Hi Xiaobo - Thanks for your suggestions. I've been on medical leave most of January so apologies for not responding to you sooner. It's possible that others on the Crossbow team may have responded already.
The use cases sound interesting indeed. I'm not sure that we can implement them here in our Labs. Engineers, any thoughts? If the cases are deemed too specific for our more generic docs, I still think they are great. Therefore, my question to you is, do you have documentation, HowTos, etc., on how to set up and test your use cases? We have an enthusiastic OpenSolaris documentation community that provides HowTos and other information, like use cases, on the Documentation web site and on the Documentation Wiki. Here's a URL to the System Administration Wiki, for example: http://opensolaris.org/os/community/documentation/doc_index/sysadmin If you are interested in providing material, I could work with you, or at least point you to the OpenSolaris documentation community. - Steff Xiaobo Wang wrote: > Steff > > Here are some applications that may be interesting crossbow use cases. > > 1) A VoIP aware firewall provides secured connections between a customer and > partners. Multiple types of services may run on the device, e.g., SIP on > UDP, H.323 on TCP, etc. Each service may also run on multiple IPs or > multiple ports on same IP for different groups of users (e.g., separate IPs > for trusted, semi-trusted, and untrusted usrs). Device may be connected to > the public network and may be attacks. The goal is to use crossbow to > mitigate / control attacks on VoIP services. For example > a) Attacks on one IP (VNIC) should not affect services running on other > IP > (VNIC) > > b) Attacks on one protocol (e.g., H.323/TCP) should not affect services > running on other protocols (e.g., SIP/UDP). > > c) Attacks on one port should not affect services running on other ports > or > IP/ports (that means at most one group of users may be affected.) > > > 2) This use case is similar to case 1 but has additional goal to use crossbow > to protect all services, including the service under attacks. The hope is to > use crossbow?s h/w based packet classification and flow control functions, > integrated with network and application level intrusion detection functions, > to detect and block bad traffics at near wire speed. > > Note case 2 is more interesting because: 1) for critical services user wants > to protect all users, including the user whose service is under attack; 2) it > seems there have not much study on how fast crossbow can block packets (v.s., > some work has been done on how fast crossbow can forward packets). Such data > is important for security applications and I think many users will be > interesting in knowing the results. > > Hope it helps > > Xiaobo > > > This message posted from opensolaris.org > _______________________________________________ > crossbow-discuss mailing list > crossbow-discuss at opensolaris.org > http://mail.opensolaris.org/mailman/listinfo/crossbow-discuss
