2 February 2014 Internet2: CCIRN reports 3 July 2004.
-
Upload
olivia-mclean -
Category
Documents
-
view
243 -
download
1
Transcript of 2 February 2014 Internet2: CCIRN reports 3 July 2004.
![Page 1: 2 February 2014 Internet2: CCIRN reports 3 July 2004.](https://reader033.fdocuments.us/reader033/viewer/2022061306/55148566550346b0158b5a3b/html5/thumbnails/1.jpg)
April 10, 2023
Internet2: CCIRN reports3 July 2004
![Page 2: 2 February 2014 Internet2: CCIRN reports 3 July 2004.](https://reader033.fdocuments.us/reader033/viewer/2022061306/55148566550346b0158b5a3b/html5/thumbnails/2.jpg)
Internet2 E2E piPEs
Project: End-to-End Performance Initiative Performance Environment System (E2E piPEs)
Approach: Collaborative project combining the best work of many organizations, including DANTE/GEANT, Daresbury, EGEE, GGF NMWG, NLANR/DAST, UCL, Georgia Tech, etc.
NSF-sponsored workshop: http://e2epi.internet2.edu/WK03/index.html
![Page 3: 2 February 2014 Internet2: CCIRN reports 3 July 2004.](https://reader033.fdocuments.us/reader033/viewer/2022061306/55148566550346b0158b5a3b/html5/thumbnails/3.jpg)
piPEs
Enable end-users & network operators to:• determine E2E performance capabilities• locate E2E problems• contact the right person to get an E2E problem resolved.
Enable remote initiation of partial path performance tests
Make partial path performance data publicly available
Interoperable with other performance measurement frameworks
![Page 4: 2 February 2014 Internet2: CCIRN reports 3 July 2004.](https://reader033.fdocuments.us/reader033/viewer/2022061306/55148566550346b0158b5a3b/html5/thumbnails/4.jpg)
Measurement Infrastructure Components
Database ofPerformance
Results
Server Server
Regularly Scheduled Tests
Router Router
On-Demand Tests
Laptop computer
TestResults Test
Results
TestResults
TestRequest
ResultRequest
End-to-End Path
![Page 5: 2 February 2014 Internet2: CCIRN reports 3 July 2004.](https://reader033.fdocuments.us/reader033/viewer/2022061306/55148566550346b0158b5a3b/html5/thumbnails/5.jpg)
Project Phases
Phase 1: Tool Beacons• BWCTL (Complete), http://e2epi.internet2.edu/bwctl• OWAMP (Complete), http://e2epi.internet2.edu/owamp• NDT (Complete), http://e2epi.internet2.edu/ndt
Phase 2: Measurement Domain Support• General Measurement Infrastructure (Prototype)• Abilene Measurement Infrastructure Deployment (Complete),
http://abilene.internet2.edu/observatory
Phase 3: Federation Support• AA (Prototype – optional AES key, policy file, limits file)• Discovery (Measurement Nodes, Databases) (Prototype –
nearest NDT server, web page)• Test Request/Response Schema Support (Prototype – GGF
NMWG Schema)
![Page 6: 2 February 2014 Internet2: CCIRN reports 3 July 2004.](https://reader033.fdocuments.us/reader033/viewer/2022061306/55148566550346b0158b5a3b/html5/thumbnails/6.jpg)
piPEs Deployment
Italy
Poland
Israel
In ProgressAbileneUS Govt. Labs
US UniversitiesGEANTAPAN
![Page 7: 2 February 2014 Internet2: CCIRN reports 3 July 2004.](https://reader033.fdocuments.us/reader033/viewer/2022061306/55148566550346b0158b5a3b/html5/thumbnails/7.jpg)
American / European Collaboration Goals
Awareness of ongoing Measurement Framework Efforts / Sharing of Ideas (Good / Not Sufficient)
Interoperable Measurement Frameworks (Minimum)• Common means of data extraction
• Partial path analysis possible along transatlantic paths
Open Source Shared Development (Possibility, In Whole or In Part)
End-to-end partial path analysis for transatlantic research communities• VLBI: Haystack, Mass. Onsala, Sweden • HENP: Caltech, Calif. CERN, Switzerland
![Page 8: 2 February 2014 Internet2: CCIRN reports 3 July 2004.](https://reader033.fdocuments.us/reader033/viewer/2022061306/55148566550346b0158b5a3b/html5/thumbnails/8.jpg)
Other ongoing collaborations
US networks: under aegis of JET• Abilene – ESnet deployment already• Coordination/deployments for key user communities
APAN deployment• Tokyo, Fukuoka, Korea(?)• Focus bwctl (scheduled tests)
