LISA17 - LinkedIn's Distributed Firewall





The interactive transcript could not be loaded.


Rating is available when the video has been rented.
This feature is not available right now. Please try again later.
Published on Nov 15, 2017

Mike Svoboda, LinkedIn, and Nils Christian Roscher-Nielsen, Zener

Distributed Firewall (DFW) has fundamentally altered LinkedIn's System, Network, and Security Operations. This technology has enabled LinkedIn to expand with unbound horizontal scalability by leveraging Software Defined Networking. Combining system automation with host based firewalls, DFW has not only allowed LinkedIn to alter the physical network design, but it has also increased the security protections that we can now provide in Production environments.

In this presentation, we will share how LinkedIn was able to remove physical and logical network firewall bottlenecks. By shifting network security enforcement down to the per-host level, DFW enables LinkedIn to fully utilize datacenter power, cooling, and space facilities by intermixing heterogeneous environments within the same physical rack and network footprint. Integrating DFW with LinkedIn's code deployment system, the firewall has become aware of the specific application requirements on each node, and can build a unique security profile to secure the hosted services.

We will demonstrate DFW in action, point to the open source code, and will share lessons learned from our Production implementation so other organizations could leverage this technology.

View the full LISA17 program: https://www.usenix.org/lisa17/program


When autoplay is enabled, a suggested video will automatically play next.

Up next

to add this to Watch Later

Add to

Loading playlists...