ISS WORLD 2010 - Conference Agenda

About Track 4 - DPI for Lawful Interception, Network Security and Traffic Management

The full agenda for track 4 is below. For information on any other track, please click the links below.

Track 1: ISS for Telecom Operator Lawful Interception
Track 2: ISS for Criminal Investigation
Track 3: ISS for Mobile Location, Surveillance and Intercept
Track 4: DPI for Lawful Interception, Network Security and Traffic Management
Track 5: ISS for Intelligence Gathering and Analysis
Track 6: Special OSINT Sessions: Naked Intelligence
Track 7: LEA, Intelligence and Defense Analyst Training and Product Demonstration Track
Track 8: Spanish Language ISS Training Track
Pre-Conference Tutorials (11 October 2010)

Track 4: DPI and Intelligent Probes for Lawful Interception,

Network Security and Traffic Management

This track is for telecom operators, law enforcement, intelligence analysts or just about anyone who has to understand Deep Packet Inspection (DPI) technologies, product availability, applications and legal issues facing telecom operators who deploy DPI infrastructure

Tuesday, October 12, 2010

3:30-4:30

Best DPI Deployment Practices for LI, Network Security and Traffic Management Guru Panel
Kevin Graves, CTO, IP Fabrics
Mike Coward, Chief Technology Officer & Co-Founder, Continuous Computing
Joel Ebrahimi, Solutions Engineer, Bivio Networks
Aubrey Merchant-Dest, Consulting Engineer, Qosmos
Chuck Meyo, Vice President, Federal Government Team, Narus
Klaus Mochalksi, CEO, ipoque
Dr. Parag Pruthi, Founder and CEO, NIKSUN

Wednesday, October 13, 2010

8:30-9:00	Cyber Defense in Depth: Using DPI & Network Intelligence to Build a Second Line of Defense The Challenges of Government Cyber Security Cyber threats and limitations of COTS solutions Adding a second line of cyber defense, leveraging Network Intelligence and human expertise Examples of technical implementations Aubrey Merchant-Dest, Consulting Engineer, Qosmos
9:00-9:30	DPI at 100G: System Architectures and Tips for Coping with the Data Flood Mike Coward, Chief Technology Officer & Co-Founder, Continuous Computing
10:00-10:30	Intelligent Monitoring of Communications Applications Hosted on the ‘Outside’ With an increasing number of communications applications hosted outside a given organization’s domain, organizations can no longer rely on internal servers to provide communications logs or forensics information. In these cases, the best solution is to use intelligent probes to monitor the communications at the application level and generate the desired log information (e.g., CRD/IPDR). This session will explore the basic concepts and look at several applications of this approach, including monitoring secure networks for internet threat activity as well as monitoring communications hosted outside of national domains. Kevin Graves, CTO, IP Fabrics
10:30-11:00	DPI and Intelligent Probes for Lawful Interception, Network Security and Traffic Enforcement In today’s rapidly evolving IP world, managing cyber security threats is rife with challenges. In addition to the ever-expanding sources of threats, they are now dynamic in nature with malicious content embedded deeper within the communications flows. Today’s cyber security solutions need more comprehensive and intelligent data inspection capabilities as well as proactive integration to other threat mitigation systems. Session attendees will learn how next-generation deep packet inspection-enabled intelligent probes significantly strengthen threat mitigation solutions, delivering increased cyber security protection to service providers and government agencies alike Joel Ebrahimi, Solutions Engineer, Bivio Networks
11:30-12:00	DPI and Network Security Platforms: Commercial Off-The-Shelf (COTS) versus Custom Platforms Mike Coward, Chief Technology Officer & Co-Founder, Continuous Computing
12:00-12:30	Evolving x86-Based Architectures for 40 Gbps Deep Packet Inspection Designs As networks evolve to 10- and 40-Gigabit Ethernet, network and security application vendors require that regular expression (RegEx) and signature matching for deep packet inspection (DPI) scale to increased bandwidths. Appliance manufacturers are frequently confronted with the decision to integrate embedded RegEx hardware or leverage next generation IA/x86 CPUs for RegEx processing and DPI. These architectures alone, however, struggle to provide the required network processing and intelligence at 40 Gbps traffic rates, leaving processing components under utilized. To overcome these challenges a heterogeneous multicore architecture, coupling workload-specific network flow processing and x86 application and control plane processing, is required. This architecture enables network co-processing to take responsibility for network I/O, scalable flow processing at line-rate, and intelligent flow dispatching to DPI engines. This presentation will explore the heterogeneous architecture and describe the functions of each component by citing real-world examples and describe the functions of each component by citing real-world examples supported by quantitative CPU, throughput, and power results. Robert Truesdall, Netronome
1:30-2:00	Smart Placement of DPI Full-Decode Probes The future of lawful interception belongs to application-aware DPI and decode probes. While these probes are no magic wand, they will greatly contribute to solving many of today's most pressing LI challenges. Placed at the right location in the network, they will provide high-quality, highly relevant input ot backend LI systems. As an additional benefit, they can be used to increase the visibility of Internet user behavior for network operators. Klaus Mochalski, CEO, ipoque
2:00-2:30	Network Surveillance: Protecting Critical Assets Dr. Parag Pruthi, Founder and CEO, NIKSUN

Return to Agenda