Upcoming Events

EDCO New Technology Briefing

Today, innovation occurs all over the world.  Zoomcar, from India, is one such example.  Zoomcar is a mobility company based in India currently operating more than 6,000 cars and 12,000 cycles across 40 cities.
 
Zoomcar is working on being attendant free.  The goal is that everything, from selecting and picking up the car to returning it, would be done without human intervention.  Currently, 50% of the fleet is enabled with KeyLess Entry (KLE).
 
Self-driving cars and attendant-free services are some of the building blocks of the City of the Future, one of the more intriguing ventures being explored by Google.  You may be interested in reading more about this project being initiated in the Quayside neighborhood of Toronto.  Click HERE to read.
 
Vinayak Hegde, the CTO of Zoomcar, who has been quite involved in the IETF, will speak on "IoT and Protocols in Moving Cars".  This talk will cover the challenges and solutions in designing, deploying and maintaining IoT systems in cars and cycles.  It will also touch upon the protocols and security of the distributed systems.
 
The new protocols and innovations include work being done in the IPWave and SUIT IETF Working Groups.
 
The other topics we will cover include:
 
Quantum Computing
Mark Pecen, COO of Isara, will speak on quantum computing - which is likely to turn security on its head.
 
Join us as Mark, one of the leading experts in this field, tells us of:
 

  1. Quantum computing basics

  2. Impacts of quantum computing on security

  3. Industry response to quantum-based security threats

  4. Landscape of quantum-safe algorithms, how they basically work

  5. Standardization activities

 
Routing
Some initiatives are in process at the IETF to allow data centers to build IP fabrics with lower OPEX (and ultimately CAPEX due to much simpler leaf requirements) over deploying complex BGP provisioning systems. One such initiative is the new Working Group: RIFT or Routing in Fat Trees. We will discuss RIFT as well as why "brick and mortar" enterprises should become involved in such projects.
 
Speakers:
 

  • Routing in Fat Trees (RIFT): Tony Pryzgienda

  • Enterprises and Routing at the IETF: Yan Filyurin


IPv6
IPv6 is one of the core pieces of the protocol infrastructure of the future.
 
Speakers:

  • Friso Feenstra of RaboBank speaking on "SDWan and IPv6",

  • Mike Ackermann of Blue Cross Blue Shield of Michigan speaking on "IPv6-Only Performance and Diagnostic Information"

  • E. Marie Brierley, former project manager at Cisco who led a large IPv6 program. Her team demonstrated IPv6 is mature enough to conduct business at scale. You may wish to read the article about this HERE .

  • Lee Howard, former IETF v6ops co-chair, will be speaking on "Response Time is Better with IPv6”

  • John Sweeting, Senior Director of Registration Services from ARIN, will be speaking on "Getting IPv6 from ARIN is Easy"

Mar 16, 2018

London - Enterprise Data Center Operators

The Computer Measurement Group (CMG) and the Enterprise Data Center Operators (EDCO) are co-sponsoring a live seminar. You do not have to be a member of CMG to attend this seminar.

Agenda:

  • TLS1.3 and enterprises network management
    We will discuss the potential problems with TLS1.3 for enterprises and some possible solutions.
    Speaker: Steve Fenter: U.S. Bank

 

  • Encrypted DNS (DPRIVE)
    Encrypted DNS is likely to pose challenges for enterprises, in particular, for mobile users.
    Speaker: Jim Reid: RTFM LLC

  • QUIC and enterprises
    The QUIC protocol is likely to become a well-adopted transport layer protocol similar to TCP and UDP. It will pose many challenges for enterprises.
    Speaker: Dr. Simone Ferlin

 

  • IPv6 and enterprises
    IPv6 implementation at many enterprise networks has lagged. We will discuss the business incentives for implementation.
    Speaker: Lee Howard: Retevia (co-chair v6Ops - IETF)

 

  • IPv6 enterprise use cases
    A number of enterprises will speak on IPv6 implementation efforts at their organization.
    Speakers: Mike Ackermann: Blue Cross Blue Shield of Michigan, Friso Feenstra: Rabobank

 

----------------------------------------------------------------------------------------------------

TLS 1.3

TLS1.3 disallows the use of RSA key exchange. This means that large data centers will need a different (new) way to decrypt out-of-band traffic. We need ways to manage our networks when traffic is encrypted. When you cannot inspect traffic, there can be malware, leaks, fraud and many other security and diagnostic problems.

