Automated Distribution of Access Control Rules in Defense Layers of an Enterprise Network.

In this demo paper we present a network management framework for the automated mitigation of multi-vector anomalies. Our approach leverages on Salt to define and distribute system-specific Access Control Rules to network devices and hosts, in a streamlined device-agnostic manner. Network devices are managed using NAPALM, a library offering high-level programmable interfaces via different southbound protocols, e.g. NETCONF, SSH, HTTP. Our Proof-of-Concept testbed incorporates two hardware devices, and two end hosts used accordingly as the attacker and the victim of a multi-vector DDoS attack. As part of the demo, we will generate a DDoS attack and showcase the capabilities offered by the proposed platform towards the attack mitigation.