Automation for network security configuration: state of the art and research trends
The size and complexity of modern computer networks are progressively increasing, as a
consequence of novel architectural paradigms such as the Internet of Things and network …
consequence of novel architectural paradigms such as the Internet of Things and network …
A general approach to network configuration verification
We present Minesweeper, a tool to verify that a network satisfies a wide range of intended
properties such as reachability or isolation among nodes, waypointing, black holes …
properties such as reachability or isolation among nodes, waypointing, black holes …
Safely and automatically updating in-network acl configurations with intent language
In-network Access Control List (ACL) is an important technique in ensuring network-wide
connectivity and security. As cloud-scale WANs today constantly evolve in size and …
connectivity and security. As cloud-scale WANs today constantly evolve in size and …
Learning to configure computer networks with neural algorithmic reasoning
L Beurer-Kellner, M Vechev… - Advances in Neural …, 2022 - proceedings.neurips.cc
We present a new method for scaling automatic configuration of computer networks. The key
idea is to relax the computationally hard search problem of finding a configuration that …
idea is to relax the computationally hard search problem of finding a configuration that …
{NetComplete}: Practical {Network-Wide} configuration synthesis with autocompletion
A El-Hassany, P Tsankov, L Vanbever… - 15th USENIX Symposium …, 2018 - usenix.org
Network operators often need to adapt the configuration of a network in order to comply with
changing routing policies. Evolving existing configurations, however, is a complex task as …
changing routing policies. Evolving existing configurations, however, is a complex task as …
Validating datacenters at scale
We describe our experiences using formal methods and automated theorem proving for
network operation at scale. The experiences are based on developing and applying the …
network operation at scale. The experiences are based on developing and applying the …
Reachability analysis for AWS-based networks
Cloud services provide the ability to provision virtual networked infrastructure on demand
over the Internet. The rapid growth of these virtually provisioned cloud networks has …
over the Internet. The rapid growth of these virtually provisioned cloud networks has …
{Config2Spec}: Mining network specifications from network configurations
Network verification and configuration synthesis are promising approaches to make
networks more reliable and secure by enforcing a set of policies. However, these …
networks more reliable and secure by enforcing a set of policies. However, these …
Practical intent-driven routing configuration synthesis
S Ramanathan, Y Zhang, M Gawish… - … USENIX Symposium on …, 2023 - usenix.org
Configuration of production datacenters is challenging due to their scale (many switches),
complexity (specific policy requirements), and dynamism (need for many configuration …
complexity (specific policy requirements), and dynamism (need for many configuration …
Making Network Configuration Human Friendly
This paper explores opportunities to utilize Large Language Models (LLMs) to make network
configuration human-friendly, simplifying the configuration of network devices and …
configuration human-friendly, simplifying the configuration of network devices and …