Martin Casado

Stanford University

Rethinking Enterprise Network Architecture


The Internet architecture was designed around decentralized control in order to achieve scalability, resilience and organic growth.  However, with the phenomenal success of the Internet, this architecture has been pushed into other environments for which the traditional control model is not well suited.  This includes enterprise networks where security and manageability are paramount.


In this talk, I will discuss a new approach to enterprise network design.  Our goal is to provide an architecture which supports sophisticated, network-wide control, and does so without sacrificing robustness, performance, or adaptability to failure.  The key properties of our approach are logical centralization of the control layer, and a greatly simplified datapath designed around a flow-based forwarding model.


I will present two systems over which these ideas evolved: Ethane, an enterprise security management architecture, and NOX, a programmable network-wide control plane.  I will discuss how our approach can achieve scalability and resiliency while providing fine grained control over all

communication on the network.   Finally, I will describe our experiences

implementing and deploying these systems within operational networks of hundreds of hosts.



Martin Casado received his PhD from Stanford University in 2007.  Prior to attending Stanford, Martin held a research position at Lawrence Livermore National Laboratory where he worked on information assurance and network security.   His research interests include network architecture, network security, and Internet measurement.  In terms of commercial experience, Martin co-founded Illuminics Systems, an IP analytics company which was acquired by Quova Inc. in 2006.


B17 Upson Hall

Tuesday, February 17, 2009

Refreshments at 3:45pm in the Upson 4th Floor Atrium

Computer Science


Spring 2009