Menu

Nick Buraglio

Nick Buraglio
Network Engineer

Nick has been involved in the networking industry in varying roles since 1997. Prior to joing the Network Engineering group at ESnet, Nick was employed by the University of Illinois as the Lead Network Engineer working on research and HPC, campus and wide area connectivity. In this role, Nick also functioned as the Lead Network Engineer and IP architect for the National Association of Telecommunications Officers and Advisors (NATOA) broadband project of the year, UC2B. Nick has also held Network Engineering positions at early regional broadband internet providers as well as at the National Center for Supercomputing Applications. Nick has participated in the SCinet working group on several occasions and has been involved in R&E, high performance networking and security since 2002. In addition to Network Engineering positions, Nick has been involved in cybersecurity from the campus, enterprise and service provider perspective and acted as a resource and trainer for the Federal Bureau of Investigation RCAT agents. Nick has been active in the SDN community since 2009 and  is currently activly involved in several SDN related initiatives and projects

Free/Busy Calendar:
<iframe src="https://www.google.com/calendar/embed?height=600&wkst=1&bgcolor=%23666666&src=nick%40buraglio.com&color=%230D7813&src=buraglio%40es.net&color=%238C500B&ctz=America%2FChicago" style=" border:solid 1px #777 " width="750" height="700" frameborder="0" scrolling="no"></ifra

Presentation/Talks

Nick Buraglio, SDN Best Practices, Great Planes Network Webinar Series Presentation, April 8, 2016,

Presentation of best practices in production SDN deployments based on experience deploying SDN based networks based on varying technologies and techniques. 

Nick Buraglio, SDN: Theory vs. Practice, Invited talk, CODASPY 2016 SDN/NFV workshop, March 11, 2016,

Discuss research based software based networking and the differences beetween real world, prodiuction SDN for CODASPY SDN/NFV conference workshop. 

Nick Buraglio, Bro intrusion detection system (IDS): an overview, Enhancing CyberInfrastructure by Training and Education, May 22, 2015,

Nick Buraglio, Anita Nikolich, Dale Carder, Secure Layer 3 SDX Concept (Interdomain SDN), May 14, 2015,

A concept framework for Secure Layer 3 Interdomain SDN and ISD/IXP. 

Nick Buraglio, IPv6 Status; Operating production IPv6 networks, March 22, 2015,

IPv6 Status update and primer on operating production IPv6 networks as of 3/2015

Nick Buraglio, Anita Nikolich, Dale Carder, Securing the SDN WAN, October 30, 2014,

SDN has been successfully implemented by large companies and ISPs within their own data centers. However, the focus has remained on intradomain use cases with controllers under the purview of the same authority. Interdomain SDN promises more fine grained control of data flows between SDN networks but also presents the greater challenges of trust, authentication and policy control between them. We propose a secure method to peer SDN networks and a test implementation

Nick Buraglio,Vincent Stoffer, Adam Slagell, Jim Eyrich, Scott Campbell, Von Welch, Securing the Science DMZ: a discussion, October 28, 2014,

The Science DMZ model is a widely deployed and accepted architecture allowing for movement and sharing of large-scale data sets between facilities, resources, or institutions. In order to help assure integrity of the resources served by the science DMZ, a different approach should be taken regarding necessary resources, visibility as well as perimeter and host security. Experienced panelists discuss common techniques, best practices, typical caveats as well as what to expect (and not expect) from a network perimeter that is purpose built to move science data.

 

Best practices for securing an open perimeter network
Securing the Science DMZ

Best practices for securing an open perimeter network or Science DMZ at for BroCon 2014.  Slides. Video

Nick Buraglio, Securing the Science DMZ, June 14, 2014,

The Science DMZ model is a widely deployed and accepted architecture allowing for movement and sharing of large-scale data sets between facilities, resources, or institutions.
In order to help assure integrity of the resources served by the science DMZ, a different approach should be taking regarding
necessary resources, visibility as well as perimeter and host security. Based on proven and existing production techniques
and deployment strategies, we provide an operational map and high level functional framework for securing a science DMZ utilizing a “defense in depth” strategy including log aggregation, effective IDS filtering and management techniques, black hole routing,
flow data and traffic baselining.

Nick Buraglio, Real world IPv6 deployments, June 9, 2014,

Presentation for Westnet conference on Real world IPv6 deployments, lessons learned and expectations.