130 likes | 146 Views
Explore the collaborative approach of GÉANT2 in securing Europe's networking infrastructure. Discover the project's goals, stakeholders, security initiatives, and the importance of proactive monitoring and compliance. Learn about the network topology, users, and upcoming strategies for improving security measures. Follow the journey towards a more secure and interconnected digital landscape.
E N D
The Security Model of GÉANT2: A Co-operative Approach Christoph Graf, SWITCH TNC’07, Lyngby, 22 May 2007
Overview • The project GÉANT2 • The goal: securing GÉANT2 • Environment and stakeholders • The approach to security • Where we stand • Outlook • Summary
The Project GÉANT2 Some figures: • ... • Project partners include 30 of Europe’s national research and education networks (NRENs), DANTE and TERENA • Connects 34 European countries and serves over 3500 research and education establishments across Europe • Over 30 million users • ...
The Goal: Security • Make the GÉANT2 community a secure community... ... as secure as needed! • Who is the „GÉANT2 community“? Its users!
The view from above... GÉANT2 Topology November 2006
national/jurisdiction boundaries NREN NREN 30 NRENs (maybe regional nets) organisational boundaries R&E Org R&E Org R&E Org 3500+ R&E establishments Org. unit Org. unit different affiliation types 30+ million users ... but where are the users? GÉANT2 GÉANT2
GÉANT2 security activity scope NREN NREN R&E Org R&E Org R&E Org Org. unit Org. unit ... and where are the security stakeholders? Dante, Terena, Project policy bodies GÉANT2 NREN CERTs Site security teams System administrators
How important is security? • Security is not for free • It makes things more complicated • But why do some care more than others?
Actualisation Status (esteem) Love/Belonging Safety Physiological Maslow’s Hierarchy of Human Needs Humans: NRENs: ? Star NREN Community:Trust, Policies Security: CERTs Physical: GÉANT2 network Source: http://en.wikipedia.org/wiki/Maslow
Leading edge team Improve leading edge teams Proactive monitoring Recognised CERT Reaching compliance level Basic CERT No CERT The Approach Partner’s security team security capabilities GÉANT2 security compliance level time
Where we stand... • Improve leading edge teams: because new threats are looming • “The Toolset” and its elements: • FlowMon probe: appliance turning network traffic into NetFlow data • Nfsen: NetFlow visualisation and analysis tool • The purpose: • Working horse for many CERT teams • Framework to put leading edge concepts and algorithms to test • Reaching compliance level: because of the rule of the weakest link • Operate a CERT! • Largely using existing initiatives and services: TRANSITS, TI, TF-CSIRT
Outlook • Improve leading edge teams • FlowMon probe: from pre-production to product • Nfsen: improve sustainability, networking the developers, build a development platform • Trial new ideas for anomaly detection • Training material and delivery • Reaching compliance level • Organise mentoring work between experts and newly created CERTs
Summary • The GÉANT2 trust network is covering • 30 NRENs in 34 countries, DANTE and TERENA • over 3500 R&E establishments, over 30 million users • It follows existing structures: from NRENs to users • It integrates existing initiatives: TI, TF-CSIRT • A co-operative approach to overcome national and organisational boundaries for a common goal: secure our increasingly critical networking infrastructure