Upload
jisc
View
1.501
Download
0
Embed Size (px)
Citation preview
Janet Network DDoS experience
Jisc/Janet updates from Network Operations,
Operational Services and Strategic Technologies
23/03/2016
Janet Network DDoS experience
Steve KennettHead of operational services
and Senior information risk owner, Jisc technologies
23/03/2016
Janet Network DDoS experience23/03/2016
Operational services
Janet Network DDoS experience23/03/2016
Janet Computer Incident Response Team - CSIRT
Janet Network DDoS experience
Janet Computer Security Incident Response Team
»Safeguarding your current and future computer security, with a primary function to monitor and resolve any security incidents that occur on the Janet network
»Our mission is to create a secure environment to conduct your online activities. Our primary function is to monitor and resolve any security incidents that occur on the network, with specialists tracking a range of platforms, including Unix, Linux and Windows
23/03/2016
Janet Network DDoS experience
Janet Computer Security Incident Response Team
»We work closely with our community to detect, report and investigate incidents that pose a threat to the security of our customers' information systems. We also investigate other forms of network abuse such as spam and copyright infringement
»Due to the geographical scope of incidents, we assist national and international law enforcement agencies in their investigations, connecting them to our trusted contacts within the community
23/03/2016
Monthly Total Incidents Completed 2015
7
Janet Network DDoS experience
CSIRT – Cost benefits
Costs: time to fix the breach, remove infection from computers, deal with questions, inform staff and students, time that systems are unavailable to staff and students, fines and compensation, business loss, reputational damage.
»12.5% of organisations using Janet avoid having one severe security breach annually due to the existence of CSIRT;
»Using the figures in the BIS report and working with the Jisc SSU»£22.5 million23/03/2016
BIS report “2015 Information Security Breaches Survey”
£1.46mto
£3.14m
Average cost to a business of its worst security breach of
the year.
£75k to £311kLa
rge
Smal
l
Janet Network DDoS experience
Programme of security activities
»Information security management
»ISO27001»DDoS mitigation»Security X-ray»Cybersecurity
intelligence»Vulnerability
assessment
»Phishing mitigation »Malware analysis»Digital forensics »Password managers»Web filtering
23/03/2016
Janet Network DDoS experience
Scary but true
23/03/2016
Janet Network DDoS experience
jisc.ac.uk
Computer Security Incident Response Team
23/03/2016
0300 999 [email protected] the Janet network CSIRT blog
Janet Network DDoS experience23/03/2016
Trust and identity
Janet Network DDoS experience
Jisc trust and identity services
eduroam»372 members – increase of 14% and an increase of 18% in
operational eduroam deployments to 277 organisations» Jisc customers encouraged to work with local authorities to increase
eduroam footprintUK Access Management Federation»Reached 1K members, now at 1,037» Important for the ~400 Shib IdPs v2 to upgrade before end of
support in JulyAssent»Working to develop and implement Moonshot technology
into big infrastructure facilities as well as ‘everyday’ type services
23/03/2016
Janet Network DDoS experience
Jisc trust and identity services
Certificate service»S/MIME certificates for digitally signing and encrypting emails is
coming this summer»High Assurance Extended Validation certs available for important /
high profile websitesDomain registry service (formally Naming service)»Online portal now available for managing all your .ac.uk domains.
Contact [email protected] to get access
T&I Networkshop events:»Share and explore (BoF) – Wednesday @ 16:30 (room 2.219/2.220
(120))»T&I parallel session – Thursday @ 09.15 (room 4.205/4.206 (120))23/03/2016
Janet Network DDoS experience23/03/2016
Shared data centre
Janet Network DDoS experience
Shared data centre current status – 1.5MW
»15 customers including anchor tenants
»Pipeline of customers»160 racks (including 18 Jisc) and
growing»Total power requirement 1.542MW
Current status:
23/03/2016
Janet Network DDoS experience
So where next?
