- Speaker: Vyas Sekar (Stony Brook University)
- Date: March 15th, 2013 (Friday)
- Room: CIT 368
- Title: “The Middlebox Manifesto: Enabling Innovation in Middlebox Deployment“
Today’s computing landscape relies critically on high-performance, resilient,
and secure networked systems. As application workloads, security requirements,
and organizational policy constraints change over time, the network
infrastructure needs to evolve in order to meet the increasing need for
performance, reliability, and security.
Most of this evolution in today’s networks happens via the deployment of
specialized network appliances or “middleboxes”. Unfortunately, middleboxes
today are expensive and closed systems, with little or no hooks for
extensibility. Furthermore, they are acquired from independent vendors and
deployed as standalone devices with little cohesiveness in how the ensemble of
middleboxes is managed. As network requirements continue to grow in both scale
and variety, this bottom-up approach puts the network infrastructure on a
trajectory of growing device sprawl with corresponding escalation in capital
and management costs.
To address this challenge, this talk describes the design and implementation
of a new architecture for middlebox deployments that systematically explores
opportunities for consolidation both at the level of building individual
middleboxes and in managing a network of middleboxes. I will show that such
consolidation introduces new opportunities for innovation and performance
optimization that do not exist in current middlebox deployments.
I will also briefly discuss some of our other recent work in the middlebox space,
including attempts to outsource middlebox functions to cloud providers and integration
with existing software-defined networking interfaces.
Vyas Sekar is an Assistant Professor at Stony Brook University. Before starting
at Stony Brook, he was a research scientist at Intel Labs where he was a member
of the Intel Science and Technology Center for Secure Computing located at the
University of California, Berkeley. His research interests lie at the
intersection of networking, security, and systems. He received his Ph.D. from
the Computer Science Department at Carnegie Mellon University in 2010. He
earned his bachelor’s degree from the Indian Institute of Technology Madras,
where he was awarded the President of India Gold Medal. His work has been
recognized with best paper awards at ACM SIGCOMM and ACM Multimedia.