Towards Systematic Design and Configuration of Enterprise Networks

Enterprise networks are important, with size and complexity
even surpassing carrier networks. Yet, the design of enterprise
networks is ad-hoc and poorly understood. Further, the inherently complex
high-level policies that operators have for their networks
are realized through thousands of low-level device configurations.
Configuring networks is error-prone given the huge mismatch between
operator objectives and low-level configurations.
Recent surveys show that 80% of the IT budget in enterprises is devoted to
managing networks, yet, configuration errors account for 62% of network downtime,
and enable over 65% of cyber-attacks.

In this talk, I will describe our research on systematic approaches to
the design and configuration of enterprise networks. Our approach
centers around abstracting key enterprise design tasks in ways
that (i) capture the high level operator goals of a network design
(e.g., performance, security, or resilience); and (ii)
capture the requirements of the network as a whole rather than of
individual devices. The abstractions developed are based on
studies of actual network designs, and iterative interactions
with operators. The abstractions lead to formulations
that model each enterprise design task as one of optimizing desired
criteria subject to the correctness and feasibility constraints on the
design. I will show how a systematic design approach can handle two complex and time-consuming
areas of enterprise design: VLANs and reachability control.

I will also talk about our work on modeling and analysis of Class of Service
(CoS) policies in enterprise networks. Business and economic considerations
are driving the extensive use of service differentiation in Virtual Private Networks
(VPNs) operated for business enterprises today. I will first describe the
the prevalence of CoS, and the complexity inherent in managing CoS configuration,
a topic that is little known outside the operational community.
I will then present a formal approach to modeling CoS policies
from router configuration files in a precise manner. I will describe a tool
built based on the approach, and its value in enabling applications such as
troubleshooting, auditing, and visualization of network-wide designs.
Sanjay G. Rao is an Assistant Professor in the ECE Department at Purdue University, where he leads the Internet Systems Laboratory. His research interests are in Networking, more specifically in Peer-to-Peer systems, and Network Management. He received the Bachelor's degree in Computer Science and Engineering from the Indian Institute of Technology, Madras, and the Ph.D from the School of Computer Science, Carnegie Mellon University in 2004. He was a visiting researcher in the Network Measurement and Management group at AT&T Research in Summer 2006. He has played a leadership role in the End System Multicast project – the project pioneers P2P live-streaming, which is now a mainstream research area and an emerging commercial sector. His research has been funded by NSF, Cisco, and AT&T. He has served on the Technical Program Committees of several workshops and conferences including ACM Sigcomm, IEEE Infocom and ACM CoNext, and is the technical program co-chair of the INM/WREN workshop (on Internet Network Management and enterprise networks) to be held in conduction with NSDI 2010.

For more details, please see:
http://www.ece.purdue.edu/~sanjay
http://www.ece.purdue.edu/~isl