real time topology based flow gy visualization
play

Real Time Topology Based Flow gy Visualization John K. Smith - PowerPoint PPT Presentation

Oct 29, 2023 •207 likes •634 views

Real Time Topology Based Flow gy Visualization John K. Smith jsmith@referentia.com Referentia Systems Incorporated y p Flocon 2011, Salt Lake City, UT Referentia Systems Incorporated Confidential Agenda Flow Visualization Tool

  1. Real Time Topology Based Flow gy Visualization John K. Smith jsmith@referentia.com Referentia Systems Incorporated y p Flocon 2011, Salt Lake City, UT Referentia Systems Incorporated ‐ Confidential

  2. Agenda • Flow Visualization Tool Overview • Visualizations and Design Issues Visualizations and Design Issues • Use Cases NOTE : Networks shown in this presentation are simulated, not actual DoD networks, traffic or addresses. 2 Referentia Systems Incorporated ‐ Confidential

  3. Beginnings I iti l G Initial Goal l • Network Quality of Service Monitor and Control • Tactical Military Networks y • Easy to use for E3-E5 (Sergeant) • Working With o g t • Office of Naval Research • U.S. Marines • Marine Forces Pacific (MARFORPAC) Marine Forces Pacific (MARFORPAC) • 3 rd Marine Expeditionary Force (III MEF) • 3 Referentia Systems Incorporated ‐ Confidential

  4. Tool Overview Quality of Routing Service Visualizations C Configuration fi ti Service Level Flow Agreement Agreement Monitoring Monitoring Historical Analysis A l i Network Network Situational Management Visualization Awareness Awareness Computer Network Defense 4 Referentia Systems Incorporated ‐ Confidential

  5. Tool Overview Quality of Routing Service Visualizations C Configuration fi ti Service Level Flow Agreement Agreement Monitoring Monitoring Historical Analysis A l i Network Network Situational Management Visualization Awareness Awareness Computer Network Defense 5 Referentia Systems Incorporated ‐ Confidential

  6. Why Topology Based Visualization Model CATA S T 3550 LY TA LYST 3550 CA CA LYST 3550 TA 1 S RP M S T E S Y A T S T 4 3 2 7 8 5 6 1 9 1 0 1 1 2 4 1 3 1 5 1 6 7 1 1 8 2 0 1 9 2 1 2 2 2 4 2 3 1 A T R M S T E S Y P S S T 2 3 1 4 6 7 5 0 1 8 9 1 3 1 1 1 2 1 4 1 7 5 1 6 1 9 1 2 0 8 1 2 2 4 2 3 1 2 1 A T S Y P S S T S T E M R 2 1 4 6 5 3 7 8 9 0 1 2 1 3 1 1 1 1 6 1 1 4 5 8 9 1 1 7 1 2 0 2 2 1 2 3 4 2 1 UT I E E D L S P P L E X DU 2 E E D UT IL DU P L E S P X 2 P L E UT IL E E D S P X DU 2 VLAN 100 F0/0 LYST 3550 TA CA S Y S T E M 3 1 2 4 6 5 8 7 9 0 3 1 1 2 1 1 1 1 4 1 6 1 5 1 8 2 0 1 7 9 1 1 2 2 3 2 2 4 2 1 P S R A T S T L UT I 2 F0/0/0 E E D X P L E DU S P F0/0 F0/1 Hand Drawings F0/0/0 F0/0/0 F0/0/0 F0/0/0 .1 .1 .1 .1 CA LYST 3550 TA 1 S T E P S A T M S Y R S T 2 1 4 6 3 5 9 8 7 3 1 1 1 1 0 1 2 1 1 5 6 1 4 1 9 1 1 7 2 0 8 2 3 2 2 1 4 2 P L E UT I L DU S P X E E D 2 F 0/0/0 F 0 0 / 1 7 172.16.12.0 /24 2 1 . 6 . 1 3 . 0 / 2 4 F 0/0 F 0/0/2 0 F F 0/0/1 F 0/1 / 0 0 1 / VLAN 21 F F VLAN 22 0 4 1 VLAN 23 / 2 9 F 0/1 0 2 VLAN 24 / / . 0 1 1 . 6 0 8 3 . 3 . 8 1 6 1 1 . . 2 / 9 2 1 4 Visio Diagrams • Can’t interactively explore • No correlation to live network data • Not always accurate or kept current 6 Referentia Systems Incorporated ‐ Confidential

