Designing for Proactive Network Configuration Analysis
Human operators are an important aspect of any computing infrastructure; however, human errors in configuring systems pose reliability and security risks, which are increasingly serious as such systems grow more complex. Numerous studies have shown that errors by human administrators have contribute...
Main Authors: | , |
---|---|
Format: | Article |
Language: | English |
Published: |
International Institute of Informatics and Cybernetics
2019-02-01
|
Series: | Journal of Systemics, Cybernetics and Informatics |
Subjects: | |
Online Access: | http://www.iiisci.org/Journal/CV$/sci/pdfs/ZA398CQ19.pdf
|
id |
doaj-b54b5918cded4085a9b6c51da431dc78 |
---|---|
record_format |
Article |
spelling |
doaj-b54b5918cded4085a9b6c51da431dc782021-03-27T15:54:08ZengInternational Institute of Informatics and CyberneticsJournal of Systemics, Cybernetics and Informatics1690-45242019-02-01171221239Designing for Proactive Network Configuration AnalysisMagreth MushiRudra DuttaHuman operators are an important aspect of any computing infrastructure; however, human errors in configuring systems pose reliability and security risks, which are increasingly serious as such systems grow more complex. Numerous studies have shown that errors by human administrators have contributed significantly to misconfigurations of networks. The research community has reacted with development of solutions that largely directed at detecting and correcting misconfigurations statically, after they have been introduced into the configuration files. This is done either by checking against known good configuration practices or by data mining configuration files. Though to some extent such approaches are useful, they are in fact "treatments" rather than "preventions". Automated tools that abstract complex sets of network administration tasks have also been seen as a potential solution. On the other hand, such tools simply remove the possibility of human error one step, to the development of the workflow, and can have the effect of magnifying the risk of such mistakes due to their speed of operation. There is a need for a proactive solution that examine consequences of a proposed configuration before it is implemented. In this paper, we describe the research design towards developing a proactive solution for misconfiguration problem. Then present the design and implementation for SanityChecker-an SDN-based solution for intercepting incoming configurations and inspecting them for human errors before committing to the devices. SanityChecker was tested by real-world network administrators and the results show that it can successfully improve network operations by overseen incoming configuration for human errors.http://www.iiisci.org/Journal/CV$/sci/pdfs/ZA398CQ19.pdf network administrationopendaylightmisconfigurationovsdbsanitycheckerresearch designnetwork configurationworkflowsoftware defined networks |
collection |
DOAJ |
language |
English |
format |
Article |
sources |
DOAJ |
author |
Magreth Mushi Rudra Dutta |
spellingShingle |
Magreth Mushi Rudra Dutta Designing for Proactive Network Configuration Analysis Journal of Systemics, Cybernetics and Informatics network administration opendaylight misconfiguration ovsdb sanitychecker research design network configuration workflow software defined networks |
author_facet |
Magreth Mushi Rudra Dutta |
author_sort |
Magreth Mushi |
title |
Designing for Proactive Network Configuration Analysis |
title_short |
Designing for Proactive Network Configuration Analysis |
title_full |
Designing for Proactive Network Configuration Analysis |
title_fullStr |
Designing for Proactive Network Configuration Analysis |
title_full_unstemmed |
Designing for Proactive Network Configuration Analysis |
title_sort |
designing for proactive network configuration analysis |
publisher |
International Institute of Informatics and Cybernetics |
series |
Journal of Systemics, Cybernetics and Informatics |
issn |
1690-4524 |
publishDate |
2019-02-01 |
description |
Human operators are an important aspect of any computing infrastructure; however, human errors in configuring systems pose reliability and security risks, which are increasingly serious as such systems grow more complex. Numerous studies have shown that errors by human administrators have contributed significantly to misconfigurations of networks. The research community has reacted with development of solutions that largely directed at detecting and correcting misconfigurations statically, after they have been introduced into the configuration files. This is done either by checking against known good configuration practices or by data mining configuration files. Though to some extent such approaches are useful, they are in fact "treatments" rather than "preventions". Automated tools that abstract complex sets of network administration tasks have also been seen as a potential solution. On the other hand, such tools simply remove the possibility of human error one step, to the development of the workflow, and can have the effect of magnifying the risk of such mistakes due to their speed of operation. There is a need for a proactive solution that examine consequences of a proposed configuration before it is implemented. In this paper, we describe the research design towards developing a proactive solution for misconfiguration problem. Then present the design and implementation for SanityChecker-an SDN-based solution for intercepting incoming configurations and inspecting them for human errors before committing to the devices. SanityChecker was tested by real-world network administrators and the results show that it can successfully improve network operations by overseen incoming configuration for human errors. |
topic |
network administration opendaylight misconfiguration ovsdb sanitychecker research design network configuration workflow software defined networks |
url |
http://www.iiisci.org/Journal/CV$/sci/pdfs/ZA398CQ19.pdf
|
work_keys_str_mv |
AT magrethmushi designingforproactivenetworkconfigurationanalysis AT rudradutta designingforproactivenetworkconfigurationanalysis |
_version_ |
1724200977444110336 |