Upload
others
View
0
Download
0
Embed Size (px)
Citation preview
Internet2 Overview & Update: Engagement, Initiatives, Network and Services
Fall 2008 Internet2 Member Meeting October 13, 2008
Agenda
• Internet2 Overview and Services - Marianne Smith Associate Director, Member and Partner Relations
• Internet2 Network Services – Heather Todorov Senior Program Manager, Network Services
• Middleware and Security - Renée Frost Director, Technology Transfer and Outreach
• Discipline Communities and Cyberinfrastructure - Ann Doyle Senior Program Manager, Arts and Humanities
Internet2 Mission and Goals
Internet2 Mission
• Develop and deploy advanced network applications and technologies, accelerating the creation of tomorrowʼs Internet.
Internet2 Goals Enable new generation of applications Re-create leading edge R&E network capability Transfer technology and experience to the global
production Internet
3
What We Do…… • We work with our members to provide an Advanced
Networking Environment and Services for research and education
• Internet2 network backbone • Dynamic Circuit Networks • Network research • IPv6, Multicast • End-to-End Performance Initiative • Applications and Services – e.g. Commons and
InCommon • Middleware • Security
4
What We Do………
• We convene and facilitate partnerships and collaboration opportunities for members: • Among themselves and with faculty and
research peers • With other partners: Connectors, International
NRENs, Federal agencies, TeraGrid, K20 School networks, the Quilt
• Applications Collaborations: high energy physicists, arts & humanities, health science, teaching and learning
5
An Asset for the Community
6
An Asset for the Community
Universities
Researchers
Regional Networks
K-12
Industry
International
Internet2 Community
Universities
Affiliates
Regional Networks
K-12
Industry
International
Internet2 Member Community
212 University Members
51 Corporate Members
45 Affiliate Members
30 R&E Network Members
38 State Education Networks
50 International Partners
Providing Value for Members
Internet2 provides members: • Access to the most advanced nationwide
networking infrastructure and services • Specialized, cost-effective knowledge and
expertise, and training • A platform to help set the direction of
advanced networking technologies
http://www.internet2.edu/membership/index.cfm
Internet2 University Members
Internet2 Corporate Partners, Sponsors and Members
Broad Range of Industries: - Technology Providers - Content Providers
- Technology Consumers
http://members.internet2.edu/corporate/index.cfm
Internet2 Corporate Partners
Internet2 Affiliate Members
• Federal labs • Federal agencies • Fine arts institutions • Health science and health care institutions • Performing arts organizations
http://members.internet2.edu/affiliate/affiliates.cfm
12
Research and Education Network Members
US-based non-profit organization that has a principal mission to provide network infrastructure and services primarily to the research and education community
13
Strengthening Community: Member Accomplishments
• Advanced applications development, broad and deep
• Development and deployment of middleware capabilities, locally and nationally
• Creation and support of national high-performance networks, including next generation optical networks
• Strong partnerships with international networking organizations
• Focused efforts on end-to-end performance, and network and host security
14
Internet2 International Goals
• Provide access for Internet2 Network user community the same type of high-performance, advanced network environment on global basis
• Support the international research, teaching, learning, clinical, outreach missions of Internet2 community
Internet2 International Partner Program
• Internet2 forms partnerships between organizations with similar goals/objectives and similar constituencies – counterparts in other countries
• 50 partnership agreements - well over 50 NRENs
http://www.internet2.edu/international/index.cfm
Internet2 International Partner Program
• Benefits • Provide access for users of the Internet2 Network to
