OpenFlow is a communications protocol that gives access to the forwarding plane of a network switch or router over the network.
51-491: OpenFlow enables network controllers to determine the path of network packets across a network of switches. The controllers are distinct from the switches. This separation of the control from the forwarding allows for more sophisticated traffic management than is feasible using access control lists (ACLs) and routing protocols. Also, OpenFlow allows switches from different vendors — often each with their own proprietary interfaces and scripting languages — to be managed remotely using
102-496: A host or other layer 3 , each with a list of hosts and/or networks permitted to use the service. Although it is additionally possible to configure access-control lists based on network domain names , this is a questionable idea because individual TCP , UDP , and ICMP headers do not contain domain names. Consequently, the device enforcing the access-control list must separately resolve names to numeric addresses. This presents an additional attack surface for an attacker who
153-471: A multitenant network virtualization service for KVM and VMware ESX multi- hypervisor data center applications. Expected in fall 2014, the initial version is an enhanced OpenStack-technology module in HP Helion OpenStack. Centrally orchestrated virtual LAN (VLAN) or VXLAN-based virtual networks provide multitenant isolation. The HP VAN Resource Automation Manager is designed to increase
204-421: A commercial controller, and virtual switching and tap monitoring applications. In February 2012, HP said it is supporting the standard on 16 of its Ethernet switch products. In April 2012, Google 's Urs Hölzle described how the company's internal network had been completely re-designed over the previous two years to run under OpenFlow with substantial efficiency improvement. In January 2013, NEC unveiled
255-480: A configurable lifespan, which are then deployed to a switch's flow table, leaving the actual forwarding of matched packets to the switch at wire speed for the duration of those rules. Packets which are unmatched by the switch can be forwarded to the controller. The controller can then decide to modify existing flow table rules on one or more switches or to deploy new rules, to prevent a structural flow of traffic between switch and controller. It could even decide to forward
306-456: A cost-efficient, consistent architecture, according to published reports. Four product groups make up the architecture: FlexFabric, for data centers with physical and virtual environments composed of converged computing, storage, and networking resources; FlexCampus, for converged wired and wireless networks; FlexBranch, for providing branch offices with networking and security; and Flex Management, which provides one unified management interface for
357-749: A distributed device. According to published reports, IRF simplifies switch configuration and management, providing horizontal scaling that reduces network hops and delivering support for technology such as Shortest Path Bridging (SPB) and transparent interconnection of lots of links ( TRILL ). Unified communications (UC) products integrate multiple interactive, real-time enterprise communication methods, such as instant messaging , desktop sharing , and telephony with non-real-time communication services such as unified messaging (integrated voicemail , e-mail , SMS , and fax ). UC products can enable administrators to control and manage these methods. The HP Network Optimizer SDN Application for Microsoft Lync functions as
408-455: A lifetime warranty on some of its products with next business day advanced shipment. This was seen as a Unique Selling Point , until other networking vendors offered similar warranty on part of their product lines. The HP Enterprise Business Community page provides resources for HP Networking users, including announcements, tips, and tricks, community feedback and suggestions, and events. Forums include discussion boards and blogs. HP Networking
459-488: A more efficient and reliable data center infrastructure. An SDN controller serves as the core of an SDN network, managing flow controls based on protocols such as OpenFlow, and relaying communications between applications and network devices. In 2012, HP introduced the Virtual Application Networks (VAN) SDN OpenFlow controller, which is available in a software format. The HP SDN Manager application
510-581: A network bottleneck and enable mobile voice over Internet Protocol (VoIP), video, and other rich media apps. HP offers a pay-per-use cloud service model designed for small and mid-sized businesses and distributed offices. The HP Cloud Managed Network Wireless LAN solution is designed to enable organizations to manage wireless infrastructure without having to have an on-premises controller. The HP Cloud Managed Network Wireless LAN works only with HP 300 series Cloud-Managed access points, which provide cloud management capabilities for distributed organizations. In
