1 / 31

Internet2: CCIRN reports

Internet2: CCIRN reports. 3 July 2004. Internet2 E2E piPEs. Project: End-to-End Performance Initiative Performance Environment System (E2E piPEs)

hue
Download Presentation

Internet2: CCIRN reports

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Internet2: CCIRN reports 3 July 2004

  2. Internet2 E2E piPEs • Project: End-to-End Performance Initiative Performance Environment System (E2E piPEs) • Approach: Collaborative project combining the best work of many organizations, including DANTE/GEANT, Daresbury, EGEE, GGF NMWG, NLANR/DAST, UCL, Georgia Tech, etc. • NSF-sponsored workshop: http://e2epi.internet2.edu/WK03/index.html

  3. piPEs • Enable end-users & network operators to: • determine E2E performance capabilities • locate E2E problems • contact the right person to get an E2E problem resolved. • Enable remote initiation of partial path performance tests • Make partial path performance data publicly available • Interoperable with other performance measurement frameworks

  4. Measurement Infrastructure Components

  5. Project Phases • Phase 1: Tool Beacons • BWCTL (Complete), http://e2epi.internet2.edu/bwctl • OWAMP (Complete), http://e2epi.internet2.edu/owamp • NDT (Complete), http://e2epi.internet2.edu/ndt • Phase 2: Measurement Domain Support • General Measurement Infrastructure (Prototype) • Abilene Measurement Infrastructure Deployment (Complete), http://abilene.internet2.edu/observatory • Phase 3: Federation Support • AA (Prototype – optional AES key, policy file, limits file) • Discovery (Measurement Nodes, Databases) (Prototype – nearest NDT server, web page) • Test Request/Response Schema Support (Prototype – GGF NMWG Schema)

  6. piPEs Deployment

  7. American / European Collaboration Goals • Awareness of ongoing Measurement Framework Efforts / Sharing of Ideas (Good / Not Sufficient) • Interoperable Measurement Frameworks (Minimum) • Common means of data extraction • Partial path analysis possible along transatlantic paths • Open Source Shared Development (Possibility, In Whole or In Part) • End-to-end partial path analysis for transatlantic research communities • VLBI: Haystack, Mass.  Onsala, Sweden • HENP: Caltech, Calif. CERN, Switzerland

  8. Other ongoing collaborations • US networks: under aegis of JET • Abilene – ESnet deployment already • Coordination/deployments for key user communities • APAN deployment • Tokyo, Fukuoka, Korea(?) • Focus bwctl (scheduled tests) • GGF NMWG • Eric Boyd co-chair • Work on creating and revising schemata for test requests and responses • Beginning work on a “model” policy for authorization roles that can be used as a starting point for campuses/domains

  9. Extending the research of R&E networking Report on the April Workshop

  10. Background • Since Fall 2001, small BoF has met at Internet2 member meetings • Focus on sharing information about needs, activities regarding places not well connected to R&E networks • Geographical: e.g. mountains of Chile, island territories of France • Market/Economic: sub-Saharan Africa • Technical: ocean floors, field researchers • Fall 2003, proposal to host workshop focusing on development agencies and funding resources • Held post Internet2 Spring Member Meeting, Arlington, VA

  11. Synergies between NRENs and aid and funding agencies • Science, funding and aid agencies: • and you are? No or very little knowledge about NRENs and what it is that NRENs do or about programs • duplication, costs, lack of coordination • expressed interest in exploring actions or activities the group might undertake beyond simple information sharing on an ad hoc basis. • Global research and education networking community and key science, funding and aid agencies: How can get to know each other (and know about what we do) • Overviews of agencies information and communication technology ICT programmatic areas and related programs • The need for the global research and education community to also do outreach on what it is that what we do, what our members do and that illustrate real proof of concept instantiations, • show that there are things we could do together

  12. Workshop Goals • get to know a bit about each other • to have a a forum to explore ways in which we may work together to address the challenges in extending the reach of Internet infrastructure and networks in support of research, education and knowledge sharing • what do you see as the gap areas – the needs? Before and after the workshop

  13. Steering Committee –many thanks! • Les Cottrell (SLAC) • Curtis White (Allied Communications) • Bob Dixon (Ohio State) • Heather Boyles (Internet2) • Peter Highnam (NIH) • Lori Perine (NSF) • Micah Beck (UT) • Mary Kratz (Internet2) • Steven Huter (NSRC, Univ. Oregon) • Art St George (Univ. New Mexico) • Dany Vandromme (RENATER) • George McLaughlin (AARNet) • Jim Williams (Indiana Univ) • sharon Moskwiak (Internet2) • Anil Srivastava, AcrossWorld • Ana Preston (Internet2)

  14. Expanding the reach of advanced networking Highlights: • 80+ participants • a keynote speech by Mohamed Muhsin, Vice-President and CIO of the World Bank • presentations on programs from several science, funding and aid agencies including the National Science Foundation, National Institutes of Health, the Organization of American States, the World Bank, the Inter-American Development, USAID and other European and Australian agencies for international development. • presentations from members of the global research and education community on approaches for expanding network access to resource limited settings and working with agencies