the Research and Education Networks of over 87 countries
• Basis for understanding how to facilitate collaborations between US Internet2 community and counterparts in other countries
• Basis for joint development activities with Internet2 counterparts in other countries
International Reach of the Internet2 Network
10/01/08
AFRICA Algeria (CERIST) Egypt (EUN/ENSTINET) Morocco (CNRST) South Africa (TENET) Tunisia (RFR) AMERICAS Argentina (INNOVA|RED) Brazil (RNP2/ANSP) Canada (CA*net) Chile (REUNA) Colombia (RENATA) Costa Rica (CR2Net) Ecuador (CEDIA) El Salvador (RAICES) Guatemala (RAGIE) Mexico (Red-CUDI) Panama (RedCyT) Peru (RAAP) Uruguay (RAU2) Venezuela (REACCIUN2)
ASIA and PACIFIC Australia (AARNET) China (CERNET, CSTNet, NSFCNET) Fiji (USP-SUVA) Hong Kong (HARNET) India (ERNET) Indonesia (ITB) Japan (SINET, WIDE, JGN2) Korea (KOREN, KREONET2) Malaysia (MYREN) New Zealand (Karen)
ASIA and PACIFIC cont’d Pakistan (PERN) Philippines (PREGINET) Russia (RBnet, RUNNET) Singapore (SingAREN) Taiwan (TANet2, ASNet) Thailand (UNINET, ThaiSARN) Vietnam (VinaREN) CENTRAL ASIA Armenia (ARENA) Georgia (GRENA) Kazakhstan (KAZRENA) Tajikistan (TARENA) Uzbekistan (UZSCI)
EUROPE and MIDDLE EAST Albania (ASA/INIMA) Andorra (Univ. of Andorra) Austria (ACOnet) Belgium (BELNET) Bosnia-Herzegovina (BIHARNET) Bulgaria (ISTF) Croatia (CARNet) Cyprus (CYNET) Czech Republic (CESNET) Denmark (Forskningsnettet) Estonia (EENet) Finland (Funet) France (Renater) Germany (G-WIN) Greece (GRNET) Hungary (HUNGARNET) Iceland (Rhnet)
EUROPE and MIDDLE EAST cont’d Ireland (HEAnet) Israel (IUCC) Italy (GARR) Jordan (JUNET) Latvia (LATNET) Lithuania (LITNET) Luxembourg (RESTENA) Macedonia (MARNET) Malta (Univ. of Malta) Netherlands (SURFnet) Norway (UNINETT) Palestinian Territories (Governemnt
Computing Center) Poland (PIONIER) Portugal (RCTS2) Qatar (Qatar FN) Romania (RoEduNet) Serbia-Montenegro (AMREJ, UoM/MREN) Slovakia (SANET) Slovenia (ARNES) Spain (redIRIS) Sweden (SUNET) Switzerland (SWITCH) Syria (HIAST) Ukraine (URAN) United Kingdom (JANET) Turkey (ULAKBYM)
MULTINATIONAL NETWORKS APAN GEANT2 redCLARA
International Reach of the Internet2 Network
International Community Support and Convening Activities • Member inquiries
• Frequent, matchmaking efforts
• International Partnership Program results in ~10% of Member Meeting attendees from outside the US at each meeting
• Community-driven interest in Emerging NRENs • Driven by needs of research, teaching, learning, clinical
communities in US to access collaborators, data, instruments in countries underserved by NRENs
• Internet2 has aided in the establishment/development of NRENS in several countries
Internet2 International Relations Resources
• Director – Heather Boyles • Program Coordinator – Jocelyn Gerich • Work across organization to engage
technical, operational, discipline engagement staff in engaging in and supporting international collaborations
• Community volunteers chair, lead SIGs and SIG interest areas
• http://www.internet2.edu/international/index.cfm
Governance
• Community-driven review begun in 2006 • Governance and Nominations Committee
developed recommendations • New Advisory Councils • New Board membership and election process • Fully implemented in 2008
http://www.internet2.edu/governance/
Board of Trustees
Jeffrey Lehman, ChairCornell University
James BottumClemson University
Jean-Lou ChameauCaltech
Jared CohonCarnegie Mellon University
Mary Sue ColemanUniversity of Michigan
Michael M. Crow Arizona State University
Raymond FordUniversity of Montana
David Fohnmayer University of Oregon
David E. Jent iLight
Timothy L. LanceNYSERNet
Michael R. NelsonGeorgetown University
Larry L. PetersonPrinceton University
Edward SeidelLouisiana State University
Peter SiegelUniversity of California, Davis
Doug Van Houweling Internet2
Advisory Councils
Representing leaders from academia, research, and industry, Internet2ʼs Advisory Councils provide strategic guidance, assist in setting organizational priorities, and ensure that Internet2 continues to meet the needs of the research and education community which it serves.
