Jisc and janet network updates from network operations, operational services and strategic...

Janet Network DDoS experience

Jisc/Janet updates from Network Operations,

Operational Services and Strategic Technologies

23/03/2016


Steve KennettHead of operational services

and Senior information risk owner, Jisc technologies

23/03/2016

Janet Network DDoS experience23/03/2016

Operational services


Janet Computer Incident Response Team - CSIRT


Janet Computer Security Incident Response Team

»Safeguarding your current and future computer security, with a primary function to monitor and resolve any security incidents that occur on the Janet network

»Our mission is to create a secure environment to conduct your online activities. Our primary function is to monitor and resolve any security incidents that occur on the network, with specialists tracking a range of platforms, including Unix, Linux and Windows

23/03/2016


Janet Computer Security Incident Response Team

»We work closely with our community to detect, report and investigate incidents that pose a threat to the security of our customers' information systems. We also investigate other forms of network abuse such as spam and copyright infringement

»Due to the geographical scope of incidents, we assist national and international law enforcement agencies in their investigations, connecting them to our trusted contacts within the community

23/03/2016

Monthly Total Incidents Completed 2015

7


CSIRT – Cost benefits

Costs: time to fix the breach, remove infection from computers, deal with questions, inform staff and students, time that systems are unavailable to staff and students, fines and compensation, business loss, reputational damage.

»12.5% of organisations using Janet avoid having one severe security breach annually due to the existence of CSIRT;

»Using the figures in the BIS report and working with the Jisc SSU»£22.5 million23/03/2016

BIS report “2015 Information Security Breaches Survey”

£1.46mto

£3.14m

Average cost to a business of its worst security breach of

the year.

£75k to £311kLa

rge

Smal

l


Programme of security activities

»Information security management

»ISO27001»DDoS mitigation»Security X-ray»Cybersecurity

intelligence»Vulnerability

assessment

»Phishing mitigation »Malware analysis»Digital forensics »Password managers»Web filtering

23/03/2016


Scary but true

23/03/2016


jisc.ac.uk

Computer Security Incident Response Team

23/03/2016

0300 999 [email protected] the Janet network CSIRT blog

mailto:[email protected]

http://www.jisc.ac.uk/


Trust and identity


Jisc trust and identity services

eduroam»372 members – increase of 14% and an increase of 18% in

operational eduroam deployments to 277 organisations» Jisc customers encouraged to work with local authorities to increase

eduroam footprintUK Access Management Federation»Reached 1K members, now at 1,037» Important for the ~400 Shib IdPs v2 to upgrade before end of

support in JulyAssent»Working to develop and implement Moonshot technology

into big infrastructure facilities as well as ‘everyday’ type services

23/03/2016


Jisc trust and identity services

Certificate service»S/MIME certificates for digitally signing and encrypting emails is

coming this summer»High Assurance Extended Validation certs available for important /

high profile websitesDomain registry service (formally Naming service)»Online portal now available for managing all your .ac.uk domains.

Contact [email protected] to get access

T&I Networkshop events:»Share and explore (BoF) – Wednesday @ 16:30 (room 2.219/2.220

(120))»T&I parallel session – Thursday @ 09.15 (room 4.205/4.206 (120))23/03/2016

mailto:[email protected]


Shared data centre


Shared data centre current status – 1.5MW

»15 customers including anchor tenants

»Pipeline of customers»160 racks (including 18 Jisc) and

growing»Total power requirement 1.542MW

Current status:

23/03/2016


So where next?

