Data Analysis in Terabit Ethernet Traffic

Lars Weiler <pylon@ccc.de>

27th Chaos Communication Congress 2010-12-28

Data Mediation Layer

Monitoring vs. Surveillance

Deeper View

Data Mediation Layer

Telephone tapping

RaBoe/Wikipedia http://commons.wikimedia.org/wiki/File:Telefon-Technik_01_(RaBoe).jpg

Telephone Operator

Vampire Tap
10BASE5 Ethernet

Robert.Harker/Wikipedia http://en.wikipedia.org/wiki/File:10Base5transcievers.jpg

Network Bus Technologie
Just connect…

jemstone/flickr http://www.flickr.com/photos/jemstone/11631878

…and Data flows by

nickskitch/flickr http://www.flickr.com/photos/nickskitch/4260998541/

Full Duplex with Optical Fiber

mika/flickr http://www.flickr.com/photos/mika/2100204327/

shazoor/flickr http://www.flickr.com/photos/shazoor/4813943143/

Splitting Light

Switched Port Analyzer (SPAN)

Data Analysis

Data Analysis

Data Analysis

Data Analysis

Data Analysis

Data Analysis

Data Analysis

Data Analysis

Black Box

Data Analysis

Black Box

Data Analysis

Black Box

Data Mediation Layer

Black Box

Let’s have a look into the box

kevinsteele/flickr http://www.flickr.com/photos/kevinsteele/3007479711/

Aggregation

kabacchi/flickr http://www.flickr.com/photos/kabacchi/4795303865/

Regeneration
ms_sarahbgibson/flickr http://www.flickr.com/photos/ms_sarahbgibson/3375966166/

Distribution

sheeshoo/flickr http://www.flickr.com/photos/sheeshoo/3486207370/

Filtering

zero_data/flickr http://www.flickr.com/photos/zero_data/161500320/

Manipulation
iluetkeb/flickr http://www.flickr.com/photos/iluetkeb/2595137371/

Intelligent Data Access Solutions

Identify the Secure Access | Complete Visiblity Vendors
All product images, brands, trademarks and logos are the property of their respective owners and holders and are used for descriptive purposes only where possible

jeffeaton/flickr

jeffeaton/flickr

Benefits
Test Equipment Costs

free-stock/flickr http://www.flickr.com/photos/free-stock/4791385567/

Monitoring

vs.

Surveillance

Monitoring

mogwai_83/flickr http://www.flickr.com/photos/mogwai_83/3022261893/

Surveillance

exacq/flickr http://www.flickr.com/photos/exacq/1224729974/

Filter List

keepthebyte/flickr http://www.flickr.com/photos/keepthebyte/298432485/

Analysis of Unencrypted Data

Analysis of Unencrypted Data

Analysis of Unencrypted Data

Analysis of Encrypted Data

Encrypted Data with SSL Terminator

Encrypted Data with SSL Terminator

Bob

Lawful Interception without Data Retention

Oscar

Alice

Bob

Lawful Interception without Data Retention

Oscar

Alice

Oscar

Bob

Lawful Interception without Data Retention

Oscar

Alice

Oscar

Bob

Lawful Interception without Data Retention

Oscar

Alice

Deeper View

What is more interesting?

Content or Filter List?
publish9/flickr http://www.flickr.com/photos/publish9/3495637145/ keepthebyte/flickr http://www.flickr.com/photos/keepthebyte/298432485/

Filter Lists are stored on the device

Serial Line and Bootloader for Rescue!

WebGUI

Security

Data Mediation Layer

Monitoring vs. Surveillance

Deeper View

Thanks for your attention!

Questions?

Sign up to vote on this title
UsefulNot useful