9th International Conference on

Autonomous Infrastructure, Management and Security

(AIMS 2015)

June 22-25, 2015, University of Ghent, Belgium

Lab sessions

Lab Session 1: Map-Reduce and Hadoop

Jérôme François, INRIA Grand Est Nancy, France

Date: Tuesday June 23 2015, 14:00 - 17:00
Location: Oude Infirmerie (2nd floor)

Abstract This tutorial introduces Hadoop and how it can be applied to different challenges today’s community is facing in network management. Data analytics is, thus, the focus of this tutorial as networks are producing tons of various logs, for example network traffic measures, firewall alerts, or SNMP messages. They form the basis of many management functions, which may necessitate basic processing like accounting or more complex calculations in particular for providing predictions on the future for (a) configuration purposes, (b) detecting security anomalies, or (c) supporting fault management.

This lab session introduces the Map-Reduce paradigm before explaining how to implement a program for Hadoop. Common programming patterns (join, filter, aggregation) are presented using short examples. Usual problems are discussed also, for example sorting or optimizing and chaining multiple tasks. Finally, the lab session presents Hadoop extensions like Pig for writing requests without any programming needs.

Lab Session 2: Deploying Network Function Virtualization Experiments on the Virtual Wall Test-bed

Niels Bouten, Ghent University, iMinds, Belgium
Rashid Mijumbi, Universitat Politècnica de Catalunya, Spain

Date: Wednesday June 24 2015, 13:30 - 16:30
Location: Oude Infirmerie (2nd floor)

Abstract Network Function Virtualization (NFV) takes advantage of IT virtualization technologies and network programming to virtualize physical network functions (e.g., firewall, NAT, and DHCP) and interconnect them to create new communication services. This allows service providers to create new communication services on top of existing network and datacenter infrastructure enabling shorter time-to-market at lower cost. Combining IT virtualization and Softwaredefined Networking (SDN) technologies allows NFV to increase greatly the network management flexibility by decoupling network functions from physical machines and by decoupling the control plane from traffic forwarding in network equipment.

The goal of this hands-on tutorial is to familiarize all participants with the concept of NFV in general and possible benefits of combining it with SDN. This will be accomplished by deploying several network functions on the Virtual Wall and interconnecting them using OpenFlow. This allows for the creation of individual Service Function Chains (SFC) for different users.

These experiments will be run in a live network setting, facilitated by the Virtual Wall test-bed. The Virtual Wall is a test-bed facility for setting up large-scale network topologies. Its nodes can be assigned different functionality and organized in arbitrary network topologies on the fly. As such, it is a generic experimental environment for advanced network, distributed software and service evaluation, and supports scalability research. The facility has been made available to the research community through different FP7 FIRE projects. This tutorial will provide, too, a brief theoretical introduction about the Virtual Wall’s capabilities in preparation of the hands-on part. By using the jFed framework for test-bed federation, experiments on the Virtual Wall will be set-up.

The accounts used in the tutorial can be accessed through http://users.ugent.be/~nbouten/aimsaccounts.

Lab Session 3: Powering Monitoring Analytics with ELK Stack

Abdelkader Lahmadi, University of Lorraine, France
Frederick Beck, INRIA Nancy, France

Date: Thursday June 25 2015, 09:30 - 12:30
Location: Oude Infirmerie (2nd floor)

Abstract Machine-generated data, including logs and network flows, are considerably growing and their collection, searching, and visualization is a challenging task for (a) daily administrator activities and (b) researchers aiming to better find out analytics and insights from monitoring data regarding their research goals, including amongst others security or modeling of network and systems.

This lab session introduces the open source ELK stack and its components, including Elasticsearch for deep search and data analytics, Logstash for centralized logging, log enrichment, and parsing, and Kibana for powerful and beautiful data visualizations. ELK enables the analysis and visualization of monitoring data, such as logs and netflows. A first step details these individual components and the second step provides guidelines for their deployment and configuration. In the third step participants will perform hands-on practical work for collecting, processing, and enriching logs and netflows, combined with the creation of associated visualization and dashboards aspects.