  15. Notes from workshop • roles of agencies • Expect “return on investment” • self-sustainability • opportunities generated – capabilities and tools • training – project learning plans • road maps • they want to work with our community and we want to work with them • Sharing experiences • solutions not just talk • Internet as a leveling mechanism • there are very compelling illustrations from the global NREN community that show that we can work together

  16. Next steps • working group – yes • defining scope [charter?] of the group • Action: proceedings; mailing list and chair(s) • Action: continue dialogue/bridge with World Bank and all agencies represented here • Action: catalog possible projects and who may be able to lead/manage on behalf of group • clearinghouse of info and regular communications – • Best practices and lessons learned • Case studies that help drive approaches • Issues (poverty, education) • Pricing and policy • What are the needs? We need to have the needs expressed by the ones that have the needs

  17. Cont. • working together to further articulate the role of NRENs (targeted to government and policy makers) • Value of NRENs and what they bring to the table – value that enables not just scientific and technological improvements but broader social and economical impact • ‘ROI’ – targeted to Ministers of Finance • Building Capacity • Networks are an enabler • PEOPLE! • Projects that strategically benefit economies, health, environment

  18. http://international.internet2.edu/intl_connect/agenda.html

  19. Network Security, Middleware and Trust Federations

  20. Supported by Indiana University and through relationship with EDUCAUSE and Internet2. • The REN-ISAC is an integral part of the higher-ed strategy to improve network security by providing timely warning and response to cyber threat and vulnerabilities, improving awareness, and improving communications. • Supports efforts to protect national cyber infrastructure by participating in the formal U.S. ISAC infrastructure. • Receives, analyzes, and disseminates network security operational, threat, warning, and attack information within higher education. • Information is gathered from instrumentation, constituents, network engineers, DHS, other sector ISACs, other network security organizations, and vendors. • 24 x 7 Watch Desk, ren-isac@iu.edu, +1 (317) 278-6630 • http://www.ren-isac.net • http://www.terena.nl/tech/task-forces/tf-csirt/meeting11/RENISAC-Pearson.pdf

  21. REN-ISACInformation is derived from: • Network instrumentation • Abilene NetFlow data • Abilene router ACL counters • Arbor PeakFlow analysis of NetFlow data • Abilene NOC operational monitoring systems • Constituents – related to incidents on local networks • Network engineers – related to national R&E backbones

  22. REN-ISACInformation is derived from: • DHS sources include • IAIP Daily Open Source Report • http://www.nipc.gov/dailyreports/dailyindex.htm • Advisories • Regular conference calls • Other sectors ISACs • Other network security organizations • Vendors

  23. Current and Planned Activities • Relationships and outreach to complimentary organizations and efforts • REN-ISAC Registry • Watch Desk, 24 x 7 • Regular information sharing with DHS, ISACs, others • Abilene NetFlow analysis • Abilene router ACL statistics • Arbor PeakFlow analysis • Per-host threat reports to member institutions • Policy and privacy statements and agreements

  24. International Coordination • TF-CSIRT • Doug Pearson made presentation on REN-ISAC in January 2004 • GEANT • Revisit network security coordination week after next at meeting in Cambridge • Coordinate with GN2 security activities

  25. Middleware and security • Internet2 Middleware Initiative launched 1999 • Focus on enterprise/campus • Focus on core middleware (that supports upperware e.g. grid middleware) • Focus on inter-institutional authentication and authorization; supporting collaboration, access to digital resources, virtual organizations • eduPerson attributes • Shibboleth authentication transport software • National Trust Federation (InCommon) initially built on institutions using Shibboleth

  26. Shibboleth Status • http://shibboleth.internet2.edu/ • Open source, privacy preserving federating software • Being very widely deployed in US and international universities • SWITCH (Switzerland has adopted) • JISC (UK) is adopting; funding development of complementary pieces • Growing development activities in several countries, providing resource manager tools, digital rights management, listprocs, etc.

  27. InCommon federation • Federation operations – Internet2 • Federating software – Shibboleth 1.1 and above • Federation data schema - eduPerson200210 or later and eduOrg200210 or later • Became operational April 5, with several early entrants to help shape the policy issues. • Precursor federation, InQueue, has been in operation for about six months and will feed into InCommon • http://incommon.internet2.edu

  28. International federation peering • Shibboleth-based federations being established in the UK, Netherlands, Finland, Switzerland, Australia, Spain, and others • International peering meeting slated for October 14-15 in Upper Slaughter, England • Issues include agreeing on policy framework, comparing policies, correlating app usage to trust level, aligning privacy needs, working with multinational service providers, scaling the WAYF function

  29. Security at Line Speed (SALSA) • Ken Klingenstein heading both middleware and security efforts • NSF-funded workshop: Security at Line Speed • http://apps.internet2.edu/sals/ • Network authentication, authorization • SALSA net-auth working group • Leverage Middleware work: Shibboleth, InCommon, international peering • Relationship to mobility work of TERENA, GN2

  30. Abilene and HOPI national infrastructures Abilene and NLR Fiber Footprints

  31. Hybrid Optical Packet Infrastructure (HOPI) • Since last CCIRN: • HOPI Design team formed • White Paper released: http://hopi.internet2.edu • Comments sought! • Moving forward with initial 3 node deployment September 2004 • Dependent on NLR buildout

More Related