ACM Transactions on Computer Systems (TOCS)
SOSP '01 Proceedings of the eighteenth ACM symposium on Operating systems principles
Congestion control for high bandwidth-delay product networks
Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications
Internet indirection infrastructure
IEEE/ACM Transactions on Networking (TON)
Snort - Lightweight Intrusion Detection for Networks
LISA '99 Proceedings of the 13th USENIX conference on System administration
Why flow-completion time is the right metric for congestion control
ACM SIGCOMM Computer Communication Review
Drafting behind Akamai (travelocity-based detouring)
Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
Improving the reliability of internet paths with one-hop source routing
OSDI'04 Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6
Middleboxes no longer considered harmful
OSDI'04 Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6
CONMan: a step towards network manageability
Proceedings of the 2007 conference on Applications, technologies, architectures, and protocols for computer communications
OpenFlow: enabling innovation in campus networks
ACM SIGCOMM Computer Communication Review
A policy-aware switching layer for data centers
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
Packet caches on routers: the implications of universal redundant traffic elimination
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
Taming the torrent: a practical approach to reducing cross-isp traffic in peer-to-peer systems
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds
Proceedings of the 16th ACM conference on Computer and communications security
Greening the internet with nano data centers
Proceedings of the 5th international conference on Emerging networking experiments and technologies
Communications of the ACM
Cloudward bound: planning for beneficial migration of enterprise applications to the cloud
Proceedings of the ACM SIGCOMM 2010 conference
ETTM: a scalable fault tolerant network manager
Proceedings of the 8th USENIX conference on Networked systems design and implementation
CloudNaaS: a cloud networking platform for enterprise applications
Proceedings of the 2nd ACM Symposium on Cloud Computing
The middlebox manifesto: enabling innovation in middlebox deployment
Proceedings of the 10th ACM Workshop on Hot Topics in Networks
IEEE Network: The Magazine of Global Internetworking
Outsourcing network functionality
Proceedings of the first workshop on Hot topics in software defined networks
Communications of the ACM
Queue - The Internet
Hi-index | 0.02 |
Modern enterprises almost ubiquitously deploy middlebox processing services to improve security and performance in their networks. Despite this, we find that today's middlebox infrastructure is expensive, complex to manage, and creates new failure modes for the networks that use them. Given the promise of cloud computing to decrease costs, ease management, and provide elasticity and fault-tolerance, we argue that middlebox processing can benefit from outsourcing the cloud. Arriving at a feasible implementation, however, is challenging due to the need to achieve functional equivalence with traditional middlebox deployments without sacrificing performance or increasing network complexity. In this paper, we motivate, design, and implement APLOMB, a practical service for outsourcing enterprise middlebox processing to the cloud. Our discussion of APLOMB is data-driven, guided by a survey of 57 enterprise networks, the first large-scale academic study of middlebox deployment. We show that APLOMB solves real problems faced by network administrators, can outsource over 90% of middlebox hardware in a typical large enterprise network, and, in a case study of a real enterprise, imposes an average latency penalty of 1.1ms and median bandwidth inflation of 3.8%.