Upload
bluetouff
View
64
Download
5
Embed Size (px)
Citation preview
Data Analysis in Terabit Ethernet Traffic
Lars Weiler<[email protected]>
27th Chaos Communication Congress2010-12-28
Monitoringvs.
Surveillance
Data MediationLayer Deeper View
DataMediationLayer
Telephonetapping
RaBoe/Wikipediahttp://commons.wikimedia.org/wiki/File:Telefon-Technik_01_(RaBoe).jpg
TelephoneOperator
Vampire Tap10BASE5 Ethernet
Robert.Harker/Wikipediahttp://en.wikipedia.org/wiki/File:10Base5transcievers.jpg
jemstone/flickrhttp://www.flickr.com/photos/jemstone/11631878
Network BusTechnologie
Just connect…
…and Data flows by
nickskitch/flickrhttp://www.flickr.com/photos/nickskitch/4260998541/
mika/flickrhttp://www.flickr.com/photos/mika/2100204327/
FullDuplexwith
OpticalFiber
SplittingLight
shazoor/flickrhttp://www.flickr.com/photos/shazoor/4813943143/
Switched Port Analyzer (SPAN)
Data Analysis
Data Analysis
Data Analysis
Data Analysis
Data Analysis
Data Analysis
Data Analysis
Data Analysis
Black Box
Data Analysis
Black Box
Data Analysis
Black Box
Data MediationLayer
Black Box
Let’s have a look into the box
kevinsteele/flickrhttp://www.flickr.com/photos/kevinsteele/3007479711/
Aggregation
kabacchi/flickrhttp://www.flickr.com/photos/kabacchi/4795303865/
ms_sarahbgibson/flickrhttp://www.flickr.com/photos/ms_sarahbgibson/3375966166/
Regeneration
sheeshoo/flickrhttp://www.flickr.com/photos/sheeshoo/3486207370/
Distribution
Filtering
zero_data/flickrhttp://www.flickr.com/photos/zero_data/161500320/
Manipulation
iluetkeb/flickrhttp://www.flickr.com/photos/iluetkeb/2595137371/
Identify theVendors
Intelligent Data Access Solutions
Secure Access | Complete Visiblity
All product images, brands, trademarks and logos are the property of their respective owners and holders and
are used for descriptive purposes only where possible
jeffeaton/flickrjeffeaton/flickr
jeffeaton/flickrjeffeaton/flickr
Costs
Test Equipment
free-stock/flickrhttp://www.flickr.com/photos/free-stock/4791385567/
Benefits
vs.
Surveillance
Monitoring
mogwai_83/flickrhttp://www.flickr.com/photos/mogwai_83/3022261893/
Monitoring
exacq/flickrhttp://www.flickr.com/photos/exacq/1224729974/
Surveillance
Filter List
keepthebyte/flickrhttp://www.flickr.com/photos/keepthebyte/298432485/
Analysis ofUnencrypted Data
Analysis ofUnencrypted Data
Analysis ofUnencrypted Data
Analysis ofEncrypted Data
Encrypted Datawith SSL Terminator
Encrypted Datawith SSL Terminator
Alice
Bob
Oscar
Lawful Interception withoutData Retention
Oscar
Alice
Bob
Oscar
Lawful Interception withoutData Retention
Oscar
Alice
Bob
Oscar
Lawful Interception withoutData Retention
Alice
Bob
Oscar
Lawful Interception withoutData Retention
Deeper View
Content or Filter List?
keepthebyte/flickrhttp://www.flickr.com/photos/keepthebyte/298432485/
publish9/flickrhttp://www.flickr.com/photos/publish9/3495637145/
What ismore
interesting?
Filter Listsare storedon the device
Serial Line andBootloader for Rescue!
WebGUI
Security
Monitoringvs.
Surveillance
Data MediationLayer Deeper View
Que
stio
ns? T
hanks foryour attention!