GGF NMWG• Eric Boyd co-chair• Work on creating and revising schemata for test requests
and responses• Beginning work on a “model” policy for authorization roles
that can be used as a starting point for campuses/domains
![Page 9: 2 February 2014 Internet2: CCIRN reports 3 July 2004.](https://reader033.fdocuments.us/reader033/viewer/2022061306/55148566550346b0158b5a3b/html5/thumbnails/9.jpg)
April 10, 2023
Extending the research of R&E networking
Report on the April Workshop
![Page 10: 2 February 2014 Internet2: CCIRN reports 3 July 2004.](https://reader033.fdocuments.us/reader033/viewer/2022061306/55148566550346b0158b5a3b/html5/thumbnails/10.jpg)
Background
Since Fall 2001, small BoF has met at Internet2 member meetings
• Focus on sharing information about needs, activities regarding places not well connected to R&E networks
–Geographical: e.g. mountains of Chile, island territories of France
–Market/Economic: sub-Saharan Africa–Technical: ocean floors, field researchers
• Fall 2003, proposal to host workshop focusing on development agencies and funding resources
• Held post Internet2 Spring Member Meeting, Arlington, VA
![Page 11: 2 February 2014 Internet2: CCIRN reports 3 July 2004.](https://reader033.fdocuments.us/reader033/viewer/2022061306/55148566550346b0158b5a3b/html5/thumbnails/11.jpg)
Synergies between NRENs and aid and funding agencies
Science, funding and aid agencies:• and you are? No or very little knowledge about NRENs and what it
is that NRENs do or about programs• duplication, costs, lack of coordination• expressed interest in exploring actions or activities the group might
undertake beyond simple information sharing on an ad hoc basis.
Global research and education networking community and key science, funding and aid agencies: How can get to know each other (and know about what we do)
• Overviews of agencies information and communication technology ICT programmatic areas and related programs
• The need for the global research and education community to also do outreach on what it is that what we do, what our members do and that illustrate real proof of concept instantiations,
• show that there are things we could do together
![Page 12: 2 February 2014 Internet2: CCIRN reports 3 July 2004.](https://reader033.fdocuments.us/reader033/viewer/2022061306/55148566550346b0158b5a3b/html5/thumbnails/12.jpg)
Workshop Goals
get to know a bit about each other
to have a a forum to explore ways in which we may work together to address the challenges in extending the reach of Internet infrastructure and networks in support of research, education and knowledge sharing
what do you see as the gap areas – the needs? Before and after the workshop
![Page 13: 2 February 2014 Internet2: CCIRN reports 3 July 2004.](https://reader033.fdocuments.us/reader033/viewer/2022061306/55148566550346b0158b5a3b/html5/thumbnails/13.jpg)
Steering Committee –many thanks!
Les Cottrell (SLAC) Curtis White (Allied Communications) Bob Dixon (Ohio State) Heather Boyles (Internet2) Peter Highnam (NIH) Lori Perine (NSF) Micah Beck (UT) Mary Kratz (Internet2) Steven Huter (NSRC, Univ. Oregon) Art St George (Univ. New Mexico) Dany Vandromme (RENATER) George McLaughlin (AARNet) Jim Williams (Indiana Univ) sharon Moskwiak (Internet2) Anil Srivastava, AcrossWorld Ana Preston (Internet2)
![Page 14: 2 February 2014 Internet2: CCIRN reports 3 July 2004.](https://reader033.fdocuments.us/reader033/viewer/2022061306/55148566550346b0158b5a3b/html5/thumbnails/14.jpg)
Expanding the reach of advanced networking
Highlights: 80+ participants a keynote speech by Mohamed Muhsin, Vice-President and
CIO of the World Bank presentations on programs from several science, funding and
aid agencies including the National Science Foundation, National Institutes of Health, the Organization of American States, the World Bank, the Inter-American Development, USAID and other European and Australian agencies for international development.