  7. Mental Model • Accuracy and fidelity of the model • Ability to explore the model y p • Interact with the model 7 Referentia Systems Incorporated ‐ Confidential

  8. Mental Model and Situational Awareness 8 Referentia Systems Incorporated ‐ Confidential

  9. DMTF CIM Model • Very detailed model of network devices and protocols Very detailed model of network devices and protocols • Vendor neutral • Currently we use • A simpler subset of CIM p • Performance and flow data added 9 Referentia Systems Incorporated ‐ Confidential

  10. Tool Design 10 Referentia Systems Incorporated ‐ Confidential

  11. Topology Based Flow Visualization Flow Collector • Not generator like Argus or YAF • Time series storage Time series storage • Netflow v5-v9, sFlow, Jflow • Cisco Flexible Netflow setup • Flow Visualization • Topology from real networks T l f l t k • Discovery • Model creation from config • Node and edge displays • Flow Projection • “Real Time” – as real time as NetFlow can be Real Time as real time as NetFlow can be • Projection of flows onto topology • 11 Referentia Systems Incorporated ‐ Confidential

  12. What is it for ? Network Management • Its really hard to know what’s going on in a router • Let alone across routers in a network Let alone across routers in a network • Where problem locations are, where to fix • Network SA • Knowing how flows are routed • Knowing direction, load sharing • Flow – Routing – QoS – SLA Flow – Routing – QoS – SLA • • CND • Doesn’t solve finding needle in haystack problem • Doesn’t do pattern analysis • Can be used with sensors to alert and monitor events • Response planning and actions Response planning and actions • Compliments forensic analysis • 12 Referentia Systems Incorporated ‐ Confidential

  13. Flow System View Router Egress Subnets Ingress 13 Referentia Systems Incorporated ‐ Confidential

  14. Flow System View Panning Panning • Zooming • Color Coding • A Aggregation ti • 14 Referentia Systems Incorporated ‐ Confidential

  15. Flow System View Filtering • Tracing of Flows • So rce and Destination ID Source and Destination ID • DNS Resolution • Historical Replay • Black Listed IP ID • 15 Referentia Systems Incorporated ‐ Confidential

  16. Device Topology View Device Level View • Process Flows in Real Time • Updates Display – 10 sec • Shows IP to IP, Port to Port • Switching Path • 16 Referentia Systems Incorporated ‐ Confidential

  17. Individual Flow Isolation down to particular source • Aggregation along shared path • Highlighting of black listed address g g g • Tunnel to physical interface association • Indicators for policies such as ACL, QoS, PBR • 17 Referentia Systems Incorporated ‐ Confidential

  18. Device Topology View Table View • Using Flexible Netflow • IPv6 • MAC, TCP • AS Number • Next Hop etc • 18 Referentia Systems Incorporated ‐ Confidential

  19. Display Updates and NetFlow Behavior Static display easier, real time* is harder • How long to leave flows displayed • Process flow records as they come in • Update/Refresh rate of the display – 10 sec • Aging of the flows out of the display • Router – active/inactive timer settings • Poll Aging Time 10 sec 2 min # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # 40 sec flow real flow X Active Timer 1 min aging Inactive Timer 10 sec 2 min flo 2 min flow real flo real flow X X X X aging aging 4 min flow real flow X X X X X aging X aging X aging X aging 19 Referentia Systems Incorporated ‐ Confidential

  20. Flow Display and Processing Issues 20 Referentia Systems Incorporated ‐ Confidential

  21. Flow Display and Processing Issues Issues I • Shear number of flows • Efficient storage and retrieval for display • Temporal aspect of flows T l t f fl • Display layer performance • Top N or Bottom N Flows • R d Reduce amount of displayed items t f di l d it • Aggregation of same flow records • Merging • M Merge flows based on attributes fl b d tt ib t • DSCP, IP address, Rate, Bytes • Match based • Fil Filtering i • Basic - src/dst ip, port, dscp etc • Advanced – BGP AS, next hop, .. • 21 Referentia Systems Incorporated ‐ Confidential

  22. NetFlow Specific Issues Flow Data • Router sourced or consumed flows • Index to interface number mapping Null/Local Index to interface number mapping, Null/Local • Not always correct, MIB issues • Differences • ASA vs Router vs Switch • Intra VLAN, Layer 3 • NetFlow and sFlow • SNMP based flow • Time Related • Flow time outs – active/inactive Fl ti t ti /i ti • Flow time stamps • NetFlow configuration g • Flexible NetFlow • 22 Referentia Systems Incorporated ‐ Confidential

  23. Visualization - Scanning 23 Referentia Systems Incorporated ‐ Confidential

  24. Visualization - VoIP Call Tracing 24 Referentia Systems Incorporated ‐ Confidential

  25. Visualization - Multicast Traffic 25 Referentia Systems Incorporated ‐ Confidential

  26. Visualization - Multicast Traffic Last Hop Router • Egress flows not showing Egress flows not showing • Traffic shown as going to Null but really router CPU 26 Referentia Systems Incorporated ‐ Confidential

  27. Visualization - Load Sharing Referentia Systems 27 Referentia Systems Incorporated ‐ Confidential Incorporat

  28. Visualization - Load Sharing Referentia Systems 28 Referentia Systems Incorporated ‐ Confidential Incorporat

  29. Visualization - Load Sharing Referentia Systems 29 Referentia Systems Incorporated ‐ Confidential Incorporat

  30. Interactions with Flows 1) Identify flow visually 2) Create ACL 3) ACL for PBR 3) ACL for PBR 30 Referentia Systems Incorporated ‐ Confidential

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

On the Way towards Topology- Based Visualization of Unsteady Flow The State of the Art Armin

On the Way towards Topology- Based Visualization of Unsteady Flow The State of the Art Armin

On the Way towards Topology- Based Visualization of Unsteady Flow The State of the Art Armin Pobitzer, Ronald Peikert, Raphael Fuchs, Benjamin Schindler, Alexander Kuhn, Holger Theisel, Kresimir Matkovic, and Helwig Hauser Ronald Peikert,

1.24k views • 77 slides
Real-Time Visualization 1 Real-Time Volume Rendering Stefan Bruckner Introduction

Real-Time Visualization 1 Real-Time Volume Rendering Stefan Bruckner Introduction

Real-Time Visualization 1 Real-Time Volume Rendering Stefan Bruckner Introduction Visualization of a 3D field No explicitly defined surfaces 3D data is projected onto a 2D image Interactivity is crucial Most commonly based on

1.43k views • 107 slides
Topological data analysis and topology-based visualization Leila De Floriani Topology-based

Topological data analysis and topology-based visualization Leila De Floriani Topology-based

Topological data analysis and topology-based visualization Leila De Floriani Topology-based methods v Why topology? topology deals with qualitative geometric information , thus v providing a structural description of data topological

298 views • 10 slides
Flow Visualization Overview: Flow Visualization (1) Introduction, overview Flow data Simulation

Flow Visualization Overview: Flow Visualization (1) Introduction, overview Flow data Simulation

Flow Visualization Overview: Flow Visualization (1) Introduction, overview Flow data Simulation vs. measurement vs. modelling 2D vs. surfaces vs. 3D Steady vs time-dependent flow Direct vs. indirect flow visualization Experimental flow

1.18k views • 92 slides
Flow Visualization Overview: Flow Visualization (1) Introduction, overview Fl Flow data d t

Flow Visualization Overview: Flow Visualization (1) Introduction, overview Fl Flow data d t

Flow Visualization Overview: Flow Visualization (1) Introduction, overview Fl Flow data d t Simulation vs. measurement vs. modelling 2D vs. surfaces vs. 3D Steady vs time-dependent flow St d ti d d t fl Direct vs. indirect flow

957 views • 92 slides
Real-Time Interactive Visualization of Deformations of Singularities Oliver Labs Universit at

Real-Time Interactive Visualization of Deformations of Singularities Oliver Labs Universit at

