Introduction to Algorithms
Optimal configuration of OSPF aggregates
IEEE/ACM Transactions on Networking (TON)
Routing design in operational networks: a look from the inside
Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications
The case for separating routing from routers
Proceedings of the ACM SIGCOMM workshop on Future directions in network architecture
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
A clean slate 4D approach to network control and management
ACM SIGCOMM Computer Communication Review
A first look at modern enterprise traffic
IMC '05 Proceedings of the 5th ACM SIGCOMM conference on Internet Measurement
Network configuration management via model finding
LISA '05 Proceedings of the 19th conference on Large Installation System Administration Conference - Volume 19
Design and implementation of a routing control platform
NSDI'05 Proceedings of the 2nd conference on Symposium on Networked Systems Design & Implementation - Volume 2
SANE: a protection architecture for enterprise networks
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
CONMan: a step towards network manageability
Proceedings of the 2007 conference on Applications, technologies, architectures, and protocols for computer communications
Characterizing VLAN usage in an operational network
Proceedings of the 2007 SIGCOMM workshop on Internet network management
Configuration management at massive scale: system design and experience
ATC'07 2007 USENIX Annual Technical Conference on Proceedings of the USENIX Annual Technical Conference
Shedding light on the glue logic of the internet routing architecture
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
Automated provisioning of BGP customers
IEEE Network: The Magazine of Global Internetworking
New frontiers in internet network management
ACM SIGCOMM Computer Communication Review
Configuration management and security
IEEE Journal on Selected Areas in Communications - Special issue on network infrastructure configuration
A toolkit for automating and visualizing VLAN configuration
Proceedings of the 2nd ACM workshop on Assurable and usable security configuration
BUFFALO: bloom filter forwarding architecture for large organizations
Proceedings of the 5th international conference on Emerging networking experiments and technologies
A systematic approach for evolving VLAN designs
INFOCOM'10 Proceedings of the 29th conference on Information communications
On constructing efficient shared decision trees for multiple packet filters
INFOCOM'10 Proceedings of the 29th conference on Information communications
Cloudward bound: planning for beneficial migration of enterprise applications to the cloud
Proceedings of the ACM SIGCOMM 2010 conference
Scalable flow-based networking with DIFANE
Proceedings of the ACM SIGCOMM 2010 conference
CloudPolice: taking access control out of the network
Hotnets-IX Proceedings of the 9th ACM SIGCOMM Workshop on Hot Topics in Networks
SNMP-based enterprise IP network topology discovery
International Journal of Network Management
Generalized resource allocation for the cloud
Proceedings of the Third ACM Symposium on Cloud Computing
Hi-index | 0.00 |
Enterprise networks are important, with size and complexity even surpassing carrier networks. Yet, the design of enterprise networks is ad-hoc and poorly understood. In this paper, we show how a systematic design approach can handle two key areas of enterprise design: virtual local area networks (VLANs) and reachability control. We focus on these tasks given their complexity, prevalence, and time-consuming nature. Our contributions are three-fold. First, we show how these design tasks may be formulated in terms of network-wide performance, security, and resilience requirements. Our formulations capture the correctness and feasibility constraints on the design, and they model each task as one of optimizing desired criteria subject to the constraints. The optimization criteria may further be customized to meet operator-preferred design strategies. Second, we develop a set of algorithms to solve the problems that we formulate. Third, we demonstrate the feasibility and value of our systematic design approach through validation on a large-scale campus network with hundreds of routers and VLANs.