defense communications as a scarce resource
DESCRIPTION
Defense Communications as a Scarce Resource. Sandeep K. Singhal, Ph.D Director, Windows Networking Microsoft Corporation. Agenda. Trends in enterprise networking Windows networking vision and roadmap Windows Vista and Windows Server 2008: Features at a glance Collaboration with MoD - PowerPoint PPT PresentationTRANSCRIPT
Defense Communications as a Scarce Resource
Sandeep K. Singhal, Ph.DDirector, Windows Networking
Microsoft Corporation
Agenda
• Trends in enterprise networking• Windows networking vision and roadmap• Windows Vista and Windows Server 2008:
Features at a glance• Collaboration with MoD• Looking into the future• Summary
Trends in Enterprise Networking
Trends in Enterprise Networking
Trends in Enterprise Networking
Trends in Enterprise Networking
Windows Networking Vision: Secure Seamless Network
IPsec Isolation
Elements of a Secure, Seamless Network
• End to end connectivity over the Internet using IPv6• All communications authenticated using end to end IPsec
– Connection-by-connection – Access controlled by identity
• Trust boundaries defined by policy instead of topology – Traffic management at the edges
• Network access protection (NAP) systems keeps systems healthy and protected from unhealthy systems
• Existing applications just work
Policy-based secure access to resources from anywhere
Windows Networking Roadmap
Windows Vista and Windows Server 2008: Networking Features At A Glance
Trend Problem Vista/WS08 Impact
Server consolidation and growth of data centers
Slow data replication between data centers despite high speed connectivity
Compound TCP enables data transfers at multi-gigabit speeds
200% increase in replication speed between Microsoft Redmond and Bay Area data centers
Increasing network load limiting server scalability
Built-in hardware offload and CPU load balancing for network traffic
50% increase in web requests/sec on same hardware (as measured by webbench)
Windows Vista and Windows Server 2008: Networking Features At A Glance
Trend Problem Vista/WS08 Impact
Remote andMobile workforce
High latency limits network performance in branch offices
Automatic tuning to optimize for WAN links
• File copy speed from US to Microsoft Australia increased by 1000%
• DCE* testing showed 200% improvement over 2Mbps satellite links
Network losses limit throughput on WLAN, WWAN
Loss detection and automatic recovery
• Loss recovery time reduced by 40% over satellite links in DCE testing
Mobile PCs expose enterprise networks to viruses as they roam between networks
Network access protection (NAP) solutions
• IT security compliance increased by 80% after deploying NAP on Microsoft network
*Defense Communications Efficiency: Joint project between Microsoft and UK MoD
Windows Vista and Windows Server 2008: Networking Features At A Glance
Trend Problem Vista/WS08 Impact
Remote andMobile workforce
Overlapping private addresses make remote management hard
Full IPv6 support enabled end to end connectivity
• IPv6 enabled throughout Microsoft by deploying only few new servers
Ad-hoc collaboration in war zones, conferences hard in absence of infrastructure setup
Windows Meeting Space allows sharing presentations, files, notes
• Windows Meeting Space widely used within Microsoft for ad-hoc collaboration
Hard to deploy quality of service solutions to manage expensive WAN resources
Policy based enterprise QoS (eQoS)
• eQoS deployed on Microsoft WAN links with existing router hardware to prefer certain app traffic
Windows Vista and Windows Server 2008: Networking Features At A Glance
Trend Problem Vista/WS08 Impact
Security Mobility and de-perimeterization increasing threat surface
Server and domain isolation (SDI) solutions enable policy based security solutions
Universidade de Vila Velha (UVV) deployed SDI to increase security and simplify management
Security policy management hard to deploy and manage
-Group policy based SDI deployment solution-IPsec management integrated with Windows Firewall
City of Sopporo, Japan deployed SDI with Nil cost for 12000 users across 870 different departments
Case Study:Defense Communication Efficiency
Case Study:Defense Communication Efficiency
•Engagement continuing beyond Windows Server 2008/Windows Vista
•Several areas identified such as IPv6, compression, QoS•Framework for managing IP: Facilitates free flow of ideas and testing results
Looking into the Future• Remote work
– Easy and reliable network access from anywhere– Better manageability of mobile PCs– Extend Intranet NAP and isolation to remote worker
• Branch offices– Further efficiency in fetching data over WAN links– Preserve end to end security solutions
• Security domains– Easier deployment– Easier management– Easier support
Summary
Backup
LabGuest
Windows Networking Vision: Secure Seamless Networks
• Internet IS your network• Applications just work• All communications authenticated
– Connection-by-connection – Access controlled by identity
• Trust boundaries defined by policy instead of topology
– Traffic management at the edges– Network Immune Systems
IPsec isolationIPsec isolation