Surf and Surfaces SURFEX in action Some Visualization Issues Plans for the Future Conclusion Real-Time Interactive Visualization of Deformations of Singularities Oliver Labs Universit at des Saarlandes, Germany E-Mail:

743 views • 56 slides
Skydive An analyzer for network topology and traffic Sylvain Baubeau Sylvain Afchain Skydive

Skydive An analyzer for network topology and traffic Sylvain Baubeau Sylvain Afchain Skydive

Skydive An analyzer for network topology and traffic Sylvain Baubeau Sylvain Afchain Skydive goals Topology exploration and visualization Network traffic capture Make network troubleshooting easier SDN agnostic Real-time

704 views • 10 slides
Glyph-based Visualization Applications David H. S. Chung Swansea University Outline Glyph

Glyph-based Visualization Applications David H. S. Chung Swansea University Outline Glyph

Glyph-based Visualization Applications David H. S. Chung Swansea University Outline Glyph Design Application Flow Event Multi-field Visualization Visualization Visualization Uncertainty Geo-spatial Tensor Medical Visualization

559 views • 30 slides
Real-Time Performance of Linux Among others: A Measurement-Based Analysis of the Real-Time

Real-Time Performance of Linux Among others: A Measurement-Based Analysis of the Real-Time

CPSC-663: Real-Time Systems Linux, Preemption, and Real-Time Real-Time Performance of Linux Among others: A Measurement-Based Analysis of the Real-Time Performance of Linux (L. Abeni , A. Goel, C. Krasic, J. Snow, J. Walpole) [RTAS

472 views • 9 slides
Flow Visualization Flow Visualization CS 176 Spring 2011 1 Fluid Simulation a Looking at

Flow Visualization Flow Visualization CS 176 Spring 2011 1 Fluid Simulation a Looking at

Flow Visualization Flow Visualization CS 176 Spring 2011 1 Fluid Simulation a Looking at vector fields g how? Bolz et al. Laidlaw et al. CS 176 Spring 2011 2 Field Visualization V a a Stalling et al. Cabral et al. Stalling

576 views • 18 slides
Web Real-Time Communication Solutions History Browser-based Real-time Communications Video,

Web Real-Time Communication Solutions History Browser-based Real-time Communications Video,

Web Real-Time Communication Solutions History Browser-based Real-time Communications Video, Audio, Data licode Recording, Screen Sharing. HTML5 & WebRTC Designed to dynamically scale on-demand Real-time In your own

412 views • 19 slides
Flow Visualization Research @ IDAV Christoph Garth CScADS Workshop on Scientific Data Analysis

Flow Visualization Research @ IDAV Christoph Garth CScADS Workshop on Scientific Data Analysis

Flow Visualization Research @ IDAV Christoph Garth CScADS Workshop on Scientific Data Analysis and Visualization for Petascale Computing August 6, 2009 Flow Illustration with Integral Surfaces (with Hari Krishnan, Ken Joy) Integration-Based

673 views • 52 slides
Chapter 4 Priority-Based Real-Time Scheduling Real-Time Embedded Systems Laboratory Northeastern

Chapter 4 Priority-Based Real-Time Scheduling Real-Time Embedded Systems Laboratory Northeastern

Spring 2009 - Real-Time Systems http://www.neu-rtes.org/courses/spring2009/ Chapter 4 Priority-Based Real-Time Scheduling Real-Time Embedded Systems Laboratory Northeastern University Objectives In this chapter, you are supposed to learn:

695 views • 32 slides
Presentation of "Real-Time Surface Extraction and Visualization of Medical Images using

Presentation of "Real-Time Surface Extraction and Visualization of Medical Images using

See discussions, stats, and author profiles for this publication at: https://www.researchgate.net/publication/267623041 Presentation of "Real-Time Surface Extraction and Visualization of Medical Images using OpenCL and GPUs" Data

560 views • 24 slides
Real-time Processing and Visualization of Massive Air-Traffic Data in Digital Landscapes Digital

Real-time Processing and Visualization of Massive Air-Traffic Data in Digital Landscapes Digital

Real-time Processing and Visualization of Massive Air-Traffic Data in Digital Landscapes Digital Landscape Architecture 2015, Dessau Stefan Buschmann, Matthias Trapp, and Jrgen Dllner Hasso-Plattner-Institut, Universitt Potsdam 05.06.2015

