Janet in a changing worldJeremy Sharp, Janet Infrastructure Director

Frances Burton, Jisc Security Services Group Manager

14/03/2017

Evolving JanetJeremy Sharp, Janet Infrastructure Director

28/04/2017 Janet in a changing world 2

Janet network

» 10 core points of presence across the uk.

» A core across the UK of 400Gbit/s (current upgrade taking this upto 600Gbit/s in 17/18).

» Long term fibre lease for the core.

» Optical, Ethernet and IP services run in-house.

» 18 regional distribution areas.

» Resilient architecture delivering highly available services.

» ~900 organisations connected.

» 1.3Tbit/s external connectivity.

28/04/2017 Janet in a changing world 3

Requirements gathered for Janet6

28/04/2017 Janet in a changing world 4

Bandwidth• Flexibility• Agility• Cost control

Service delivery• Delivery of third-party

services• Cloud services• Reliability & resilience

Partnerships• public/public, public/private• Information assurance

Off-net support• Anytime, anywhere access• Internationalisation of

education

Management of costs• Funding environment• Costs of change

Universal service• Student, lecturer, researcher

experience• Social mobility & student

opportunity

Changes in the environment

28/04/2017 Janet in a changing world 5

Changes in funding

Higher information assurance

Use of off-site datacentresfor equipment housing

Challenging economic climate

Cyber security

Outsourcing services to the Cloud

Open Science & the importance of data

Implications of Brexit

Janet architecture review

1. Review the architecture of Janet

identify areas of change

produce a proposal for change

2. Establish a process and roadmap for managing the transition to the new architecture

28/04/2017 Janet in a changing world 6

Janet architecture review – objectives

› Cost effectiveness: reduce the cost of providing Janet.

› User requirements: continue to meet user requirements and be flexible to adapt to changing needs.

› Technological coherence: to ensure optimum appropriate technological coherence across Janet.

› Security: To ensure the right level of security assurance to appropriate standards.

› International connectivity: To determine Janet international connectivity requirements in light of a changing international environment.

› Gateways to government networks: To understand the requirements for gateways to the HSCN and other government networks.

› External connectivity: To review Janet peering arrangements and also the approach to connecting with Content Distribution Networks and Cloud Providers.

› Fibre infrastructure: To investigate extending the backbone fibre contract with SSEET to 2028.

28/04/2017 Janet in a changing world 7

Timescales

28/04/2017 Janet in a changing world 8

Launch consultation May 2017

Engage with stakeholder groups and a cross section of connected members & customers

May 2017 to September 2017

Complete consultation End September 2017

Publish requirements analysis End October 2017

Security landscapeFrances Burton, Jisc Security Services Group Manager

28/04/2017 Janet in a changing world 9

Cyber Security breaches report 2016

28/04/2017 Janet in a changing world 10

National Cyber Security strategy

28/04/2017 Janet in a changing world 11

https://www.gov.uk/government/publications/national-cyber-security-strategy-2016-to-2021

Cyberspace is an interactive domain made up of digital networks that is used to store, modify and communicate information.

It includes the internet, but also the other information systems that support our businesses, infrastructure and services

GCHQ sees credible threats

28/04/2017 Janet in a changing world 12

»Steal intellectual property

»Take commercially sensitive data , such as key negotiating positions

»Gain unauthorised access to government and defence related information

»Disrupt government and industry service

»Exploit information security weaknesses through targeting partners, subsidiaries and supply chains at home and abroad

Who is attacking

28/04/2017 Janet in a changing world 13

Computer Security Incident Response Team

28/04/2017 Janet in a changing world 14

» We work closely with our community to detect, report and investigate incidents that pose a threat to the security of our customers' information systems. We also investigate other forms of network abuse such as spam and copyright infringement

» Due to the geographical scope of incidents, we assist national and international law enforcement agencies in their investigations, connecting them to our trusted contacts within the community.

» Janet network CSIRT

What does Janet CSIRT do?

28/04/2017 Janet in a changing world 15

» Janet CSIRT is the Computer Security Incident Response Team for the Janet network.

» They are responsible for the coordination and resolution of incidents that occur within organisations connected to Janet.

» They work with organisations within the UK and internationally to assist in crime investigation.

» Gather intelligence on potential security issues and report them to connected organisations.

» First port of call for when a customer may be experiencing a security issue.

Incident breakdown by type

28/04/2017 Janet in a changing world 16

Jisc Cyber Security landscape

28/04/2017 Janet in a changing world 17

Jisc Cyber

Security

New Scotland

YardInternet Watch

Foundation

National Crime

Agency

National Cyber

Security Centre

Home Office

PREVENT

Security & Intelligence Agencies

Counter Terrorism Internet Referral

Unit

Current Jisc Cyber security & Training Services

28/04/2017 Janet in a changing world 18

» Janet network CSIRT – Incident response

» DDoS Mitigation

» Web filtering and monitoring

» Vulnerability assessment and information

» Manual penetration testing

» Email abuse protection

» Spam-relay tester and notification system

» Security blocklists and whitelists

» WRAP and security courses

» Registration Authority- Certificate Service

» S/MIME Extension to Certificate Service

» DNS Response Policy Zone (RPZ)

» Safeshare – Secure Connection solution» www.jisc.ac.uk/network/security

» Computers, privacy and the law (live online course)

» Effective Identification & Management of security Incidents

» Filtering & Monitoring: how they can help?

» Hand on Digital forensics

» Hands on security testing (live online course)

» Information security policies (live online course)

» Managing IT security

» Cyber Essentials Coming Soon

» https:/www.jisc.ac.uk/advice/training/network

Cyber timeline

28/04/2017 Janet in a changing world 19

Jan-16 Jan-18Feb-16 Mar-16 Apr-16 May-16 Jun-16 Jul-16 Aug-16 Sep-16 Oct-16 Nov-16 Dec-16 Jan-17 Feb-17 Mar-17 Apr-17 May-17 Jun-17 Jul-17 Aug-17 Sep-17 Oct-17 Nov-17 Dec-17

Mar-16

VulnerabilityAssessment and

Information Service

Nov-16

DDoS Phase One

Nov-16

Jisc Security

Conference

Jun-17

DigitalForensics

Dec-16

PersonalCertificates

Apr-17

Safe Share & Phishing Service

Nov-17

JiscSecurity

Conference

Jan-18

AuthenticatedNTP

Dec-17

DNS RPZ

Jul-17

DDoS Phase TwoMay-16

Web FilteringFramework

May-17

Cyber EssentialsAccreditor

Mar-16

ThreatInformation

Abuse Helper

Today

DDOS what we’ve seen

28/04/2017 Janet in a changing world 20

System turned on: 04/10/2016

» Largest: 45.9 Gbps» Longest: 15 Hours» Attacks to date: 410» Potential total attack traffic: 133TB» Unluckiest customer: 38 attacks0

5

10

15

20

25

30

35

40

45

50

Weekly Attack Numbers

NCSC 10 steps to Cyber Security

28/04/2017 Janet in a changing world 21

jisc.ac.uk

Janet in a changing world

Thank-you for listening and

now for some discussion

28/04/2017 Janet in a changing world 22