561-619: A range of products for businesses, schools, and government entities. HP Networking Training covers product-, solution-, and sales-oriented topics. The HP ExpertOne program networking training and certification program covers a range of networking curricula, from beginning-level courses to Master engineer classes, on three separate tracks: technical, sales, and partner-restricted. Fast-track programs are designed for participants to build upon current industry certifications from Cisco and other companies. In early 2014, HP initiated eight new sales certifications for its technology partners, designed to lower
SECTION 10
#1732787998615612-543: A single physical site. The technology is designed to make networks faster and more flexible, scalable, and reliable. Virtualization enables administrators to run multiple operating systems and multiple applications simultaneously on one server. It is the technology that underlies cloud computing. At HP Discover in June 2014, HP announced the Virtual Cloud Networking (VCN) SDN Application, which provides
663-403: A single, open protocol. The protocol's inventors consider OpenFlow an enabler of software-defined networking (SDN). OpenFlow allows remote administration of a layer 3 switch's packet forwarding tables, by adding, modifying and removing packet matching rules and actions. This way, routing decisions can be made periodically or ad hoc by the controller and translated into rules and actions with
714-562: A superset of both NT ACLs and POSIX draft ACLs. Samba supports saving the NT ACLs of SMB-shared files in many ways, one of which is as NFSv4-encoded ACLs. Microsoft 's Active Directory service implements an LDAP server that store and disseminate configuration information about users and computers in a domain. Active Directory extends the LDAP specification by adding the same type of access-control list mechanism as Windows NT uses for
765-525: A traditional three-tier, hierarchical model provide built-in redundancy, but this design can be inefficient for virtualized environments. The flat layout of the HP FlexNetwork Architecture is designed to provide more agility to the network and to support functionality such as virtualization, convergence, and automation. HP FlexNetwork Architecture unites an organization's networks in the data center, campus, and branch offices through
816-489: A typical ACL specifies a subject and an operation. For instance, Many kinds of operating systems implement ACLs or have a historical implementation; the first implementation of ACLs was in the filesystem of Multics in 1965. A filesystem ACL is a data structure (usually a table) containing entries that specify individual user or group rights to specific system objects such as programs, processes , or files. These entries are known as access-control entries (ACEs) in
867-450: A unified BYOD solution that includes an SDN security application, which provides real-time threat detection and simplifies operations, reducing costs by up to 38 percent, according to published reports. The HP IMC Smart Connect includes integrated mobile network–access control to manage enterprise access to mobile devices. To help administrators oversee the use of mobile devices on enterprise networks, HP has integrated into IMC support for
918-800: A unified communications-and-collaboration (UC&C) application that is designed to improve voice quality with Lync; in March 2014 it received a NetEvents Cloud Innovation award in the category of SDN Solution for the Enterprise. Companies engage networking professional services to help them plan how to build networks that support their business needs. HP Trusted Network Transformation is designed to help organizations that want to use private cloud. These networking professional services include workshops, consultation, network assessment, and architectural design services involving network virtualization and SDN. Hewlett Packard Enterprise through Aruba Networks sells
969-543: A virtual switch for Microsoft 's Windows Server 2012 Hyper-V hypervisor , which is designed to bring OpenFlow-based software-defined networking and network virtualisation to those Microsoft environments. Access control list In computer security , an access-control list ( ACL ) is a list of permissions associated with a system resource (object or facility). An ACL specifies which users or system processes are granted access to resources, as well as what operations are allowed on given resources. Each entry in
1020-666: Is designed to provide virtual network overlays to the OpenStack technology open source cloud computing software, serving as a bridge between the HP Helion OpenStack cloud computing platform and the HP VAN SDN controller. According to published reports, the HP VCN SDN Application will help organizations transition from legacy networks to the cloud. Mobility/bring your own device (BYOD) refers to
1071-667: Is intended to allow administrators to configure, monitor, and manage policies for SDN switches and controllers. In 2013, HP introduced its SDN Developer Kit and announced the SDN App Store, as well as integration with VMware NSX. The SDN App Store can be used to browse, search, purchase, and download SDN applications onto the HP VAN SDN Controller. HP certifies that applications offered in the SDN App Store will function reliably on HP network infrastructure. New HP network applications will be run on or integrated with
SECTION 20
#17327879986151122-687: Is seeking to compromise security of the system which the access-control list is protecting. Both individual servers and routers can have network ACLs. Access-control lists can generally be configured to control both inbound and outbound traffic, and in this context they are similar to firewalls . Like firewalls, ACLs could be subject to security regulations and standards such as PCI DSS . ACL algorithms have been ported to SQL and to relational database systems . Many "modern" (2000s and 2010s) SQL -based systems, like enterprise resource planning and content management systems, have used ACL models in their administration modules. The main alternative to
1173-606: The open-source standard OpenFlow upon which SDN is based. HP is a founding member of the nonprofit Open Networking Foundation . Organized in March 2011, the foundation provides support for SDN and manages the OpenFlow standard. HP is also a founding member of the Open Daylight Project , which was announced on April 8, 2013, by the Linux Foundation as an industry-supported collaboration to further
1224-572: The ACL model is the role-based access-control (RBAC) model. A "minimal RBAC model", RBACm , can be compared with an ACL mechanism, ACLg , where only groups are permitted as entries in the ACL. Barkley (1997) showed that RBACm and ACLg are equivalent. In modern SQL implementations, ACLs also manage groups and inheritance in a hierarchy of groups. So "modern ACLs" can express all that RBAC express and are notably powerful (compared to "old ACLs") in their ability to express access-control policy in terms of
1275-507: The ACL on an object. One of the first operating systems to provide filesystem ACLs was Multics . PRIMOS featured ACLs at least as early as 1984. In the 1990s the ACL and RBAC models were extensively tested and used to administer file permissions. POSIX 1003.1e/1003.2c working group made an effort to standardize ACLs, resulting in what is now known as "POSIX.1e ACL" or simply "POSIX ACL". The POSIX.1e/POSIX.2c drafts were withdrawn in 1997 due to participants losing interest for funding
1326-542: The Citrix XenMobile and MobileIron mobile device management applications. In March 2014, HP renamed its SDN BYOD security application from Sentinel to Network Protector. HP Network Protector sits on top of the HP SDN VAN Controller. When employees use mobile devices to download files or stream rich media applications such as video, the network traffic can consume much of the bandwidth on
1377-553: The HP VAN SDN Controller and made available through the SDN App Store. In 2014, HP was producing more than 50 models of OpenFlow-enabled switches, including the FlexFabric 7900 switch series, which is optimized for SDN deployment. The FlexFabric 12900 switch series, also optimized for SDN deployment, was awarded SearchNetworking's Network Innovation Award in December 2013. The HP Virtual Cloud Networking (VCN) SDN Application
1428-478: The Microsoft Windows NT , OpenVMS , and Unix-like operating systems such as Linux , macOS , and Solaris . Each accessible object contains an identifier to its ACL. The privileges or permissions determine specific access rights, such as whether a user can read from, write to, or execute an object. In some implementations, an ACE can control whether or not a user, or group of users, may alter
1479-583: The NFSv4 standard. There are two experimental implementations of NFSv4 ACLs for Linux: NFSv4 ACLs support for Ext3 filesystem and the more recent Richacls , which brings NFSv4 ACLs support for Ext4 filesystem. As with POSIX ACLs, NFSv4 ACLs are usually stored as extended attributes on Unix-like systems. NFSv4 ACLs are organized nearly identically to the Windows ;NT ACLs used in NTFS . NFSv4.1 ACLs are
1530-478: The NTFS filesystem. Windows 2000 then extended the syntax for access-control entries such that they could not only grant or deny access to entire LDAP objects, but also to individual attributes within these objects. On some types of proprietary computer hardware (in particular, routers and switches ), an access-control list provides rules that are applied to port numbers or IP addresses that are available on
1581-515: The OpenFlow protocol was released on 28 February 2011, and new development of the standard was managed by the ONF. In December 2011, the ONF board approved OpenFlow version 1.2 and published it in February 2012. The current version of OpenFlow is 1.5.1. However, version 1.6 has been available since September 2016, but accessible only to ONF's members. In May 2011, Marvell and Larch Networks announced
OpenFlow - Misplaced Pages Continue
