Connect. Communicate. Collaborate

The Security Model of GÉANT2: A Co-operative Approach

Christoph Graf, SWITCH TNC’07, Lyngby, 22 May 2007

Overview

• The project GÉANT2 • The goal: securing GÉANT2 • Environment and stakeholders • The approach to security • Where we stand • Outlook • Summary Connect. Communicate. Collaborate

The Project GÉANT2

Connect. Communicate. Collaborate

Some figures:

• • • • • ...

Project partners include 30 of Europe’s national research and education networks (NRENs), DANTE and TERENA Connects 34 European countries and serves over 3500 research and education establishments across Europe Over 30 million users ...

The Goal: Security

Connect. Communicate. Collaborate • Make the GÉANT2 community a secure community...

... as secure as needed!

• Who is the „GÉANT2 community“?

Its users!

The view from above...

Connect. Communicate. Collaborate GÉANT2 Topology November 2006

... but where are the users?

Connect. Communicate. Collaborate GÉANT2 GÉANT2 national/jurisdiction boundaries 30 NRENs (maybe regional nets) organisational boundaries 3500+ R&E establishments NREN R&E Org R&E Org NREN R&E Org 30+ million users different affiliation types Org. unit Org. unit

... and where are the security stakeholders?

GÉANT2 Dante, Terena, security Project policy bodies activity scope NREN NREN CERTs Connect. Communicate. Collaborate GÉANT2 NREN Site security teams System administrators R&E Org R&E Org R&E Org Org. unit Org. unit

How important is security?

• Security is not for free • It makes things more complicated • But why do some care more than others?

Connect. Communicate. Collaborate

Maslow’s Hierarchy of Human Needs

Humans:

Actualisation Status (esteem) Love/Belonging Safety Physiological Connect. Communicate. Collaborate

NRENs:

?

Star NREN Community: Trust, Policies Security: CERTs Physical: GÉANT2 network Source: http://en.wikipedia.org/wiki/Maslow

The Approach

Leading edge team Proactive monitoring Recognised CERT Basic CERT No CERT Improve leading edge teams Connect. Communicate. Collaborate Partner’s security team Reaching compliance level GÉANT2 security compliance level time

Where we stand...

Connect. Communicate. Collaborate • Improve leading edge teams: because new threats are looming – “The Toolset” and its elements: • FlowMon probe: appliance turning network traffic into NetFlow data • Nfsen: NetFlow visualisation and analysis tool – The purpose: • Working horse for many CERT teams • Framework to put leading edge concepts and algorithms to test • Reaching compliance level: because of the rule of the weakest link – Operate a CERT! – Largely using existing initiatives and services: TRANSITS, TI, TF CSIRT

Outlook

Connect. Communicate. Collaborate • Improve leading edge teams – FlowMon probe: from pre-production to product – Nfsen: improve sustainability, networking the developers, build a development platform – Trial new ideas for anomaly detection – Training material and delivery • Reaching compliance level – Organise mentoring work between experts and newly created CERTs

Summary

Connect. Communicate. Collaborate • The GÉANT2 trust network is covering – 30 NRENs in 34 countries, DANTE and TERENA – over 3500 R&E establishments, over 30 million users • It follows existing structures: from NRENs to users • It integrates existing initiatives: TI, TF-CSIRT • A co-operative approach to overcome national and organisational boundaries for a common goal: secure our increasingly critical networking infrastructure