Internet2 Advanced Network Services Today

Similar documents
New International Connectivities of SINET5

TransPAC3- Asia US High Performance International Networking (Award # ) Quarterly Report 1-March-2014 through 31-May-2014

ISO STANDARD IMPLEMENTATION AND TECHNOLOGY CONSOLIDATION

WELCOME TO GLIF Technical Working Group Summer 2015 meeting. Prague, Czech Republic September 2015

GÉANT L3VPN Service Description. Multi-point, VPN services for NRENs

TransPAC3- Asia US High Performance International Networking (Award # ) Quarterly Report 1-September-2014 through 30-November-2014

Building 10-Gbps Networks: A few observations on the national and regional scales in the U.S.

America Connects to Europe (ACE) (Award # ) Year 7 Annual Report 1- Mar through 31- May Jennifer Schopf Principal Investigator

International Exchanges Current and Future

GOREX: Guam Open Research & Education exchange

1. Introduction. 2. Purpose of this paper and audience. Best Practices 1 for Cloud Provider Connectivity for R&E Users

The IBM Platform Computing HPC Cloud Service. Solution Overview

Brent Sweeny GRNOC at Indiana University APAN 32 (Delhi), 25 August 2011

Access Control and Physical Security Management. Contents are subject to change. For the latest updates visit

GÉANT Open Service Description. High Performance Interconnectivity to Support Advanced Research

HKIX Updates at APAN 44

Internet2: Presentation to Astronomy Community at Haystack. T. Charles Yun April 2002

TransPAC3: Asia US High Performance International Networking (NSF Award # ) Quarterly Report 1-March-2013 through 31-May-2013

Faster, Better, and Cheaper? Building the SD-WAN Business Case

JIM WILLIAMS DIRECTOR, INTERNATIONAL NETWORKING INDIANA UNIVERSITY BLOOMINGTON, IN - USA

GÉANT Open Service Description. High Performance Interconnectivity to Support Advanced Research

Internet2 Technology Update. Eric Boyd Deputy Technology Officer

ACCI Recommendations on Long Term Cyberinfrastructure Issues: Building Future Development

Implementation of the Pacific Research Platform over Pacific Wave

Your Future with Worldpay. Shane Happach Managing Director, Worldpay ecom

Current procedures, challenges and opportunities for collection and analysis of Criminal Justice statistics CERT-GH

High-speed networks to enable SG-JP collaboration

Abilene: An Internet2 Backbone Network

Contents. The Workshop IPv6 Collaborations in ASEAN Framework..8. The Results of IPv6 Collaborations in ASEAN..19. Conclusion and Recommendation 20

AmLight ExP & AtlanticWave-SDX: new projects supporting Future Internet Research between U.S. & South America

GÉANT Plus Service Description. High Performance Cost-effective Connectivity

Global IP Network (GIN) Connects You to the World

AmLight supports wide-area network demonstrations in Super Computing 2013 (SC13)

Thomson Reuters. FCN Services

NOAA N-Wave Update N-WAVE V. NOAA Research Network. Joint Techs Columbus 13 July 2010

Internet2 DDoS Mitigation Update

IP addressing policies: what does this mean? Adam Gosling Senior Policy Specialist, APNIC APT PRF for the Pacific: August 2013

Cisco Optimization Services

eplus Managed Services eplus. Where Technology Means More.

Public Cloud Connection for R&E Network. Jin Tanaka APAN-JP/KDDI

IRNC:RXP SDN / SDX Update

Deploying Standards-based, Multi-domain, Bandwidth-on-Demand

Alex Soares de Moura

Forum. Ningbo, China 25 February

CenturyLink for Microsoft

Hardening the Cloud: Assuring Agile Security in High-Growth Environments (Moving from span ports to virtual appliances)

Smart Data Center Solutions

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS

SME License Order Working Group Update - Webinar #3 Call in number:

Overview of ITU capacity building activities

Inter-domain SDN Data Plane Validation: Next Steps at AmLight

Broadband Networks in Asia

Avanade s Approach to Client Data Protection

The Abilene Observatory and Measurement Opportunities

The Science DMZ: Evolution

Next Generation Networking and The HOPI Testbed

HONG KONG OPEN EXCHANGE (HKOX) UPDATES. Wai Man CHEUNG, Francis FONG Joint Universities Computer Centre Limited (JUCC) 8 August 2018

APNIC History and Overview

International Research Networking GÉANT2, ORIENT and TEIN2: Projects Connecting China and Europe

On-demand file transfer for ITER remote experiments

INFORMATION TECHNOLOGY ONE-YEAR PLAN

Goal 1: Maintain Security of ITS Enterprise Systems

PREPARE FOR TAKE OFF. Accelerate your organisation s journey to the Cloud.

