BCNET Security Policies Jens Haeusser

Information Security Officer, UBCand

Chair, Security Working Group, BCNET

Internet2 Joint TechsVancouver, BCJuly 19th, 2005

July 19, 2005

Internet2 Joint Techs, Vancouver 2005

Slide 2

The Challenge

• Overall policies similar to other RANs Incidents passed to member institutions

• Internal securityOften lower priority

• Increasing pressure from membersClean Pipe

• Researchers want access to traffic

July 19, 2005

Internet2 Joint Techs, Vancouver 2005

Slide 3

About BCNET

• BCNET is a non-profit society supporting and promoting advanced networks in the province and serves BC’s universities and research and development institutions

• BCNET is supported by the provincial and federal governments as well as by its regional university members

• The mission statements of the universities drives the purposes of BCNET Research Teaching Community Service

July 19, 2005

Internet2 Joint Techs, Vancouver 2005

Slide 5

Operational Collaboration

• The Network Engineering group is comprised of the peer IT Networking groups of each of the primary Members of BCNET: BCIT, SFU, UBC, UVIC, and UNBC

• Each Transit Exchange has the local university IT group as its primary support

• To be expanded as the BCNET ORAN expands with 3 more Transit Exchanges

• A central NOC is utilized for 24x7 support and to co-ordinate maintenance, scheduling, and trouble ticketing

July 19, 2005

Internet2 Joint Techs, Vancouver 2005

Slide 6

BCNET Advisory Committees

• BCNET utilizes Advisory Committees to increase involvement in communities of interest

• Committee members are invited from leading technology areas, not limited to BCNET membership

• Applications Advisory Committee Provides advice regarding BCNET’s role in the facilitation of

advanced applications that would take advantage of the ORAN. The committee reviews potential applications that make use of the

network:• determines relevance of applications to the BCNET institutional

members• recommends priorities for investigation• suggests methods (pilot projects, etc.) for facilitation of such

applications

July 19, 2005

Internet2 Joint Techs, Vancouver 2005

Slide 7

BCNET Advisory Committees

• Network Planning Advisory Committee A forum where practicing University network engineers can interact

with outside experts from industry, Internet2, and CANARIE Provides advice regarding next generation network technologies

and their potential implementation within BCNET• Network Research Advisory Committee

A forum where network researchers from member institutions can interact with researchers from the private sector, other institutions across Canada and internationally

Provides advice relating to the development and operation of facilities for specific use by network researchers including the suitability of the overall network design for supporting network research activities and next generation technologies which may be beneficial

Facilitates new areas of network research that can benefit from testing and deployment across the BCNET ORAN

July 19, 2005

Internet2 Joint Techs, Vancouver 2005

Slide 8

BCNET Working Groups

• Some of the Working Groups generated by the committees Identity ManagementDisaster RecoveryHigh Performance ComputingNetwork Performance AnalysisSecurity

July 19, 2005

Internet2 Joint Techs, Vancouver 2005

Slide 9

Security Working Group

• Comprised of security staff from members and interested Faculty

• Formal Risk Assessment Corporate Information Security Working Group:

Report of the Best Practices and Metrics Teams Vulnerability Scan

• Review of policies Acceptable Use Policy Guidelines for Appropriate and Responsible Use Other policies arising from risk assessment

July 19, 2005

Internet2 Joint Techs, Vancouver 2005

Slide 10

Future Plans

• Assist other Working Groups• Share Best Practices• Application Development Guidelines• Network Monitoring

Operational and for Researchers

• Investigate Other Appliccations PKI/Two Factor Authentication Secure Email

July 19, 2005

Internet2 Joint Techs, Vancouver 2005

Slide 11

Resources

• Security Working Group http://www.bc.net/applications/security.htm

• Acceptable Use Policy http://www.bc.net/support/acceptable_use_policy.htm

• Guidelines for Appropriate and Responsible Use http://www.bc.net/support/guidelines.htm

• Corporate Information Security Working Group http://www.educause.edu/LibraryDetailPage/666&ID=CSD3661

• Educause Security Policies http://www.educause.edu/Browse/645?PARENT_ID=640