Domain Name Service (DNS) Network Registry

Slides:



Advertisements
Similar presentations
Scientists Leverage WebFOCUS and FOCUS to Manage a Program Joseph P. Ring, Ph.D., CHP Radiation Protection Officer.
Advertisements

Data Protection in Higher Education: Recent Experiences in Privacy and Security Institute for Computer Law and Policy Cornell University June 29, 2005.
Hands-On Microsoft Windows Server 2008 Chapter 8 Managing Windows Server 2008 Network Services.
Norman SecureSurf Protect your users when surfing the Internet.
Microsoft Active Directory(AD) A presentation by Robert, Jasmine, Val and Scott IMT546 December 11, 2004.
System Center 2012 Certification and Training May 2012.
Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.
Module 2: Installing and Maintaining ISA Server. Overview Installing ISA Server 2004 Choosing ISA Server Clients Installing and Configuring Firewall Clients.
Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.
2  Supervisor : MENG Sreymom  SNA 2012_Group4  Group Member  CHAN SaratYUN Sinot  PRING SithaPOV Sopheap  CHUT MattaTHAN Vibol  LON SichoeumBEN.
Translate tech terms into plain English. ?
The Impact of Evolving IT Security Concerns On Cornell Information Technology Policy.
Security Awareness – Essential Part of Security Management Ilze Murane.
Overview-TPV Service Delivery
Virtual Private Network (VPN)
Managed Desktop Andrea Beesing April 5, 2016.
Printing (Net-Print) Joanne Button August 23rd 2016.
Managed IT Solutions More Reliable Networks Are Our Business
IT Service Management Suite
Service Delivery Dashboard: FY17 Overview
Network Service Laurie Collinsworth 10/18/2016.
SharePoint Online (Office 365)
Telephone Service Andrea Beesing November 15, 2016.
PCI Compliance Service
Web and Video Conferencing
Andrea Beesing September 6, 2016
Enterprise Content Management
Video Streaming and Hosting
IT Service Desk Service
Digital Signage M Scott Walters 4 Oct 2016.
Course Management System (Blackboard)
Scanning and Digitizing
Wi-Fi Network Service Laurie Collinsworth 10/18/2016.
Lessons Learned in Managing IT Risk
Backup, Archive & Recovery
Electronic Lab Notebook (LabArchives)
Managed Server Service
Antivirus Service Rob Bandler May 17, 2016.
Plagiarism Detection (Turnitin)
Classroom Polling Service (i>clicker)
Mobile Data Solutions Inc
Confluence Wiki Vicky Mikula July 26th 2016.
(Presented by Eric Nobel)
Event Technical Support
Online Training (Lynda.com)
Secure Software Confidentiality Integrity Data Security Authentication
Lecture Capture Service (Panopto)
Password Escrow Service
Data Center Service Brian Messenger 11/15/2016.
Securing the Network Perimeter with ISA 2004
Service Owner: Andrea Beesing 9 February 2016
The Internet.
Antiphishing & Verified Communications
SUBMITTED BY: NAIMISHYA ATRI(7TH SEM) IT BRANCH
TYPES OF SERVER. TYPES OF SERVER What is a server.
IR Awakens
Document Storage and Collaboration
I have many checklists: how do I get started with cyber security?
Evolved from ARPANET (Advanced Research Projects Agency of the U.S. Department of Defense) Was the first operational packet-switching network Began.
SharePoint On Premises
IIS.
Design Unit 26 Design a small or home office network
IS4680 Security Auditing for Compliance
Network Models, Hardware, Protocols and number systems
Network Hardware and Protocols
Data Security in Local Networks using Distributed Firewalls
AbbottLink™ - IP Address Overview
Designing IIS Security (IIS – Internet Information Service)
Cloud Computing for Wireless Networks
Presentation transcript:

Domain Name Service (DNS) Network Registry Rob Bandler & Laurie Collinsworth 4/19/2016

Agenda Introductions Service Description Value Proposition Metrics Cost Security More information Q&A

Introductions Service owners: DNS: Laurie Collinsworth Network Registry: Rob Bandler Service managers: DNS: Eric Cronise Network Registry: Laurie Collinsworth Other service delivery team members: Eng: Jim Yang/ John Wobus/ Dean Eckstrom Ops: Jenny Signor / Leisha Redfield IT Communications, Knowledge Mgmt & Training IT Support Desk

