The latest developments affecting the Janet network, the services Jisc provides over the network, and future development of products, services and technologies.
5. Janet Computer Security Incident ResponseTeam
»Safeguarding your current and future computer security, with a
primary function to monitor and resolve any security incidents that
occur on the Janet network
»Our mission is to create a secure environment to conduct your
online activities. Our primary function is to monitor and resolve
any security incidents that occur on the network, with specialists
tracking a range of platforms, including Unix, Linux andWindows
23/03/2016 Janet Network DDoS experience
6. Janet Computer Security Incident ResponseTeam
»We work closely with our community to detect, report and
investigate incidents that pose a threat to the security of our
customers' information systems.We also investigate other forms
of network abuse such as spam and copyright infringement
»Due to the geographical scope of incidents, we assist national and
international law enforcement agencies in their investigations,
connecting them to our trusted contacts within the community
23/03/2016 Janet Network DDoS experience
8. CSIRT – Cost benefits
Costs: time to fix the breach, remove infection from computers, deal with
questions, inform staff and students, time that systems are unavailable to staff
and students, fines and compensation, business loss, reputational damage.
» 12.5% of organisations using Janet avoid having one severe security breach
annually due to the existence of CSIRT;
» Using the figures in the BIS report and working with the Jisc SSU
» £22.5 million
23/03/2016 Janet Network DDoS experience
BIS report “2015
Information Security
Breaches Survey”
£1.46m
to £3.14m
Average cost to a business
of its worst security
breach of the year.
£75k
to £311k
Large
Small
13. Jisc trust and identity services
eduroam
» 372 members – increase of 14% and an increase of 18% in operational eduroam
deployments to 277 organisations
» Jisc customersencouragedto work with local authoritiesto increaseeduroam footprint
UK Access Management Federation
» Reached 1K members, now at 1,037
» Important for the ~400 Shib IdPs v2 to upgrade before end of support in July
Assent
» Working to develop and implement Moonshot technology
into big infrastructure facilities as well as ‘everyday’ type services
23/03/2016 Janet Network DDoS experience
14. Jisc trust and identity services
Certificate service
» S/MIME certificates for digitally signing and encrypting emails is coming this summer
» High Assurance ExtendedValidation certs available for important / high profile
websites
Domain registry service (formally Naming service)
» Online portal now available for managing all your .ac.uk domains. Contact
domains@jisc.ac.uk to get access
T&I Networkshop events:
» Share and explore (BoF) – Wednesday @ 16:30 (room 2.219/2.220 (120))
» T&I parallel session –Thursday @ 09.15 (room 4.205/4.206 (120))
23/03/2016 Janet Network DDoS experience
16. Shared data centre current status – 1.5MW
»15 customers including anchor tenants
»Pipeline of customers
»160 racks (including 18 Jisc) and growing
»Total power requirement 1.542MW
Current status:
23/03/2016 Janet Network DDoS experience
17. So where next?
Shared data centre v2
»Geographically diverse
»Anchor tenants in place
› Universities of Liverpool, Leeds, Sheffield,
and Sheffield Hallam University, as well as
the N8 Research Partnership
»Project moving quickly – aiming for service
in place by Q3/Q4 2016
»Wednesday 23 March, Parallel sessions
(11:30 - 12:45)
23/03/2016 Janet Network DDoS experience
19. Transnational education
» Transnational education (TNE) is the
provision of education for students based
in a country other than the one in which
the awarding institution is located
Strategic importance
23/03/2016 Janet Network DDoS experience
21. Workshop to Raise Awareness of Prevent (WRAP)
»An understanding of the Prevent strategy and your role within it
»The ability to use existing expertise and professional judgment to
recognise the vulnerable individuals who may need support
»Local safeguarding and referral mechanisms and people to
contact for further help and advice
»This workshop is an introduction to the Prevent strategy,
it does not cover wider institutional responsibilities
under the duty
WRAP is a free specialist workshop, designed by
HM Government to give you:
23/03/2016 Janet Network DDoS experience
22. Workshop to Raise Awareness of Prevent (WRAP)
»Facilitated online learning, no travel required
»Delivered by our award winning training team
»Highly participatory sessions
»Share best practice across the sectors and nationwide
»Information and registration at jisc.ac.uk/advice/training
23/03/2016 Janet Network DDoS experience
23. Workshop to Raise Awareness of Prevent (WRAP)
» We are currently running four
sessions per week
» Sessions currently available to
book for March - May
» Number of sessions run to date:
104 and 25 scheduled for
March/April
» Total delegates completed
courses: 1575
» HE: 39%
