Download the Presentation

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
page
27
page
28
page
29
page
30
page
31
page
32
page
33
Document related concepts

Deep packet inspection wikipedia , lookup

Net neutrality law wikipedia , lookup

Piggybacking (Internet access) wikipedia , lookup

List of wireless community networks by region wikipedia , lookup

Net bias wikipedia , lookup

Transcript 
Improving Resilience and Performance in
Light of Recent Internet Outages
Troy Whitney – Manager, Solutions Engineering
Confidential © 2017 ThousandEyes Inc. All Rights Reserved.
1
We now live in an Internet-centric IT world
Employee
Productivity
Business
Operations
DDoS
Attack
Cloud Outages
Customer
Experience
© 2017 ThousandEyes Inc. All Rights Reserved.
2
So what’s changed? Everything.
INTERNET
Data
Center
‘Private’ circuits
connect the
corporate WAN
through Internet
Service Providers
Branch
© 2017 ThousandEyes Inc. All Rights Reserved.
3
Cloud data centers host business critical apps
INTERNET
Apps
Data
Center
Applications hosted
in the cloud or
remote data centers
Branch
© 2017 ThousandEyes Inc. All Rights Reserved.
4
Direct Internet Access connects branches
INTERNET
Apps
Data
Center
Direct Internet connectivity
to cloud services and
software-defined routing
between branches
Branch
© 2017 ThousandEyes Inc. All Rights Reserved.
5
Wireless is everywhere
INTERNET
Apps
Data
Center
Wireless is the primary
connection at the
branch
Branch
© 2017 ThousandEyes Inc. All Rights Reserved.
6
And employees work where convenient
INTERNET
Apps
Data
Center
Home
Employees access
applications from home
and on the road
Branch
© 2017 ThousandEyes Inc. All Rights Reserved.
7
Managed DNS is a linchpin of service delivery
DNS services are
managed by external
providers
DN
S
INTERNET
Apps
Data
Center
Home
Branch
© 2017 ThousandEyes Inc. All Rights Reserved.
8
CDNs and DDoS mitigation act as intermediaries
CDNs offload traffic,
filter attacks and
reduce latency
CDN /
DDoS
Mitigation
DN
S
INTERNET
Apps
Data
Center
Home
Branch
© 2017 ThousandEyes Inc. All Rights Reserved.
9
IaaS has become your additional data center
IaaS providers host
services and entire
applications
Iaa
S
CDN /
DDoS
Mitigation
DN
S
INTERNET
Apps
Data
Center
Home
Branch
© 2017 ThousandEyes Inc. All Rights Reserved.
10
Internet Outages Happen All the Time
~ 170 affected interfaces / hour
~ 1.6K prefixes / hour
© 2017 ThousandEyes Inc. All Rights Reserved.
11
Internet Outage: AWS S3
© 2017 ThousandEyes Inc. All Rights Reserved.
12
IaaS outages
• As business move critical
apps and services to IaaS
clouds, outages can be very
damaging
• Despite fault-isolated regions,
many apps aren’t multiregion
• Even those that are focus on
compute, not resiliency of
other services
• Impacts can be complex,
correlated and externally
AWS S3 outage Feb 2017
4 hours
1000s of apps and sites
Estimated $150M impact
50% of major retailers affected
© 2017 ThousandEyes Inc. All Rights Reserved.
13
Broad impact on sites and apps
• Impacted file storage, often
not replicated across regions
• Impacted other dependent
AWS services (Redshift,
ELB, RDS, etc.)
• Impacted AWS monitoring
services (Cloud Watch, status
page)
• Impacted commonly-used
third-party services (Blue
Kai, etc.)
© 2017 ThousandEyes Inc. All Rights Reserved.
14
A large-scale operations error
• AWS unintentionally
removed servers and had
to restart the file storage
systems
• The issue identification,
system restart and
recovery took hours
• This showed up as
completely unavailable
services
© 2017 ThousandEyes Inc. All Rights Reserved.
15
Internet Outage: Dyn DNS DDoS
© 2017 ThousandEyes Inc. All Rights Reserved.
16
DDoS attacks
• Attackers attempt to prevent
users from reaching a service
with a denial of service
attack
• DDoS attacks overwhelm
networks, network equipment
or applications with traffic
• They happen with alarming
frequency and scale, causing
business interruption and
covering traces of other
attack types
Largest attacks now exceed
500 Gbps
Costs in excess of $40K per
hour per company
One attack cost a firm 8% of
customers
