ClubNet Winter 2005/6
23/11/05
13:30
room 280 |
DNS Poisoning
Mr. John Neystadt
Manager of the Security group of ISA Server
Microsoft Corp.
This ClubNet lecture is held in conjunction
with Students Advanced Technology Lectures in auditorium (room 280)
|
Organized by Evgeny Bolotin and
Ron Banner.
DIMES, a distributed Internet measurement infrastructure: rational, architecture, and results
Dr. Yuval Shavitt
Department of Electrical Engineering, Tel Aviv University
Due to the Internet structure and routing the only way to map its topology is by having measurement presence in almost every
corner of the Internet. Managing thousands of measurement boxes is impractical, thus, we suggest instead a light-weight software
measurement agent to be downloaded by volunteers around the world. The DIMES agent can be executed on every PC (and in the
future even smaller devices, like PDAs) and enables us to map the Internet and track its evolution in time in several levels of
granularity from the fine router level to the coarse Autonomous System (AS) level. Currently, DIMES has over 5200 installations
in 80 nations around the world, which produce about 3 million measurements a day.
The talk will describe the rational behind DIMES, and explore some of our results, at the AS, router, and IP level. It will also
describe a vision to built an Internet evolution model that takes into account external stimuli like economic growth, and show
some example of the strong connection between the Internet structure and world economics.
...
Telco Next Generation Networks
Mr Ido Sharon
CTO
Bezeq – the Israel Telecom. Corp. Ltd
The
Strategic View of growing Telco in the world is to move to NGN before the end
of the decade. We will try to show the massive change needed to move from
today's texture of networks (PDH, SDH,ATM, X25, FR, IP etc') to a NGN
architecture. Explain motivation, brief through L2 vs. L3 MPLS and IMS services.
DNS
Poisoning
Mr. John Neystadt
Manager
of the Security group of ISA Server
Microsoft Corp.
The lecture will discuss attacks on Domain Name System – also known as DNS
Poisoning attacks, for instance:
We will discuss the benefits that hackers
derive from a successful DNS poisoning attack:
-
Phishing
-
Man-in-the-middle
-
HTTP
Spoofing
-
Downgrading SSL.
WiMAX - from Fixed to Mobility
Mr. Naftali Chayat
Chief Scientist, Alvarion
The WiMAX forum is promoting IEEE 802.16 Broadband Wireless Access standard and
helping it reach the market. The 802.16 standard started as a Fixed Wireless
Access standard, and later added a support for mobility. The presentation will
provide an overview of the 802.16 underlying technologies, with an emphasis on
the physical layer, and of the WiMAX activities towards commercialization of the
technology.
Wide Area Application Networking Services
Dr. Issy Ben-Shaul
CTO, Application Delivery Business Unit, Cisco Systems
Globalization and regulation, two major trends in today's enterprises, impose
two conflicting requirements on enterprise applications, respectively: Increase
reach geographically and organizationally to the widely distributed enterprise,
yet consolidate resources and centralize operational procedures for better
control and compliance. These trends have led to tremendous growth in deployment
of applications that enable remote users to access resources over the WAN, but
in most cases are not designed/optimized for WAN latency and bandwidth
characteristics, resulting in very poor application performance.
To address these limitations, a new breed of technologies has recently emerged,
called "WAN Application Optimization Controllers". In this talk, I will describe
the architecture of Cisco's upcoming offering in this space, called Wide Area
Application Services (WAAS). WAAS incorporates several interesting technologies,
including protocol-specific latency-reducers, "application-aware QoS",
application-independent data redundancy elimination, transport flow
optimizations, and router transparency to retain visibility to other advanced
services such as QoS, security and monitoring. WAAS is jointly developed by
Cisco engineering teams in Israel and the U.S.
Who does what? A retrospective look on
semiconductor-company role in system product
Mr. Eitan Medina
CTO, VP Product Definition
Marvell Semiconductor Israel Ltd Technology advancement and
changes in business dynamics have fundamental effect on the values different
companies (system, chip, software) bring to the food chain, and consequently on
what is expected of semiconductor companies to deliver to an end-product. The
speaker will provide some insights through examples from some of Marvell
products evolution as well as from Telecom and other consumer world. What does
it mean to start-ups of the future?
