3. Communications networks' current situation
• Currently all the networks, services and applications are based on
Internet technologies: TCP/IP Communication Protocols
• Any current device (PCs, Tablets, Telephones, Game Stations, TV,
control equipment, etc.) includes these TCP/IP protocols
• TCP/IP DNA:
– Designed in the 70s for the interconnection of heterogeneous global
networks
– Introduced in the early 80s on the Local Area Networks
– The target was to interconnect heterogeneous networks and equipment,
without taking into account security or efficiency
• Internet was not designed with security in mind
3
4. Where is the Problem?
TCP/IP Communications Architecture
• The user can fiddle with the communications
4
TCP
IP
ETH A
PHY A PHY C
ETH C
App App App App
App
IP
IP net
Internet Aplication Service is provided
by TCP and controlled by the user
TCP
App
Service
Demarcation
Service
Demarcation
Network
Edge
Network
Edge
5. POTS (Plain Old Telephone Service) versus Internet TCP/IP
• All the communications are handled and controlled by the Telephone
Operator
5
Service
Demarcation
Service
Demarcation
Network
Edge
Network
Edge
6. Internet Insecurity (Insecurity everywhere)
In this insecure TCP/IP environment you can do everything, or almost
everything
• Use a fake IP address (origin / destination)
• Impersonation of user´s identity, network equipment, services,
applications, etc.
• Intercept communications from anywhere
• Datagrams modification (changing data)
• Denial of service attacks
• Malicious use of the innumerable auxiliary communications protocols
• And many more bad things…
6
7. What companies and organizations are doing
• Installing new, complex and expensive secure systems
– Firewalls
– VPNs (Virtual Private Networks)
– Encryption & Authentication & Integrity Protocols
– Digital signature
– Additional Security Protocols
– Intrusion Detection Systems
– Secure Network Devices
– Policies, Audits, PENtesting ....
Time and $$$$$$$$$
• The result is always frustrating, because after removing the known
security holes, new vulnerabilities appear
7
9. Communication networks must be, and can be:
Secure, simple and more efficient
But to achieve this, we have to change the way we are doing it
9
If I had asked people what they wanted, they would have said faster horses.
(Henry Ford)
10. Disruptive Technologies
Breaking the rules and the way everybody does it
• Simple, not complex
– Fewer technologies and techniques
– More complex equipment = less secure
– No longer adding more and more security layers
• “Built-in Security”: as the POTS (Plain Old Telephone Service)
– Old circuit switching tech… but in TCP/IP networks
• Reduce the “Cyber Attack Surface” close to zero
– Today, everyone from anywhere can launch a cyber-attack leaving no trace
10
Insanity: doing the same thing over and over again and expecting different results
(Albert Einstein)
11. We want this idyllic scenario:
• Network equipment (the LAN switches where all the computers are
connected to) must provide the following security features:
– No more additional protocols and no more complex configuration
– Prevent “Fake Internet Addresses”
– Block and disable hacking tools
– Native firewalling features. No rules, no configuration
– Foolproof and automatic attack detection
– Hide the network to outside users to minimize the "attack surface"
– Instantly identify the attack source and block it
• A deep knowledge of networking and how to modify it, to dramatically
improve security, is required to achieve these goals
11
13. PHY B
Link B
IP
Transport
TCP
IP
Link A
PHY A PHY A PHY CPHY C
Link A Link C Link C
Transport
TCP
App App
App
IP
App App
App
IP IP
PHY B
Link B
IP
Subnet 1 Subnet 2 Subnet 3 •13
14. PHY B
Link B
IP
Transport
TCP
IP
Link A
PHY A PHY A PHY CPHY C
Link A Link C Link C
Transport
TCP
App App
App
IP
App App
App
IP IP
PHY B
Link B
IP
Subnet 1 Subnet 2 Subnet 3 •14
15. PHY B
Link B
IP
Transport
TCP
IP
Link A
PHY A PHY A PHY CPHY C
Link A Link C Link C
Transport
TCP
App App
App
IP
App App
App
IP IP
PHY B
Link B
IP
Subnet 1 Subnet 2 Subnet 3 •15
19. What is UETS?
An L&M Data Communications idea, patented in U.S. and Spain
• Simple Communications Architecture which uses circuit switching to
transmit Ethernet datagrams
– Provide both the end users and the applications, fully transparent and
compatible IP services
– All the communications are handled and controlled by the Network
equipment
– Non-hijacking communications, rendering eavesdropping and cyber-attacks
to network infrastructures impossible
• Radically opposed to the current strategy of adding new security layers
and complexity
19
20. PHY B
Transport
TCP
IP
Link A
PHY A PHY A PHY CPHY C
Link C
Transport
TCP
App App
App
App App
App
IP
PHY B
UETS with no changes to the user’s computer
20
21. TCP
IP
Link A
ETH A
TCP
IP
Link C
ETH C
IP
Link A
ETH A
IP
Link B
ETH B
IP
Link B
ETH B
IP
Link C
ETH C
UETS Highest level of security
(NO TCP/IP on the user's computer)
App App
App
App
App
App
21
22. PHY B
ETHERNET
PHY A PHY A PHY CPHY C
ETHERNET
App App
App
App App
App
PHY B
EtherNET
UETS Highest level of security
(NO TCP/IP on the user’s computer)
22
23. UETS Key aspects
• Circuit technology in Ethernet networks
• High security: NO TCP/IP NO TCP/IP attacks
• Full Backward IP Compatibility
• Using standard TCP / IP applications
• Removing Complexities to the minimum
• Eliminating complex solutions
23