Copyright The JNT Association 2010TNC 20101 Mark O’Leary June 2010.

Slides:

Advertisements

Similar presentations

Options for integrating the JANET Roaming Service (JRS) and Shibboleth Tim Chown University of Southampton (UK) JISC Access Management.

Advertisements

Key Multi-domain GÉANT Network Services June 2011.

Intro. Website Purposes  Provide templates and resources for developing early childhood interagency agreements and collaborative procedures among multiple.

Connect communicate collaborate Eduroam debugging Gurvinder Singh and Gunnar Bøe, Campus Networks and Systems, UNINETT AMRES Wireless workshop Belgrade,

Copyright JNT Association 2006 The JANET Roaming Service.

Connect. Communicate. Collaborate Click to edit Master title style MODULE 1: perfSONAR TECHNICAL OVERVIEW.

An Overview. BizLink BizLink is a Social Networking platform for business. It allows colleagues to come together, ask questions, share resources, form.

Eduroam – Roam In a Day Louis Twomey, HEAnet Limited HEAnet Conference th November, 2006.

Virtual Collaboration with SharePoint Instructor: Michael Curry.

QAD Business Intelligence CAUG October 10, 2011 Bill Wermes QAD California User Group.

© Copyright Lumension Security Lumension Security PatchLink Enterprise Reporting™ 6.4 Overview and What’s New.

Sebastian Smith ○ Lance Hutchinson ○ Ben Damonte ○ Jennifer Knowles ○ Dr. Monica Nicolescu ○ Dr. Sergiu Dascalu Department of Computer Science and Engineering,

Introduction and Overview “the grid” – a proposed distributed computing infrastructure for advanced science and engineering. Purpose: grid concept is motivated.

Wireless LAN Topology Visualiser Project Supervisor: Dr Arkady Zaslavsky Project Team Members: Jignesh Rambhia Robert Mark Bram Tejas Magia.

The Web is perhaps the single largest data source in the world. Due to the heterogeneity and lack of structure, mining and integration are challenging.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 11 Managing and Monitoring a Windows Server 2008 Network.

Barracuda Networks Confidential1 Barracuda Backup Service Integrated Local & Offsite Data Backup.

CISCO CONFIDENTIAL – DO NOT DUPLICATE OR COPY Protecting the Business Network and Resources with CiscoWorks VMS Security Management Software Girish Patel,

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 August 15th, 2012 BP & IA Team.

Chapter 17: Watching Your System BAI617. Chapter Topics Working With Event Viewer Performance Monitor Resource Monitor.

EduRoam Australia Project Experience in location independent wireless networking with international collaboration with TERENA EduRoam Project 19 th APAN.

GEO Work Plan Symposium 2012 ID-05 Resource Mobilization for Capacity Building (individual, institutional & infrastructure)

Hands-On Microsoft Windows Server 2008

Mobile data. Introduction Wireless (cellular) communications has experienced a tremendous growth in this decade. Most of the wireless users also access.

Blackboard for K-12 Let’s Build a Better Educational Experience 1.

Todd Kitta  Covenant Technology Partners  Professional Windows Workflow Foundation.

Designing Group Security Designing security groups Designing user rights.

Web Application Firewall (WAF) RSA ® Conference 2013.

Module 7: Fundamentals of Administering Windows Server 2008.

The Data Grid: Towards an Architecture for the Distributed Management and Analysis of Large Scientific Dataset Caitlin Minteer & Kelly Clynes.

Windows Vista Inside Out Chapter 22 - Monitoring System Activities with Event Viewer Last modified am.

Connect. Communicate. Collaborate Experiences with tools for network anomaly detection in the GÉANT2 core Maurizio Molina, DANTE COST TMA tech. Seminar.

Copyright JNT Association Visualising eduroam A ‘flight map’ prototype TF-Mobility, February 2010 Mark O’Leary.

Event Processing A Perspective From Oracle Dieter Gawlick, Shailendra Mishra Oracle Corporation March,

2  Supervisor : MENG Sreymom  SNA 2012_Group4  Group Member  CHAN SaratYUN Sinot  PRING SithaPOV Sopheap  CHUT MattaTHAN Vibol  LON SichoeumBEN.

Copyright JNT Association Location awareness as an adjunct to mobility TF-Mobility Mark O’Leary July 8 th 2008.

