connect. communicate. collaborate the security model of gÉant2: a co-operative approach christoph...
TRANSCRIPT
Connect. Communicate. Collaborate
The Security Model of GÉANT2: A Co-operative Approach
Christoph Graf, SWITCH
TNC’07, Lyngby, 22 May 2007
Connect. Communicate. CollaborateOverview
• The project GÉANT2• The goal: securing GÉANT2• Environment and stakeholders• The approach to security• Where we stand• Outlook• Summary
Connect. Communicate. Collaborate
Some figures:
• ...
• Project partners include 30 of Europe’s national research and education networks (NRENs), DANTE and TERENA
• Connects 34 European countries and serves over 3500 research and education establishments across Europe
• Over 30 million users
• ...
The Project GÉANT2
Connect. Communicate. CollaborateThe Goal: Security
• Make the GÉANT2 community a secure community...
... as secure as needed!
• Who is the „GÉANT2 community“?
Its users!
Connect. Communicate. Collaborate
GÉANT2 Topology
November 2006
The view from above...
Connect. Communicate. Collaborate... but where are the users?
GÉANT2
30+ million users
Org. unit Org. unit
3500+ R&E establishments R&E OrgR&E Org R&E Org
30 NRENs(maybe regional nets)
NRENNREN
GÉANT2national/jurisdictionboundaries
organisationalboundaries
different affiliationtypes
Connect. Communicate. Collaborate
... and where are the security stakeholders?
Dante, Terena,Project policy bodies
System administrators Org. unit Org. unit
Site security teams R&E OrgR&E Org R&E Org
NREN CERTsNRENNREN
GÉANT2GÉANT2securityactivity scope
Connect. Communicate. CollaborateHow important is security?
• Security is not for free• It makes things more complicated
• But why do some care more than others?
Connect. Communicate. Collaborate
Maslow’s Hierarchy of Human Needs
Physiological
Safety
Love/Belonging
Status (esteem)
Actualisation
Source: http://en.wikipedia.org/wiki/Maslow
Physical: GÉANT2network
Security: CERTs
Community:Trust, Policies
Humans: NRENs:
Star NREN
?
Connect. Communicate. CollaborateThe Approach
time
GÉANT2 securitycompliance level
Reachingcompliance level
Improve leadingedge teams
secu
rity
capa
bilit
ies
No CERT
Leading edge team
RecognisedCERT
Proactivemonitoring
Basic CERT
Partner’ssecurity team
Connect. Communicate. CollaborateWhere we stand...
• Improve leading edge teams: because new threats are looming– “The Toolset” and its elements:
• FlowMon probe: appliance turning network traffic into NetFlow data
• Nfsen: NetFlow visualisation and analysis tool– The purpose:
• Working horse for many CERT teams• Framework to put leading edge concepts and algorithms to test
• Reaching compliance level: because of the rule of the weakest link– Operate a CERT! – Largely using existing initiatives and services: TRANSITS, TI, TF-
CSIRT
Connect. Communicate. CollaborateOutlook
• Improve leading edge teams– FlowMon probe: from pre-production to product– Nfsen: improve sustainability, networking the
developers, build a development platform– Trial new ideas for anomaly detection– Training material and delivery
• Reaching compliance level– Organise mentoring work between experts and newly
created CERTs
Connect. Communicate. CollaborateSummary
• The GÉANT2 trust network is covering– 30 NRENs in 34 countries, DANTE and TERENA– over 3500 R&E establishments, over 30 million users
• It follows existing structures: from NRENs to users• It integrates existing initiatives: TI, TF-CSIRT
• A co-operative approach to overcome national and organisational boundaries for a common goal: secure our increasingly critical networking infrastructure