presentations from members of the global research and education community on approaches for expanding network access to resource limited settings and working with agencies
![Page 15: 2 February 2014 Internet2: CCIRN reports 3 July 2004.](https://reader033.fdocuments.us/reader033/viewer/2022061306/55148566550346b0158b5a3b/html5/thumbnails/15.jpg)
Notes from workshop roles of agencies
• Expect “return on investment” – self-sustainability– opportunities generated – capabilities and tools – training – project learning plans– road maps
• they want to work with our community and we want to work with them
–Sharing experiences– solutions not just talk
Internet as a leveling mechanism there are very compelling illustrations from the global NREN community that show that we can work together
![Page 16: 2 February 2014 Internet2: CCIRN reports 3 July 2004.](https://reader033.fdocuments.us/reader033/viewer/2022061306/55148566550346b0158b5a3b/html5/thumbnails/16.jpg)
Next steps
working group – yes• defining scope [charter?] of the group
– Action: proceedings; mailing list and chair(s)– Action: continue dialogue/bridge with World Bank and all agencies
represented here– Action: catalog possible projects and who may be able to lead/manage
on behalf of group
clearinghouse of info and regular communications – • Best practices and lessons learned • Case studies that help drive approaches• Issues (poverty, education)• Pricing and policy • What are the needs? We need to have the needs expressed by the
ones that have the needs
![Page 17: 2 February 2014 Internet2: CCIRN reports 3 July 2004.](https://reader033.fdocuments.us/reader033/viewer/2022061306/55148566550346b0158b5a3b/html5/thumbnails/17.jpg)
Cont.
working together to further articulate the role of
NRENs (targeted to government and policy makers)–Value of NRENs and what they bring to the table – value
that enables not just scientific and technological improvements but broader social and economical impact
– ‘ROI’ – targeted to Ministers of Finance
Building Capacity• Networks are an enabler• PEOPLE!• Projects that strategically benefit economies, health,
environment
![Page 18: 2 February 2014 Internet2: CCIRN reports 3 July 2004.](https://reader033.fdocuments.us/reader033/viewer/2022061306/55148566550346b0158b5a3b/html5/thumbnails/18.jpg)
http://international.internet2.edu/intl_connect/agenda.html
![Page 19: 2 February 2014 Internet2: CCIRN reports 3 July 2004.](https://reader033.fdocuments.us/reader033/viewer/2022061306/55148566550346b0158b5a3b/html5/thumbnails/19.jpg)
April 10, 2023
Network Security, Middleware and Trust Federations
![Page 20: 2 February 2014 Internet2: CCIRN reports 3 July 2004.](https://reader033.fdocuments.us/reader033/viewer/2022061306/55148566550346b0158b5a3b/html5/thumbnails/20.jpg)
Supported by Indiana University and through relationship with EDUCAUSE and Internet2.
The REN-ISAC is an integral part of the higher-ed strategy to improve network security by providing timely warning and response to cyber threat and vulnerabilities, improving awareness, and improving communications.
Supports efforts to protect national cyber infrastructure by participating in the formal U.S. ISAC infrastructure.
Receives, analyzes, and disseminates network security operational, threat, warning, and attack information within higher education.
Information is gathered from instrumentation, constituents, network engineers, DHS, other sector ISACs, other network security organizations, and vendors.
24 x 7 Watch Desk, [email protected], +1 (317) 278-6630 http://www.ren-isac.net http://www.terena.nl/tech/task-forces/tf-csirt/meeting11/RENISAC-
Pearson.pdf
![Page 21: 2 February 2014 Internet2: CCIRN reports 3 July 2004.](https://reader033.fdocuments.us/reader033/viewer/2022061306/55148566550346b0158b5a3b/html5/thumbnails/21.jpg)
REN-ISACInformation is derived from:
Network instrumentation• Abilene NetFlow data• Abilene router ACL counters• Arbor PeakFlow analysis of NetFlow data• Abilene NOC operational monitoring systems
Constituents – related to incidents on local networks
Network engineers – related to national R&E backbones
![Page 22: 2 February 2014 Internet2: CCIRN reports 3 July 2004.](https://reader033.fdocuments.us/reader033/viewer/2022061306/55148566550346b0158b5a3b/html5/thumbnails/22.jpg)
REN-ISACInformation is derived from:
DHS sources include• IAIP Daily Open Source Report
–http://www.nipc.gov/dailyreports/dailyindex.htm
• Advisories• Regular conference calls
Other sectors ISACs
Other network security organizations
