Optus Mirror NApp
Vasilka Chergarova, Italo Da Silva Brito
The number of cyber attacks is growing as increasingly more computer networks unknowingly fall victim. Thus the need to implement proper preventions or procedures to handle these issues arises. To do this tools must be implemented that can track and filter unwanted traffic, to contain or dispose it. The approach our team has taken was to create a new NApp, or Network Application that can mirror and track all traffic that passes through the network. This is the first step towards ensuring a safe and secure network. With our new NApp Optus, the network now has the capabilities to create EVC mirrors, create interface mirrors, list all existing mirrors, list enabled mirrors, list disabled mirrors, and change mirror states. These features allow us to take the first step towards securing our network in the ability to monitor all web traffic accessing current ports, controlling the flow of web traffic by enabling only specified ports in the event of cyber attacks, and dynamically changing mirror states to ensure proper flow. Optus can be improved in future projects to directly filter out unwanted web traffic through the implementation of Remotely Triggered Blackholes, allowing mirrors to be persistent over different use sessions, multi-table functionality, validation of target ports, and intrusion detection systems. Using Optus as a base NApp that is integrated within the network it can direct the flow of traffic using the existing features and prevent cyber attacks from affecting the rest of the network through the future implementation of these tools.