» FE/Skills: 56%
» Others: 5%
» Broad mix of participants
including participation from
» Student Union/councils,
senior management, governors
(e.g. Principle, IT Director,
Director student services,
tutors and support staff)
23/03/2016 Janet Network DDoS experience
25. Service news and developments
»Web Filtering Service - Updated
› Updated to a cloud service August 2015
› Unlawful Extremist Content filter made available from Nov 2015
› User based filtering (Windows AD) now available
»Framework – Available from mid-May
› Multi-supplier, Multi-technology (Cloud, local and Hybrid),
aggregated discounts, possible licensing discounts for
existing installations
Web Filtering and Monitoring
22/03/2016 Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all) 25
26. Cloud news and developments
»Amazon have removed the egress charges for education and
research users
»Maximum egress discount is 15% of total bill – the average
amount for egress charges is 5% and there is no cost to upload
data into AWS, or move data betweenAmazon Simple Storage
Service (Amazon S3) andAmazon ElasticCompute Cloud
(Amazon EC2). Users of Arcus portal will benefit from the
egress charge exemption
»Further details on the Jisc website
AmazonWeb Service
22/03/2016 Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all) 26
27. Vscene developments
The service currently facilitates ~6000 conferences per month
across 500+ educational organisations
3 phases ofVscene development:
»a completely re-written customer interface
(phase 1, completed July 2014)
»a refresh of its underlying infrastructure
(phase 2, completesAugust 2016)
»a re-procurement ofVscene operational support
(phase 3, starting April 2016)
23/03/2016 Janet Network DDoS experience
28. Vscene developments
The new infrastructure:
»Double the current capacity to cope with ongoing increasing
domestic and international demand
»Give the flexibility to burst into cloud capacity to ensure
responsiveness of provision and minimise costs
»Increased interoperability with desktop users with introduction
ofWebRTC and Skype for business capability
»Support theTNE by enhancing communications between home
and foreign campuses of UK universities, e.g. a pilot between
Nottingham and China
23/03/2016 Janet Network DDoS experience
30. ISO 9001:2008 & 9001:2015 Quality Update
› Maintenance of ISO9001 certification since 1998
› The standard focuses on our products and services and currently
covers our network and associated services
› A full certificate renewal audit (to ISO9001:2008) is taking place
at the end of April 2016
› Work is already underway to align our quality management
system to ISO9001:2015 with a plan to transition to
ISO9001:2015 late 2016
› Discussions underway around how to expand our quality
management system across the whole organisation
22/03/2016 Operational Services
31. )
ISO 27001:2013 Information Security Update
› Project started August 2014 to implement and gain certification
against ISO27001:2013 (information security)
› Initial scope and certification looks at Eduroam(UK), Janet Certificate
Service, UK Access Management Federation and Jisc Assent
› Stage 1 audit with certification body scheduled for March 2016 (first
part of the formal certification process)
› Work is already underway to bring additional services into our
certification scope post successful completion of our stage 2 audit
› Additional discussions underway around how to expand our
information security management system across the whole
organisation
22/03/2016 Operational Services
32. jisc.ac.uk
22/03/2016 Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all)
JiscTechnologies
Steve Kennett
Head of Operational Services
steve.kennett@jisc.ac.uk
Editor's Notes
Incident Handling
Incident handling involves receiving, triaging,23 and responding to requests and reports, and
analyzing incidents and events. Particular response activities can include
• taking action to protect systems and networks affected or threatened by intruder activity
• providing solutions and mitigation strategies from relevant advisories or alerts
• looking for intruder activity on other parts of the network
• filtering network traffic
• rebuilding systems
• patching or repairing systems
• developing other response or workaround strategies
162 HEIs in the UK 300 FES organisations
The sessions have also been attended by representatives from BIS and were also reviewed by Matthew Batton from The Home Office. The Home Office liked our approach to facilitated online learning and has since asked us to feature our online WRAP sessions in the forthcoming Prevent Training Catalog. Feedback from sessions has been very positive and there is high demand for courses, from all sectors and a varied audience including tutors, student welfare officers, College principles and members of safeguarding teams.
Jisc sessions are useful for:
Senior management
Remote staff
New starters
Student council
WRAP delivery is also available from local police and Regional HE/FE Co-ordinators, who also run a train the trainer programme.