Cybersecurity and the Board of Directors

Huawei European Research University Partnerships. Michael Hill-King European Research Institute, Huawei

TEIN1 TEIN4: entering a 2 nd decade of co-operation between Asia and Europe

NTT Com Press Conference March 1, 2016 #enterprisecloud

Cisco Cloud Services Router 1000V and Amazon Web Services CASE STUDY

Developing Networking and Human Expertise in Support of International Science

PacificWave Update and Future Directions

Research and Education Networking Ecosystem and NSRC Assistance

Evolution of connectivity in the era of cloud

SD-WAN. Bringing Scale, Agility and Robustness to Enterprise Networks

Interconnected NRENs in Europe & GÉANT: Mission & Governance Issues

New Digital Business Models Driving the Softwarization of the Network

Getting Security Operations Right with TTP0

San Francisco Department of Public Health. IT and Epic Project Update

VMworld disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no

UBS Data Center Efficiency Strategy

The Evolution of Exchange Points

Regional and subregional approaches to the Digital Economy: Lessons from Asia-Pacific and Latin America

Mobile Connect Driving Global Economic Growth Through Secure Mobile Identity

Experience of the RISE Testbed Deployment

Social Engineering: We are the target Sponsor Guide

HKIX Development and HKIX-R&E Updates at APAN 46

perfsonar Deployment on ESnet

OneUConn IT Service Delivery Vision

Great Plains Network. Kate Adams, GPN

GÉANT: A Defense in Depth Approach

Campus Networking Workshop CIS 399. Dale Smith University of Oregon & NSRC

TransLight/Pacific Wave NSF-Award #

Enabling Fast IT. In the IoE era. Alberto Degradi DCV Sales Leader. November 2014

ThaiCERT Incident Response & Phishing cases in Thailand. By Kitisak Jirawannakool Thai Computer Emergency Response team (ThaiCERT)

SFC strengthens internet trading regulatory controls

Competitive Advantage Through Advanced Internet Technology VT Information Technology Spring 2014

Future Challenges and Changes in Industrial Cybersecurity. Sid Snitkin VP Cybersecurity Services ARC Advisory Group

SOC 3 for Security and Availability

GN3plus External Advisory Committee. White Paper on the Structure of GÉANT Research & Development

US West-Coast Future Internet Infrastructure Pacific Wave Update Pacific Research Platform International Routing Research Collaboration

Transcription:

Internet2 Advanced Network Services Today Dale Finkelson, Jon-Paul Herron, Paul Howell, George Loftus, John Moore, Chris Wilkinson Internet2

Internet2 Advanced Network Services Today Network Services Overview (George Loftus) International (Dale Finkelson) Network Security (Paul Howell) Network Operations (Jon-Paul Herron) Network Architecture (Chris Wilkinson) Research Support (John Moore) [ 2 ]

The Challenge 3000 2500 Internet2 Network Total PetaBytes Carried Per Year (Calendar Year) R² = 0.98706 2000 1500 1000 500 47.4 80.3 104. 120.6 265.1 351.9 575.4 694.5 1168.1 0 CY 08 CY 09 CY 10 CY 11 CY 12 CY 13 CY 14 CY 15 CY 16 Peta Bytes per year Expon. (Peta Bytes per year) [ 3 ]

Future-focused efforts to address this challenge Ecosystem-wide conversation about collaboration on solutions Examining current and emerging business models and services Two key principles in determining the future iteration of Internet2 infrastructure: Ecosystem-wide collaboration Agility and experimentation [ 4 ]

Collaboration, Agility, Experimentation Using pilots to learn quickly together Volumetric DDoS Mitigation Service Pilot (6-8 participants) Private Cloud (Azure, AWS, etc. ) Cloud Exchange Research Support Hybrid Cloud in support of research Leveraging existing campus & regional successes [ 5 ]

Internet2 Advanced Network Services Today How we are addressing the challenges today International (Dale Finkelson) Network Security (Paul Howell) Network Operations (Jon Paul Herron, Chris Wilkinson) Network Architecture (Chris Wilkinson) Research Support (John Moore) [ 6 ]

Internet2 Advanced Network Services Today Network Services Overview (George Loftus) International (Dale Finkelson) Network Security (Paul Howell) Network Operations (Jon-Paul Herron) Network Architecture (Chris Wilkinson) Research Support (John Moore) [ 7 ]

