Tesseract A 4D Network Control
    Plane

4
Performance
  • Huge performance overhead!
  • Decryption is involved at every intermediate
    switches
  • Compare with IPSec
  • Computation burden on the network switches?
    Bottleneck!
  • Decryption per packet

5
Scalability
  • Is SANE architecture scalable?
  • Every sender needs to get capabilities
    (encrypted source routes) from the DC to
    communicate with any other hosts
  • DC becomes a bottleneck!
  • Route computation, capability computation etc.

6
Network Visibility
  • Network switches are reduced to dumb entities
  • Network Monitoring
  • Troubleshooting
  • Traceroute
  • Failure detection
  • Dynamic failover
  • Convergence time?
  • Network partitioning

7
Packet Forwarding in Dark
  • Strict switch-level source routing
  • Dynamic load balancing
  • Traffic Engineering
  • Virus, worm propagation
  • Prevents deployment of advanced transport
    protocols e.g. XCP

8
Resiliency against attack
  • Resource exhaustion
  • simply generates a new key this invalidates
    all existing capabilities
  • What about the ongoing behaved flows?
  • They are just victim of DoS attack
  • Attack against routing infrastructure
  • Misbehaving switch
  • Advertise fake paths to DC!
  • Compromised DC?

9
Implementation and Evaluation
  • interconnecting seven physical hosts on 100
    Mb Ethernet
  • only a few domain controller are necessary to
    handle DC requests from ten of thousands of end
    host.
  • No justification, no evaluation!

10
Multiple DC?
  • Consistency among multiple DC?
  • If someone can configure and manage multiple DCs
    then whats the big difference from configuring
    and managing firewalls, NATs and ACLs?

11
Performance bottleneck
  • Encryption/Decryption overhead
  • 99 of CPU time was spent on decryption alone
    leading to poor throughput performance

12
Hardware Implementation
  • Cisco Catalyst 6513 Switch (Latest Model)
  • Can perform MAC level encryption at 10 Gb/s
  • Misleading Model support 10 Gbps Ethernet, does
    not mean it encrypts at that speed.
  • Cisco states with the use of a Service Module,
    2 Gbps of encryption can be provided.

13
Security Tests
  • Revocation
  • Not Tested
  • DoS Attacks
  • Not Tested
  • Flooding Attacks
  • Not Tested
  • Malicious DCs
  • Not Tested
  • Only one DC!
  • Evaluations show that SANE can fit into a network
    but does not show that it makes a network more
    secure!
  • Secure Architecture for the Networked Enterprise
  • SANE A Protection Architecture for Enterprise
    Networks
Write a Comment
User Comments (0)
About PowerShow.com