Architecture & Operations Advisory Council (AOAC)
David E. Jent, Chair iLight
George Loftus, Vice- chairOSHEAN
Diane Barbour Rochester Institute of Technology
Terry Benzel ISI-USC
Dan Blumenthal University of California, Santa Barbara
Andrew Dugan Level 3 Communications
William JohnstonESnet
Ron JohnsonUniversity of Washington
Ron HutchinsGeorgia Institute of Technology/SoX
Wes Kaplow Qwest
Rod Wilson Nortel Networks
Dave LouisUniversity of Wisconsin, Madison/WiscNet
Harvey NewmanCaltech
Paul SchopisOSCnet
Brian VossLouisiana State University
Applications Middleware & Services Advisory Council (AMSAC)
Mike Ackerman National Library of Medicine, NIH
James Bottum Clemson University
Jim Deaton OneNet
Parvati Dev Stanford University
Dennis Elwell Verizon
Raymond Ford, Chair University of Montana
Sally JacksonUniversity of Illinois, Urbana-Champaign
Mark JohnsonMCNC
Tom Knab Case Western Reserve University
Bill MitchellMOREnet
Michael R. NelsonGeorgetown University
Amy Philipson Pacific Northwwest GigaPoP
Henning Schulzrinne Columbia University
Jack Suess, Vice-chairUniversity of Maryland, Baltimore County
Research Advisory Council (RAC)
Shaun Abshere WiscNet Guy Almes
LEARN/Texas A&M University
Rosio Alvarez Lawrence Berkeley National Laboratory
David Bader Georgia Institute of Technology
kc claffyCAIDA
Doug ComerCisco
Dave FarberCarnegie Mellon University
Sandy FraserFraser Research
James HiltonUniversity of Virginia
Wendy Huntoon Pittsburgh Supercomputing Center
Cliff LynchCoalition for Networked Information (CNI)
Drew PerkinsInfinera
Prem PaulUnivesity of Nebraska-Lincoln
Pete Siegel, Chair University of California, Davis
Alan WhitneyMIT Haystack Observatory
External Relations Advisory Council (ERAC)
Gary Augustson Pennsylvania State University
Bob Brammer Northrop Grumman
Larry Conrad Florida State University
Jim Dolgonas CENIC
John Evans Evans Telecommunications, Inc.
Farnam Jahanian University of Michigan/Arbor Networks
John Killebrew NCREN
Stuart Kippelman Johnson & Johnson
Mike LaingUnited Nations
Dave Lambert, Vice-chairGeorgetown University
Tim Lance, ChairNYSERNet
Mark Luker EDUCAUSE
Jeff SchillerMIT
George Thoma National Institutes of Health
Jim WilliamsLEARN
Strategic Planning Process • Part of the GNC recommendations • Begun in December 2008, currently
underway • Community-led and community
-driven Strategic Planning Steering Committee
• Assessing progress to date and planning a way forward
• Expected to provide recommendations by 2009
http://www.internet2.edu/strategicplanning/
Strategic Planning at the Fall Member Meeting
Focus Groups – To get input from community on the Strategic Plan implementation Tuesday 1:45 - Napoleon A3 Tuesday 3:00 - Napoleon A3 Tuesday 4:15 - Napoleon A3
Strategic Plan Update on Thursday at General Session
Internet2NetworkOverviewHeatherTodorov,Sr.ProgramManager
2008FallMemberMee@ngNewOrleans,Louisiana
• Connector–maintainsdirectconnec@ontoInternet2Network;provideconnec@onsandnetworkservicestoInternet2members
• Par/cipant–aMemberofInternet2thathasenteredintoanInternet2NetworkPar@cipa@onAgreement
• SponsoredPar/cipant–anindividualnon‐Internet2membereduca@onalins@tu@onthatissponsoredbyoneormoreInternet2UniversityMembers• IncludesK20schools,museums,libraries,hospitals,zoos;canbe
not‐for‐profitorfor‐profitwithinthesecategories• SponsoredEduca/onGroupPar/cipant(SEGP)–anaggregateofoneormorenetworksservingeduca@onalandeduca@on‐relatedorganiza@onsandstate/localgovernmentins@tu@onswithinthesamestate
Internet2Network
NetworkAffilia/ons
Slide 32
Internet2 Network
Internet2Network
NetworkCommunity• NewPar@cipants• DepartmentofVeteransAffairs• IntercastNetworks,Inc.
