UNH network currently supports a 2.5 gbps network on campus. This network services thousands of users a day, and must be secure. These security measures.

Slides:



Advertisements
Similar presentations
Caltech Proprietary Videoconferencing Security in VRVS 3.0 and Future Videoconferencing Security in VRVS 3.0 and Future Kun Wei California Institute of.
Advertisements

N ETWORK S YSTEMS 3.02 U NDERSTAND C ONNECTIVITY THROUGH NETWORKS AND THE I NTERNET.
Honeypot 서울과학기술대학교 Jeilyn Molina Honeypot is the software or set of computers that are intended to attract attackers, pretending to be weak.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.
Lab Practical 1 Study about different types of networks
Security (Continued) V.T. Raja, Ph.D., Oregon State University.
Network Security Philadelphia UniversityAhmad Al-Ghoul Module 11 Exploring Secure Topologies  MModified by :Ahmad Al Ghoul  PPhiladelphia.
CSE 190: Internet E-Commerce Lecture 16: Performance.
INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.
Chapter 15 Chapter 15: Network Monitoring and Tuning.
Security Management IACT 418/918 Autumn 2005 Gene Awyzio SITACS University of Wollongong.
MCITP Guide to Microsoft Windows Server 2008 Server Administration (Exam #70-646) Chapter 14 Server and Network Monitoring.
Firewalls and VPNS Team 9 Keith Elliot David Snyder Matthew While.
Hands-On Microsoft Windows Server 2008 Chapter 11 Server and Network Monitoring.
CH 13 Server and Network Monitoring. Hands-On Microsoft Windows Server Objectives Understand the importance of server monitoring Monitor server.
Connecting LANs, Backbone Networks, and Virtual LANs
Chapter 14 Managerial issues in networking. Overview Network design Network management – Hardware – Software Technology standards Role of government and.
M ONITORING SERVER PERFORMANCE Unit objectives Use Task Manager to monitor server performance and resource usage Use Event Viewer to identify and troubleshoot.
Getting Connected to NGS while on the Road… Donna V. Shaw, NGS Convocation.
Network Performance Measurement Atlas Tier 2 Meeting at BNL December Joe Metzger
1 ESnet Network Measurements ESCC Feb Joe Metzger
1 October 20-24, 2014 Georgian Technical University PhD Zaza Tsiramua Head of computer network management center of GTU South-Caucasus Grid.
Computer Networking Part 1 CS 1 Rick Graziani Cabrillo College Fall 2005.
Chapter 4 Computer Networks – Part 1
NETWORKING COMPONENTS By Scott H. Bowers. HUB A hub can be easily mistaken for a switch, physically there are no defining characteristics, both have power.
1 Second ATLAS-South Caucasus Software / Computing Workshop & Tutorial October 24, 2012 Georgian Technical University PhD Zaza Tsiramua Head of computer.
Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.
Network Security Principles & Practices By Saadat Malik Cisco Press 2003.
ASCR/ESnet Network Requirements an Internet2 Perspective 2009 ASCR/ESnet Network Requirements Workshop April 15/16, 2009 Richard Carlson -- Internet2.
By Nicole Rowland. What is Cloud Computing?  Cloud computing means that infrastructure, applications, and business processes can be delivered to you.
1 Network Measurement Summary ESCC, Feb Joe Metzger ESnet Engineering Group Lawrence Berkeley National Laboratory.
Slide 1 Experiences with PerfSONAR and a Control Plane for Software Defined Measurement Yan Luo Department of Electrical and Computer Engineering University.
NETWORKING COMPONENTS Buddy Steele Assignment 3, Part 1 CECS-5460: Summer 2014.
 Load balancing is the process of distributing a workload evenly throughout a group or cluster of computers to maximize throughput.  This means that.
Firewall Configurations Responses from the ETF (the names have been changed to protect the innocent..)
Chapter 13: LAN Maintenance. Documentation Document your LAN so that you have a record of equipment location and configuration. Documentation should include.
IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.
Firewall Matthew Prestifilippo, Bill Kazmierski, Pat Sparrow.
August 27, 2003 Evaluation of WiNc Manager A Wireless Network Management Software from Cirond Technologies Inc. by Kassim Olawale Radio Science Laboratory.
1 Distributed Monitoring CERNET's experience Xing Li
6.1 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 6: Designing.
US LHC Tier-2 Network Performance BCP Mar-3-08 LHC Community Network Performance Recommended BCP Eric Boyd Deputy Technology Officer Internet2.
GEMINI: Active Network Measurements Martin Swany, Indiana University.
BEIJING-LCG Network Yan Xiaofei
14-Nov-07 OWAMP (One-Way Latencies) BWCTL (Bandwidth Test Control) Jeff Boote Network Performance Tools BOF-SC07.
Hiroyuki Matsunaga (Some materials were provided by Go Iwai) Computing Research Center, KEK Lyon, March
Activities and Perspectives at Armenian Grid site The 6th International Conference "Distributed Computing and Grid- technologies in Science and Education"
Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.
Campana (CERN-IT/SDC), McKee (Michigan) 16 October 2013 Deployment of a WLCG network monitoring infrastructure based on the perfSONAR-PS technology.
1 Deploying Measurement Systems in ESnet Joint Techs, Feb Joseph Metzger ESnet Engineering Group Lawrence Berkeley National Laboratory.
Chapter 26: Network Security Dr. Wayne Summers Department of Computer Science Columbus State University
Troubleshooting Ben Fineman,
CCENT Study Guide Chapter 12 Security.
Phare EIONET Centralised Training Session
Set up your own Cloud The search for a secure and acceptable means of gaining access to your files stored at the office from a remote location.
Firewall – Survey Purpose of a Firewall Characteristic of a firewall
“Enterprise Network Design and Implementation for Airports” Master’s Thesis: By Ashraf Ali and advised by professor Nicholas Rosasco Introduction Practical.
Introduction to Computers
Introduction to Networking
Chapter 26: Network Security
Firewalls Purpose of a Firewall Characteristic of a firewall
Big-Data around the world
Performance Measuring & Monitoring
FIREWALL.
Chapter 15: Network Monitoring and Tuning
Spotter: A Campus Parking Solution
MaDDash and other Research DMZ tools
Ubuntu MYSQL Database Server
GÉANT network (December 2018)
Presentation transcript:

UNH network currently supports a 2.5 gbps network on campus. This network services thousands of users a day, and must be secure. These security measures (firewalls, IDPS, IPS, etc.) bog down the network and reduce the actual throughput. UNH is building a Science DMZ with a theoretical 10 gbps throughput. DMZ stands for “Demilitarized Zone”. This type of network acts as a neutral zone between a company’s private network and the public network. A DMZ doesn’t have security measures such as firewalls or IDPS’s that will bog down the performance like a normal network contains. Due to the nature of a DMZ network, large files will be able to be transferred quickly and easily without this decrease in network performance. Introduction Introduction to perfSONAR Testing / Results Analysis Future Workings perfSONAR is a collaborative, open source network monitoring tool. perfSONAR will be installed and configure on the existing UNH network, as well as the Science DMZ once it is officially deployed. This software is used to monitor networks and collect data about these networks, such as throughput and latency. perfSONAR works by connecting to one of the many perfSONAR nodes throughout the world and running tests (such as BWCT, iPerf3, OWAMP, etc.) in order to gather the necessary network information. Once this information is gathered, perfSONAR allows you to render graphs with this information over various lengths of time, allowing you to find troublesome areas or time intervals where there might be bottlenecks or periods of increased usage that will cause a decrease in network performance. The graph on the left represents tests on the same RCC subnet that hosts our perfSONAR node for the tests, so the 1 Gbps rate is nearly achieved and is demonstrated accurately in our results. The second graph on the right shows slightly slower results due to the fact that the RCC subnet is located outside of UNH's firewall. The reduction in throughput is associated with the slow down from having to reenter the UNH network through the firewall. Future workings include testing on the Science DMZ during summer 2015 and confirming the theoretical higher performance of this network. perfSONAR and UNH’s Science DMZ Joseph Rogers | Brandon Schwarzer | Nicholas Turi | Advisor: Scott Valcourt Department of Computer Science and Information Technology, University of New Hampshire, Durham, NH Throughput >= 100Mbps Throughput >= 10Mbps Throughput < 10Mbps Unable to retrieve data BWCTL UNH Tester nautilis.sr.unh.edu perf-unh.unh.edu perfsonar-bmr.dartmouth.edu perfsonar.ucar.edu ps-1.oit.ummass.edu ps.ncsa.xsede.org UNH Tester nautilis.sr.unh.edu perf-unh.unh.edu perfsonar-bmr.dartmouth.edu perfsonar.ucar.edu ps-1.oit.ummass.edu ps.ncsa.xsede.org BWCTL Figure 1: perfSONAR Node Deployment Figure 2: Throughput graph to pS node inside the same subnet Figure 3: Throughput graph to pS node inside UNH’s network Figure 4: Diagram of the current UNH network Figure 5: MadDash chart of the current monitored networks Figure 6: Traceroute graph to pS node inside UNH’s network (1am) Figure 7: Traceroute graph to pS node inside UNH’s network (9am)