TRAFFIC MANAGEMENT SYSTEMS AN IMPACT ANALYSES
2y ago
127 Views
1 Downloads
1.08 MB
29 Pages
Report/dmca
Download PDF

Transcription

T RAFFIC M ANAGEMENT S YSTEMSA N I MPACT A NALYSES

A GENDA Problem Statement Approach Protocol Basics Data Sets Network Structure Data Analysis and Results Challenges Future Work Q&A

P ROBLEM S TATEMENTIn the busy world of the Internet, users arepretty much able to derive any content theycan imagine. With the limited amount ofbandwidth available to ISPs, the growingconcern they may have is regardingcontrolling the traffic to make improvementsfor efficiency. This project will serve as theanalysis of the technical impacts ofimplementing a traffic management system.

A PPROACH Categorize the Data (Know Your Network) Web (HTTP/HTTPS) FTP Streaming Audio Streaming VideoClassify the Data (Know the Internet) Legitimate Illegitimate

T RAFFIC M ANAGEMENTS YSTEMS Know how they work together Products: Zeus Technology’s Zeus Extensible TrafficManager (ZXTM) Secure Computing’s Secure Web Smart Filter ARA Network’s Traffic Monitor

P ROTOCOL B ASICS - FTP

P ROTOCOL B ASICS - W EB

D ATA S ETS Two data sets from DatCat from the “Day In TheLife”, or DITL, Internet Project Collected from the Abilene Network Juniper T‐640 routers (Internet2)Cities: Atlanta, GA; Chicago, IL; Houston, TX; Kansas City,MO; Los Angeles, CA; New York, NY; Salt Lake City,UT

D ATA S ETS 2007 Summary: NetFlow v5 data Sampling ratio: 1/100 Anonymized: last 11 bits set to zero Start Time: 2007‐01‐09 00:00 UTC ( 0000) End Time: 2007‐01‐11 00:00:01 UTC ( 0000) Duration: 2 days 00:00:01 (172801.0 s)

D ATA S ETS 2008 Summary: NetFlow v5 data Sampling ratio: 1/100 Anonymized: last 11 bits set to zero Start Time 2008‐03‐19 00:00 UTC ( 0000) End Time 2008‐03‐20 00:00 UTC ( 0000) Duration 1 Day (86400.0 s)

N ETWORK S TRUCTURE Many partners connecting to each other Extremely high speed connections Working together for fast application delivery Each partner has it’s own Internet connection Should be able to see source and destination forone location juxtaposed in another location Sampling and Anonymization

N ETWORK S TRUCTURE

N ETWORK S TRUCTURE

D ATA A NALYSISFTP Analysis Filtered out the traffic Port 21 – control traffic Port 20 – data trafficSorted the data Bytes Packets

P ORT 21Identified the major players between whom thecommunication was taking 1.8.021193.233.8.0 5045815000102008/10/ 2008/10/12T12:51 12T12:52:58.835:33.402163.221.8.021193.233.8.0 5045815000102008/10/ 2008/10/12T12:51 12T12:52:54.361:33.060128.113.24.021193.233.8.0 6318115620112008/10/ 2008/10/12T12:52 12T12:52:19.249:50.711

P ORT 21 Identified the bytes, and packets sent acrossthese major IP’s IP: 163.221.8.0 Packets: 1300 Bytes: 350,019 Duration: 3 hours

P ORT 21 Results Re‐Analysis Large amount of data transferred for a long time.Conversation on any other port?Results Same results. No other conversation

P ORT 20 Analyzed the data traffic for port 20 Results Conversation happened between a few IPaddresses for a long timeRe‐Analysis Conversation on any other port?

O THER C ONVERSATION Conversation over port 21 and 00

D ATA A NALYSISWeb Analysisa)sIP Profiled the data to Recordsfind out the majorclients and 8.087982128.30.48.020759872.164.152.085542

W EB A NALYSES Filtered the data to get more 23140.211.160.08047693112237082585044

W EB A NALYSES Picked up a few IP address serving as aServer and as a ass861195282Fail449463399886

W EB A NALYSES Re‐Analyzed the data Web Analysis Results Conversation happening on port 80 and port 443. Data is anonymized, so cannot confirm.

D ATA A NALYSIS FTP Control Port Lots of traffic No DataData Port Lots of Data No ControlWhy? Sampling/Anonymization

D ATA A NALYSIS Web Server with the most flows Only used port 80 Looked for most bytes/packets as well Looked for HTTPS‐only servers Need script to assist

D ATA A NALYSIS Tangent Port 443 on port 80 only server 2 clients What else were they doing? Online Gaming? Other?

C HALLENGES Logistical Focus/Tangents (AADD?) Project Manager Resource AvailabilityTechnical Poor data set choice? Anonymization Sampling Resource Skill Level

F UTURE W ORK Continue to look at the network Categorization of what we found and Streaming Audio andStreaming VideoLook at the Internet Classification of the data Investigate Traffic Management Systems Determine Impact of TMS Finalize report Data Validation

Zeus Technology’s Zeus Extensible Traffic Manager (ZXTM) Secure Computing’s Secure Web Smart Filter ARA Network’s Traffic Monitor. PROTOCOL BASICS-FTP. PROTOCOL BASICS-WEB. DATA SETS Two data sets from DatCat

Related Books

Managing SIP traffic with Zeus Traffic Manager

Managing SIP traffic with Zeus Traffic Manager

The Defence of Civilian Air Traffic Systems from Cyber Threats

The Defence of Civilian Air Traffic Systems from Cyber Threats

The Impact of Management Information Systems on the .

The Impact of Management Information Systems on the .

BIG-IP Local Traffic Management: Basics - F5

BIG-IP Local Traffic Management: Basics - F5

Configuration Guide for BIG-IP Local Traffic Management - F5

Configuration Guide for BIG-IP Local Traffic Management - F5

Chapter 1 : Importance and Impact of ERP Systems on .

Chapter 1 : Importance and Impact of ERP Systems on .

Assessing the Impact of Implementing ERP Systems on the .

Assessing the Impact of Implementing ERP Systems on the .

MANUAL OF POLICE TRAFFIC SERVICES POLICIES AND PROCEDURES

MANUAL OF POLICE TRAFFIC SERVICES POLICIES AND PROCEDURES

Configuration Guide for F5 BIG-IP Local Traffic Manager .

Configuration Guide for F5 BIG-IP Local Traffic Manager .

Wireshark Packet & Traffic Analysis

Wireshark Packet & Traffic Analysis

and Using Wireshark for Capturing Network Traffic

and Using Wireshark for Capturing Network Traffic

An Insight in to Network Traffic Analysis using Packet Sniffer

An Insight in to Network Traffic Analysis using Packet Sniffer

PopularTags

Recent Views