1632-632: The ProCurve Networking Business (PNB). The trademark filing date for the ProCurve name was February 25, 1998. On August 11, 2008, HP announced the acquisition of Colubris Networks, manufacturer of wireless capabilities, such as 802.11n . This completed on October 1, 2008. On November 11, 2009, HP announced its intent to acquire 3Com Corporation for $ 2.7B. In April 2010, HP completed its acquisition. In April 2010, following HP's acquisition of 3Com Corporation, HP combined
1683-605: The ProCurve and 3Com entities as HP Networking. On May 19, 2015, HP completed the acquisition of Aruba Networks and subsequently moved all its networking business into the Aruba Networking entity. Network architecture encompasses the entire framework of an organization's computer network, including hardware components that are used for communication, network layout and topologies , physical and wireless connections, and cabling and device types, as well as software rules and protocols. The core and aggregation layers of
1734-860: The availability of an OpenFlow-enabled, fully featured switching solution based on Marvell's networking control stack and the Prestera family of packet processors . Indiana University in May 2011 launched a SDN Interoperability Lab in conjunction with the ONF to test how well different vendors' software-defined networking and OpenFlow products work together. In June 2012, Infoblox released LINC, an open-source OpenFlow version 1.2 and 1.3 compliant software switch. In February 2012, Big Switch Networks released Project Floodlight , an Apache-licensed open-source software OpenFlow Controller, and announced its OpenFlow-based SDN Suite in November of that year, which contains
1785-459: The company’s core network . One way to reduce the impact of this increased traffic is to create a separate guest network for mobile devices that is completely segregated from the corporate network, and to set network access control (NAC) policies that limit access to certain sites. In addition to the VAN SDN controller, HP provides a number of SDN products that can help reduce the occurrence of
1836-499: The cost and simplify the training process by narrowing the focus and making the certifications more specific, though no less deep. The new certifications are role-based. In January 2009, Hewlett Packard launched the ProCurve Open Network Ecosystem (ONE) Alliance, and a programmable module which hosts partner applications from IP telephony to network management This multivendor alliance program objective
1887-703: The entire FlexNetwork and includes the HP Intelligent Management Center (IMC). The HP Intelligent Resilient Framework (IRF) software virtualization technology is designed to provide rapid recovery from failure to the FlexNetwork, and to improve vMotion performance in VMware environments. The focus by enterprise data center networking technologies on virtualization has caused organizations' networks to become more automated and simplified. Several factors are driving these changes:
1938-767: The entity within HP which offered networking products was called HP Networking. HP's networking division was previously known as HP ProCurve . The HP division that became the HP ProCurve division began in Roseville, CA, in 1979. Originally it was part of HP’s Data Systems Division (DSD) and known as DSD-Roseville. Later, it was called the Roseville Networks Division (RND), then the Workgroup Networks Division (WND), before becoming
1989-549: The event of a loss of connectivity to a cloud management service, the access points can keep a local wireless network up and running, allowing businesses to continue to operate. The HP 870 Unified Wired-WLAN Appliance is designed to help administrators bridge the gap between wired and wireless networks. According to published reports, the appliance simplifies management and access and supports up to 30,000 communication endpoints . The HP 850 Unified Wired-WLAN Appliance supports up to 10,000 endpoints. Network virtualization involves
2040-541: The extended attributes of a file on these systems. NFSv4 ACLs are much more powerful than POSIX draft ACLs. Unlike draft POSIX ACLs, NFSv4 ACLs are defined by an actually published standard, as part of the Network File System . NFSv4 ACLs are supported by many Unix and Unix-like operating systems. Examples include AIX , FreeBSD , Mac OS X beginning with version 10.4 (" Tiger "), or Solaris with ZFS filesystem, support NFSv4 ACLs, which are part of
2091-681: The forwarding plane of network devices such as switches and routers, both physical and virtual (hypervisor-based). It is the absence of an open interface to the forwarding plane that has led to the characterization of today's networking devices as monolithic, closed, and mainframe-like. A protocol like OpenFlow is needed to move network control out of proprietary network switches and into control software that's open source and locally managed. A number of network switch and router vendors announced intent to support or are shipping supported switches for OpenFlow, including Alcatel-Lucent , Big Switch Networks, Brocade Communications , and Radisys . Version 1.1 of
OpenFlow - Misplaced Pages Continue
