Loading…
Virtual ZeekWeek 2020 is free to attend, but registration is required. 
Back To Schedule
Wednesday, October 14 • 11:20am - 11:40am
Day 2 - Using Zeek in ESnet6 management network security monitoring - Scott Campbell LIMITED

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.


Limited Capacity seats available

You MUST register through eventbrite to gain access to this session (Day 2).

Summary: ESnet is building a greenfield implementation for its next generation network. This presentation describes how we are using Zeek as an integral part of our monitoring and security strategy, focusing on architecting traffic patterns to maximize intruder visibility as well as providing critical feedback on device misconfiguration.

Abstract: ESnet is building a greenfield implementation for its next generation network. In it the Management plane represents the command and control infrastructure of our network, so security has to be a significant component of its design and operation. This presentation describes how we are using Zeek as part of our monitoring and security strategy, focusing on architecting traffic patterns to maximize intruder visibility as well as providing critical feedback on device misconfiguration.

Slack Channel for this session - #vzw-day2-talk7-zeek-in-esnet6
Haven't joined the Zeek Slack space yet you can do so at:
https://join.slack.com/t/zeekorg/shared_invite/zt-cgz9wa7p-BXihgVtZlmnRfHZXmUltZQ

Link to Session Survey - https://forms.gle/aFCTXniakuJGi7YN9

Speakers
avatar for Scott Campbell

Scott Campbell

ESNet
I have been at Lawrence Berkeley National Lab since 2001 working in the security groups for high performance computing (NERSC) as well as scientific networking (ESnet). This whole time I have been using Zeek for a variety of interesting things, and have done quite a bit of research... Read More →



Wednesday October 14, 2020 11:20am - 11:40am PDT
Online - Zoom Meeting Room