Connect Communicate Collaborate The Security Model of GANT

Connect. Communicate. Collaborate The Security Model of GÉANT 2: A Co-operative Approach Christoph Graf, SWITCH TNC’ 07, Lyngby, 22 May 2007

Overview • • The project GÉANT 2 The goal: securing GÉANT 2 Environment and stakeholders The approach to security Where we stand Outlook Summary Connect. Communicate. Collaborate

The Project GÉANT 2 Connect. Communicate. Collaborate Some figures: • • • . . . Project partners include 30 of Europe’s national research and education networks (NRENs), DANTE and TERENA Connects 34 European countries and serves over 3500 research and education establishments across Europe Over 30 million users. . .

The Goal: Security Connect. Communicate. Collaborate • Make the GÉANT 2 community a secure community. . . as secure as needed! • Who is the „GÉANT 2 community“? Its users!

The view from above. . . Connect. Communicate. Collaborate GÉANT 2 Topology November 2006

. . . but where are the users? GÉANT 2 Connect. Communicate. Collaborate GÉANT 2 national/jurisdiction boundaries 30 NRENs (maybe regional nets) organisational NREN boundaries 3500+ R&E establishments R&E Org Org. unit 30+ million users different affiliation types R&E Org. unit

. . . and where are the security stakeholders? Dante, Terena, Project policy bodies NREN CERTs Site security teams System administrators Connect. Communicate. Collaborate GÉANT 2 security activity scope GÉANT 2 NREN R&E Org Org. unit R&E Org. unit

How important is security? Connect. Communicate. Collaborate • Security is not for free • It makes things more complicated • But why do some care more than others?

Maslow’s Hierarchy of Human Needs Connect. Communicate. Collaborate Humans: NRENs: Actualisation ? Status (esteem) Star NREN Love/Belonging Community: Trust, Policies Safety Security: CERTs Physiological Physical: GÉANT 2 network Source: http: //en. wikipedia. org/wiki/Maslow

The Approach Connect. Communicate. Collaborate Leading edge team Proactive monitoring Recognised CERT Basic CERT No CERT security capabilities Partner’s security team Improve leading edge teams Reaching compliance level GÉANT 2 security compliance level time

Where we stand. . . Connect. Communicate. Collaborate • Improve leading edge teams: because new threats are looming – “The Toolset” and its elements: • Flow. Mon probe: appliance turning network traffic into Net. Flow data • Nfsen: Net. Flow visualisation and analysis tool – The purpose: • Working horse for many CERT teams • Framework to put leading edge concepts and algorithms to test • Reaching compliance level: because of the rule of the weakest link – Operate a CERT! – Largely using existing initiatives and services: TRANSITS, TI, TFCSIRT

Outlook Connect. Communicate. Collaborate • Improve leading edge teams – Flow. Mon probe: from pre-production to product – Nfsen: improve sustainability, networking the developers, build a development platform – Trial new ideas for anomaly detection – Training material and delivery • Reaching compliance level – Organise mentoring work between experts and newly created CERTs

Summary Connect. Communicate. Collaborate • The GÉANT 2 trust network is covering – 30 NRENs in 34 countries, DANTE and TERENA – over 3500 R&E establishments, over 30 million users • It follows existing structures: from NRENs to users • It integrates existing initiatives: TI, TF-CSIRT • A co-operative approach to overcome national and organisational boundaries for a common goal: secure our increasingly critical networking infrastructure