SciPass: IDS Load Balancer & Science DMZ

SciPass is an OpenFlow application designed to help network security scale to 100Gbps.  In its simplest mode of operation, SciPass turns an OpenFlow switch into an IDS load balancer capable of considering sensor load in its balancing decisions.  When operating in Science DMZ mode, SciPass uses Bro to detect "good" data transfers and programs bypass rules to avoid forwarding through institutional firewalls, improving transfer performance and reducing load on IT infrastructure.

SciPass: Normal Traffic Flow

SciPass: Normal Traffic Flow

SciPass: Bypass

Capabilities:

Currently, this application is designed to work with any OpenFlow 1.0 Switch which supports multiple output actions and combined layer2 and layer3 header matching.  We expect to support 1.3 in the next year depending on vendor availability etc.  SciPass provides the features needed to deploy as a load balancer for an Inline or passive IDS cluster, in addition to its ability to provide the basis for a Science DMZ.   At its heart SciPass is an interactive load balancer,  On top of this core function, SciPass provides a set of web services that are typcially used by IDS sensors or other system to guide forwarding behavior.

Current Features include: 

  • Sensor Load Report API - sensors can report their load which lets scipass adjust volume of traffic sent to that sensor
  • Blacklist API - Used to define traffic which should be dropped at the switch
  • FastPath API - used to define the traffic which is good and thus should not traverse the firewall or IDS sensor.
  • IDS load balancer -  Balancing of traffic across sensors based on traffic dynamics and sensor load.
  • CLI - for administration and troubleshooting

Compatible Switches

Vendor Model SW Revision
Brocade MLXe 5.6.0dc
IBM G8264

7.11.4

Dell S4048-ON

OS9

Mellanox SN2700

3.6.2002

This table contains the set of switches and firmware we know to work sufficiently well with SciPass.  Click the Vendor link to see our basic usage notes for each.

For questions or to get involved please contact scipass-users@grnoc.iu.edu or join our list at https://mail1.grnoc.iu.edu/mailman/listinfo/scipass-users 

SciPass is Distributed under the Apache 2 License and is Copyright 2015 Indiana University