1 / 13

The Security Model of GÉANT2: A Co-operative Approach

The Security Model of GÉANT2: A Co-operative Approach. Christoph Graf, SWITCH TNC’07, Lyngby, 22 May 2007. Overview. The project GÉANT2 The goal: securing GÉANT2 Environment and stakeholders The approach to security Where we stand Outlook Summary. The Project GÉANT2. Some figures:

davidbsmith
Télécharger la présentation

The Security Model of GÉANT2: A Co-operative Approach

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. The Security Model of GÉANT2: A Co-operative Approach Christoph Graf, SWITCH TNC’07, Lyngby, 22 May 2007

  2. Overview • The project GÉANT2 • The goal: securing GÉANT2 • Environment and stakeholders • The approach to security • Where we stand • Outlook • Summary

  3. The Project GÉANT2 Some figures: • ... • Project partners include 30 of Europe’s national research and education networks (NRENs), DANTE and TERENA • Connects 34 European countries and serves over 3500 research and education establishments across Europe • Over 30 million users • ...

  4. The Goal: Security • Make the GÉANT2 community a secure community... ... as secure as needed! • Who is the „GÉANT2 community“? Its users!

  5. The view from above... GÉANT2 Topology November 2006

  6. national/jurisdiction boundaries NREN NREN 30 NRENs (maybe regional nets) organisational boundaries R&E Org R&E Org R&E Org 3500+ R&E establishments Org. unit Org. unit different affiliation types 30+ million users ... but where are the users? GÉANT2 GÉANT2

  7. GÉANT2 security activity scope NREN NREN R&E Org R&E Org R&E Org Org. unit Org. unit ... and where are the security stakeholders? Dante, Terena, Project policy bodies GÉANT2 NREN CERTs Site security teams System administrators

  8. How important is security? • Security is not for free • It makes things more complicated • But why do some care more than others?

  9. Actualisation Status (esteem) Love/Belonging Safety Physiological Maslow’s Hierarchy of Human Needs Humans: NRENs: ? Star NREN Community:Trust, Policies Security: CERTs Physical: GÉANT2 network Source: http://en.wikipedia.org/wiki/Maslow

  10. Leading edge team Improve leading edge teams Proactive monitoring Recognised CERT Reaching compliance level Basic CERT No CERT The Approach Partner’s security team security capabilities GÉANT2 security compliance level time

  11. Where we stand... • Improve leading edge teams: because new threats are looming • “The Toolset” and its elements: • FlowMon probe: appliance turning network traffic into NetFlow data • Nfsen: NetFlow visualisation and analysis tool • The purpose: • Working horse for many CERT teams • Framework to put leading edge concepts and algorithms to test • Reaching compliance level: because of the rule of the weakest link • Operate a CERT! • Largely using existing initiatives and services: TRANSITS, TI, TF-CSIRT

  12. Outlook • Improve leading edge teams • FlowMon probe: from pre-production to product • Nfsen: improve sustainability, networking the developers, build a development platform • Trial new ideas for anomaly detection • Training material and delivery • Reaching compliance level • Organise mentoring work between experts and newly created CERTs

  13. Summary • The GÉANT2 trust network is covering • 30 NRENs in 34 countries, DANTE and TERENA • over 3500 R&E establishments, over 30 million users • It follows existing structures: from NRENs to users • It integrates existing initiatives: TI, TF-CSIRT • A co-operative approach to overcome national and organisational boundaries for a common goal: secure our increasingly critical networking infrastructure

More Related