SDN firewall
-
Upload
svasanth007 -
Category
Documents
-
view
245 -
download
0
Transcript of SDN firewall
-
8/15/2019 SDN firewall
1/11
Sdn Based
Hardware acceleratedFIREWALL
By Net Maniacs
Abhishek KatuluruArun Kumar LokreMohd Yusuf Abdul HamidVasantham Sudheer KumarSantosh Kalakonda
NETMANIACS
-
8/15/2019 SDN firewall
2/11
NET MANIACS
Problem statement
Te S!read o" Sapphire Worm in te #$ min%tesa"ter its release
In"ectedHosts
&$$Mb!
s
&'b!
s
&$
'b!s
#$$$$
#$$$
$$
#$$$$$$
L(SS
)&*+BILLI(N
-
8/15/2019 SDN firewall
3/11
Line Rate
&$$Mb!s
&'b!s &$'b!s
HostsA,ect
ed
$*----*-
&--*-.
--
Hardware
&-*-.
Per"ormance E/al%ation
&---*.
Firmware
Hardware 0!date time+%sFirmware 0!date time.$%s
ANAL1SI
S
Problem statement
-
8/15/2019 SDN firewall
4/11
2R(P
Firewall a!!lication o/er/iewNET MANIACS
C(NTR(L
NETFP'A
N(2E & N(2E + N(2E #
N!MAL "ACKET
"ACKET #ITH"ATTE!N
ALL(W3
RER(0TE 3
INST!$CTIN"ACKET
0P2ATE2 3
-
8/15/2019 SDN firewall
5/11
PR(4ECT ARCHITECT0RENET MANIACS
(0TP0T P(RT L((50P
ARBITER
FIF(
FIF(
CP0 CP0
RE6
R(0TEHWACC
ARBITER
RE6
R(0TEHWACC
(0TP0T 70E0E
L((50PHAR2WAR
E
INST!$CTIN"ACKET
0P2ATE2
-
8/15/2019 SDN firewall
6/11
C!% arcitect%reNET MANIACS
Instr%ction
MemoryRe8ister File
Branc
Lo8ic
2ata
MemoryAL0
Instr%ction
Memory
Re8ist
er File
Branc
Lo8ic
M$%
T&9A22
I2:E; MEM WB
Memory
Ma!!ed "orHW
Acc
Tread &
Trea
d +
T+9
LW
T&9SW
T+9
A22
-
8/15/2019 SDN firewall
7/11
FIF(B0S1
CP0B0S1
Fi"o desi8nNET MANIACS
NET MANIACS 2ESI'N
C(N?ENTI(NAL STATEMACHINE
START
FIF(B0S1
PR(CESSP5T
SEN2P5T
C(N?ENTI(NAL
2ESI'NR E S E T
PAC5ET
RECEI?E2
PAC5ETPR(CES
SE2
FIF(
ScratcMemory
$Rd@PtrWr@Ptr
+..+.-
.&&
FIF(Memory
MEM(R1
MemoryMa!!ed I:(
0! to.$
-
8/15/2019 SDN firewall
8/11
MATCHER
Matc
h
Matc
h
2eniedList
CAMMatc
FIREWALL Hardware AcceleratorNET MANIACS
Parse
Lo8ic
L((50P HAR2WARE
ACC* IP L((50P
Allow
edList
CAM
en en
ACTI(N
Pac=
et
Pac=
et
IP
Normal:Inst P=t
IP
-
8/15/2019 SDN firewall
9/11
Per"ormance com!arisonNET MANIACS
om&arison a'ainst the &en Sour(e )"I *ire+all,
erforman(e bet+een H-# and S-# in terms of. Throu'h&ut
Laten(/
Re"erences9
1)Jedhe, G.S.; Ramamoorthy, A.; Varghee, K., “A Scalable High Throughut !ire"all
i# !$GA,% The 1&th '#ter#atio#al Symo(ium o# !ield$rogrammable *u(tom*omuti#g +achi#e(, !**+-, $alo Alto, *A, /SA, Aril 101, 2--, . 032.
2) 4uildi#g !ire"all o5er the So6t"are7e8#ed 9et"or: *o#troller, +ichelle Suh,Sae Hyo#g $ar:, 4yu#goo# TR'?>lectro#ic( a#d Telecommu#icatio#( Re(earch '#(titute), Korea
-
8/15/2019 SDN firewall
10/11
)es(ri&tion Com&letion )ate
"hase 0 Multi1Core "ro(essor A&ril 2 3405
"hase 3 Multi1Core Multi1threaded "ro(essor A&ril 05 3405
"hase 6 Hard+are a((elerator desi'n A&ril 37 3405
"hase 5
Im&lementation and inte'ration of
a(tion table +ith &ro(essorIn "ro'ress
"hase 8 Testin' and 9eri:(ation In "ro'ress
Proect sced%leNET MANIACS
-
8/15/2019 SDN firewall
11/11
NET MANIACS