Shared data centre v2»Geographically diverse»Anchor tenants in place› Universities of Liverpool, Leeds,

Sheffield, and Sheffield Hallam University, as well as the N8 Research Partnership

»Project moving quickly – aiming for service in place by Q3/Q4 2016

»Wednesday 23 March, Parallel sessions (11:30 - 12:45)

23/03/2016


Trans National Education - TNE


Transnational education

» Transnational education (TNE) is the provision of education for students based in a country other than the one in which the awarding institution is located

Strategic importance

23/03/2016


Workshop to Raise Awareness of Prevent (WRAP)



»An understanding of the Prevent strategy and your role within it

»The ability to use existing expertise and professional judgment to recognise the vulnerable individuals who may need support

»Local safeguarding and referral mechanisms and people to contact for further help and advice

»This workshop is an introduction to the Prevent strategy, it does not cover wider institutional responsibilities under the duty

WRAP is a free specialist workshop, designed by HM Government to give you:

23/03/2016



»Facilitated online learning, no travel required»Delivered by our award winning training team»Highly participatory sessions»Share best practice across the sectors and nationwide

»Information and registration at jisc.ac.uk/advice/training

23/03/2016



»We are currently running four sessions per week

»Sessions currently available to book for March - May

»Number of sessions run to date: 104 and 25 scheduled for March/April

»Total delegates completed courses: 1575

»HE: 39%»FE/Skills: 56%»Others: 5%»Broad mix of participants

including participation from

»Student Union/councils, senior management, governors (e.g. Principle, IT Director, Director student services, tutors and support staff)

23/03/2016


Operational services delivery group

Service news and developments

»Web Filtering Service - Updated› Updated to a cloud service August 2015

› Unlawful Extremist Content filter made available from Nov 2015

› User based filtering (Windows AD) now available

»Framework – Available from mid-May› Multi-supplier, Multi-technology (Cloud, local and Hybrid),

aggregated discounts, possible licensing discounts for existing installations

Web Filtering and Monitoring

01/05/2023

Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all) 25

Cloud news and developments

»Amazon have removed the egress charges for education and research users

»Maximum egress discount is 15% of total bill – the average amount for egress charges is 5% and there is no cost to upload data into AWS, or move data between Amazon Simple Storage Service (Amazon S3) and Amazon Elastic Compute Cloud (Amazon EC2). Users of Arcus portal will benefit from the egress charge exemption

»Further details on the Jisc website

Amazon Web Service

01/05/2023

Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all) 26


Vscene developments

The service currently facilitates ~6000 conferences per month across 500+ educational organisations

3 phases of Vscene development:»a completely re-written customer interface

(phase 1, completed July 2014)»a refresh of its underlying infrastructure

(phase 2, completes August 2016)»a re-procurement of Vscene operational support

(phase 3, starting April 2016)23/03/2016


Vscene developments

The new infrastructure:»Double the current capacity to cope with ongoing

increasing domestic and international demand»Give the flexibility to burst into cloud capacity to

ensure responsiveness of provision and minimise costs

»Increased interoperability with desktop users with introduction of WebRTC and Skype for business capability

»Support the TNE by enhancing communications between home and foreign campuses of UK universities, e.g. a pilot between Nottingham and China

23/03/2016


Vscene developments

Proposed future enhancements:»Support for mobile devices (Smartphones & Tablets)»Text chat capability»VLE integration

23/03/2016

ISO 9001:2008 & 9001:2015 Quality Update

› Maintenance of ISO9001 certification since 1998› The standard focuses on our products and services

and currently covers our network and associated services

› A full certificate renewal audit (to ISO9001:2008) is taking place at the end of April 2016

› Work is already underway to align our quality management system to ISO9001:2015 with a plan to transition to ISO9001:2015 late 2016

› Discussions underway around how to expand our quality management system across the whole organisation01/05/2023 Operational Services

01/05/2023

Operational Services

)ISO 27001:2013 Information Security

Update › Project started August 2014 to implement and gain

certification against ISO27001:2013 (information security)

› Initial scope and certification looks at Eduroam(UK), Janet Certificate Service, UK Access Management Federation and Jisc Assent

› Stage 1 audit with certification body scheduled for March 2016 (first part of the formal certification process)

› Work is already underway to bring additional services into our certification scope post successful completion of our stage 2 audit

› Additional discussions underway around how to expand our information security management system across the whole organisation

01/05/2023

Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all)

jisc.ac.uk

Jisc Technologies

Steve KennettHead of Operational [email protected]

http://www.jisc.ac.uk/

Jisc and janet network updates from network operations, operational services and strategic...

Education

Transcript of Jisc and janet network updates from network operations, operational services and strategic...