Shared data centre v2»Geographically diverse»Anchor tenants in place› Universities of Liverpool, Leeds,
Sheffield, and Sheffield Hallam University, as well as the N8 Research Partnership
»Project moving quickly – aiming for service in place by Q3/Q4 2016
»Wednesday 23 March, Parallel sessions (11:30 - 12:45)
23/03/2016
Janet Network DDoS experience23/03/2016
Trans National Education - TNE
Janet Network DDoS experience
Transnational education
» Transnational education (TNE) is the provision of education for students based in a country other than the one in which the awarding institution is located
Strategic importance
23/03/2016
Janet Network DDoS experience23/03/2016
Workshop to Raise Awareness of Prevent (WRAP)
Janet Network DDoS experience
Workshop to Raise Awareness of Prevent (WRAP)
»An understanding of the Prevent strategy and your role within it
»The ability to use existing expertise and professional judgment to recognise the vulnerable individuals who may need support
»Local safeguarding and referral mechanisms and people to contact for further help and advice
»This workshop is an introduction to the Prevent strategy, it does not cover wider institutional responsibilities under the duty
WRAP is a free specialist workshop, designed by HM Government to give you:
23/03/2016
Janet Network DDoS experience
Workshop to Raise Awareness of Prevent (WRAP)
»Facilitated online learning, no travel required»Delivered by our award winning training team»Highly participatory sessions»Share best practice across the sectors and nationwide
»Information and registration at jisc.ac.uk/advice/training
23/03/2016
Janet Network DDoS experience
Workshop to Raise Awareness of Prevent (WRAP)
»We are currently running four sessions per week
»Sessions currently available to book for March - May
»Number of sessions run to date: 104 and 25 scheduled for March/April
»Total delegates completed courses: 1575
»HE: 39%»FE/Skills: 56%»Others: 5%»Broad mix of participants
including participation from
»Student Union/councils, senior management, governors (e.g. Principle, IT Director, Director student services, tutors and support staff)
23/03/2016
Janet Network DDoS experience23/03/2016
Operational services delivery group
Service news and developments
»Web Filtering Service - Updated› Updated to a cloud service August 2015
› Unlawful Extremist Content filter made available from Nov 2015
› User based filtering (Windows AD) now available
»Framework – Available from mid-May› Multi-supplier, Multi-technology (Cloud, local and Hybrid),
aggregated discounts, possible licensing discounts for existing installations
Web Filtering and Monitoring
01/05/2023
Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all) 25
Cloud news and developments
»Amazon have removed the egress charges for education and research users
»Maximum egress discount is 15% of total bill – the average amount for egress charges is 5% and there is no cost to upload data into AWS, or move data between Amazon Simple Storage Service (Amazon S3) and Amazon Elastic Compute Cloud (Amazon EC2). Users of Arcus portal will benefit from the egress charge exemption
»Further details on the Jisc website
Amazon Web Service
01/05/2023
Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all) 26
Janet Network DDoS experience
Vscene developments
The service currently facilitates ~6000 conferences per month across 500+ educational organisations
3 phases of Vscene development:»a completely re-written customer interface
(phase 1, completed July 2014)»a refresh of its underlying infrastructure
(phase 2, completes August 2016)»a re-procurement of Vscene operational support
(phase 3, starting April 2016)23/03/2016
Janet Network DDoS experience
Vscene developments
The new infrastructure:»Double the current capacity to cope with ongoing
increasing domestic and international demand»Give the flexibility to burst into cloud capacity to
ensure responsiveness of provision and minimise costs
»Increased interoperability with desktop users with introduction of WebRTC and Skype for business capability
»Support the TNE by enhancing communications between home and foreign campuses of UK universities, e.g. a pilot between Nottingham and China
23/03/2016
Janet Network DDoS experience
Vscene developments
Proposed future enhancements:»Support for mobile devices (Smartphones & Tablets)»Text chat capability»VLE integration
23/03/2016
ISO 9001:2008 & 9001:2015 Quality Update
› Maintenance of ISO9001 certification since 1998› The standard focuses on our products and services
and currently covers our network and associated services
› A full certificate renewal audit (to ISO9001:2008) is taking place at the end of April 2016
› Work is already underway to align our quality management system to ISO9001:2015 with a plan to transition to ISO9001:2015 late 2016
› Discussions underway around how to expand our quality management system across the whole organisation01/05/2023 Operational Services
01/05/2023
Operational Services
)ISO 27001:2013 Information Security
Update › Project started August 2014 to implement and gain
certification against ISO27001:2013 (information security)
› Initial scope and certification looks at Eduroam(UK), Janet Certificate Service, UK Access Management Federation and Jisc Assent
› Stage 1 audit with certification body scheduled for March 2016 (first part of the formal certification process)
› Work is already underway to bring additional services into our certification scope post successful completion of our stage 2 audit
› Additional discussions underway around how to expand our information security management system across the whole organisation
01/05/2023
Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all)
jisc.ac.uk
Jisc Technologies
Steve KennettHead of Operational [email protected]