Maintaining and Updating Windows Server Monitoring Windows Server It is important to monitor your Server system to make sure it is running smoothly.

Connect. Communicate. Collaborate Place organisation and project logos in this area AAIEye – A Monitoring Tool For AAI’s Mika Suvanto, CSC TNC 2008, Bruges.

Business Data Communications, Fourth Edition Chapter 11: Network Management.

NMI End-to-End Diagnostic Advisory Group BoF Fall 2003 Internet2 Member Meeting.

Our goal is to make a web based multi-user organizer that can be accessed via cellular devices. There are three main component for this project: A main.

Internet Architecture and Governance

Next Steps: becoming users of the NGS Mike Mineter

Copyright © 2015, SAS Institute Inc. All rights reserved. THE IMPORTANCE OF DEVELOPING YOUR DATA SCIENTISTS SAS LEARNING & DEVELOPMENT – 01 JULY 2015.

Internet Organization Structure

Creating SmartArt 1.Create a slide and select Insert > SmartArt. 2.Choose a SmartArt design and type your text. (Choose any format to start. You can change.

Module 10: Windows Firewall and Caching Fundamentals.

Connect. Communicate. Collaborate Deploying Authorization Mechanisms for Federated Services in the eduroam architecture (DAMe)* Antonio F. Gómez-Skarmeta.

© 2012 IBM Corporation IBM Security Systems 1 © 2012 IBM Corporation Cloud Security: Who do you trust? Martin Borrett Director of the IBM Institute for.

GRID ANATOMY Advanced Computing Concepts – Dr. Emmanuel Pilli.

B. Dalesio, N. Arnold, M. Kraimer, E. Norum, A. Johnson EPICS Collaboration Meeting December 8-10, 2004 Roadmap for IOC.

E-Science Security Roadmap Grid Security Task Force From original presentation by Howard Chivers, University of York Brief content:  Seek feedback on.

CERN IT Department CH-1211 Genève 23 Switzerland t CERN IT Monitoring and Data Analytics Pedro Andrade (IT-GT) Openlab Workshop on Data Analytics.

Active Directory design recommended practices Mark Cribben Consultant.

Module 6: Administering Reporting Services. Overview Server Administration Performance and Reliability Monitoring Database Administration Security Administration.

E-Mission + Team of undergraduates = ??? Background and motivation.

Connect communicate collaborate Trust & Identity EC meets GÉANT 19 June 2014 Brussels Valter Nordh, NORDUnet Federation as a Service Task Leader Trust.

Operated by Los Alamos National Security, LLC for NNSA U N C L A S S I F I E D Slide 1 Managing Network Threat Information  Giri Raichur, Network Services.

Access Everywhere Recent developments in the UK’s mobility strategy for education and research Mark O’Leary, TNC 2011 Prague.

Towards open eduroam coverage data Mr Mark O‘Leary Dr Tim Chown

Designing Identity Federation Policy, the right way Marina Vermezović, Academic Network of Serbia TNC2013 conference 4 May 2013.

Windows Vista Configuration MCTS : Internet Explorer 7.0.

Copyright © 2009 Trusted Computing Group An Introduction to Federated TNC Josh Howlett, JANET(UK) 11 June, 2009.

Ian Bird GDB Meeting CERN 9 September 2003

Michael Mast Senior Architect

Automated Azure Licencing

Datamining : Refers to extracting or mining knowledge from large amounts of data Applications : Market Analysis Fraud Detection Customer Retention Production.

Unit 27: Network Operating Systems

Liberate Our fully managed solution for access management 07/12/2018

Large Scale Distributed Computing

Presentation transcript:

Copyright The JNT Association 2010TNC Mark O’Leary June 2010

Copyright The JNT Association 2010TNC Free effort? Visualising eduroam Transition to RadSec Restoring visualisation: IF-MAP Trivial solution?

Copyright The JNT Association 2010TNC An NREN’s primary role is delivery of the network But we do try to be members of the broader educational community Arguably, there is a ‘social responsibility’ obligation on us to provide opportunities for student engagement with our activities

Copyright The JNT Association 2010TNC University IT courses increasingly use ‘real-world’ project activities to provide students with experience –The University of Southampton runs a five week ‘Group Design Project’ for MSc students each year –JANET(UK) ‘plays the customer’ for a GDP team –3 rd year of collaboration

Copyright The JNT Association 2010TNC We specify an achievable task with a programming component The students do the work, and communicate their ongoing management of the project We provide feedback that contributes towards their assessment Valuable learning experience and useful deliverables: win-win!