© 2017 ThousandEyes Inc. All Rights Reserved.
17
Dyn DNS DDoS
• DNS matters!
• You can’t send a
message if you
don’t know the
address
• An example from
Oct 21st 2016
© 2017 ThousandEyes Inc. All Rights Reserved.
18
Service availability impacted for 24 hours
• DNS is application
traffic too
• It needs the
network to run
• A DDoS attack
prevents that
© 2017 ThousandEyes Inc. All Rights Reserved.
19
Network connectivity to Dyn during the attack
© 2017 ThousandEyes Inc. All Rights Reserved.
20
Clogging the Pipes
© 2017 ThousandEyes Inc. All Rights Reserved.
21
Internet Outage: Rostelecom Route Leak
© 2017 ThousandEyes Inc. All Rights Reserved.
22
Route leaks
• Networks around the world
exchange routes, data on
how traffic can move to its
destination
• But, these routes can leak
accidentally or another
network can intentionally
hijack them
• This causes Internet traffic to
move to an incorrect
destination, denying service
or allowing traffic inspection
Dozens of large scale routing
leaks each year
Lasting from seconds to
days
© 2017 ThousandEyes Inc. All Rights Reserved.
23
Rostelecom route leak
• April 27th
• Rostelecom, a Russian state
owned ISP leaked routes for
dozens of networks
• Including major payments
infrastructure: Visa,
Mastercard, BNP Paribas,
HSBC, MUFG, UBS,
Santander
• Traffic flowed through Russian
networks for over 7 minutes
© 2017 ThousandEyes Inc. All Rights Reserved.
24
Taking financial traffic for a ride
• Traffic entered the
Rostelecom network
• Traversed 60+
interfaces either in a
loop or as it was
inspected
• Then returned back to
the payment card
network
© 2017 ThousandEyes Inc. All Rights Reserved.
25
A New Approach to Managing Internet Outages
© 2017 ThousandEyes Inc. All Rights Reserved.
26
Collect performance data from every perspective
NY
Branch
INTERNET
Apps
Data
Center
Enterprise Agents
Cloud Agents
Hom
e
Endpoint Agents
HK
Branch
© 2017 ThousandEyes Inc. All Rights Reserved.
27
A unified view of performance from user to app
End-to-End Performance Data
App
Performance
User
Experience
Network
Connectivity
Routing
Network
Topology
User
Routing
Topology
App
Enterprise, Endpoint and Cloud
Agents
© 2017 ThousandEyes Inc. All Rights Reserved.
28
See every network like it’s your own
Washington, DC
Visualize your
network topologies
the way that critical
services flow over it
ston, MA
San Francisco, CA
182.50.78.4
182.50.78.41
1
See faults and
182.50.78.16
182.50.78.169
dependencies in context
9
Hong Kong
Dallas,
TX
3
Vancouver,
© 2017 ThousandEyes Inc. All Rights Reserved.
29
Quickly surface insights from a global data set
Algorithms sort through the
data of all ThousandEyes
users to find the answer
Immediately identify
issues from complex
behaviors
NTT
in Virginia
New York
Cloud Agent
Salesforce
Customer 1
Boston
Enterprise Agent
Customer 2
Los Angeles
Cloud Agent
Google
Comcast
in Denver
AW
S
© 2017 ThousandEyes Inc. All Rights Reserved.
30
Washington, DC
Solve issues across shared infrastructure
Alerts
Dashboards /
Reports
Snapshots
Your Network
Your ISP
Cloud or CDN
© 2017 ThousandEyes Inc. All Rights Reserved.
31
About Us
We’re a team of network experts,
committed to helping you best
connect your business
FOUNDED IN
2010
HEADQUARTERS IN:
San Francisco
OFFICES IN:
New York | London | Austin
© 2017 ThousandEyes Inc. All Rights Reserved.
32
Thank You
Confidential © 2017 ThousandEyes Inc. All Rights Reserved.
33
Related documents
Rescheduling of Annual Ordinary General Assembly
Rescheduling of Annual Ordinary General Assembly
Maths Section A 11+ Specimen 2017
Maths Section A 11+ Specimen 2017
1. Call to Order. 2. Discussion and possible action
1. Call to Order. 2. Discussion and possible action
Instructor Rubric for Presentations
Instructor Rubric for Presentations
Problem 1 Find out how much power the 2 A source delivers to the
Problem 1 Find out how much power the 2 A source delivers to the
Solving x = tan x Using Fixed Point Iteration
Solving x = tan x Using Fixed Point Iteration
Registration Form
Registration Form
WWW Lab1
WWW Lab1
Sustainable Consumption & Production
Sustainable Consumption & Production
Document
Document