Menu

Nick Buraglio

XBD201603 00095
Nick Buraglio
Computer Systems Engineer
Illinois us

Nick has been involved in the networking industry in varying roles since 1997. Prior to joining the Network Engineering group at ESnet, Nick was employed by the University of Illinois as the Lead Network Engineer working on research and HPC, campus, and wide area connectivity. In this role, Nick also functioned as the Lead Network Engineer and IP architect for the National Association of Telecommunications Officers and Advisors (NATOA) broadband project of the year, UC2B. Nick has also held Network Engineering positions at early regional broadband internet providers as well as at the National Center for Supercomputing Applications. Nick has participated in the SCinet working group on several occasions and has been involved in R&E, high performance networking, and security since 2002. In addition to Network Engineering positions, Nick has been involved in cybersecurity from the campus, enterprise and service provider perspective and acted as a resource and trainer for the Federal Bureau of Investigation RCAT agents. Nick has been active in the SDN community since 2009 and is currently actively involved in several SDN related initiatives and projects

Journal Articles

Ralph Koning, Nick Buraglio, Cees de Laat, Paola Grosso, “CoreFlow: Enriching Bro security events using network traffic monitoring data”, Future Generation Comp. Syst., February 1, 2018, 79,

Attacks against network infrastructures can be detected by Intrusion Detection Systems (IDS). Still reaction to these events are often limited by the lack of larger contextual information in which they occurred. In this paper we present CoreFlow, a framework for the correlation and enrichment of IDS data with network flow information. CoreFlow ingests data from the Bro IDS and augments this with flow data from the devices in the network. By doing this the network providers are able to reconstruct more precisely the route followed by the malicious flows. This enables them to devise tailored countermeasures, e.g. blocking close to the source of the attack. We tested the initial CoreFlow prototype in the ESnet network, using inputs from 3 Bro systems and more than 50 routers.

Conference Papers

Paul Ruth, Mert Cevik, Cong Wang, Yuanjun Yao, Qiang Cao, Rubens Farias,
Jeff Chase, Victor Orlikowski, Nick Buraglio,
“Toward Live Inter-Domain Network Services on the ExoGENI Testbed”, 2018 IEEE INFOCOM, IEEE, April 15, 2018,

This paper introduces ExoPlex, a framework to improve the QoS of live (real) experiments on the ExoGENI federated testbed. The authors make the case for implementing the abstraction of network service providers (NSPs) as a way of having experimenters specify the performance characteristics they expect from the platform (at the testbed level). An example tenant using this version of ExoGENI enhanced with NSP capabilities is presented, and experimental results show the effectiveness of the approach.

Presentation/Talks

Nick Buraglio, Automation, Orchestration, prototyping, and strategy, Great Planes Network Webinar Series Presentation, March 9, 2018,

Presentation on network automation and orchestration with focus on getting started and options available.

Nick Buraglio, SDN Best Practices, Great Planes Network Webinar Series Presentation, April 8, 2016,

Presentation of best practices in production SDN deployments based on experience deploying SDN based networks based on varying technologies and techniques. 

Nick Buraglio, SDN: Theory vs. Practice, Invited talk, CODASPY 2016 SDN/NFV workshop, March 11, 2016,

Discuss research based software based networking and the differences beetween real world, prodiuction SDN for CODASPY SDN/NFV conference workshop. 

Nick Buraglio, Bro intrusion detection system (IDS): an overview, Enhancing CyberInfrastructure by Training and Education, May 22, 2015,

Nick Buraglio, Anita Nikolich, Dale Carder, Secure Layer 3 SDX Concept (Interdomain SDN), May 14, 2015,

A concept framework for Secure Layer 3 Interdomain SDN and ISD/IXP. 

Nick Buraglio, IPv6 Status; Operating production IPv6 networks, March 22, 2015,

IPv6 Status update and primer on operating production IPv6 networks as of 3/2015

Nick Buraglio, Anita Nikolich, Dale Carder, Securing the SDN WAN, October 30, 2014,

SDN has been successfully implemented by large companies and ISPs within their own data centers. However, the focus has remained on intradomain use cases with controllers under the purview of the same authority. Interdomain SDN promises more fine grained control of data flows between SDN networks but also presents the greater challenges of trust, authentication and policy control between them. We propose a secure method to peer SDN networks and a test implementation

Nick Buraglio,Vincent Stoffer, Adam Slagell, Jim Eyrich, Scott Campbell, Von Welch, Securing the Science DMZ: a discussion, October 28, 2014,

The Science DMZ model is a widely deployed and accepted architecture allowing for movement and sharing of large-scale data sets between facilities, resources, or institutions. In order to help assure integrity of the resources served by the science DMZ, a different approach should be taken regarding necessary resources, visibility as well as perimeter and host security. Experienced panelists discuss common techniques, best practices, typical caveats as well as what to expect (and not expect) from a network perimeter that is purpose built to move science data.

 

Best practices for securing an open perimeter network
Securing the Science DMZ

Best practices for securing an open perimeter network or Science DMZ at for BroCon 2014.  Slides. Video

Nick Buraglio, Securing the Science DMZ, June 14, 2014,

The Science DMZ model is a widely deployed and accepted architecture allowing for movement and sharing of large-scale data sets between facilities, resources, or institutions.
In order to help assure integrity of the resources served by the science DMZ, a different approach should be taking regarding
necessary resources, visibility as well as perimeter and host security. Based on proven and existing production techniques
and deployment strategies, we provide an operational map and high level functional framework for securing a science DMZ utilizing a “defense in depth” strategy including log aggregation, effective IDS filtering and management techniques, black hole routing,
flow data and traffic baselining.

Nick Buraglio, Real world IPv6 deployments, June 9, 2014,

Presentation for Westnet conference on Real world IPv6 deployments, lessons learned and expectations.