Service Description Service name: Domain Name Service Product(s): Domain Name Request/Registry Network Registry DNS - Domain Name Service DHCP - Dynamic Host Configuration Protocol NTP - Network Time Protocol DNSDB - Network administration tools SafeDNS - Security redirections NUBB - Network Usage-Based Billing Brief text description: Cornell's Domain Name Service supports the cornell.edu name space, network administration, policy compliance and security of Cornell networks, as well as query lookups for DNS names throughout the world. The key set of data is: host name (sf-infra069.cit.cornell.edu) host network address (128.253.180.35) host hardware address (00:1A:1E:C0:4F:EC) host owner / NetID (abc123)

Service Description Available to: No Fee Service Service tier: Zero Faculty, Staff, TSPs, Students, Alumni, Guests No Fee Service Service tier: Zero

Value Proposition Value proposition Customer impact Key benefits Standard DNS/DHCP performance and protected data/response across all Cornell networks and user devices. Supports compliance with University Policy Protects Cornell’s IP and DNS name space (reputation) Customer impact Ubiquitous configuration and results Key benefits Cost savings by leveraging central staff & support Monitored, securely patched, redundant, on/off site Distributed access for >600 Network Administrators Self-serve registration and deployment of user devices Inventory of users and devices for network administrators

Supports compliance with University Policy 5.4.1 Security of Information Technology Resources 5.4.2 Reporting Electronic Security Incidents 5.6 Recording and Registration of Domain Names 5.7 Network Registry 5.9 Privacy of the Network

Metrics FY16 Q3 FY 16 Q3 Metrics Count as of 3/31/16 Network Administrators 698 Domains 1,268 Networks 2416 DHCP pools 1101 DNS hosts 352,747 Total DNS queries: 1/1/16 – 3/31/16 ~27 billion

Metrics FY16 Q3 FY 16 Q3 Metrics Count as of 3/31/2016 Registered devices 212,922 Unique registrants 62,594 Network Registry Compliance 75% Network Quarantine incidents 1/1/16 – 3/31/16 198 Safe DNS Redirections 13,841,409 Phishing Site Redirections 9,423,090

Annual cost of DNS & Network Registry Services Cost to deliver the service: Fee for service: None FY 16 Annual Cost $395,420 Hardware & Software $32,748 Labor $326,725 Staff Support $17,974 Administrative Overhead FY 16 Unit cost/year per DNS host $1.12 per Domain $316.59

Security What risks does use of the service mitigate? Life Safety Reputational Harm - Risk of non-Cornell entities masquerading as Cornell Compromise due to visit to remote malicious sites Abuse of network / university resources Failure to resolve Security Incidents, Litigation requests, DMCA notices, etc. Inability to effectively troubleshoot network issues Non-compliance with university policy

Security How does the service mitigate risks? Maps device and network activity to responsible person NTP provides official network time Controls access to official Internet address (IP) and name space and enforces specific business rules NUBB educates users on their network activity and regulates the consumption of Internet bandwidth SafeDNS – seamless anti-phishing and malware protection DNS components are protected, actively patched, monitored 7/24/365

More information Service web pages: https://dnsdb.cit.cornell.edu/dnsdb.html http://www.it.cornell.edu/services/netreg/howto/ipaddress.cfm http://www.it.cornell.edu/services/netreg/howto/domain/ http://www.it.cornell.edu/services/dhcp/ http://www.it.cornell.edu/services/netreg/ http://www.it.cornell.edu/services/safedns/ http://www.it.cornell.edu/services/nubb/ Service level expectations: DNS: https://www.it.cornell.edu/services/sle.cfm?doc=31 Service catalog entry: DNS: https://catalog.it.cornell.edu/admin/22 Network Registry: https://catalog.it.cornell.edu/admin/42 Service quarterly report: DNS: http://cio.cornell.edu/.../itcornell-quarterly-metrics/domain-name-services Network Registry: http://cio.cornell.edu/.../itcornell-quarterly-metrics/network-registry

Questions? Email questions to: Laurie Collinsworth ljc1@cornell.edu Rob Bandler rwb7@cornell.edu

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.