Enhancements in 3G CDMA
Mr. Ayal Bar-David and Mr. Alecsander Eitan
Qualcomm 
CDMA2000 EV-DO Rev A is a standard for enhanced cellular services. Its has
several innovative solutions to enhance the capacity, shorten the latency and
improve the quality of service. In our talk we will present some basic concepts
of Data Optimized (DO) CDMA and show how the evolution (EV) to Rev A improves on
these basic concepts.
Condor – A Project and a System
Prof. Miron Livny
Condor project,Computer Sciences Department
University of Wisconsin – Madison
Since the mid 80’s, the Condor project (www.cs.wisc.edu/Condor)
at the University of Wisconsin-Madison has been engaged in the development,
implementation, deployment and evaluations of mechanisms and policies that
support High Throughput Computing (HTC) on large collections of distributively
owned computing resources. Guided by both the technological and sociological
challenges of such computing environments, the Condor Team has been building and
supporting software tools that enable scientists and engineers to increase their
computing throughput. Today, the project consists of more than 35 students, full
time staff and faculty who participate in a wide range of national and
international multi-disciplinary efforts. Over the last decade, the Condor
system gained the confidence of users and system administrators in both academia
and industry. Deployed at more than 1500 sites and integrated into the software
stacks of most grid projects, Condor offers an effective bridge between
consumers and providers of computing and data resources. We will present the
principals that have been guiding us in the evolution of the Condor project and
the design of the Condor system. The challenges we face in sustaining and
evolving the project will be addressed and our short and long term research
agenda will be outlined.
RF Technologies and Architectures for
current and future WLAN solutions
Mr. Shmuel Ravid
Senior Principle
Engineer, Intel This presentation
describes the RF technologies and architectures used today in WLAN solutions as
well as future architectures and technologies in development for the coming few
years. A general overview of current WLAN RF architectures, partitioning and
RFIC implementation of multi-band radios, synthesizer architecture, system
features/calibration, and practical implementation issues will be presented
followed by industry trends and future technologies such as MIMO, linearization
and beam forming.
High Throughput Reliable Message
Dissemination
Dr. Nir Naaman and Dr. Yoav Tock 
IBM Haifa Research Lab
Recent years have witnessed the proliferation of applications that require fast
reliable messaging. These applications originate from diverse markets including
financial markets, intranet collaboration, and server clusters. The applications
we consider typically communicate over LAN or a high speed VLAN where the
network is often dedicated to the application. As networks of 1 Gb/s and above
are now widely available, bandwidth does not typically impose a problem. The
throughput available for fast messaging applications is usually determined by
message processing time and communication overheads. The applications we
consider use either one-to-many or many-to-many communication paradigm. For such
applications, multicast can significantly reduce communication overheads, and
thus increase throughput. Multicast allows simultaneous data delivery to
multiple receivers providing tremendous savings in both host and network
resources. While the initial adoption of multicast technology had been slow, it
is now supported by default in most LANs and VLANs.
The talk will present some of the challenges we face in developing a high
throughput, low latency messaging middleware. We'll present some of the new
trends in applications that require high throughput messaging and the
requirements they impose in terms of throughput, latency, reliability and
availability. We'll then describe some of the method we use to meet these
requirements.
Nomadic Service Points
Mr. Eddie Bortnikov
EE Department, Technion
We consider the novel problem of dynamically assigning application sessions of
mobile users or user groups to service points. Such assignments must balance the
tradeoff between two conflicting goals. On the one hand, we would like to
connect a user to the closest server, in order to reduce network costs and
service latencies. On the other hand, we would like to minimize the number of
costly session migrations, or handoffs, between service points. We tackle this
problem using two approaches. First, we employ algorithmic online optimization
to obtain algorithms whose worst-case performance is within a factor of the
optimal. Next, we extend them with opportunistic versions that achieve excellent
practical average performance and scalability. We conduct case studies of two
settings where such algorithms are required: wireless mesh networks with mobile
users, and wide-area groupware applications with or without mobility.
Joint work with Dr. Idit Keidar and Prof. Israel Cidon, accepted to Infocom 2006
The challenge of
evaluating customer experience in Next Generation networks
Mr. Arnon Toussia Cohen
President and CEO, Radcom Next Generation networks are being implemented worldwide,
Wireless Operators (UMTS, CDMA-2000, TD-SCDMA), Cable Operators or Wireline
Operators (PTTs, ILECS and CLECS).