• NewSponsoredPar@cipant• WXXIPublicBroadcas@ngCouncil• TexasChildren’sHospital
Slide 34
SEGPs & The K20 Initiative • 37statenetworksconnectedasof
October2008
• Expandingaccesstotheeduca/onalmainstream
• Moreinnovators=acceleratedcycleofinnova/on
Internet2Network
Slide 36
Internet2NetworkCharacteris/cs
• Hybrid optical and IP network • Dynamic and static wavelength services • Fiber, equipment dedicated to Internet2;
Level 3 Communications maintains network and service level
• Simultaneous support of diverse requirements • experimental projects • production services
Slide 37
Internet2NetworkCapaci/es
• Initial capacity 10 x previous network • 10 wavelengths at 10 Gbps each
• Future capacity nearly unlimited • 40 Gbps and 100 Gbps wavelength
capabilities • Unlimited additional wavelengths available
• Rapid provisioning of dedicated circuits • Flexibly-sized circuit capacity
Slide 38
IP Routed Infrastructure
• 9 Nodes • Juniper T640 based • Re-used routers from Abilene network • Announced upgrade to T1600 platform in
Chicago to be implemented soon • Largely OC-192 based backbone • 1 10GigE between Washington DC and
New York
Coordina/ngAcrossGeographicScales
Slide 41
Slide 43
MANLAN
• Manhattan Landing in New York City • Partnership with NYSERNet, Indiana University, Internet2 &
the IEEAF • High performance exchange facility for R&E networks • Located at 32 AoA in NYC - easy interconnection to many
national and international carriers and other R&E networks • Peerings with Atlantic Wave international peering fabric
• Peering model is open and bilateral • Cost recovery model - minimal connection charges
CommercialPeeringService
• Direct connection between Internet traffic generators or data aggregators and carriers: • Content providers • PAIX, Equinix, etc. - point of data aggregation/exchange • large backbone carriers such as tier one providers
• Settlement-free • neither party pays the other • voluntary • provides mutual benefit • reduces commodity Internet costs by up to 50%
Internet2Network
CommercialPeeringService
Slide 45
JointhegrowinglistofCPServicepar/cipants
• Membersleveragetheirexis@ngInternet2Networkinvestments• included in Connectors base network connection
fee at no additional cost • savings from reductions in commodity Internet
traffic costs • enhanced network performance • Provides IPv6 and multicast connection to global
Internet • net neutral connection
Slide 46
Internet2Network
CommercialPeeringService
• Internet2 offers this service to all Internet2 Network Connectors
• Contact your Internet2 Network Connector to discuss your request
• A list of Internet2 Network Connectors is available at http://www.internet2.edu/connectors/
• For more info go to www.internet2.edu/network/cp.htmlorsendane‐[email protected]
Slide 47
CommercialPeeringService
WaveCoSta/cCircuitServices
• Static Circuits refers to circuits that have two fixed endpoints across the Internet2 circuit infrastructure
• Are currently set up manually by the Internet2 NOC • Can have any bandwidth from 50Mbps to a full 10Gbps wave or
multiple 10G waves • Can be provisioned directly over the Infineras (waves) or through
the Cienas (sub-rate circuits) • Circuits can be offered with and without dedicated protection; if
dedicated, they may be subject to additional fees • Can be ordered for a period of weeks up to years: 30 Day billing
minimum; can be reserved up to one year in advance • Have a fee for service that is based on distance, bandwidth,
duration and protection scheme
DynamicCircuitNetwork• The DC (Dynamic Circuit) Network automatically provisions circuits
across the network, among participants in the dynamic networking control plane and protocol
• Supported by connections into the Ciena CoreDirectors • Circuits are created by a control plane in which all DCN connectors
must participate. • Circuits can have any bandwidth across the Internet2 infrastructure
from 50Mbps to 10Gbps • Circuit setup on the DCN is subject to blocking based on available
capacity • DCN is available through participating Connectors
Institution A
Institution B
Regional IP Network Internet2 IP Network
Peer IP Network Regional DC Network
