Whopper Tacos

Ops, Security, Efficiency

OpenBSD - Using Hierarchical Protection Domains for Network Security

| Comments

Some time ago I worked with Reyk Floeter on the ininitial implementation of a new datacenter network during my time at one of the more well-known Information Security vendors. Reyk had this phenomenal idea for the network structure that seemed to simple it was one of those “why didn’t I think of that” ideas. So after we deployed, I looked over the net and couldn’t really find docs of people doing this, so I wrote a really short paper and some basic slides on it and presented at LOPSA PICC ‘11. I kind of suck at presenting, but this topic is actually super easy to understand, so I was able to get my ideas out fast and then answer a lot of questions. Anyways, this paper came up in an IRC chat tonight and I figured I should post a link to it, here ya go.