 

QUIC

The QUIC protocol is essentially HTTPS over UDP. It was developed by Google and is already deployed. QUIC encrypts the headers as well as the payload. From the base Internet Draft for QUIC: “Using UDP as the substrate, QUIC seeks to be compatible with legacy clients and middleboxes. QUIC authenticates all of its headers and encrypts most of the data it exchanges, including its signaling. This allows the protocol to evolve without incurring a dependency on upgrades to middleboxes.” Though laudable in its aims, the problems are that UDP is not examined as thoroughly in firewalls as is TCP. If “middleboxes" cannot examine headers, load balancers may have a problem. If the payload cannot be decrypted, there are issues with fraud detection, data leakage, malware, and network diagnostics.

 

DPRIVE

The concern of the DPRIVE group is the amount of information revealed via DNS -- most importantly, the web site being accessed. DPRIVE aims to provide confidentiality to DNS transactions. Though the goal is laudable, in the real world, DNS information is used to detect malware, leakage of information and fraud. Additionally, DNS is an inordinately key component for networks. Most of us have forgotten the days when a DNS issue made an entire region of the network inaccessible. Imagine what may happen if a Certificate expires for DNS using TLS / TCP or is blocked via a firewall.​

 

IPv6

IPv6 implementation at "brick and mortar" enterprise networks has lagged that of other sectors. Such enterprises are the 99% of commercial and business entities who are not the mega data centers for the 10 or 15 companies whose names are known to most teenagers of the world. We will discuss the nature of the topology, applications, regulatory and business requirements of such companies which may be hindering adoption. We will also discuss the pros and cons of IPv6 implementation in particular as data center topology evolves.

Mar 26, 2018

Monthly meeting: Enterprise Use of TLS1.3 Discussions

Join other enterprises in a monthly web conference call to discuss the impact of TLS1.3 on large data centers.

This webinar meets 8 times.

  1. Mon, Feb 26, 2018 8:00 AM - 9:00 AM PST

  2. Mon, Mar 26, 2018 8:00 AM - 9:00 AM PDT

  3. Mon, Apr 23, 2018 8:00 AM - 9:00 AM PDT

  4. Mon, May 28, 2018 8:00 AM - 9:00 AM PDT

  5. Mon, Jun 25, 2018 8:00 AM - 9:00 AM PDT

  6. Mon, Jul 30, 2018 8:00 AM - 9:00 AM PDT

  7. Mon, Aug 27, 2018 8:00 AM - 9:00 AM PDT

  8. Mon, Sep 24, 2018 8:00 AM - 9:00 AM PDT

Impact of TLS1.3 on Enterprises

TLS1.3 disallows the use of RSA key exchange. This means that large data centers will need a different (new) way to decrypt out-of-band traffic. We need ways to manage our networks when traffic is encrypted. When you cannot inspect traffic, there can be malware, leaks, fraud and many other security and diagnostic problems.

 

 

TLS1.3 Impact on Network Based Security: Internet Draft

Recently published is an Internet Draft from some people at Cisco called "TLS1.3 Impact on Network Based Security".  We are collaborating with them at the IETF.  The Cisco draft cites the work our group has been doing. 

 

Abstract (TLS1.3 Impact on Network Based Security)
-----------------------------------------------------------------------
Network-based security solutions are used by enterprises, public sector, and cloud service providers today in order to both complement and augment host-based security solutions. TLS 1.3 introduces several changes to TLS 1.2 with a goal to improve the overall security and privacy provided by TLS. However some of these changes have a negative impact on network-based security solutions. While this may be viewed as a feature, there are several real-life use case scenarios that are not easily solved without such network-based security solutions. In this document, we identify the TLS 1.3 changes that may impact network-based security solutions and provide a set of use case scenarios that are not easily solved without such solutions.

1 / 1

Please reload

 
 

For Questions: Contact us at info@e-dco.com