A couple of days ago Cisco announced a vulnerability in some of their NetFlow appliances. The vulnerability itself was not especially grave: an error in processing certain SCTP packets could be abused to remotely hang or reboot the appliance. The SCTP protocol is not widely used, and that is, most likely, one of the reasons why such a vulnerability stayed undetected for a long time.
Just last month, a major cyberattack brought down the likes of Twitter, Soundcloud, Spotify and Airbnb for a few hours. Interestingly, rather than directly attacking the infrastructure of these companies, the assault targeted the domain name system (DNS) host Dyn, which is relied upon by the sites above. This is how a single attack could bring down so many sites at once.
(As you may already know, DNS a bit like the yellow pages of the Internet - but rather than mapping people's names to phone numbers, it maps domain names to IP addresses, which computers require to communicate. Hence, if the DNS provider of a site is down, it cannot be accessed by its users.)
One might imagine that pulling off an attack of this magnitude would require extreme sophistication. In practice, the disruption was caused by a rather rudimentary Distributed Denial of Service (DDoS) attack that overwhelmed the DNS servers of the aforementioned sites.
It's been three years since Talaia Networks was born. During this time, a lot has happened.
Talaia started as a vehicle to commercialize the research of the Broadband Communications research group of UPC-BarcelonaTech. Long story short, our cloud-based NetFlow collector took off as our main product. Fast forward to today: we are now growing quickly with customers all around the world. We believe now is the right time to rethink our brand and prepare it for the future.
Any router vendor worth its salt supports NetFlow (or IPFIX, or sFlow, or compatible protocols). However, in practice, sometimes NetFlow is simply not available. In our experience, this happens for two main reasons:
- A consumer-grade router is installed in a small office or remote location.
- A suitable router that does implement NetFlow is available, but it is externally managed, and the service provider won’t enable it, because it’s out of the scope of their contract.
Either way, because of a technical limitation or otherwise, how does one go about gaining network visibility in such a scenario? In this post, we propose a simple, inexpensive solution to add NetFlow to an existing network, and send this NetFlow to Talaia‘s collector.
We at Talaia have been working on a new product line that we are publicly presenting today in this blog post. This new product line is Talaia Platform. It is geared at Managed Service Providers and Internet Service Providers, as well as transit networks and traffic exchange operators.
We are very proud to announce that we have been awarded a SME instrument (Phase 1) grant by the European Commission. These projects are in line with the efforts of the European Commission to find “Europe’s next innovation leaders”.
These days have been hectic as we (Talaia Networks) helped organize, together with researchers from UPC-BarcelonaTech, the 7th International Workshop on Traffic Monitoring and Analysis (TMA-2015). Our Chairman Pere Barlet will kickstart the workshop with an opening speech next Thursday 23rd, 9:30am.
TMA has come a long way since its first edition. It was co-located with IFIP Networking in 2009, European Wireless Conference in 2011, Passive and Active Measurement Conference (PAM) in 2010 and 2012. It is a well-established workshop by now, and it has broadened its scope to all aspects related to network measurements, covering the entire network stack, up to the application layer. Topics of relevance to the workshop thus include: the measurement of cloud services, content distribution networks, social networks, and mobile applications and data centers, as well as other topics traditionally explored within the research comunity, such as traffic classification, anomaly detection, network performance evaluation and traffic analysis.
As you may or may not know, we commercialize a product called Talaia. Very simply put, it is a network visibility solution that receives traffic summaries from routers via a protocol called NetFlow, and from this information it builds the picture of what is happening in customer networks.