Implementing a distributed firewall
Proceedings of the 7th ACM conference on Computer and communications security
Predicate routing: enabling controlled networking
ACM SIGCOMM Computer Communication Review
A new approach to dynamic all pairs shortest paths
Proceedings of the thirty-fifth annual ACM symposium on Theory of computing
The cutting EDGE of IP router configuration
ACM SIGCOMM Computer Communication Review
Routing design in operational networks: a look from the inside
Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications
A clean slate 4D approach to network control and management
ACM SIGCOMM Computer Communication Review
A first look at modern enterprise traffic
IMC '05 Proceedings of the 5th ACM SIGCOMM conference on Internet Measurement
SANE: a protection architecture for enterprise networks
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
Flow labelled IP: a connectionless approach to ATM
INFOCOM'96 Proceedings of the Fifteenth annual joint conference of the IEEE computer and communications societies conference on The conference on computer communications - Volume 3
On the detection and origin identification of mobile worms
Proceedings of the 2007 ACM workshop on Recurring malcode
OpenFlow: enabling innovation in campus networks
ACM SIGCOMM Computer Communication Review
NOX: towards an operating system for networks
ACM SIGCOMM Computer Communication Review
NetComplex: a complexity metric for networked system designs
NSDI'08 Proceedings of the 5th USENIX Symposium on Networked Systems Design and Implementation
Off-the-path flow handling mechanism forhigh-speed and programmable traffic management
Proceedings of the ACM workshop on Programmable routers for extensible services of tomorrow
Towards a next generation data center architecture: scalability and commoditization
Proceedings of the ACM workshop on Programmable routers for extensible services of tomorrow
A policy-aware switching layer for data centers
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
Network exception handlers: host-network control in enterprise networks
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
Implementing an OpenFlow switch on the NetFPGA platform
Proceedings of the 4th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
ENAVis: enterprise network activities visualization
LISA'08 Proceedings of the 22nd conference on Large installation system administration conference
NetAuth: supporting user-based network services
SS'08 Proceedings of the 17th conference on Security symposium
Flow processing and the rise of commodity network hardware
ACM SIGCOMM Computer Communication Review
A First Look at Media Conferencing Traffic in the Global Enterprise
PAM '09 Proceedings of the 10th International Conference on Passive and Active Network Measurement
Unraveling the complexity of network management
NSDI'09 Proceedings of the 6th USENIX symposium on Networked systems design and implementation
PLUG: flexible lookup modules for rapid deployment of new protocols in high-speed routers
Proceedings of the ACM SIGCOMM 2009 conference on Data communication
A programmable, generic forwarding element approach for dynamic network functionality
Proceedings of the 2nd ACM SIGCOMM workshop on Programmable routers for extensible services of tomorrow
Enhancing dynamic cloud-based services using network virtualization
Proceedings of the 1st ACM workshop on Virtualized infrastructure systems and architectures
Practical declarative network management
Proceedings of the 1st ACM workshop on Research on enterprise networking
Resonance: dynamic access control for enterprise networks
Proceedings of the 1st ACM workshop on Research on enterprise networking
Delegating network security with more information
Proceedings of the 1st ACM workshop on Research on enterprise networking
Hash, don't cache: fast packet forwarding for enterprise edge routers
Proceedings of the 1st ACM workshop on Research on enterprise networking
ROFL: routing as the firewall layer
Proceedings of the 2008 workshop on New security paradigms
Rethinking enterprise network control
IEEE/ACM Transactions on Networking (TON)
Scalable network-layer defense against internet bandwidth-flooding attacks
IEEE/ACM Transactions on Networking (TON)
Mining policies from enterprise network configuration
Proceedings of the 9th ACM SIGCOMM conference on Internet measurement conference
NetPiler: detection of ineffective router configurations
IEEE Journal on Selected Areas in Communications - Special issue on network infrastructure configuration
Traffic management and resource allocation in small wired/wireless networks
Proceedings of the 5th international conference on Emerging networking experiments and technologies
Computer Networks: The International Journal of Computer and Telecommunications Networking
Enhancing dynamic cloud-based services using network virtualization
ACM SIGCOMM Computer Communication Review
High throughput and large capacity pipelined dynamic search tree on FPGA
Proceedings of the 18th annual ACM/SIGDA international symposium on Field programmable gate arrays
Dynamic route recomputation considered harmful
ACM SIGCOMM Computer Communication Review
Programmable and scalable per-flow traffic management scheme using a control server
ICC'09 Proceedings of the 2009 IEEE international conference on Communications
MMS: an autonomic network-layer foundation for network management
IEEE Journal on Selected Areas in Communications
A systematic approach for evolving VLAN designs
INFOCOM'10 Proceedings of the 29th conference on Information communications
Towards software-friendly networks
Proceedings of the first ACM asia-pacific workshop on Workshop on systems
XCo: explicit coordination to prevent network fabric congestion in cloud computing cluster platforms
Proceedings of the 19th ACM International Symposium on High Performance Distributed Computing
Design and implementation of the PLUG architecture for programmable and efficient network lookups
Proceedings of the 19th international conference on Parallel architectures and compilation techniques
HotOS'09 Proceedings of the 12th conference on Hot topics in operating systems
ElasticTree: saving energy in data center networks
NSDI'10 Proceedings of the 7th USENIX conference on Networked systems design and implementation
Hedera: dynamic flow scheduling for data center networks
NSDI'10 Proceedings of the 7th USENIX conference on Networked systems design and implementation
Mosaic: policy homomorphic network extension
Proceedings of the 4th International Workshop on Large Scale Distributed Systems and Middleware
Extensible and scalable network monitoring using OpenSAFE
INM/WREN'10 Proceedings of the 2010 internet network management conference on Research on enterprise networking
DevoFlow: cost-effective flow management for high performance enterprise networks
Hotnets-IX Proceedings of the 9th ACM SIGCOMM Workshop on Hot Topics in Networks
CloudPolice: taking access control out of the network
Hotnets-IX Proceedings of the 9th ACM SIGCOMM Workshop on Hot Topics in Networks
A network in a laptop: rapid prototyping for software-defined networks
Hotnets-IX Proceedings of the 9th ACM SIGCOMM Workshop on Hot Topics in Networks
SideCar: building programmable datacenter networks without programmable switches
Hotnets-IX Proceedings of the 9th ACM SIGCOMM Workshop on Hot Topics in Networks
Axon: a flexible substrate for source-routed ethernet
Proceedings of the 6th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
Ensemble routing for datacenter networks
Proceedings of the 6th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
Network traffic characteristics of data centers in the wild
IMC '10 Proceedings of the 10th ACM SIGCOMM conference on Internet measurement
Virtualizing the network forwarding plane
Proceedings of the Workshop on Programmable Routers for Extensible Services of Tomorrow
Declarative configuration management for complex and dynamic networks
Proceedings of the 6th International COnference
OpenGate: Towards an open network services gateway
Computer Communications
Onix: a distributed control platform for large-scale production networks
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
ETTM: a scalable fault tolerant network manager
Proceedings of the 8th USENIX conference on Networked systems design and implementation
Managing data transfers in computer clusters with orchestra
Proceedings of the ACM SIGCOMM 2011 conference
DevoFlow: scaling flow management for high-performance networks
Proceedings of the ACM SIGCOMM 2011 conference
CloudNaaS: a cloud networking platform for enterprise applications
Proceedings of the 2nd ACM Symposium on Cloud Computing
Proceedings of the 2nd ACM Symposium on Cloud Computing
A Scalability Study of Enterprise Network Architectures
Proceedings of the 2011 ACM/IEEE Seventh Symposium on Architectures for Networking and Communications Systems
Verifying and enforcing network paths with icing
Proceedings of the Seventh COnference on emerging Networking EXperiments and Technologies
Revisiting traffic anomaly detection using software defined networking
RAID'11 Proceedings of the 14th international conference on Recent Advances in Intrusion Detection
On controller performance in software-defined networks
Hot-ICE'12 Proceedings of the 2nd USENIX conference on Hot Topics in Management of Internet, Cloud, and Enterprise Networks and Services
Explicit coordination to prevent congestion in data center networks
Cluster Computing
The controller placement problem
Proceedings of the first workshop on Hot topics in software defined networks
Using CPU as a traffic co-processing unit in commodity switches
Proceedings of the first workshop on Hot topics in software defined networks
A safe, efficient update protocol for openflow networks
Proceedings of the first workshop on Hot topics in software defined networks
Outsourcing network functionality
Proceedings of the first workshop on Hot topics in software defined networks
Fabric: a retrospective on evolving SDN
Proceedings of the first workshop on Hot topics in software defined networks
A security enforcement kernel for OpenFlow networks
Proceedings of the first workshop on Hot topics in software defined networks
The controller placement problem
ACM SIGCOMM Computer Communication Review - Special october issue SIGCOMM '12
Toward software-defined middlebox networking
Proceedings of the 11th ACM Workshop on Hot Topics in Networks
Rethinking end-to-end congestion control in software-defined networks
Proceedings of the 11th ACM Workshop on Hot Topics in Networks
xOMB: extensible open middleboxes with commodity servers
Proceedings of the eighth ACM/IEEE symposium on Architectures for networking and communications systems
LEAP: latency- energy- and area-optimized lookup pipeline
Proceedings of the eighth ACM/IEEE symposium on Architectures for networking and communications systems
ECOS: leveraging software-defined networks to support mobile application offloading
Proceedings of the eighth ACM/IEEE symposium on Architectures for networking and communications systems
Modeling complexity of enterprise routing design
Proceedings of the 8th international conference on Emerging networking experiments and technologies
Verification of computer switching networks: an overview
ATVA'12 Proceedings of the 10th international conference on Automated Technology for Verification and Analysis
VASE: Filtering IP spoofing traffic with agility
Computer Networks: The International Journal of Computer and Telecommunications Networking
B4: experience with a globally-deployed software defined wan
Proceedings of the ACM SIGCOMM 2013 conference on SIGCOMM
SIMPLE-fying middlebox policy enforcement using SDN
Proceedings of the ACM SIGCOMM 2013 conference on SIGCOMM
Bringing cross-layer MIMO to today's wireless LANs
Proceedings of the ACM SIGCOMM 2013 conference on SIGCOMM
Proceedings of the second ACM SIGCOMM workshop on Hot topics in software defined networking
Towards an elastic distributed SDN controller
Proceedings of the second ACM SIGCOMM workshop on Hot topics in software defined networking
SoftRAN: software defined radio access network
Proceedings of the second ACM SIGCOMM workshop on Hot topics in software defined networking
A correct, zero-overhead protocol for network updates
Proceedings of the second ACM SIGCOMM workshop on Hot topics in software defined networking
Incremental SDN deployment in enterprise networks
Proceedings of the ACM SIGCOMM 2013 conference on SIGCOMM
Demystifying the dark side of the middle: a field study of middlebox failures in datacenters
Proceedings of the 2013 conference on Internet measurement conference
AVANT-GUARD: scalable and vigilant switch flow management in software-defined networks
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Proceedings of the Twenty-Fourth ACM Symposium on Operating Systems Principles
ACM SIGOPS 24th Symposium on Operating Systems Principles
IOFlow: a software-defined storage architecture
Proceedings of the Twenty-Fourth ACM Symposium on Operating Systems Principles
FasTrak: enabling express lanes in multi-tenant data centers
Proceedings of the ninth ACM conference on Emerging networking experiments and technologies
Understanding tradeoffs in incremental deployment of new network architectures
Proceedings of the ninth ACM conference on Emerging networking experiments and technologies
On consistent updates in software defined networks
Proceedings of the Twelfth ACM Workshop on Hot Topics in Networks
Managing the network with Merlin
Proceedings of the Twelfth ACM Workshop on Hot Topics in Networks
Proceedings of the Twelfth ACM Workshop on Hot Topics in Networks
No silver bullet: extending SDN to the data plane
Proceedings of the Twelfth ACM Workshop on Hot Topics in Networks
SWSL: software synthesis for network lookup
ANCS '13 Proceedings of the ninth ACM/IEEE symposium on Architectures for networking and communications systems
Queue - Large-Scale Implementations
High-performance capabilities for 1-hop containment of network attacks
IEEE/ACM Transactions on Networking (TON)
Strata: scalable high-performance storage on virtualized non-volatile memory
FAST'14 Proceedings of the 12th USENIX conference on File and Storage Technologies
Network virtualization in multi-tenant datacenters
NSDI'14 Proceedings of the 11th USENIX Conference on Networked Systems Design and Implementation
Enforcing network-wide policies in the presence of dynamic middlebox actions using flowtags
NSDI'14 Proceedings of the 11th USENIX Conference on Networked Systems Design and Implementation
| Hi-index | 0.00 |
This paper presents Ethane, a new network architecture for the enterprise. Ethane allows managers to define a single network-wide fine-grain policy, and then enforces it directly. Ethane couples extremely simple flow-based Ethernet switches with a centralized controller that manages the admittance and routing of flows. While radical, this design is backwards-compatible with existing hosts and switches. We have implemented Ethane in both hardware and software, supporting both wired and wireless hosts. Our operational Ethane network has supported over 300 hosts for the past four months in a large university network, and this deployment experience has significantly affected Ethane's design.