Copyright The JNT Association 2010TNC GDP 08/09 Wireless Location Awareness

Copyright The JNT Association 2010TNC GDP 09/10 Visualising eduroam Thanks to: –Sam Miller –Dan Stoner –Richard Clarke –Lesley Oakey –Dr Tim Chown

Copyright The JNT Association 2010TNC GDP 10/11 Another eduroam-related project Watch this space!

Copyright The JNT Association 2010TNC “A picture is worth a thousand words” The pattern of eduroam transactions is complex –difficult to spot even broad trends Is eduroam successful? –A fundamental question. –possibly more of a talking point in the UK than elsewhere?

Copyright The JNT Association 2010TNC Analytical –Usage patterns & levels Diagnostic –Error conditions highlighted, geographically located Promotional Tool –Compelling picture of usage –Unattended demo mode

Copyright The JNT Association 2010TNC Privacy protection: don’t display data that allows an individual users travels to be inferred. –Blurring: temporal aggregation –Blurring: image manipulation techniques –Authorisation: role-based data release policies

Copyright The JNT Association 2010TNC

Copyright The JNT Association 2010TNC Roaming sites ‘Flight map’ transaction arcs Bar chart activity monitoring

Copyright The JNT Association 2010TNC

Copyright The JNT Association 2010TNC

Copyright The JNT Association 2010TNC

Copyright The JNT Association 2010TNC

Copyright The JNT Association 2010TNC

Copyright The JNT Association 2010TNC

Copyright The JNT Association 2010TNC Current eduroam design is based on binary peering, so the originator of requests to be proxied at the national level is always obvious. However, standard RADIUS ‘shared secret’ security is considered by some to be imperfect

Copyright The JNT Association 2010TNC “RADIUS over TCP/TLS” – advanced standardisation, split into multiple documents Secures the RADIUS packet exchange, but removes any hints to the origin of the roaming transaction! Monitoring and visualisation will be increasingly undermined as RadSec adoption increases

Copyright The JNT Association 2010TNC MAP = Metadata Access Point Developed by the Trusted Computing Group (TCG), as part of the Trusted Network Connect (TNC) suite of standards

Copyright The JNT Association 2010TNC Standardises the kind of data gathering we currently use SNMP and Syslog for Aggregates and correlates data from disparate systems Allows arbitary extensions to support new use cases without the limitations of a global schema Allows ‘subscription’: automatic notification of changes Simple to implement!

Copyright The JNT Association 2010TNC IF-MAP was designed for use cases internal to the network domain –Primarily for ‘next generation’ NAC What if we adapted it to allow inter- domain sharing of metadata?

Copyright The JNT Association 2010TNC RadSec RadSec undermines centralised logging of originating visited Metrics Service metric unreliable! Logging Restore logging by publishing (anonymised?) roaming events to an externally-readable MAP instance. Subscription Central IF-MAP at the core subscribes to all exposed MAP data; aggregation/visualisation Restored Monitoring restored!

Copyright The JNT Association 2010TNC RadSec RadSec undermines centralised logging of originating visited Metrics Service metric unreliable! Logging Restore logging by publishing (anonymised?) roaming events to an externally-readable MAP instance Subscription Central IF-MAP at the core subscribes to all exposed MAP data; aggregation/visualisation Restored Monitoring restored!

Copyright The JNT Association 2010TNC Enable RADIUS proxies to log directly to an IF-MAP instance a)Directly modify one or more RADII? b)PERL module or similar to allow arbitrary logs (and services) to be tailed into IF-MAP 2.Secure a MAP instance such that it may be exposed outside the organisation firewall a)Authentication/Authorisation – Federation? b)Improved server security model

Copyright The JNT Association 2010TNC “Tri via” – the meeting of three roads Traditional site for placement of community noticeboards ~100 A.D. So, if we are doing this for eduroam... Does collecting a lot of ‘trivial’ local data give a more valuable emergent picture of larger scale features?

Copyright The JNT Association 2010TNC Many classes of metadata are of interest between community members –Domain ‘network weather’ –Shared intelligence (IDS etc.) Some classes of metadata could usefully be aggregated at the JANET core –JRS/eduroam stats is just one example...

Copyright The JNT Association 2010TNC Are there any questions?