What is meant by flow specification?

- There are many problems concerning the flow specification. 

- There are limited options for the provider for mitigation of the DDoS attacks that take place internally. 

- These can be categorized in to three different categories:

Ø  BGP (border gateway protocol) destination black holes

Ø  BGP src/ uRP

Ø  ACLS

- The basic idea is to make use of the BGP for the distribution of the flow specification filters. 

- This helps in dynamic filtering in the routers. 

- The flow specification rules are encoded according to the BGP NLRI address family. 

- The flow spec NLRI is used by the BGP as its opaque key is used as an entry key for its database. 

- The extended communities are used for specifying the actions such as accepting, discarding it, rate limiting, sampling, redirecting and so on. 

- The source/destination prefix and the source/destination port are matched in combinations according to the packet size, ICMP type/co9de, fragment encoding, DSCP, TCP flag and so on. 

- For example, the TCP ports 80…90 are matched with 192.168.0/24. 

- The flow specification trust model uni casts the routing advertisements for controlling the traffic. 

- Filter is considered as a hole for the traffic that is being transmitted to some destination. 

- Filter is accepted when it is advertised for the destination by the next hop. 

- Filters with various flow specifications are available today.

- The major benefit of the flow specifications is the filters with the fine grain specification which make it easy for deploying and managing the BGP. 

- The trust and the distribution problems are solved by the BGP. 

- ASIC filtering in routers is leveraged. 

- This is another major benefit of flow specifications. 

Apart from the benefits, there are various limitations of the flow specifications as mentioned below:

Ø  There is no update level security in the BGP.

Ø The statistics and the application level acknowledgement are not well defined.

Ø  The flow specifications work only for those nodes for which the BGP has been enabled.

Ø  Beyond routing the BGP payload has to be overloaded.

Ø  There are various operational issues between the security operations and the network operations.

Ø  The threat information cannot be gathered in one place.

- The integration of the flow specifications was announced by various security vendors. 

- The DDoS attacks are experienced by a large number of customers. 

- The DDoS attacks are now massive and have put the network infrastructure at risk apart from the end customer. 

- Congestion problems occur at both the exchange and the backbone. 

- The attacks of long durations add to the cost of bursting and circuit congestion problems. 

- Depending up on the size of the attack the POP has to be isolated.

- VoIP is also affected. 

- These attacks have negative economic effects as the cost of the operations has been increased. 

- This has led to a degradation of the business. 

- Measures such as firewall filtering and destination BGP black-holing have proved to be insufficient in preventing the attacks. 

- These methods are slow since it is required to log-in and configuring the devices. 

- The configuration has to be constantly. 

- The traffic is terminated to some destination. 

- This affects the availability. 

- The black hole routes are removed by constantly changing the configurations. - Earlier version of the flow specifications had many bugs. 

- There were some limitations on the performance. 

- However, it provided arbor support for the actions of the flow specifications. 

- It does not provide multi–vendor support. 

- To some extent it provides the mitigation facility for the attack that occurred at the source. 

- The collateral damage is eliminated for both the carriers and supports the change in the matching criteria. 

What is the difference between congestion control and flow control?

Flow control and congestion control are similar sounding concepts and often confuse us sometimes. In this article we shall discuss about the differences between these two. 

- Computer networks use the flow control mechanism for keeping control over the data flow between two nodes in such a way that the receiver if it is slower when compared to the sender is not outrun by it. 

- The mechanism of flow control also provides ways to the receiver to maintain control over the speed with which it transmits the information.

- On the other side, the congestion control provides mechanism for the controlling the data flow under the condition of actual congestive collapse. 

- The mechanism keeps a control over the entry of data in to the network so that this traffic can be handled by the network effectively.  

- The mechanism of flow control does not let the receiving node get overwhelmed by the traffic that is being sent by another node. 

There are several reasons why this flow of data gets out of control and affects the network negatively. 

- First reason being that the receiving node might not be capable of processing the incoming data as fast as it is being sent by the sender node. 

- Based on these reasons there are various types of flow control mechanisms available. 

- However, the most common categorization is based on the fact whether the feedback is being sent to the sender or not. 

- There is another flow control mechanism called the open loop flow control mechanism. 

- In this mechanism no feedback is sent to the sender by the receiver and this perhaps the most widely used flow control mechanism. 

- Opposite of open loop flow control mechanism is the closed loop flow control. 

- In this mechanism, the receiver sends back congestion information to the sender. 

- Other commonly used flow control mechanisms are:

Ø  Network congestion

Ø  Windowing flow control

Ø  Data buffer etc.

