janet in a changing world
TRANSCRIPT
Janet in a changing worldJeremy Sharp, Janet Infrastructure Director
Frances Burton, Jisc Security Services Group Manager
14/03/2017
Evolving JanetJeremy Sharp, Janet Infrastructure Director
28/04/2017 Janet in a changing world 2
Janet network
» 10 core points of presence across the uk.
» A core across the UK of 400Gbit/s (current upgrade taking this upto 600Gbit/s in 17/18).
» Long term fibre lease for the core.
» Optical, Ethernet and IP services run in-house.
» 18 regional distribution areas.
» Resilient architecture delivering highly available services.
» ~900 organisations connected.
» 1.3Tbit/s external connectivity.
28/04/2017 Janet in a changing world 3
Requirements gathered for Janet6
28/04/2017 Janet in a changing world 4
Bandwidth• Flexibility• Agility• Cost control
Service delivery• Delivery of third-party
services• Cloud services• Reliability & resilience
Partnerships• public/public, public/private• Information assurance
Off-net support• Anytime, anywhere access• Internationalisation of
education
Management of costs• Funding environment• Costs of change
Universal service• Student, lecturer, researcher
experience• Social mobility & student
opportunity
Changes in the environment
28/04/2017 Janet in a changing world 5
Changes in funding
Higher information assurance
Use of off-site datacentresfor equipment housing
Challenging economic climate
Cyber security
Outsourcing services to the Cloud
Open Science & the importance of data
Implications of Brexit
Janet architecture review
1. Review the architecture of Janet
identify areas of change
produce a proposal for change
2. Establish a process and roadmap for managing the transition to the new architecture
28/04/2017 Janet in a changing world 6
Janet architecture review – objectives
› Cost effectiveness: reduce the cost of providing Janet.
› User requirements: continue to meet user requirements and be flexible to adapt to changing needs.
› Technological coherence: to ensure optimum appropriate technological coherence across Janet.
› Security: To ensure the right level of security assurance to appropriate standards.
› International connectivity: To determine Janet international connectivity requirements in light of a changing international environment.
› Gateways to government networks: To understand the requirements for gateways to the HSCN and other government networks.
› External connectivity: To review Janet peering arrangements and also the approach to connecting with Content Distribution Networks and Cloud Providers.
› Fibre infrastructure: To investigate extending the backbone fibre contract with SSEET to 2028.
28/04/2017 Janet in a changing world 7
Timescales
28/04/2017 Janet in a changing world 8
Launch consultation May 2017
Engage with stakeholder groups and a cross section of connected members & customers
May 2017 to September 2017
Complete consultation End September 2017
Publish requirements analysis End October 2017
Security landscapeFrances Burton, Jisc Security Services Group Manager
28/04/2017 Janet in a changing world 9
Cyber Security breaches report 2016
28/04/2017 Janet in a changing world 10
National Cyber Security strategy
28/04/2017 Janet in a changing world 11
https://www.gov.uk/government/publications/national-cyber-security-strategy-2016-to-2021
Cyberspace is an interactive domain made up of digital networks that is used to store, modify and communicate information.
It includes the internet, but also the other information systems that support our businesses, infrastructure and services
GCHQ sees credible threats
28/04/2017 Janet in a changing world 12
»Steal intellectual property
»Take commercially sensitive data , such as key negotiating positions
»Gain unauthorised access to government and defence related information
»Disrupt government and industry service
»Exploit information security weaknesses through targeting partners, subsidiaries and supply chains at home and abroad
Who is attacking
28/04/2017 Janet in a changing world 13
Computer Security Incident Response Team
28/04/2017 Janet in a changing world 14
» We work closely with our community to detect, report and investigate incidents that pose a threat to the security of our customers' information systems. We also investigate other forms of network abuse such as spam and copyright infringement
» Due to the geographical scope of incidents, we assist national and international law enforcement agencies in their investigations, connecting them to our trusted contacts within the community.
» Janet network CSIRT
What does Janet CSIRT do?
28/04/2017 Janet in a changing world 15
» Janet CSIRT is the Computer Security Incident Response Team for the Janet network.
» They are responsible for the coordination and resolution of incidents that occur within organisations connected to Janet.
» They work with organisations within the UK and internationally to assist in crime investigation.
» Gather intelligence on potential security issues and report them to connected organisations.
» First port of call for when a customer may be experiencing a security issue.
Incident breakdown by type
28/04/2017 Janet in a changing world 16
Jisc Cyber Security landscape
28/04/2017 Janet in a changing world 17
Jisc Cyber
Security
New Scotland
YardInternet Watch
Foundation
National Crime
Agency
National Cyber
Security Centre
Home Office
PREVENT
Security & Intelligence Agencies
Counter Terrorism Internet Referral
Unit
Current Jisc Cyber security & Training Services
28/04/2017 Janet in a changing world 18
» Janet network CSIRT – Incident response
» DDoS Mitigation
» Web filtering and monitoring
» Vulnerability assessment and information
» Manual penetration testing
» Email abuse protection
» Spam-relay tester and notification system
» Security blocklists and whitelists
» WRAP and security courses
» Registration Authority- Certificate Service
» S/MIME Extension to Certificate Service
» DNS Response Policy Zone (RPZ)
» Safeshare – Secure Connection solution» www.jisc.ac.uk/network/security
» Computers, privacy and the law (live online course)
» Effective Identification & Management of security Incidents
» Filtering & Monitoring: how they can help?
» Hand on Digital forensics
» Hands on security testing (live online course)
» Information security policies (live online course)
» Managing IT security
» Cyber Essentials Coming Soon
» https:/www.jisc.ac.uk/advice/training/network
Cyber timeline
28/04/2017 Janet in a changing world 19
Jan-16 Jan-18Feb-16 Mar-16 Apr-16 May-16 Jun-16 Jul-16 Aug-16 Sep-16 Oct-16 Nov-16 Dec-16 Jan-17 Feb-17 Mar-17 Apr-17 May-17 Jun-17 Jul-17 Aug-17 Sep-17 Oct-17 Nov-17 Dec-17
Mar-16
VulnerabilityAssessment and
Information Service
Nov-16
DDoS Phase One
Nov-16
Jisc Security
Conference
Jun-17
DigitalForensics
Dec-16
PersonalCertificates
Apr-17
Safe Share & Phishing Service
Nov-17
JiscSecurity
Conference
Jan-18
AuthenticatedNTP
Dec-17
DNS RPZ
Jul-17
DDoS Phase TwoMay-16
Web FilteringFramework
May-17
Cyber EssentialsAccreditor
Mar-16
ThreatInformation
Abuse Helper
Today
DDOS what we’ve seen
28/04/2017 Janet in a changing world 20
System turned on: 04/10/2016
» Largest: 45.9 Gbps» Longest: 15 Hours» Attacks to date: 410» Potential total attack traffic: 133TB» Unluckiest customer: 38 attacks0
5
10
15
20
25
30
35
40
45
50
Weekly Attack Numbers
NCSC 10 steps to Cyber Security
28/04/2017 Janet in a changing world 21
jisc.ac.uk
Janet in a changing world
Thank-you for listening and
now for some discussion
28/04/2017 Janet in a changing world 22