Vendors
![Page 23: 2 February 2014 Internet2: CCIRN reports 3 July 2004.](https://reader033.fdocuments.us/reader033/viewer/2022061306/55148566550346b0158b5a3b/html5/thumbnails/23.jpg)
Current and Planned Activities
Relationships and outreach to complimentary organizations and efforts
REN-ISAC RegistryWatch Desk, 24 x 7Regular information sharing with DHS, ISACs, othersAbilene NetFlow analysisAbilene router ACL statisticsArbor PeakFlow analysisPer-host threat reports to member institutionsPolicy and privacy statements and agreements
![Page 24: 2 February 2014 Internet2: CCIRN reports 3 July 2004.](https://reader033.fdocuments.us/reader033/viewer/2022061306/55148566550346b0158b5a3b/html5/thumbnails/24.jpg)
International Coordination
TF-CSIRT• Doug Pearson made presentation on REN-ISAC in January 2004
GEANT• Revisit network security coordination week after next at meeting in Cambridge
• Coordinate with GN2 security activities
![Page 25: 2 February 2014 Internet2: CCIRN reports 3 July 2004.](https://reader033.fdocuments.us/reader033/viewer/2022061306/55148566550346b0158b5a3b/html5/thumbnails/25.jpg)
Middleware and security
Internet2 Middleware Initiative launched 1999
• Focus on enterprise/campus• Focus on core middleware (that supports upperware e.g. grid middleware)
• Focus on inter-institutional authentication and authorization; supporting collaboration, access to digital resources, virtual organizations
–eduPerson attributes–Shibboleth authentication transport software–National Trust Federation (InCommon) initially built on
institutions using Shibboleth
![Page 26: 2 February 2014 Internet2: CCIRN reports 3 July 2004.](https://reader033.fdocuments.us/reader033/viewer/2022061306/55148566550346b0158b5a3b/html5/thumbnails/26.jpg)
Shibboleth Status
http://shibboleth.internet2.edu/Open source, privacy preserving federating software
Being very widely deployed in US and international universities
• SWITCH (Switzerland has adopted)• JISC (UK) is adopting; funding development of
complementary pieces
Growing development activities in several countries, providing resource manager tools, digital rights management, listprocs, etc.
![Page 27: 2 February 2014 Internet2: CCIRN reports 3 July 2004.](https://reader033.fdocuments.us/reader033/viewer/2022061306/55148566550346b0158b5a3b/html5/thumbnails/27.jpg)
InCommon federation
Federation operations – Internet2
Federating software – Shibboleth 1.1 and above
Federation data schema - eduPerson200210 or later and eduOrg200210 or later
Became operational April 5, with several early entrants to help shape the policy issues.
Precursor federation, InQueue, has been in operation for about six months and will feed into InCommon
http://incommon.internet2.edu
![Page 28: 2 February 2014 Internet2: CCIRN reports 3 July 2004.](https://reader033.fdocuments.us/reader033/viewer/2022061306/55148566550346b0158b5a3b/html5/thumbnails/28.jpg)
International federation peering
Shibboleth-based federations being established in the UK, Netherlands, Finland, Switzerland, Australia, Spain, and others
International peering meeting slated for October 14-15 in Upper Slaughter, England
Issues include agreeing on policy framework, comparing policies, correlating app usage to trust level, aligning privacy needs, working with multinational service providers, scaling the WAYF function
![Page 29: 2 February 2014 Internet2: CCIRN reports 3 July 2004.](https://reader033.fdocuments.us/reader033/viewer/2022061306/55148566550346b0158b5a3b/html5/thumbnails/29.jpg)
Security at Line Speed (SALSA)
Ken Klingenstein heading both middleware and security efforts
NSF-funded workshop: Security at Line Speed
• http://apps.internet2.edu/sals/
Network authentication, authorization• SALSA net-auth working group
–Leverage Middleware work: Shibboleth, InCommon, international peering
• Relationship to mobility work of TERENA, GN2
![Page 30: 2 February 2014 Internet2: CCIRN reports 3 July 2004.](https://reader033.fdocuments.us/reader033/viewer/2022061306/55148566550346b0158b5a3b/html5/thumbnails/30.jpg)
Abilene and HOPI national infrastructures
Abilene and NLR Fiber Footprints
![Page 31: 2 February 2014 Internet2: CCIRN reports 3 July 2004.](https://reader033.fdocuments.us/reader033/viewer/2022061306/55148566550346b0158b5a3b/html5/thumbnails/31.jpg)
Hybrid Optical Packet Infrastructure (HOPI)
Since last CCIRN:• HOPI Design team formed• White Paper released: http://hopi.internet2.edu• Comments sought!
Moving forward with initial 3 node deployment September 2004
• Dependent on NLR buildout