3. Janet network
» 10 core points of presence across the uk.
» A core across the UK of 400Gbit/s (current
upgrade taking this upto 600Gbit/s in 17/18).
» Long term fibre lease for the core.
» Optical, Ethernet and IP services run in-house.
» 18 regional distribution areas.
» Resilient architecture delivering highly available
services.
» ~900 organisations connected.
» 1.3Tbit/s external connectivity.
28/04/2017 Janet in a changing world 3
4. Requirements gathered for Janet6
28/04/2017 Janet in a changing world 4
Bandwidth
• Flexibility
• Agility
• Cost control
Service delivery
• Delivery of third-party
services
• Cloud services
• Reliability & resilience
Partnerships
• public/public, public/private
• Information assurance
Off-net support
• Anytime, anywhere access
• Internationalisation of
education
Management of costs
• Funding environment
• Costs of change
Universal service
• Student, lecturer, researcher
experience
• Social mobility & student
opportunity
5. Changes in the environment
28/04/2017 Janet in a changing world 5
Changes in funding
Higher information
assurance
Use of off-site datacentres
for equipment housing
Challenging economic
climate
Cyber security
Outsourcing services to
the Cloud
Open Science & the
importance of data
Implications of Brexit
6. Janet architecture review
1. Review the architecture of Janet
identify areas of change
produce a proposal for change
2. Establish a process and roadmap for managing the transition to
the new architecture
28/04/2017 Janet in a changing world 6
7. Janet architecture review – objectives
› Cost effectiveness: reduce the cost of providing Janet.
› User requirements: continue to meet user requirements and be flexible to adapt to changing
needs.
› Technological coherence: to ensure optimum appropriate technological coherence across Janet.
› Security: To ensure the right level of security assurance to appropriate standards.
› International connectivity: To determine Janet international connectivity requirements in light of
a changing international environment.
› Gateways to government networks: To understand the requirements for gateways to the HSCN
and other government networks.
› External connectivity: To review Janet peering arrangements and also the approach to connecting
with Content Distribution Networks and Cloud Providers.
› Fibre infrastructure: To investigate extending the backbone fibre contract with SSEET to 2028.
28/04/2017 Janet in a changing world 7
8. Timescales
28/04/2017 Janet in a changing world 8
Launch consultation May 2017
Engage with stakeholder groups and a
cross section of connected members &
customers
May 2017 to
September 2017
Complete consultation End September
2017
Publish requirements analysis End October 2017
11. National Cyber Security strategy
28/04/2017 Janet in a changing world 11
https://www.gov.uk/government/publications/national-cyber-security-strategy-2016-to-2021
Cyberspace is an interactive
domain made up of digital
networks that is used to store,
modify and communicate
information.
It includes the internet, but also
the other information systems
that support our businesses,
infrastructure and services
12. GCHQ sees credible threats
28/04/2017 Janet in a changing world 12
»Steal intellectual property
»Take commercially sensitive data , such as key
negotiating positions
»Gain unauthorised access to government and defence
related information
»Disrupt government and industry service
»Exploit information security weaknesses through
targeting partners, subsidiaries and supply chains at
home and abroad
14. Computer Security Incident ResponseTeam
28/04/2017 Janet in a changing world 14
»We work closely with our community to detect, report and
investigate incidents that pose a threat to the security of our
customers' information systems. We also investigate other forms
of network abuse such as spam and copyright infringement
»Due to the geographical scope of incidents, we assist national and
international law enforcement agencies in their investigations,
connecting them to our trusted contacts within the community.
»Janet network CSIRT
15. What does Janet CSIRT do?
28/04/2017 Janet in a changing world 15
»Janet CSIRT is the Computer Security Incident ResponseTeam for
the Janet network.
»They are responsible for the coordination and resolution of
incidents that occur within organisations connected to Janet.
»They work with organisations within the UK and internationally to
assist in crime investigation.
»Gather intelligence on potential security issues and report them to
connected organisations.
»First port of call for when a customer may be experiencing a
security issue.
17. Jisc Cyber Security landscape
28/04/2017 Janet in a changing world 17
Jisc
Cyber
Security
New
Scotland
Yard
Internet
Watch
Foundatio
n
National
Crime
Agency
National
Cyber
Security
Centre
Home
Office
PREVENT
Security &
Intelligenc
e Agencies
Counter
Terrorism
Internet
Referral
Unit
18. Current Jisc Cyber security &Training Services
28/04/2017 Janet in a changing world 18
» Janet network CSIRT – Incident response
» DDoS Mitigation
» Web filtering and monitoring
» Vulnerability assessment and information
» Manual penetration testing
» Email abuse protection
» Spam-relay tester and notification system
» Security blocklists and whitelists
» WRAP and security courses
» Registration Authority- Certificate Service
» S/MIME Extension to Certificate Service
» DNS Response Policy Zone (RPZ)
» Safeshare – Secure Connection solution
» www.jisc.ac.uk/network/security
» Computers, privacy and the law (live
online course)
» Effective Identification & Management of
security Incidents
» Filtering & Monitoring: how they can
help?
» Hand on Digital forensics
» Hands on security testing (live online
course)
» Information security policies (live online
course)
» Managing IT security
» Cyber Essentials Coming Soon
» https:/www.jisc.ac.uk/advice/training/network
19. Cyber timeline
28/04/2017 Janet in a changing world 19
Jan-16 Jan-18
Feb-16 Mar-16 Apr-16 May-16 Jun-16 Jul-16 Aug-16 Sep-16 Oct-16 Nov-16 Dec-16 Jan-17 Feb-17 Mar-17 Apr-17 May-17 Jun-17 Jul-17 Aug-17 Sep-17 Oct-17 Nov-17 Dec-17
Mar-16
Vulnerability
Assessment and
Information Service
Nov-16
DDoS Phase One
Nov-16
Jisc
Security
Conference
Jun-17
Digital
Forensics
Dec-16
Personal
Certificates
Apr-17
Safe Share &
Phishing Service
Nov-17
Jisc
Security
Conference
Jan-18
Authenticated
NTP
Dec-17
DNS RPZ
Jul-17
DDoS Phase Two
May-16
Web Filtering
Framework
May-17
Cyber Essentials
Accreditor
Mar-16
Threat
Information
Abuse Helper
Today
20. DDOS what we’ve seen
28/04/2017 Janet in a changing world 20
System turned on: 04/10/2016
» Largest: 45.9 Gbps
» Longest: 15 Hours
» Attacks to date: 410
» Potential total attack traffic: 133TB
» Unluckiest customer: 38 attacks0
5
10
15
20
25
30
35
40
45
50
Weekly Attack Numbers
21. NCSC 10 steps to Cyber Security
28/04/2017 Janet in a changing world 21
22. jisc.ac.uk
Janet in a changing world
Thank-you for listening and
now for some discussion
28/04/2017 Janet in a changing world 22