Internet2 DC Network Peer DC Network
Host
Router Host
Router
Shared IP Transport
Dynamic Circuit Network
Layer 2
Internet2 DCN Software
• v0.3 released • Written in partnership with ESnet • Deployed on Internet2 DCN, NYSERNet,
USLHCNet • Interoperable with ESnet SDN, GÉANT2
Autobahn, Nortel/University of Amsterdam DRAC
• Early stage partnerships with other global efforts
Global Dynamic Circuit Network
Network Services at the Fall Member Meeting
Tuesday, October 14 • Internet2 Network Services and Operations
Update, 4:30-5:30pm Wednesday, October 15 • Using DCN: RONs and Campuses, 3:00pm • DCN Update, 4:30pm
Middleware
Renée Woodten Frost Director, Technology Transfer and Outreach [email protected]
Middleware: Beyond Big Pipes
Middleware Infrastructure
• Focus: • Inter-institutional collaboration • Scalable authenticated/authorized access to
remote resources • Internet2 role:
• Defining/creating architecture: Shibboleth • Tools to implement: Shibboleth, Grouper, Signet • Infrastructure/Services to scale: InCommon,
USHER
56
57
MACE Middleware Architecture Committee for Education
• Purpose - provide advice, create experiments, foster standards, create working groups
• Membership - Bob Morgan (UW) Chair, Tom Barton (Chicago), Scott Cantor (Ohio State), Steven Carmody (Brown), Michael Gettes (MIT), Keith Hazelton (Wisconsin), Paul Hill (MIT), Jim Jokl (Virginia), Scotty Logan (Stanford), Mark Poepping (CMU), Renee Shuey (PSU), David Wasley (retired Univ California), Von Welch (Grid)
• International members - Brian Gilmore (Scotland) Jens Haeusser (UBC), Josh Howlett (Janet (UK)), Leif Johansson (Sweden), Diego Lopez (Spain), Rodney McDuff (Australia)
58
National Science Foundation Middleware Initiative (NMI)
• Program: support & deploy middleware for R & E • Two types of awards • System Integrators - tools & services • Other - academic pure research components
• Periodic NMI releases of software, services, architectures, object classes and best practices
• Three rounds of awards – 2001, 2003, 2007
59
• Consensus standardseduPerson, eduOrg, eduMember, eduCourse, commObject (H.350)
• Best Practices and Deployment StrategiesLDAP Recipe, Group Management, Metadirectories, Enterprise Directory and Authentication Implementation Roadmaps, Case Studies
• ToolsKX.509, LDAP Analyzer, LOOK
Major Work
Major Work
• Software systems Open SAML, Shibboleth, Signet, Grouper
• OutreachCAMPs, presentations, publications, information sheets, Extending the Reach program
• ServicesInCommon Federation, USHER (PKI)
61
Current Activities
• Authorization: Grouper and Signet • Authentication: SAML and Shibboleth,
Federation Interoperability • InCommon Federation • PKI, USHER • Collaboration Tools, COmanage • Virtual Organization Support
63
Grouper • Group management tool – v1.3.1 • Lead institution – Univ of Chicago; other key
players include Duke, Brown, Georgia Tech, Univ of Penn, Univ of Memphis, Univ of Newcastle
• Adoption accelerating (~15 operational deployments now) as versions add capabilities, GUI refines, performance improves
• Under consideration in some key commercial services
Signet
• Privilege Management tool – v1.3 • Lead institution – Stanford • Privilege Management Survey • To gauge readiness • To validate understanding of technical and
functional requirements
Shibboleth
• March 2008 – released v2.0 • Lead universities: Brown, Ohio State, Univ of
Washington, Duke, USC • Adoption: more than 10,000 deployed sites;
national federating software for more than 20 countries
• Commercial adoption: Microsoft, Google, Elsevier, OCLC, etc…
• Current uses: content acquisition, collaboration tools, access to federal applications, access to domain applications
Federated Identity Model
• Leverages enterprise identity for inter-realm purposes
• Uses local authentication • Allows variety of authentication options
• Passes agreed upon authentication & attributes (identifiers, affiliations, memberships, entitlements)
• Based on privacy, security, & trust • More scalable
Federations
• Widespread now • Internationally: UK, Spain, France, Sweden,
Finland, Switzerland, Netherlands, Germany, Denmark, Norway, Australia, Brazil, Japan, Canada, etc.
