The two security areas that we will address throughout this project are protecting the network infrastructure itself and analyzing the data that transits our network. Protecting the network infrastructure is accomplished by packet filters applied to the control plane of the TransPAC2 router, keeping up to date on the vulnerabilities that effect network components, and monitoring device event logs. Daily analysis of data that transits the TransPAC2 network is accomplished by providing NetFlow data to the Research and Education Networking - Information Sharing and Analysis Center (REN-ISAC).
The REN-ISAC is an integral part of higher education's strategy to improve network security through information collection, analysis, dissemination, early warning, and response; specifically designed to support the unique environment and needs of organizations connected to served higher education and research networks, and supports efforts to protect the national cyber infrastructure by participating in the formal U.S. ISAC structure.
TransPAC2 Security efforts
The following items describe actions taken to ensure the security of the network infrastructure itself.
- The TransPAC2 router is protected against intrusions by packet filters applied to the control plane.
- The operating systems of all network components are up to date.
- Known vulnerabilities are fixed where appropriate.
- Using the RANCID system, the Global NOC monitors the TransPAC2 router's event logs.
- NetFlow data is exported to the REN-ISAC data collectors.
- TransPAC2 engineers are involved in the daily aspects of the REN-ISAC activities.
- TransPAC2 router data is aggregated with other REN data to help provide a view into national R&E network security.