Download PPT Version

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
Document related concepts

Cracking of wireless networks wikipedia , lookup

Remote Desktop Services wikipedia , lookup

Lag wikipedia , lookup

IEEE 1355 wikipedia , lookup

UniPro protocol stack wikipedia , lookup

Zero-configuration networking wikipedia , lookup

Transcript 
DNS Traffic Management
and DNS data mining
Making Windows DNS Server Cloud Ready
~Kumar Ashutosh, Microsoft
Windows DNS Server
▪ Widely deployed in enterprises
▪ Fair presence in the DNS resolver space
▪ Standards compliant and interoperable
▪ Secure and scalable
Needs of DNS server in cloud
▪ Policy based traffic management
▪ Audit and billing mechanism for DNS service
▪ The DNS data mine and analytics
▪ Security and High availability
Policy based Traffic Management
▪ DNS Policy is Windows DNS Server construct that allows DNS administrators to
control the DNS Query processing in order to achieve :
▪ Global Traffic Management,
▪ Application Load Balancing,
▪ Intelligent DNS responses based on communication protocol (IPV4 or V6) or transport
protocol (UDP and TCP),
▪ Applying tenant specific filters for black holing, parental control etc.
▪ Split-Brain DNS Deployment
… and much more
Anatomy of a policy
Any combination of Client Subnet, Server Interface IP, FQDN, Internet protocol
(IPV4/V6), Transport Protocol (UDP/TCP), Time Of Day, Query Type
Criteria
If policy matches what action to take : ALLOW, DENY, IGNORE
Action
?
If Action is allow, what data to respond with and in what ratio.
Content
?
Capabilities
Location aware responses
Traffic
Management
High
Availability
Time of day based policies
Time of day
Improve availability of
critical applications by
failover policies
Split Brain DNS
Split Brain
Application Load Balancing
based on the performance
Load of host
Balancing
?
Black Hole and Filters
Filters
?
DNS Audit Trail
What
changed?
What?
-Zone
-Server
-Record
Who?
Who
changed?
-DC admin
-Tenant admin
When?
-For Reporting
-Audit Trails
-diagnostics
DNS Data mine
Data
collection
Data
Preparation
Pattern
discovery
Actionable
Information
DNS Data mine : Data Collection
▪ Collect data from every DNS server
▪ Centralized system for collection
▪ Real time collection with minimal performance impact
▪ Kinds of Data collected:
▪ All DNS transactions
▪ Queries/responses
▪ XFR
▪ Dynamic updates
▪ Server state
▪ Health indicators
▪ Performance counters
DNS Data mine : Data Preparation
▪ Cleaning the data
▪ Data transformation
▪ Creating relational databases for different purposes
▪ Related calculations – like amplification factor, frequency etc.
▪ Collation of data across the server farm
▪ Correlation of data
▪ Across multiple servers
▪ Between single user
▪ Relationship with state of the server.
▪ Rolling over with knowledge transfer.
DNS Data mine: Pattern Discovery
▪ Domain name analysis,
▪ Amplification analysis
▪ User behaviour analysis
▪ Client subnet analysis
▪ Security analysis
DNS Data mine: Actionable Information
▪ User behaviour analytics
▪ Load model
▪ DDoS detection
Thank You
Related documents
FootPrinting - PSU
FootPrinting - PSU
Introduction to the Internet
Introduction to the Internet
CSCI6268L36
CSCI6268L36
Midterm Review - UTK-EECS
Midterm Review - UTK-EECS
Chapter 23 - William Stallings, Data and Computer
Chapter 23 - William Stallings, Data and Computer
Using DNS as an Access Protocol for Mapping Identifiers to Locators
Using DNS as an Access Protocol for Mapping Identifiers to Locators
DNS
DNS
Annotation Layer
Annotation Layer
CSCI6268L25
CSCI6268L25
PowerPoint Template
PowerPoint Template
Design and Implementation of Alternative Route Against DDOS
Design and Implementation of Alternative Route Against DDOS
F5 User’s Group
F5 User’s Group
DNS Server Selection on Multi-Homed Hosts
DNS Server Selection on Multi-Homed Hosts
Quality of Service versus Any Service at All
Quality of Service versus Any Service at All
Distributed Computing Systems
Distributed Computing Systems
Lecture 1 - Intro
Lecture 1 - Intro
Recon
Recon
E-Business - Computer Science and Information Systems Technical
E-Business - Computer Science and Information Systems Technical
the Presentation
the Presentation
Service Part Number: “AAA-AC-INST-1”
Service Part Number: “AAA-AC-INST-1”
Networking and the Internet - Department of Mathematics and
Networking and the Internet - Department of Mathematics and
Development of DNS
Development of DNS