Keith Lehigh: Multi-Gigabit Intrusion Detection with OpenFlow and Commodity Clusters


Law 335 | Noon

Multi-gigabit network connections are proliferating, and commercial monitoring solutions can be prohibitively expensive for budget-constrained institutions. This talk will describe a cost-effective and open-source approach using OpenFlow load-balancing switches and a cluster of commodity hardware.

About the presenter: Keith Lehigh has worked for the UISO since 2009 and is primarily focused on network security monitoring. He is a GIAC Certified Intrusion Analyst and GIAC Certified Incident Handler. He has built and deployed one of the largest Bro Clusters in operation. Before coming to UISO, Keith worked for Research Technologies @ IU doing security, system administration and support. While working for RT he did sysadmin work in such varied places as Greenland and Antarctica.