- Congestion control offers such methods that can be used for regulating the incoming traffic in the network to such an extent where the network itself can manage all that.
- In congestion control, the network is prevented from falling in to a state of congestive collapse. 
- In such a state either little or no communication happens.
- This little communication is of no help. 
- Switching networks usually require congestion control measures than any other type of networks. 
- The congestion control is driven by the goal of keeping the number of data packets at such a level that the performance of the network would be reduced dramatically.
- Congestion control mechanism can be seen even in protocols such as UDP (user datagram protocol), TCP (transport control protocol) and other transport layer protocols. 
- TCP makes use of the exponential back off and slow start algorithms. 
- We classify the congestion control algorithms based up on the feedback that is given by the network, the performance aspect that has to be improved, and modifications that have to be made for the present network, fairness criterion that is being used and so on. 

- Congestion and flow control are two very important mechanisms used for keeping the traffic flow in order. 
- Flow control is a mechanism that stretches from one end to another i.e., between the sender and the receiver where the speed of sender is much higher than that of the receiving node. 
- Congestion control is implemented for preventing packet loss as well as delay that is caused as a side effect of the network congestion. 
- Congestion is meant for controlling the traffic of the entire whereas flow control is limited to transmission between two nodes.

What is an Agile Process Improvement?

A process improvement program is successful only when the meaning of the word ‘process’ is clearly understood. Process means work. So when one improves, the other one also improves. The quality of the software depends a lot on the process. Whenever a change is introduced, a temporary drop in performance is always recorded. In most cases what happens is that the organization stops the implementation of changes fearing the disruption in the normal work since so much effort is required. To avoid such situations, the changes need to be adaptive. It is the agile process improvement that makes this possible. You might say that such a way of iterative improvement is not new. Well, the agile techniques introduce discipline in the whole program.

Stages of Agile Process Improvement

The following are the stages of the agile process improvement:

1. Initiating:

Ø  Stimulus of change

Ø  Set context

Ø  Build sponsorship

Ø  Charter infrastructure

2. Diagnosing:

Ø  Characterize current and desired states

Ø  Develop recommendation

3. Establishing:

Ø  Set priorities

Ø  Develop approach

Ø  Plan actions

4. Action:

Ø  Create solution

Ø  Test solution

Ø  Refine the solution

Ø  Implement solution

5. Learning:

Ø  Analyze

Ø  Validate

Ø  Propose future actions

- The improvement cycles are meant to be followed systematically so that the results might be obtained in time ranging from 2- 6 weeks.

- The whole process lets you maintain a balance the workload as well as the improvement. 

- The flow of the process is as follows:

1. Prioritized list of improvements
2. Detailed plan for the current cycle
3. Implemented improvement
4. Feedback

- After this process, the following becomes possible for the organization:

1. Identification and resolving of the issues earlier in the cycle.
2. Learning process regarding how to tackle difficulties and working of this process.
3. Adaption to the business needs that keep changing.
4. Giving response to the feedback.

- The sponsor holds the responsibility for prioritizing the improvement backlog at the start of each sprint. 

- Also, he is the one responsible for ROI. 

- Prioritization is a good tool for the sponsor to direct the change. 

- Using prioritization, the goals and feedback can be revised from quality assurance. 

- A focus can be kept on the benefit received from each improvement cycle. 

- PPQA deploys and evaluates the improvement in organization in every sprint. - The improvement package consists of 4 sprints namely:

1. Prototyping
2. Piloting
3. Deploying
4. Evaluating

- Active participation and leadership is required for a change to take place. 

- An endorsed vision and status quo is required for the beginning of the process. 

- Both of these are established via SCAMPI and CMMI. 

- The change is led by the management on an everyday basis.

- An excellent description is provided by the generic practices of CMMI for the leadership purpose.

- Similarly participation is a key element that is facilitated by the change team. - A vision is required for initiating the improvement project. 

- The initial improvement backlog is defined by 3 things namely scrumMaster, change team and the work owner i.e., the sponsor all based up on an assessment. 

- The organization is facilitated by the change team.

- With each sprint a tangible improvement is delivered. 

- The change is led by the management in a sprint.

- The effect introduced by the change is evaluated at the end of each sprint by PPQA. 

-The new improvements are defined by the work-owner who is also responsible for adding those in to the backlog of improvements and prioritizes it.

-Commitment is supported at the end of the sprint by appraisal.

-The improvements can also be continuously integrated in to the organization’s way of working.