• State university systems • Community college libraries • Medical associations • DoJ and DoD
• All do SAML; most use Shibboleth • Limited interfederation interactions: Kalmar
Federation, UK-Australia, MS, Elsevier
Interfederation Activities
• Initial Meeting in Prague Sept 2007 • 15-20 international R&E Federations plus Liberty
Alliance, others • Topics: attribute mapping, privacy policies, dispute
resolution, financial considerations, technical direction setting
• UK conducted analysis of international peering needs, opportunities, etc
• Meeting in Bruges in May 2008 • Workshop in Seattle in June 2008 • Follow on BOF at Member Meeting • Discussions: UK and InCommon
69
InCommon Federation
• US R & E Federation, an LLC • Addresses legal, Level of Assurance, shared
attributes,business proposition • Participants are universities, service
providers, government agencies, labs • Uses range from popular & academic
content access to administrative services to wiki & list control to accessing NIH applications to . .
www.incommonfederation.org
Key Aspects of InCommon • Federation software – Shib: open-source,
standards-based, privacy-preserving federating software
• Shared attributes & schema - eduPerson • Lever of authentication
• Participant Operational Practices (POP)-LOA today • Bronze & Silver map to LOA 1 & 2 – draft docs
• Governance/Management • Steering Committee • Operations by Internet2
With InCommon
• Users have one sign-on point for different resources
• Fewer user accounts for application owners to manage
• Access based on attributes, not identity or location (IP address)
• Fine-grained control over user identity information and approved access
• Standards-based and open source
• New resource providers & users integrated quickly without one-off integration
107 InCommon Participants
• Higher Education Participants (72) • Sponsored Participants (30) • Government and Non-Profit Laboratories,
Research Centers, and Agencies (5) • New types of members:
• Smaller universities, community colleges • Student service providers • National Institute of Health, Energy Labs, TeraGrid • MS, Apple
A community of more than 2.2 Million end users (source IPEDS)
InCommon Collaboration Groups
• InCommon Student Services • InCommon Library Services • InCommon TeraGrid • InCommon Federated Sharepoint • InCommon NIH • InCommon iTunes • InCommon Research Administration
USHER U.S. Higher Ed Root Certificate Authority
• A public key infrastructure (PKI) supported by higher ed community for emerging deployments in research, education, and transactions that require PKI
• Operated by the USHER Policy Authority and Internet2
www.usherca.org 75
USHER Status
• USHER Root CA • Relatively high Level of Assurance
(LoA) • Issuing campus Authority Certificates
since June 2007 • Subscriber Agreement posted • Expected Practices: CA management and
current policy/practice of campus identity management
76
Collaboration Tools/Platform
• Collaboration = key to academic life, especially for researchers
• Over abundance of new collaboration tools • Integration of middleware/Identity and Access
Mgmt tools in support of collaboration (enterprise user database, group management, and privilege management)
COmanage • Collaboration management platform -
externalizes identity management from collaboration applications
• Supported in part by a NSF OCI grant, being developed by the Internet2 community, with Stanford as a lead institution
• Open source, open protocol • Works with Shibboleth, Grouper, Signet,
Confluence • Parallels activities in the UK and Australia
COmanagable Applications
• Already done • Sympa, Federated wikis, Asterisk (open-source IP
audioconferencing), Dim-Dim (open-source web meeting), Bedeworks (federated open-source calendar)
• Immediate targets • Rich access controlled wikis • Web-based file shares, IM, Google Apps for Ed
• Domain science resources • Instruments • Grids
Security
80
Relationship between Middleware and Security
Middleware = well-defined infrastructure layer
Security = not crisply defined, spans all layers
Integrated Systems Approach
Security
• Much of the middleware work, in its identity management and access control areas, is also a large part of the security space
• Security for Internet2 services • Salsa as the point for member engagement • Development of new security capabilities
83
Federated Identity Management
• Federated identity leverages institutional Identity Management in inter-institutional settings
• By itself, federated identity can provide significant security value – enables flexible Levels of Assurance, improves privacy, etc.
