Designing for Proactive Network Configuration Analysis

Human operators are an important aspect of any computing infrastructure; however, human errors in configuring systems pose reliability and security risks, which are increasingly serious as such systems grow more complex. Numerous studies have shown that errors by human administrators have contribute...

Full description

Bibliographic Details
Main Authors: Magreth Mushi, Rudra Dutta
Format: Article
Language:English
Published: International Institute of Informatics and Cybernetics 2019-02-01
Series:Journal of Systemics, Cybernetics and Informatics
Subjects:
Online Access:http://www.iiisci.org/Journal/CV$/sci/pdfs/ZA398CQ19.pdf
id doaj-b54b5918cded4085a9b6c51da431dc78
record_format Article
spelling doaj-b54b5918cded4085a9b6c51da431dc782021-03-27T15:54:08ZengInternational Institute of Informatics and CyberneticsJournal of Systemics, Cybernetics and Informatics1690-45242019-02-01171221239Designing for Proactive Network Configuration AnalysisMagreth MushiRudra DuttaHuman operators are an important aspect of any computing infrastructure; however, human errors in configuring systems pose reliability and security risks, which are increasingly serious as such systems grow more complex. Numerous studies have shown that errors by human administrators have contributed significantly to misconfigurations of networks. The research community has reacted with development of solutions that largely directed at detecting and correcting misconfigurations statically, after they have been introduced into the configuration files. This is done either by checking against known good configuration practices or by data mining configuration files. Though to some extent such approaches are useful, they are in fact "treatments" rather than "preventions". Automated tools that abstract complex sets of network administration tasks have also been seen as a potential solution. On the other hand, such tools simply remove the possibility of human error one step, to the development of the workflow, and can have the effect of magnifying the risk of such mistakes due to their speed of operation. There is a need for a proactive solution that examine consequences of a proposed configuration before it is implemented. In this paper, we describe the research design towards developing a proactive solution for misconfiguration problem. Then present the design and implementation for SanityChecker-an SDN-based solution for intercepting incoming configurations and inspecting them for human errors before committing to the devices. SanityChecker was tested by real-world network administrators and the results show that it can successfully improve network operations by overseen incoming configuration for human errors.http://www.iiisci.org/Journal/CV$/sci/pdfs/ZA398CQ19.pdf network administrationopendaylightmisconfigurationovsdbsanitycheckerresearch designnetwork configurationworkflowsoftware defined networks
collection DOAJ
language English
format Article
sources DOAJ
author Magreth Mushi
Rudra Dutta
spellingShingle Magreth Mushi
Rudra Dutta
Designing for Proactive Network Configuration Analysis
Journal of Systemics, Cybernetics and Informatics
network administration
opendaylight
misconfiguration
ovsdb
sanitychecker
research design
network configuration
workflow
software defined networks
author_facet Magreth Mushi
Rudra Dutta
author_sort Magreth Mushi
title Designing for Proactive Network Configuration Analysis
title_short Designing for Proactive Network Configuration Analysis
title_full Designing for Proactive Network Configuration Analysis
title_fullStr Designing for Proactive Network Configuration Analysis
title_full_unstemmed Designing for Proactive Network Configuration Analysis
title_sort designing for proactive network configuration analysis
publisher International Institute of Informatics and Cybernetics
series Journal of Systemics, Cybernetics and Informatics
issn 1690-4524
publishDate 2019-02-01
description Human operators are an important aspect of any computing infrastructure; however, human errors in configuring systems pose reliability and security risks, which are increasingly serious as such systems grow more complex. Numerous studies have shown that errors by human administrators have contributed significantly to misconfigurations of networks. The research community has reacted with development of solutions that largely directed at detecting and correcting misconfigurations statically, after they have been introduced into the configuration files. This is done either by checking against known good configuration practices or by data mining configuration files. Though to some extent such approaches are useful, they are in fact "treatments" rather than "preventions". Automated tools that abstract complex sets of network administration tasks have also been seen as a potential solution. On the other hand, such tools simply remove the possibility of human error one step, to the development of the workflow, and can have the effect of magnifying the risk of such mistakes due to their speed of operation. There is a need for a proactive solution that examine consequences of a proposed configuration before it is implemented. In this paper, we describe the research design towards developing a proactive solution for misconfiguration problem. Then present the design and implementation for SanityChecker-an SDN-based solution for intercepting incoming configurations and inspecting them for human errors before committing to the devices. SanityChecker was tested by real-world network administrators and the results show that it can successfully improve network operations by overseen incoming configuration for human errors.
topic network administration
opendaylight
misconfiguration
ovsdb
sanitychecker
research design
network configuration
workflow
software defined networks
url http://www.iiisci.org/Journal/CV$/sci/pdfs/ZA398CQ19.pdf
work_keys_str_mv AT magrethmushi designingforproactivenetworkconfigurationanalysis
AT rudradutta designingforproactivenetworkconfigurationanalysis
_version_ 1724200977444110336