My previous post was taken down by moids for some now obvious reasons, but I hope to elaborate more and keep the conversation going.
My intentions detailed in the last post are summarized here.
I would like to build:
- A high-security network that is using ml in python (for prototyping purposes) to detect anomalies in the system.
- 10 gb/s+ connection to the Backbone fiber or ISP
- 80 gb/s lan
- fiber used throughout in order to use taps
I am currently past the point of splicing fiber and making patch cables. Most of my Sfp+ modules are compatible, but the original gear I purchased for taps and packet analysis is junk.
I acquired multiple Gigamon products (for a good price) that are near the end of life, but the software tools and licenses are unattainable. I now have a neat new office desk, once I weld the cases together!
I have looked into spinning up three google fiber connections for the wan, and the three roommates agreed to each signup. With a load balancer to tie them together, the price per month is nearly affordable.
The next steps are to try and find (enterprise or consumer if it exists) gear that has the ability to monitor around 100 gb/s of throughput.
I know I am not smart enough to figure out Fiber tapping hardware and at the low level required for speed (that software is probably nuts too. I definitely have to pick my battles. The goal is to piggyback off of the tapper, select packets that seem like outliers, and clear them for a good list. The ml training data will be, for a majority, good packets. For the list of bad, I hope to find packet captures online and create a few (running script kiddie code).
I can elaborate on the software more once I know more and I like constructive criticism, but I am in the hardware acquiring phase as of now. My questions are as follow:
Is there a solution for a gateway at multiple points in the network that can detect errors and anomalies that don't break the bank à la Gigiman?
What fiber taps does the collective hive mind recommend that are affordable (sub $500) and enable some form of user code or modification?
Am a headed down any wrong paths that you can see (traps for young players)?
I hope that I do not have to build a custom OPNsense or pfSense box while trying configuring everything from the ground up.
Thanks for the read and I hope to learn more so I can speak more adequately with you in the future.
P.s If you have time the TensorFlow toolbox for Quantum is some future! https://www.tensorflow.org/quantum/concepts
No comments:
Post a Comment