...
15:00 - 15:40 Performance Measurements and Acceleration Potential of Suricata, Lukas Kekely (CESNET) [PDF]
Abstract: IDS As the number of network security threats is rising and new threats are becoming more and more sophisticated, traffic processing by Intrusion Detection Systems (IDS) is getting significantly more complex. The rising processing complexity diminishes the achievable throughput and even utilizing the most powerful current CPUs, IDS are usually unable to operate at tens or hundreds of Gbps required by today’s fastest networks. In this presentation, we examine the performance of Suricata IDS in high-speed network deployment. Two versions of Suricata are tested:out-of-the-box Suricata software (without acceleration) against software Suricata enhanced by hardware accelerated data preprocessing. Measurements results on real network traffic are provided for both versions and compared in terms of achieved throughput and detection precision.
...
09:30 - 10:10 RIPE Atlas Probes, Status, Brook Schofield (GÉANT)
Abstract: While eduroam® is the service we all know and love, there is no love lost when it fails to work! Network monitoring, log analysis and manual testing is employed when the service is established at the campus or roaming operator level but the rate of periodic testing usually drops over time and gaps in testing will result in the failure of the service for someone — let the finger pointing begin. There is a need to simulate the end user experience and ensure the service is working to narrow down where the failure has occurred. With efforts from SURFnet, Srce and Jisc to develop a monitoring probe the issue of scale was never overcome - the largest probe network that our community has access to is RIPE Atlas. The downside, no wireless interface! RIPE Atlas has now enabled that option in limited release… and we now need to catch up.
10:10 - 10:20 Discussion
10:20 - 11:00 DTN Deployment and Experiments, Richard Highes-Jones (GÉANT) - remotely
...