719 views • 31 slides
Android industrial Real-Time Data Visualization Michael Guntli mguntli@imt.ch IMT AG,

Android industrial Real-Time Data Visualization Michael Guntli mguntli@imt.ch IMT AG,

Android industrial Real-Time Data Visualization Michael Guntli mguntli@imt.ch IMT AG, Switzerland 2 3 Mobile Ventilator Tester 4 System Architecture Airflow Pressure Temp. Sensor Sensor Sensor Oxygen Cell Touch Screen Pressure

654 views • 54 slides
Congressional Budget Office November 14, 2017 The Financial Soundness and Affordability of the

Congressional Budget Office November 14, 2017 The Financial Soundness and Affordability of the

Congressional Budget Office November 14, 2017 The Financial Soundness and Affordability of the National Flood Insurance Program Presentation at the 2017 Annual Meeting of the American Academy of Actuaries Terry Dinan Senior Adviser,

368 views • 19 slides
Regional Flooding Neighborhood Meeting Wood Valley Community Center April 16, 2013 2009 Event

Regional Flooding Neighborhood Meeting Wood Valley Community Center April 16, 2013 2009 Event

Regional Flooding Neighborhood Meeting Wood Valley Community Center April 16, 2013 2009 Event US Highway 84 / Lowndes County Lake Drive / Winding Way City of Valdosta Courtesy of Valdosta Daily Times Courtesy of City of Valdosta Franks

369 views • 18 slides
City of Renos Drainage Needs Beyond TRFMA Project Components John Flansberg, P.E, Director

City of Renos Drainage Needs Beyond TRFMA Project Components John Flansberg, P.E, Director

City of Renos Drainage Needs Beyond TRFMA Project Components John Flansberg, P.E, Director Public Works A Presentation for the Truckee River Flood Project Needs Committee: January 3, 2019 Northern Nevada Atmospheric River: January 8, 2017

514 views • 26 slides
2. A General after a battle 3. Saving and investing for retirement Martin Doyle Duke University

2. A General after a battle 3. Saving and investing for retirement Martin Doyle Duke University

Three Metaphors for Flooding in North Carolina: 1. College Basketball 2. A General after a battle 3. Saving and investing for retirement Martin Doyle Duke University Professor of River Science & Policy Nicholas School of the Environment

336 views • 11 slides
BRTP: Border Routing & Transport Protocol Debish Fesehaye & Klara Nahrstedt University

BRTP: Border Routing & Transport Protocol Debish Fesehaye & Klara Nahrstedt University

BRTP: Border Routing & Transport Protocol Debish Fesehaye & Klara Nahrstedt University of Illinois-Urbana Champaign Routing & Transport Protocols Any network communication system involves finding a path ( routing ) and

485 views • 12 slides
A Machine Learning Approach to Routing A. Valadarsky, M. Schapira, D. Shahaf, A. Tamar 2017

A Machine Learning Approach to Routing A. Valadarsky, M. Schapira, D. Shahaf, A. Tamar 2017

A Machine Learning Approach to Routing A. Valadarsky, M. Schapira, D. Shahaf, A. Tamar 2017 Joshua Send 14 November, 2017 Premise 2017 ML still hasn't been properly explored for networking Goal: Preliminary work exploring ML for

309 views • 16 slides
Continuous Flow Scoring of Prose Constructed Response: A Hybrid of Automated and Human Scoring

Continuous Flow Scoring of Prose Constructed Response: A Hybrid of Automated and Human Scoring

Continuous Flow Scoring of Prose Constructed Response: A Hybrid of Automated and Human Scoring Denny Way Pearson June 22, 2016 Presented at that National Conference on Student Assessment, Philadelphia, PA 1 Background This

301 views • 15 slides
Purpose To educate stakeholders and decision makers about NG911 and issues surrounding the

Purpose To educate stakeholders and decision makers about NG911 and issues surrounding the

Purpose To educate stakeholders and decision makers about NG911 and issues surrounding the movement by answering (5) basic questions What What has What is the Why does Why exactly to happen expected all this move to is to get to

682 views • 28 slides

More recommend