Preliminary program
Customer Edge Switching (CES) is a novel network architecture aiming to improve Internet
security by admitting all traffic only after policy negotiation between the receiver and the
sender. CES introduces customer network edge nodes that execute the policies defined by the
receiver and the sender. A CES node is a replacement of a Network Address Translator
making it possible to unilaterally initiate flows to hosts in a private address space. It is also a
cooperative stateful firewall that, in addition to admitting and dropping flows based on local
rules, can make additional queries before the final admit/drop decision. All aspects of CES
are policy controlled.
We propose to introduce CES as a part of 5G networking functionality. The justification is
that 5G is expected to provide ultra-reliable communications in particular for machine-tomachine.
The argument is that no network where legitimate services can fail due to malicious
activity can be ultra-reliable. Malicious activity is inherently unpredictable. Therefore, the
reliability of network service under failures due to malicious activity is undefined: one cannot
even put a number on it.
The tutorial explains and demonstrates the concepts, the algorithms and the testing results of
Customer Edge Switching and Real Gateway developed at the Comnet/ Aalto University. Our
implementation is geared to comply with the concept of Software Defined Networking (SDN)
and uses OpenFlow between the Control and the Data planes.
Organisers
Prof. Raimo Kantola, Aalto University, Finland
Jesus Llorente Santos, Aalto University, Finland
Hammad Kabir, Aalto University, Finland