Atlantic Region The ANA (Advanced North Atlantic) project remains strong: Original 3 100G circuits Washington DC London Internet2 and Canarie New York Paris GEANT Amsterdam Montreal Nordunet and Surfnet Recent additions 100G New York London NEAAR a project at Indiana University funded by NSF [ 8 ]

Atlantic Region The 4 listed circuits are all fully diverse. There is also a cooperative agreement with Esnet to mutually back up each others capacity. Esnet currently has 340G of capacity. Since its inception there have been few or no instances where capacity is not available to the users. [ 9 ]

Pacific Region Internet2 and Singaren maintain a 100G connection from Los Angeles to Singapore. Internet2 and CERNET maintain a 10G connection to China. Overall Pacific connectivity is not as structured as the ANA. Lots of capacity. Work will continue on joint backup and sharing options. It would be ideal to see the type of arrangements we have across the Atlantic evolve in the Pacific region. Internet2 will continue to work with organizations like Singaren, Transpac, TEIN, AARnet and others for this. [ 10 ]

North America There is a dedicated 10G link to CUDI in Mexico from El Paso. Internet2 and Canarie in Canada are connected by 100G in several locations. [ 11 ]

Partial list of International Peers Asia-Pacific Area Network Australian Academic and Research Network CA*Net/CANARIE Cenit (Venezuela) CERNLight CERNLight China Educational and Research Network China Science and Technology Network Corporacion Universitaria para el Desarrollo de Internet (Mexico) Egyptian National STI Network GEANT-Delivery of Advanced Network Tech to Europe GEMnet (Mongolia) Japanese Gigabit Network KDDI Corporation King Abdulaziz City for Science and Technology Korea Advanced Research Network Korea Research Open Network 2 National Knowledge Network (India) National University of Singapore NORDUnet NTT Communications Global IP Network Qatar Foundation Network Qatar National Research & Education Network Rede Nacional de Ensino e Pesquisa (RNP) SINET SingAREN SURFnet Taiwan Advanced Research and Education Network TEIN The World Bank UAE Research and Education Network WIDE/NTTA http://www.internet2.edu/productsservices/advanced-networking/globalservices/international-peers/

Active Projects Internet2 continues to work with the University of Guam on getting them directly connected to Internet2. Continue to coordinate efforts with the University of Hawaii and AARnet and others. Internet2 continues to play a leading role in the activities of the GNA. Please attend those sessions for more information. Technical WG Session Wednesday 7:30 AM The Global Network: Evolving from an Architecture to an Infrastructure Wednesday 1:15 [ 13 ]

Internet2 Advanced Network Services Today Network Services Overview (George Loftus) International (Dale Finkelson) Network Security (Paul Howell) Network Operations (Jon-Paul Herron) Network Architecture (Chris Wilkinson) Research Support (John Moore) [ 14 ]

Network Security Mission Protect the Internet2 network from attack Approach Enable Internet2 leadership to proactively manage security risks that jeopardize the Internet2 network Working together with connectors/regionals and members to collectively protect the National Research and Education Networks Team Grover Browning, Nathan Miller, Karl Newell, Ryan Nobrega [ 15 ]

Security Program Maturity You are here [ 16 ]

Key Improvements for This Year Strategy Developed for Attack Detection and Mitigation DDoS Detection using Deepfield Defender DDoS Mitigation Cloud Scrubbing BGP Flowspec Real Time Black Hole Promote improved routing security within our community Improved network analytics Moving from Netflow v5 to IPFIX Updated version of Deepfield Cloud Intelligence Implementation of Secure Management Network Continue to improve security operations capabilities [ 17 ]

Security Operations Security risk assessment performed annually Security incident management procedure implemented and had an incident Vulnerability scanning of routers completed Quarterly review of our ACL s/filters. Of the 75 prefixes in our management filters, eliminated 52 prefixes, leaving 23 prefixes, most are /32 s Annual review of router access led to 27 accounts removed Annual badge review for physical access to co-location PoPs completed New physical access procedure being implemented Security awareness training for staff underway using Securing The Human Visible Network now uses an authentication wall Security analysis of syslog using splunk [ 18 ]

NTP reflection DoS attack from a misconfigured router xntpd[21521]: sendto(<target IP>): No route to host xntpd[21521]: too many recvbufs allocated (40) [ 19 ]

Internet2 Advanced Network Services Today Network Services Overview (George Loftus) International (Dale Finkelson) Network Security (Paul Howell) Network Operations (Jon-Paul Herron) Network Architecture (Chris Wilkinson) Research Support (John Moore) [ 20 ]