In the traditional telecom world, monitoring systems are performing fault
management and SLA management. In the voice world these systems monitor
signaling only, and in the data world they monitor the performance of the packet
media. In the Next Generation world customers have variety of methods for
accessing services over the different networks.
The Challenge of the service provider is to monitor and manage the LOE (Level of
Experience) in order to provide its customer with the urge to use the premium
services.
The challenge of Next Generation monitoring system is to be able to identify the
LOE both on the media and the signaling of high speed channels.
Multiservice packet networks
Mr. Leon Bruckman
CTO, Corrigent Systems
As demand for data services rapidly grows, providers of transport in the Metro
(MAN) and Core (WAN) are faced with the challenge of providing these services in
a cost efficient way, while supporting all the legacy services that are now
deployed and operational. New technologies and standards being deployed support
this trend, and help providers in building integrated networks.
The concept of a “Packet ADM” and the standards and technologies on which it is
based (e.g., IEEE 802.17 RPR, MPLS, pwe3, VPLS) will be presented, and typical
applications for integrated networks based on this concept (e.g., Triple play,
Enterprise networks) will be described.
*
End Semester Seminar of the Computer Networks Lab
*
From Mainframes to Processor Attached
Networks
Mr. Benny Schnaider
CEO, Qumranet Inc
The computing world is experiencing major architecture
changes and technology discontinuities every 5-7 years. The recent, most
dominate changes are the move towards servers based on COTS (Commercial Of The
Shelf) hardware, and Linux software as well as the convergence of compute and
storage into a unified architecture.
The lecture will cover the evolution of traditional servers
from mainframes to PAN (Processor Attached Networks), the current challenges and
some thoughts about the future of IT in general and the future data center
architecture in particular.
Multi-Box RAID with 3rd Party Transfer and
ECC Calculation in Targets using RDMA
Mr. Erez Zilber
EE Department, Technion
Storage devices are becoming cheaper, but reliable and highly available storage
systems are still expensive. Also, as long as any given ECC group resides in a
single box, they are susceptible to failures that affect the entire box. This
problem can be overcome by a multi-box RAID comprising a controller that is
connected to multiple target "boxes", with each ECC group comprising at most one
block from any given box. However, retaining performance despite the use of an
external controller remains a challenge. Also, retaining the same size of
storage box (for cost-effectiveness) requires the controller to manage more
storage and activity, resulting in a scalability challenge.
iSCSI over iSER is an extension of iSCSI that splits the
control and data paths. It also takes advantage of an RDMA mechanism (provided,
for example, by InfiniBand) for data transfers, while sending of control
messages is left unchanged. This inter-box communication solution, which we use
as a baseline for comparison, is a candidate substitute for the intra-box DMA,
but leaves two problems unsolved: 1) All data to/from hosts passes through the
controller, rendering the controller a communication bottleneck; 2) ECC
calculations are carried out in the controller, requiring additional data
transfers between the controller and the disks, further aggravating the
controller bottleneck problem.
Our TPT-MB RAID jointly addresses the aforementioned
challenges. The main ideas are:
-
A multi-box RAID that uses iSCSI over iSER. Specifically,
RDMA over InfiniBand.
-
Separation of the data path from the control path,
permitting data to travel directly between hosts and targets as well as
among targets. To this end, we have extended iSCSI over iSER by introducing
a 3rd-party transfer mechanism. With this, one iSCSI entity (the controller)
instructs a 2nd iSCSI entity (target or host) to read or write data to a 3rd
iSCSI entity.
-
ECC calculations (e.g., parity) are carried out by the
targets under controller management.
Unlike the aforementioned baseline approach, commands and
data thus follow different physical paths rather than merely using different
communication semantics over the same paths. This leaves the controller out of
the main data path, thereby sharply mitigating the bottleneck and enhancing
scalability while retaining the simplicity of centralized control. In summary,
we have successfully extended the idea of out-of-band controllers that manage
multiple boxes to the intra-RAID level, as demonstrated by our proof-of-concept
InfiniBand-based prototype.
Thesis advisor: Dr. Yitzhak (Tsahi) Birk.
|
Login