• As a new layer of infrastructure, it can be leveraged to provide new security services • Improved guest access usability and
accountability • Privilege management for virtual organizations
84
Security for Internet2 Services
• Internet2 Network – network operational security practices for continuous evaluation and improvement
• Securely providing trust • InCommon Federation • USHER
86
Salsa
• Advisory on issues, priorities, directions • Charters working groups • 12-15 members representing R&E
expertise, chaired by Chris Misra, U Mass • Works in collaboration with the
EDUCAUSE/Internet2 Security Task Force • Facilitates member engagement
Computer Security Incidents (CSI2)
• Working group closely aligned with REN-ISAC at Indiana U
• Chaired by Chris Misra, UMass • Funded in part by Dept of Justice grants in
2006 and 2008 • Facilitating secure exchange of real-time
security information; for incident handlers • Adding statistical analyses to signature
analyses
87
CSI2 Projects
• RENOIR: reporting system for sharing security incidents information within an inter-institutional trust community
• Shared Darknets: wide aperture analyses • APHIDS: a non-traditional intrusion detection
system (IDS) • Monitors the results returned by search
engines rather than network traffic/activity on individual host
• Goal: to provide an easy, automated method for security professionals to find problematic content on web sites in their domains.
88
New DoJ Award Continuation of CSI2 Projects
• REN-ISAC Incident Information Sharing System
• RENOIR Automated Incident Reporting System
• DNS Service Telemetry • Shifting Landscape and Leveraging Existing
Security Tools • Workshop and Outreach Activities
Disaster Planning & Recovery
• Explore • contingency planning • developing & testing recovery plans, policies, &
procedures • Warm/hot site strengths, weaknesses, potential
pitfalls • contractual & SLA models
• Develop set of best practices & services Chaired by Don McLeod, UC Berkeley
90
Other Near-term Initiatives
• DNSSEC - advisory group on adopting DNSSEC; has begun a cross-signing project, to sign at least one of their zones and exchange trust anchors to mutually validate their DNS records.
• Two-port internet – white paper on Causes and Cures
• NetGuru - a periodic meeting of senior network and security engineers; a forum to engage in discussion of timely topics.
91
Advanced Networking Applications
TODAY • TV-Quality Videoconferencing • Gigabyte-class data sets among small research groups • Limited access to remote scientific instruments TOMORROW • Uncompressed HDTV and gigapixel displays • Terabyte-class data sets among global research groups • Routine, reliable, and discipline wide access to remote scientific
instruments
Supporting Large-scale Distributed Sensor Networks
• Ecology • Seismology • Meteorology
Access to Unique Scientific Instruments
• Astronomy • High-Energy and Nuclear Physics
Impact of LHC traffic on Campus
UNL Traffic before/after LHC Tier2 came on-line (Summer 2007)
LHC Data/Network Summary
• On demand transfer of ~2 TeraBytes of data (ntuples) from T1/T2 T3
• Transfer must complete in 4 hours (~1.5 Gbps)
• New data will be transferred every 10-14 days
• T3 sites may contribute grid computing resources to project (more data being moved on a regular basis)
Live Performance
Bradley University:The Adding Machine Philadelphia Orchestra live from Verizon Hall
Master Classes
Pinchas Zukerman
98
Michael Tilson Thomas
Tele-health
• Medical instruction • Clinical practice • Research
Internet2 Health Network Initiative Supporting the FCC Rural Health Care Pilot Program intended
to:
“…facilitate the creation of a nationwide broadband network dedicated to health care, connecting public and private non-profit health care providers in rural and urban locations.”
