ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Ethane: taking control of the enterprise
Full text PdfPdf (675 KB)
Source
Applications, Technologies, Architectures, and Protocols for Computer Communication archive
Proceedings of the 2007 conference on Applications, technologies, architectures, and protocols for computer communications table of contents
Kyoto, Japan
SESSION: Enterprise networks table of contents
Pages: 1 - 12  
Year of Publication: 2007
ISBN:978-1-59593-713-1
Also published in ...
Authors
Martin Casado  Stanford University, Stanford, CA
Michael J. Freedman  Stanford University, Stanford, CA
Justin Pettit  Stanford University, Stanford, CA
Jianying Luo  Stanford University, Stanford, CA
Nick McKeown  Stanford University, Stanford, CA
Scott Shenker  UC Berkeley, Berkeley, CA
Sponsors
SIGCOMM: ACM Special Interest Group on Data Communication
ACM: Association for Computing Machinery
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 28,   Downloads (12 Months): 294,   Citation Count: 2
Additional Information:

abstract   references   cited by   index terms   collaborative colleagues  

Tools and Actions: Review this Article  
Save this Article to a Binder    Display Formats: BibTex  EndNote ACM Ref   
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/1282380.1282382
What is a DOI?

ABSTRACT

This paper presents Ethane, a new network architecture for the enterprise. Ethane allows managers to define a single network-wide fine-grain policy, and then enforces it directly. Ethane couples extremely simple flow-based Ethernet switches with a centralized controller that manages the admittance and routing of flows. While radical, this design is backwards-compatible with existing hosts and switches.

We have implemented Ethane in both hardware and software, supporting both wired and wireless hosts. Our operational Ethane network has supported over 300 hosts for the past four months in a large university network, and this deployment experience has significantly affected Ethane's design.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
Alterpoint. http://www.alterpoint.com/.
 
2
BerkeleyDB. http://www.oracle.com/database/berkeley-db.html.
 
3
Cisco network admission control. http://www.cisco.com/.
 
4
Consentry. http://www.consentry.com/.
 
5
Identity engines. http://www.idengines.com/.
 
6
Microsoft network access protection. http://www.microsoft.com/technet/network/nap/default.mspx.
 
7
Netfpga home page. http://NetFPGA.org.
 
8
Openwrt home page. http://openwrt.org/.
 
9
A. Z. Broder and M. Mitzenmacher. Using multiple hash functions to improve ip lookups. In Proc. INFOCOM, Apr. 2001.
10
Don Caldwell , Anna Gilbert , Joel Gottlieb , Albert Greenberg , Gisli Hjalmtysson , Jennifer Rexford, The cutting EDGE of IP router configuration, ACM SIGCOMM Computer Communication Review, v.34 n.1, January 2004  [doi>10.1145/972374.972379]
11
Don Caldwell , Anna Gilbert , Joel Gottlieb , Albert Greenberg , Gisli Hjalmtysson , Jennifer Rexford, The cutting EDGE of IP router configuration, ACM SIGCOMM Computer Communication Review, v.34 n.1, January 2004  [doi>10.1145/972374.972379]
 
12
Martin Casado , Tal Garfinkel , Aditya Akella , Michael J. Freedman , Dan Boneh , Nick McKeown , Scott Shenker, SANE: a protection architecture for enterprise networks, Proceedings of the 15th conference on USENIX Security Symposium, p.10-10, July 31-August 04, 2006, Vancouver, B.C., Canada
13
Camil Demetrescu , Giuseppe F. Italiano, A new approach to dynamic all pairs shortest paths, Proceedings of the thirty-fifth annual ACM symposium on Theory of computing, June 09-11, 2003, San Diego, CA, USA  [doi>10.1145/780542.780567]
14
Albert Greenberg , Gisli Hjalmtysson , David A. Maltz , Andy Myers , Jennifer Rexford , Geoffrey Xie , Hong Yan , Jibin Zhan , Hui Zhang, A clean slate 4D approach to network control and management, ACM SIGCOMM Computer Communication Review, v.35 n.5, October 2005  [doi>10.1145/1096536.1096541]
15
Sotiris Ioannidis , Angelos D. Keromytis , Steve M. Bellovin , Jonathan M. Smith, Implementing a distributed firewall, Proceedings of the 7th ACM conference on Computer and communications security, p.190-199, November 01-04, 2000, Athens, Greece  [doi>10.1145/352600.353052]
 
16
Z. Kerravala. Configuration management delivers business resiliency. The Yankee Group, Nov. 2002.
 
17
A. Myers, E. Ng, and H. Zhang. Rethinking the service model: Scaling ethernet to a million nodes. In Proc. HotNets, Nov. 2004.
 
18
P. Newman, T. L. Lyon, and G. Minshall. Flow labelled IP: A connectionless approach to ATM. In INFOCOM (3), 1996.
 
19
R. Pang, M. Allman, M. Bennett, J. Lee, V. Paxson, and B. Tierney. A first look at modern enterprise traffic. In Proc. Internet Measurement Conference, Oct. 2005.
 
20
R. J. Perlman. Rbridges: Transparent routing. In Proc. INFOCOM, Mar. 2004.
 
21
J. Rexford, A. Greenberg, G. Hjalmtysson, D. A. Maltz, A. Myers, G. Xie, J. Zhan, and H. Zhang. Network-wide decision making: Toward a wafer-thin control plane. In Proc. HotNets, Nov. 2004.
22
Timothy Roscoe , Steve Hand , Rebecca Isaacs , Richard Mortier , Paul Jardetzky, Predicate routing: enabling controlled networking, ACM SIGCOMM Computer Communication Review, v.33 n.1, p.65-70, January 2003  [doi>10.1145/774763.774773]
 
23
A. Wool. The use and usability of direction-based filtering in firewalls. Computers & Security, 26(6):459--468, 2004.
 
24
A Quantitative Study of Firewall Configuration Errors, Computer, v.37 n.6, p.62-67, June 2004  [doi>10.1109/MC.2004.2]
25
David A. Maltz , Geoffrey Xie , Jibin Zhan , Hui Zhang , Gísli Hjálmtýsson , Albert Greenberg, Routing design in operational networks: a look from the inside, Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications, August 30-September 03, 2004, Portland, Oregon, USA

CITED BY  2
Sandeep Sarat , Andreas Terzis, On the detection and origin identification of mobile worms, Proceedings of the 2007 ACM workshop on Recurring malcode, November 02-02, 2007, Alexandria, Virginia, USA
Nick McKeown , Tom Anderson , Hari Balakrishnan , Guru Parulkar , Larry Peterson , Jennifer Rexford , Scott Shenker , Jonathan Turner, OpenFlow: enabling innovation in campus networks, ACM SIGCOMM Computer Communication Review, v.38 n.2, April 2008

INDEX TERMS

Primary Classification:
  C. Computer Systems Organization
  C.2 COMPUTER-COMMUNICATION NETWORKS
      C.2.6 Internetworking

Additional Classification:
  C. Computer Systems Organization
  C.2 COMPUTER-COMMUNICATION NETWORKS
      C.2.1 Network Architecture and Design


General Terms:
Design, Experimentation, Performance


Keywords:
architecture, management, network, security

Collaborative Colleagues:
Martin Casado: colleagues
Michael J. Freedman: colleagues
Justin Pettit: colleagues
Jianying Luo: colleagues
Nick McKeown: colleagues
Scott Shenker: colleagues
This Article has also been published in:

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2008 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player