Bro: a system for detecting network intruders in real-time
Computer Networks: The International Journal of Computer and Telecommunications Networking
ACM Transactions on Computer Systems (TOCS)
Chord: A scalable peer-to-peer lookup service for internet applications
Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
Internet indirection infrastructure
Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications
On the characteristics and origins of internet flow rates
Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications
Cyber defense technology networking and evaluation
Communications of the ACM - Homeland security
Data Center Fundamentals
A virtualized link layer with support for indirection
Proceedings of the ACM SIGCOMM workshop on Future directions in network architecture
A clean slate 4D approach to network control and management
ACM SIGCOMM Computer Communication Review
Design and implementation of a routing control platform
NSDI'05 Proceedings of the 2nd conference on Symposium on Networked Systems Design & Implementation - Volume 2
Middleboxes no longer considered harmful
OSDI'04 Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6
Why do internet services fail, and what can be done about it?
USITS'03 Proceedings of the 4th conference on USENIX Symposium on Internet Technologies and Systems - Volume 4
Ethane: taking control of the enterprise
Proceedings of the 2007 conference on Applications, technologies, architectures, and protocols for computer communications
dfence: transparent network-based denial of service mitigation
NSDI'07 Proceedings of the 4th USENIX conference on Networked systems design & implementation
Flow processing and the rise of commodity network hardware
ACM SIGCOMM Computer Communication Review
PLUG: flexible lookup modules for rapid deployment of new protocols in high-speed routers
Proceedings of the ACM SIGCOMM 2009 conference on Data communication
Enhancing dynamic cloud-based services using network virtualization
Proceedings of the 1st ACM workshop on Virtualized infrastructure systems and architectures
Delegating network security with more information
Proceedings of the 1st ACM workshop on Research on enterprise networking
Internet-in-a-Box: emulating datacenter network architectures using FPGAs
Proceedings of the 46th Annual Design Automation Conference
Enhancing dynamic cloud-based services using network virtualization
ACM SIGCOMM Computer Communication Review
Supporting communities in programmable grid networks: gTBN
IM'09 Proceedings of the 11th IFIP/IEEE international conference on Symposium on Integrated Network Management
High throughput and large capacity pipelined dynamic search tree on FPGA
Proceedings of the 18th annual ACM/SIGDA international symposium on Field programmable gate arrays
Symbiotic routing in future data centers
Proceedings of the ACM SIGCOMM 2010 conference
No more middlebox: integrate processing into network
Proceedings of the ACM SIGCOMM 2010 conference
ElasticTree: saving energy in data center networks
NSDI'10 Proceedings of the 7th USENIX conference on Networked systems design and implementation
ShadowNet: a platform for rapid and safe network evolution
USENIX'09 Proceedings of the 2009 conference on USENIX Annual technical conference
Mosaic: policy homomorphic network extension
Proceedings of the 4th International Workshop on Large Scale Distributed Systems and Middleware
Secure cloud computing with a virtualized network infrastructure
HotCloud'10 Proceedings of the 2nd USENIX conference on Hot topics in cloud computing
Extensible and scalable network monitoring using OpenSAFE
INM/WREN'10 Proceedings of the 2010 internet network management conference on Research on enterprise networking
OpenGate: Towards an open network services gateway
Computer Communications
Efficient dynamic task scheduling in virtualized data centers with fuzzy prediction
Journal of Network and Computer Applications
Managing data transfers in computer clusters with orchestra
Proceedings of the ACM SIGCOMM 2011 conference
Understanding network failures in data centers: measurement, analysis, and implications
Proceedings of the ACM SIGCOMM 2011 conference
CloudNaaS: a cloud networking platform for enterprise applications
Proceedings of the 2nd ACM Symposium on Cloud Computing
The middlebox manifesto: enabling innovation in middlebox deployment
Proceedings of the 10th ACM Workshop on Hot Topics in Networks
Design and implementation of a consolidated middlebox architecture
NSDI'12 Proceedings of the 9th USENIX conference on Networked Systems Design and Implementation
Making middleboxes someone else's problem: network processing as a cloud service
Proceedings of the ACM SIGCOMM 2012 conference on Applications, technologies, architectures, and protocols for computer communication
Outsourcing network functionality
Proceedings of the first workshop on Hot topics in software defined networks
Making middleboxes someone else's problem: network processing as a cloud service
ACM SIGCOMM Computer Communication Review - Special october issue SIGCOMM '12
Toward software-defined middlebox networking
Proceedings of the 11th ACM Workshop on Hot Topics in Networks
xOMB: extensible open middleboxes with commodity servers
Proceedings of the eighth ACM/IEEE symposium on Architectures for networking and communications systems
SIMPLE-fying middlebox policy enforcement using SDN
Proceedings of the ACM SIGCOMM 2013 conference on SIGCOMM
FlowTags: enforcing network-wide policies in the presence of dynamic middlebox actions
Proceedings of the second ACM SIGCOMM workshop on Hot topics in software defined networking
A slick control plane for network middleboxes
Proceedings of the second ACM SIGCOMM workshop on Hot topics in software defined networking
Demystifying the dark side of the middle: a field study of middlebox failures in datacenters
Proceedings of the 2013 conference on Internet measurement conference
SoftCell: scalable and flexible cellular core network architecture
Proceedings of the ninth ACM conference on Emerging networking experiments and technologies
Enforcing network-wide policies in the presence of dynamic middlebox actions using flowtags
NSDI'14 Proceedings of the 11th USENIX Conference on Networked Systems Design and Implementation
Hi-index | 0.00 |
Data centers deploy a variety of middleboxes (e.g., firewalls, load balancers and SSL offloaders) to protect, manage and improve the performance of applications and services they run. Since existing networks provide limited support for middleboxes, administrators typically overload path selection mechanisms to coerce traffic through the desired sequences of middleboxes placed on the network path. These ad-hoc practices result in a data center network that is hard to configure and maintain, wastes middlebox resources, and cannot guarantee middlebox traversal under network churn. To address these issues, we propose the policy-aware switching layer or PLayer, a new layer-2 for data centers consisting of inter-connected policy-aware switches or pswitches. Unmodified middleboxes are placed off the network path by plugging them into pswitches. Based on policies specified by administrators, pswitches explicitly forward different types of traffic through different sequences of middleboxes. Experiments using our prototype software pswitches suggest that the PLayer is flexible, uses middleboxes efficiently, and guarantees correct middlebox traversal under churn.