• Working with Internet2 Connectors to facilitate awardee access to the Internet2 Network
• Community-led weekly calls • In-person Workshop • Dedicated online information resources
Internet2 K20 Initiative
Internet2 K20 Initiative
• Builds on Internet2 connectivity of state education networks
• Brings together innovators from primary and secondary schools, libraries, museums and other educational institutions
• Focused on extending new technologies applications, middleware, and content
• Extremely active and growing community
Internet2 Community State Education Networks
2006 Internet2 K20 Connectivity Survey
Internet2 K20 Muse Site
• A social networking site designed to support and encourage collaboration
• A service of the Internet2 K20 Initiative
• Five regional communities to date
Digital Learning Commons
www.learningcommons.org
• Instrumentation
• Data Storage
• Networking
• Computation
• User support
• Policy and Funding
• Management Security and Access
Cyberinfrastructure: Defined
Cyberinfrastructure: More Than High-End Computing and Connectivity
• Focused making greater capabilities available for research and education
• Allows applications to interoperate across institutions and disciplines
• Ensures that data and software are preserved and easily available to all
• Empowers enhanced collaboration over distance and across disciplines Report of the National Science FoundationBlue-Ribbon Advisory Panel on Cyberinfrastructure
Supporting Cyberinfrastructure for Cutting-edge R&E
Internet2 supports the R&E community by: • Advancing an integrated approach to
cyberinfrastructure • Providing focused support for the most
demanding discipline communities • Fostering, coordinating and providing
national-level cyberinfrastructure and services
Internet2.edu/ci
Member Services
Member Engagement Activity • Staff resource assigned to every member • At least annual contact to review
organization needs and to learn about new initiatives and activities
• Staff resource always available via email and phone for intermediate contact
• List of assigned staff available on the member web site at:
http://www.internet2.edu/membership/index.cfm
Internet2 Support of Member Research
Internet2 provides advocacy, collaboration and demonstration of support in order to illustrate the unique benefits offered by use of our network and unique resources and services.
Support of Member Research
• Advocacy with representation in funding agencies that has helped shape new solicitations
• Provision of formal letters of support that illustrate aspects of Internet2ʼs support of key projects
• Preparation of white papers and reports to agencies
• Consultation and assistance with grant preparation
Internet2 Commons
• Deployed an H.323 Videoconferencing Service for multi-site connections
• Standards-based, vendor-neutral videoconferencing
• Allows subscribing members to schedule and hold distributed working groups, classes, meetings, and conferences in support of research and education.
- The Internet2 Commons encourages the large-scale deployment of tools for one-to-one, one-to-group, and group-to-group collaborations. The services provided by The Internet2 Commons are available to Internet2 members, Internet2 Network participants, and other Internet2 partners.
- A Site Coordinator Training offering will be held October 28th noon to 5:00pm
- For more information visit our website at http://commons.internet2.edu/
Internet2 Commons
Internet2 Meetings
• Semi-annual member meetings • Semi-annual Joint Techs meetings • International symposiums • Workshops and Trainings……..
Workshops
• Internet2/NWS: Performance and Master Class Workshop
• Dynamic Circuit Network • Health Network Initiative • IPv6 • Multicast – IPv4 or IPv6 • Network Performance • Commons Site Coordinator Training • CAMP
117
www.internet2.edu [email protected]