Learn More
In this paper, we tackle challenges in migrating enterprise services into hybrid cloud-based deployments, where enterprise operations are partly hosted on-premise and partly in the cloud. Such hybrid architectures enable enterprises to benefit from cloud-based architectures, while honoring application performance requirements, and privacy restrictions on(More)
Enterprise networks are important, with size and complexity even surpassing carrier networks. Yet, the design of enterprise networks is ad-hoc and poorly understood. In this paper, we show how a systematic design approach can handle two key areas of enterprise design: virtual local area networks (VLANs) and reachability control. We focus on these tasks(More)
—Enterprise networks are large and complex, and their designs must be frequently altered to adapt to changing organizational needs. The process of redesigning and reconfiguring enterprise networks is ad-hoc and error-prone, and configuration errors could cause serious issues such as network outages. In this paper, we take a step towards systematic evolution(More)
We show that malicious participants in a peer-to-peer system can subvert its membership management mechanisms to create large-scale DDoS attacks on nodes not even part of the overlay system. The attacks exploit many fundamental design choices made by peer-to-peer system designers such as (i) use of push-based mechanisms; (ii) use of distinct logical(More)
—VLANs are widely used in today's enterprise networks to improve Ethernet scalability and support network policies. However, manuals and textbooks offer very little information about how VLANs are actually used in practice. Through discussions with network administrators and analysis of configuration data, we describe how three university campuses and one(More)
Virtual Local Area Networks (VLANs) are extensively used in enterprise networks. However, their configuration remains an ad-hoc, complex and error-prone process today. We believe that to eliminate these difficulties, there is need for automation tools, and also need for visualization tools. In this paper, we report on our experience building a VLAN(More)
We show that malicious nodes in a peer-to-peer system may impact the external Internet environment, by causing large-scale distributed denial of service attacks on nodes not even part of the overlay system. This is in contrast to attacks that disrupt the normal functioning, and performance of the overlay system itself. We formulate several principles(More)
The problem of detecting and resolving control conflicts has started to receive attention from the networking community. Corybantic is an example of recent work in this area. We argue that it is too coarse grain in that it does not model the combined operational objectives of multiple controller functions. This paper proposes a finer grain approach where a(More)
Recently, there has been a spurt of work [1–7] showing that a variety of extensively deployed P2P systems may be exploited to launch DDoS attacks on web and other Internet servers, external to the P2P system. In this paper, we dissect these attacks and categorize them based on the underlying cause for attack amplification. We show that the attacks stem from(More)