You know what we do Fix things in the network when they break Maintenance Answer questions and make changes people request Monitoring, measurement, and other operational systems for the Internet2 Network Projects for changes, new services, security enhancements, etc. [ 21 ]

How much of it do we do? In a typical month: 600 tickets, 9,000 ticket edit events 180 calls inbound 500 emails outbound, 10,000 inbound 28 off-hours calls to Internet2 NOC engineers 10 projects [ 22 ]

Some random interesting bits Response Rate: 8% [ 23 ]

Previous Focus Areas Improvements to Change Management, Incident Management Availability of Services Projects Lean/Kanban Network Re-architecture New connections/services Capacity Security [ 24 ]

Service Availability [ 25 ]

Future Focus Areas Unified Teams Targeted Notifications More Service Awareness Lean/Kanban round 2 [ 26 ]

Internet2 Advanced Network Services Today Network Services Overview (George Loftus) International (Dale Finkelson) Network Security (Paul Howell) Network Operations (Jon Paul Herron) Network Architecture (Chris Wilkinson) Research Support (John Moore) [ 27 ]

Meet Community Needs through a Strong Infrastructure Ecosystem Layer 2 & Layer 3 Platform People Software Infrastructure Portfolio Community Optical Platform Testbeds & Agility [ 28 ]

Meet Community Needs through Enabling Contribution and Collaboration Establish Unified Teams Cross-Organization (Internet2 and Indiana University GlobalNOC) Improve Collaboration / Communications Continue Implementation of Effective, Lightweight Processes Change Management Prioritization Project Management Augment Staffing and Training Engineering Project Management People Community Infrastructure Portfolio [ 29 ]

Meet Community Needs through Enabling Contribution and Collaboration Gather Requirements, Needs, Goals, and Impacts NTAC Community Leaders People Infrastructure Portfolio Community [ 30 ]

Meet Community Demand for Backbone and Peer Network Growth ALBA BOST STAR HART2 CHIC EQCH 300G 300G 200G 200G CLEV 300G NEWY1118TH NEWY32AOA 200G PITT 200G ASHB PHIL 300G INDI 200G 300G WASH CINC LOUI RALE CHAR 200G Layer 2 & Layer 3 Platform Community ATLA Infrastructure Portfolio Optical Platform [ 31 ]

Meet Community Demand for Network Stability & Enhancement of Experimental Activity MPLS Core Network Layer 2 Layer 3 OESS Development Security Optical Network Optimization & Study Layer 2 & Layer 3 Platform 200G and 400G Software Infrastructure Portfolio Community Testbed Support [ Testbeds 32 ] & Agility

Meet Community Demand for the Network Stability & Enhancement of Experimental Activity Q1 Q2 Q3 Q4 JAN FEB MAR APR MAY JUN JUL AUG SEP OCT NOV DEC DCI Testbed SDN Testbed Implement AL3S R&E VRF Enable Testbed Activities Layer 1, Layer 2, Layer 3 AL1S Optimization / Audit Phase 1 AL1S Optimization Phase 2 Deploy Foundation MPLS Community Migration AL3S -> MPLS OESS Testing Community Migration AL2S OF -> MPLS Layer 2 & Layer 3 Platform People OESS MPLS Enabled Implement AL3S TR-CPS, LHCONE VRFs OESS Feature Development Software Infrastructure Portfolio Community Optical Platform [ Testbeds 33 ] & Agility

Internet2 Advanced Network Services Today Network Services Overview (George Loftus) International (Dale Finkelson) Network Security (Paul Howell) Network Operations (Jon-Paul Herron) Network Architecture (Chris Wilkinson) Research Support (John Moore) [ 34 ]

Research Engagement Convening national-level community-driven initiative to help support campus cyberinfrastructure needs in a sustainable manner Program development underway guided by a stellar advisory group Reps from regionals, campuses, Open Science Grid, XSEDE, NSF Advisory Committee on CI, ACI-REF, Science Gateways Institute, ESNet, EDUCAUSE, etc. Topic areas under development National Research Platform (partnering with Pacific Research Platform) Campus research facilitation follow on to Broadening the Reach Big Data Grand Challenge seeking to partner with big data initiatives Tool integration started discussion between perfsonar and XDMOD [ 35 ]

Internet2 Advanced Network Services Today Dale Finkelson, Jon-Paul Herron, Paul Howell, George Loftus, John Moore, Chris Wilkinson Internet2 Subtitle (if any)

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback