10 October 2003 Internet2 members meeting 1 An update on the work of JANET Wireless Advisory Group & The Terena Mobility Taskforce James Sankar UKERNA.

Slides:



Advertisements
Similar presentations
Joining eduroam Wireless Roaming for Education and Research.
Advertisements

Caltech Proprietary Videoconferencing Security in VRVS 3.0 and Future Videoconferencing Security in VRVS 3.0 and Future Kun Wei California Institute of.
Connect. Communicate. Collaborate eduroam: towards a managed European service Miroslav Milinović, Srce, Zagreb, Croatia eduroam SA, GÉANT2 Wi-Fi Workshop,
Always Best Connected Architecture and Design Rajesh Mishra Ericsson Berkeley Wireless Center.
Terena Mobility Taskforce update Klaas Wierenga SURFnet.
Licia Florio EUNIS05, Manchester 1 Eduroam EUNIS Conference, June Licia Florio.
URP Usage Scenarios for NAS Yoshihiro Ohba August 2001 Toshiba America Research, Inc.
IPv6 TF-NGN 8 Berlin, 2 nd July Agenda Review GTPv6 status D9.6 GEANT deliverable Presentations from participants –JOIN, RENATER, POZNAN 6NET –Outputs,
5.1 Overview of Network Access Protection What is Network Access Protection NAP Scenarios NAP Enforcement Methods NAP Platform Architecture NAP Architecture.
Southampton Open Wireless Network The Topology Talk.
TF Mobility Group 22nd September A comparison of each national solution was made against Del C – “requirements”, the following solutions were assessed.
IPv6 over xDSL: The DIODOS Proposal Athanassios Liakopoulos Greek Research & Technology Network International IPv6 Workshop, Kopaonik,
21 May 2003 © The JNT Association Terena Networking Conference 2003 JANET Network Access & Last Mile Technologies James Sankar UKERNA.
Copyright JNT Association 2006 The JANET Roaming Service.
The Nomadic Network Providing Secure, Scalable and Manageable Roaming, Remote and Wireless Data Services Josh Howlett & Nick Skelton Information Services,
5/25/2015 AEB/Yleisesittely Roaming network access using Shibboleth in University of Helsinki Fall 2004 Internet2 Member Meeting 29th of September, 2004.
EduRoam ESA workshop 17 December 2004 Utrecht.
Eduroam – Roam In a Day Louis Twomey, HEAnet Limited HEAnet Conference th November, 2006.
2006 © SWITCH Authentication and Authorization Infrastructures in e-Science (and the role of NRENs) Christoph Witzig SWITCH e-IRG, Helsinki, Oct 4, 2006.
Network Access and 802.1X Klaas Wierenga SURFnet
High-quality Internet for higher education and research Federated network access with Klaas Wierenga SURFnet Ljubljana, April.
WLAN Roaming for the European Scientific Community: Lessons Learned , June 9 th, 2004 Carsten Bormann Niels Pollem reporting on the work of TERENA.
TNC 2003 Wireless Campus project Coletta Elisa Marchioro -
High-quality Internet for higher education and research eduroam EuroCAMP, Porto, November 9, 2005
Wbone: WLAN Roaming Based on Deep Security Zagreb, May 22 nd, 2003 Carsten Bormann Niels Pollem with a lot of help from TERENA TF Mobility.
EduRoam: movilidad por Europa... y España Toledo, 29 de octubre de 2004
WLAN Roaming for the European Scientific Community: Lessons Learned , June 9 th, 2004 Carsten Bormann Niels Pollem reporting on the work of TERENA.
Deliverable H: the interoperability testbed design Klaas Wierenga SURFnet.
1 Chapter 19 Networks. 2 What’s Inside and on the CD? In this chapter you’ll learn: –Basic network terminology –To identify network components –About.
1 Terena Networking Conference 2003 Applying Radius-based Public Access Roaming in the Finnish University Network (FUNET) Sami Keski-Kasari Karri Huhtanen.
Data Centers and IP PBXs LAN Structures Private Clouds IP PBX Architecture IP PBX Hosting.
What about 802.1X? An overview of possibilities for safe access to fixed and wireless networks Amsterdam, October Erik Dobbelsteijn.
UK WLAN Deployment Survey Tim Chown Electronics and Computer Science Department University of Southampton (UK) TERENA TF-Mobility Meeting,
1 Networks, advantages & types of What is a network? Two or more computers that are interconnected so they can exchange data, information & resources.
Wireless ambitions Frans Panken I2 Spring meeting 24 april 2012.
Connect communicate collaborate Campus Best Practices Gunnar Bøe, Section Manager, Campus Networks and Systems, UNINETT Skopje, 15 Sept
Basic Data Communication
EduRoam Australia Project Experience in location independent wireless networking with international collaboration with TERENA EduRoam Project 19 th APAN.
1 Week #7 Network Access Protection Overview of Network Access Protection How NAP Works Configuring NAP Monitoring and Troubleshooting NAP.
Networks A network is a collection of computers and devices connected together via communications devices and transmission media Advantages of a network.
COMP 6005 An Introduction To Computing Session Four: Internetworking and the World Wide Web.
Altai Certification Training Backend Network Planning
Education roaming Secure Wireless Service for Research and Education.
VoIP in Disaster & Emergency Response Voice over IP in Disaster and Emergency Response Team Members: Muhammad Ali Mansoor A. Siddiqui Carlos Loarca de.
Implementing Network Access Protection
High-quality Internet for higher education and research Paul Dekkers April 4th, Turkey.
Michal Procházka, Jan Oppolzer CESNET.
University of Murcia 8 June 2011 IPv6 in Europe Jacques Babot European Commission - DG INFSO Directorate, Emerging Technologies and Infrastructures.
Chapter 3.  The characteristics and purpose of: ◦ Intranets ◦ Internet ◦ Extranets.
Module 8: Configuring Network Access Protection
Technical Policy and Standards Andy Gorton – Senior Architect: Institutional Networks.
Computer and Information Science Ch1.3 Computer Networking Ch1.3 Computer Networking Chapter 1.
Claudio Allocchio - VP Technical Programme TERENA GA - Zagreb May The TERENA 3-years strategy David Willians President Claudio Allocchio VP.
High-quality Internet for higher education and research AAI from the NREN perspective Schiphol, October 17, 2005
802.1X in SURFnet 22 May 2003.
TERENA TF-Mobility: Roaming for WLANs Tim Chown University of Southampton TF-Mobility WG & UKERNA Wireless Advisory Group.
Configuring Network Access Protection
輔大資工所 在職研一 報告人:林煥銘 學號: Public Access Mobility LAN: Extending The Wireless Internet into The LAN Environment Jun Li, Stephen B. Weinstein, Junbiao.
Components of wireless LAN & Its connection to the Internet
Doc.: IEEE /209r0 Submission 1 March GPP SA2Slide 1 3GPP System – WLAN Interworking Principles and Status From 3GPP SA2 Presented.
Connect. Communicate. Collaborate TERENA Networking Conference, 7 june 2005 Eduroam: past, present, and future.
Security for (Wireless) LANs 802.1X workshop 30 & 31 March 2004 Amsterdam.
Connect. Communicate. Collaborate Deploying Authorization Mechanisms for Federated Services in the eduroam architecture (DAMe)* Antonio F. Gómez-Skarmeta.
Authentication and Authorisation in eduroam Klaas Wierenga, AA Workshop TNC Lyngby, 20th May 2007.
6 June 2004TF-Mobility meeting 6 June TF-Mobility meeting Agenda TF-Mobility Meeting, June Welcome and Update on TF-Mobility to date Discussion.
E-Science Security Roadmap Grid Security Task Force From original presentation by Howard Chivers, University of York Brief content:  Seek feedback on.
19 May 2003 © The JNT Association Terena Technical Advisory Council Terena Mobility Task Force
6/12/2016 AEB/Yleisesittely WLAN roaming experiences using Shibboleth TNC 2004, Rhodes 7th of June, 2004 Mikael Linden, Viljo Viitanen,
10 Years of eduroam (from an idea to a product)
Unit 11- Computer Networks
Presentation transcript:

10 October 2003 Internet2 members meeting 1 An update on the work of JANET Wireless Advisory Group & The Terena Mobility Taskforce James Sankar UKERNA

10 October 2003 Internet2 members meeting 2 Contents Page Background to UKERNA The Current Network – SuperJANET The SuperJANET Development Programme & the JANET Network Access Area JANET Wireless Advisory Group TF-Mobility update Internet 2 members collaboration?

10 October 2003 Internet2 members meeting 3 Current Network - SuperJANET In service – March 2001 Backbone – Supplied by WorldCom (now MCI) Initially 2.5Gbit/s now upgraded to 10 Gbit/s (July 2002)

10 October 2003 Internet2 members meeting 4 JANET Development Programme “…to underpin the development of SuperJANET, evolving over the coming years to support the applications used by the community, which is served by the network.” Network Access Area To widen of access to JANET to allow the migration of the learning process from its traditional base in the classroom, lecture theatre and laboratory, to the home and workplace. To exploit the opening open out of the "local loop" marketplace to enable wider access to JANET. To develop a broad number of activity areas that can enable the widening of access to the JANET network, such as ADSL, Two-way satellite, Wireless, IP over Power, Cable Modem etc. To work with other National Research and Education Networks on network access developments

10 October 2003 Internet2 members meeting 5 JANET Wireless Advisory Group Group formed in May Supported by UKERNA. Initial lifetime of 1 year –will be extended in line with the action plan. Group established and consists of –Higher education –Further education –Industry (suppliers and service providers) Website established /network_access/wireless/wag /wag.html with agenda, minutes and case studies available online. Public mailing list set up –“wireless- Terms of reference agreed Action Plan in draft form and under consultation.

10 October 2003 Internet2 members meeting 6 Mobile Wireless (40% effort) Location Independent Networking (30% effort) Wireless Applications & Services (10% effort) Point to Point / Multipoint Wireless (20% effort) Other Activities One or more end points may change location, such as , UMTS, GPRS, SMS, Bluetooth) Where a user can obtain network access independent of their physical location). Location Based Services & Instant Messaging applications Both end points have a fixed location, such as Fixed Radio and Infrared Services. Monitor commercial & community Wireless network activities. Attend the TF-Mobility meetings. Monitor standards and legislation. JANET Wireless Advisory Group Terms of Reference Key aim: To provide advice and guidance to the JANET community on wireless networking

10 October 2003 Internet2 members meeting 7 What are other Europe NRENs doing? WLAN Policy & best practice in place Scaling wireless LAN infrastructures across existing backbones for national “roaming” solutions Developing interoperable solutions to existing national solutions as part of the Terena TF mobility group, to develop a Europe wide wireless roaming infrastructure amongst participating NRENs

10 October 2003 Internet2 members meeting 8 SURFnet VPN + FCCN University of Bremen & SWITCH Originators of National Roaming solutions across Europe PPPoE over University of Bristol & The University of Swansea Web-based FUNET

10 October 2003 Internet2 members meeting 9 Background TERENA – Trans European Research and Education Networking Association (brings European NRENs together for European projects) TF Mobility (Taskforce) officially began on January –The group has an 18 month lifetime. Aim: ”coordinating research and testing in Europe regarding real usage and scalability of mobility solutions inside the academic community”. Mobility solutions are defined as –a way to transfer authentication information between organisations so that a user from different organisation may gain wired or wireless access to 1) the visiting organisation’s network or 2) the visitor’s home network for home authentication and network access. Work Areas –Identify inter-NREN roaming requirements. –Evaluate current national roaming solutions. –Select inter-NREN solution and test. –Evaluate mobile equipment, technology and next generation mobile technology for handover and roaming (mobile IPv4 & v6).

10 October 2003 Internet2 members meeting 10 Requirements definition 1) With minimal administrative overhead (per roaming user) Very little admin work to enable roaming per user Minimize the complexity of additional systems required No n2 work required when scaling system No regulatory entanglement 2) With g ood usability Available to most current WLAN (and wired) users. No additional software required to enable roaming. Enable all (work, guest, home networks, IPv4 and IPv6). 3) Maintaining required security for all partners Allow use only for approved NREN users. Provide accountability but also confidentiality of traffic. Guard against data manipulation and session hijacking. Allow real security (e2e) on top. Don’t aggravate security issues of visited networks. Enable NREN users to use Internet (WLAN and wired) everywhere in Europe

10 October 2003 Internet2 members meeting 11 Cross-domain 802.1X with VLAN assignment (Surfnet) Authentication at home institution, 802.1X, TTLS (SecureW2), (proxy) RADIUS. One time passwords are also transmitted via SMS to guest users. A RADIUS Hierarchy is proposed to scale this to a European wide solution. RADIUS server Institution B RADIUS server Institution A Internet Central RADIUS Proxy server Authenticator (AP or switch) User DB Supplicant Guest Student VLAN Guest VLAN Employee VLAN data signalling

10 October 2003 Internet2 members meeting 12 Intranet X Docking network Campus Network G-WiN VPN-Gateways DHCP, DNS, free Web Intranet X Docking network Campus Network G-WiN VPN-Gateways DHCP, DNS, free Web VPN & RADIUS/ PKI SWITCHmobile – VPN solution deployed at 7 universities across Switzerland. Wbone – VPN roaming solution to 4 universities / colleges in state of Bremen. A "virtual campus" initiative in Lisbon, and been testing and developing a VPN & PKI infrastructure.

10 October 2003 Internet2 members meeting 13 RADIUS based Web interface authentication solution Internet Docking Network Access Control Device AAA Server WWW-browser RADIUS based Web interface authentication at the University of Tampere The Finnish are scaling their solution by using a hierarchy of RADIUS proxy servers for their national infrastructure

10 October 2003 Internet2 members meeting 14 PPP over Ethernet – University of Bristol nomadic network (with links to the University of Wales)

10 October 2003 Internet2 members meeting 15 TF-Mobility: Current status 1.Documentation of national WLAN roaming solutions – complete Characteristics identified as –802.1X - “The future”, easy to scale, secure but cutting edge, thus expensive. –VPN - Widely available, expensive, secure & hard to scale. –Web based – cheap, widely available, easy to scale, but not secure. 2.WLAN Product testing matrix – 1 st draft completed 3.Preliminary selection for inter-NREN roaming – in draft, conclusions are –No national solution meets all the requirements. –The group has chosen not to consider the following Local VPN access: VPN users will not be able to access a visited institutions VPN gateway because (though possible) offering access to all VPN servers is not be practical as all participating institutions would have to purchase a VPN server for this single purpose. PKI: Good to have when ready, currently it is not and would be complex to manage during the group’s limited lifetime. –An architecture that supports the various national solutions is needed, a three stream approach is recommended…

10 October 2003 Internet2 members meeting 16 Recommendations Define interoperability scenarios for each national solution and identify work needed to integrate these solutions and three development streams together. A phased development / testing approach Resolve scaling and interoperability issues for 802.1x, VPN, web- based redirect,) Consolidate findings into a trial report Build and scale a RADIUS proxy hierarchy for non-VPN AAA Conduct feasibility tests on creating an scalable VPN solution Subject to feasibility, build the proposed CASG solution Extend to VPN in parallel Work on software changes to Roamnode (PPPoE over Linux) to facilitate roaming The testing of inter-NREN roaming solutions has already started !

10 October 2003 Internet2 members meeting 17 SURFnet FCCN FUNET RADIUS proxy hierarchy established (geographic view) RADIUS Proxy servers connecting to a European level RADIUS proxy server University of Southampton (DFN) Participation guidelines are being drafted Aim is to increase membership. Norway, Slovenia, Czech Republic & Greece have indicated their willingness to join. CARnet Findings so far (1) A standard is required for (2) Clear text of authentication details between RADIUS servers can be overcome by using IPSec

10 October 2003 Internet2 members meeting 18 Organizational RADIUS Server Top-level RADIUS Proxy Server Top-level RADIUS Proxy Server Organizational RADIUS Server National RADIUS Proxy Server National RADIUS Proxy Server National RADIUS Proxy Server National RADIUS Proxy Server University of Southampton Currently hosted at SURFnet Currently linked to FCCN, Portugal Currently linked to CARNET, Croatia Backup Top-level RADIUS Proxy Server Backup Top-level RADIUS Proxy Server etlr1.radius.terena.nl ( ) etlr2.radius.terena.nl ( ) Organizational RADIUS Server National RADIUS Proxy Server National RADIUS Proxy Server Organizational RADIUS Server Currently linked to SURFnet, Netherlands National RADIUS Proxy Server National RADIUS Proxy Server Organizational RADIUS Server Currently linked to FUNET, Finland RADIUS proxy hierarchy established (network topology view) National RADIUS Proxy Server National RADIUS Proxy Server Organizational RADIUS Server FOKUS (Berlin) National RADIUS Proxy Server National RADIUS Proxy Server

10 October 2003 Internet2 members meeting 19 Controlled Address Space for VPN Gateways Design and work plan documentation underway. Interoperability tests of VPN to RADIUS proxy hierarchy agreed. The group is considering using RADIUS for backup. Further work to follow.

10 October 2003 Internet2 members meeting 20 Further collaborations??? The TF-Mobility group welcomes participation within Europe and outside of Europe Why not join in and participate with us on –The RADIUS Proxy Hierarchy –The Controlled Address Space for VPN Gateways Contact us, the TF Mobility co-chairs are –James Sankar – –Carsten Bormann - Further Information JANET Wireless Advisory Group JANET Two-way satellite trial The Terena Mobility Task Force

10 October 2003 Internet2 members meeting 21 Thank you for your time Any questions ? James Sankar

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.