Oct 17 – 21, 2016
US/Pacific timezone

SDN-enabled Intrusion Detection System

Oct 17, 2016, 4:40 PM
Building 50 Auditorium (LBNL)

Building 50 Auditorium


Berkeley, CA 94720
Security & Networking Security & Networking


Adam Lukasz Krajewski (CERN)


CERN networks are dealing with an ever-increasing volume of network traffic. The traffic leaving and entering CERN has to be precisely monitored and analysed in order to properly protect the networks from potential security breaches. To provide the required monitoring capabilities, the Computer Security team and the Networking team at CERN have joined efforts in designing and deploying a scalable Intrusion Detection System (IDS) setup. The setup features symmetrical load-balancing of monitored traffic across a pool of IDS servers with optional OpenFlow-based traffic shunting (offloading) and selective packet capturing capabilities. Having an experimental instance deployed, the solution is currently under testing with a promising perspective of putting it in production in the near future.

Primary author

Presentation materials