2142-437: The open development of SDN and Network Functions Virtualization . Other founding members include Arista Networks, Big Switch Networks, Brocade, Cisco, Citrix, Ericsson, IBM, Juniper Networks, Microsoft, NEC, Nuage Networks, PLUMgrid, Red Hat, and VMware. Because OpenFlow is based on open standards, there is little risk of vendor lock-in when using OpenFlow-enabled products. It is claimed that networks using SDN will result in
2193-639: The practice of employees using their privately owned mobile devices such as laptops , tablet computers , and smartphones for work purposes. This practice allows employees to perform work functions from these devices both in the office and remotely, increasing working satisfaction and boosting productivity, according to a study by IBM. Wired and wireless network technologies enable organizations to provide connectivity for these mobile devices throughout an office space. To provide wired and wireless access, legacy IT infrastructure requires two individual networks, each with its own management applications. HP provides
2244-486: The process of combining available resources in a network by dividing available bandwidth into independent channels that can be dynamically assigned to a specified device or server. The hardware and software network functionality and resources can be merged into one software-based administrative entity. Network virtualization enables the automation of many network management tasks, and allows the network administrator to centrally manage files, images, programs, and folders from
2295-592: The project and turning to more powerful alternatives such as NFSv4 ACL. As of December 2019 , no live sources of the draft could be found on the Internet, but it can still be found in the Internet Archive . Most of the Unix and Unix-like operating systems (e.g. Linux since 2.5.46 or November 2002, FreeBSD , or Solaris ) support POSIX.1e ACLs (not necessarily draft 17). ACLs are usually stored in
2346-502: The protocol to manage the network forwarding elements. OpenFlow is mainly used between the switch and controller on a secure channel. The Open Networking Foundation (ONF), a user-led organization dedicated to promotion and adoption of software-defined networking (SDN), manages the OpenFlow standard. ONF defines OpenFlow as the first standard communications interface defined between the control and forwarding layers of an SDN architecture. OpenFlow allows direct access to and manipulation of
2397-665: The recognition by IT that network operations can be aligned with an organization's business goals; the request from an organization's leaders for the data center to respond rapidly to variations in demand; changes in application network traffic patterns; and changes in size and density of the data center, due to some services being offloaded to cloud computing resources, greater compute density, and an increased use of virtual technology. In turn, these changes have led to an increased demand for software-defined networking (SDN)technology from organizations. In 2007, HP collaborated with Stanford University to develop Ethane, an early version of
2448-407: The speed at which network services are rolled out by improving service deployment and provisioning accuracy, providing policy-driven resource management from access to core, according to published reports. The HP IRF software virtualization technology is intended to allow administrators to connect multiple devices through physical IRF ports, configure the devices, and then virtualize those devices into
2499-552: The traffic itself, provided that it has told the switch to forward entire packets instead of just their header. The OpenFlow protocol is layered on top of the Transmission Control Protocol (TCP) and prescribes the use of Transport Layer Security (TLS). Controllers should listen on TCP port 6653 for switches that want to set up a connection. Earlier versions of the OpenFlow protocol unofficially used port 6633. Some network control plane implementations use
2550-665: The way in which administrators view organizations. For data interchange, and for "high-level comparisons", ACL data can be translated to XACML . HP Networking Hewlett Packard Enterprise Networking (abbreviated as HPE Networking ) is the Networking Products division of Hewlett Packard Enterprise ("HP"). HPE Networking and its predecessor entities have developed and sold networking products since 1979. Currently, it offers networking and switching products for small and medium sized businesses through its wholly owned subsidiary Aruba Networks . Prior to 2015,
2601-622: Was to optimize performance of enterprise-class applications with the then ProCurve's (now HP Networking) infrastructure. In April 2010, HP combined the ProCurve ONE alliance program with the programs from 3Com and Tipping Point, and programs from the rest of HP's Enterprise Business to create a new program called HP AllianceOne. The HP Networking Specialization program of HP AllianceOne works with alliance partners who develop applications or services that capitalize on integrated network capabilities for business purposes. HP Networking provides
SECTION 50
#1732787998615#614385