TNC, GÉANT’s flagship event, is the largest and most prestigious Research & Education networking conference.
TNC presents participants with a unique overview of the latest developments in research networking, both in the technical field and in the area of application and management. Every year TNC brings together a wide cross section of specialists from a variety of roles in the areas of networking, Trust & Identity, access management and more from all NRENs, universities, research organisations and institutions, and industry.
TNC21, the conference’s 36th edition, will take place on 21-25 June 2021 and will be fully online for the first time in the history of TNC due to restrictions caused by the COVID pandemic.
Opening Session on Monday
Official opening of TNC21 by Chairman of the GÉANT Board Andreas Dudler (SWITCH) and GÉANT CEO Erik Huizer, with a focus on the GÉANT Strategy and some tips about using the TNC21 platform.
The procedures that allow European higher education institutions to exchange student mobility data remain largely paper-based, making students dependent on a number of accounts and documents to apply for mobility. As more students go abroad and with a growingly interconnected world, Erasmus needs to evolve to align with the European leaders’ vision of a European Education Area by 2025 - no borders to student mobility.
MyAcademicID delivered an Identity and Access Management Platform and defined an eID scheme for higher education that allows students to consistently and reliably authenticate to online Erasmus services. MyAcademicID results are an important step forward towards the digital transformation of Erasmus programmes.
The increasing adoption of highly programmable networking infrastructure requires a trustful and agile deployment of software packages in the Control Plane layer. In the era of software-defined infrastructure/networking, it comes to a point where the network engineering team takes the lead in the software deployment process. In this talk, we will share our experiences as network engineers designing and operating an automated pipeline to continuously integrate and deliver (CI/CD) software packages for our control layer. The CI/CD pipeline enables our SDN orchestrator to manage the programmable network infrastructure in a more secure and flexible manner. We will start by presenting the key motivations using real examples. We will then show some of the standard management APIs and frameworks that helped us build the CI/CD pipeline, and finally, our actual pipeline design and implementation, including some testing procedures to evaluate end-to-end connectivity in SDN environments.
Qantas flight QF32 took off from Singapore on 4 November 2010. Shortly after takeoff, an engine exploded, and took many redundant systems with it.
During the flight, the Captain and crew used their training and experience, and took decisions that might seem counterintuitive to us, but that led to the safe landing of the aircraft.
We don’t fly planes, but we do manage complex, redundant systems and, when they fail, we have teams of people involved in their restoration. This talk will look at how we operate through the lessons of QF32, and see what we can learn.
There are numerous Cloud Storage Services for Synchronization and Sharing (CS3) serving the R&E space in Europe. These services, typically using open-source on-premise solutions, are driven at universities, research institutions and NRENs and in recent years have collectively formed a bottom-up, grassroots community (cs3community.org). Examples of such CS3 sites include CERNBox, SWITCHdrive, PSNCBox, SURF’s ResearchDrive, DeiC’s ScienceData, AARNet’s CloudSTOR, Sciebo@Munster University, JRC’s Earth Observation Data Processing Platform, and CESNET’s DataCare. But these services are in most cases isolated islands and do not necessarily fit with the collaborative nature of many research activities. It is very often difficult to give access to other institutions, share data across platforms and run applications on top of this fragmented landscape.
These concerns have led the institutions mentioned above to come together and interlink these services; and they have received the support of EC to do this as a project: CS3MESH4EOSC (cs3mesh4eosc.eu). The idea is to boost open science by presenting a joint, coordinated service — Science Mesh (sciencemesh.io)— to the users in the research and education space on a pan-European level. And to answer a major question: can we manage and store research data in Europe?
During this presentation we will share our views and experiences regarding automating and orchestrating networks. What are the pitfalls? What are the challenges? But also, what are the unforeseen benefits? And how has our service delivery improved now we have a fully automated network? If you are at the start of automating networks we hope you will find our presentation enlightening.
Time & Frequency (T&F) as an optical service has become a hot topic in the past ten years. National Metrology Institutes (NMIs) in collaboration with NRENs have demonstrated higher frequency stability than any existing commercial service, offering tremendous potential in a wide range of scientific, societal and economic domains. We report here the first long-haul bidirectional industrial implementations operating in the C-band at 1542.14nm and co-propagating with data-traffic in the RENATER network. This presentation will show the high level of maturity of optical T&F link deployment and how this service is integrated in NREN day-to-day procedures (commissioning, operating, monitoring) with other standard services.
For years, the higher education sector has been preparing for a more blended, online approach to teaching and learning. The COVID-19 pandemic has not only accelerated this process, but enabled the sector to take stock, rapidly and flexibly, of how we deliver education. This has been at the institutional and national level. Jisc, the UK's NREN has worked with our sector to explore ‘Learning and Teaching Reimagined: a new dawn for higher education' published in November 2020. We are now looking through a global lens; TNC21 is a timely opportunity to share learnings, and create a more collaborative global approach.
Following the ransomware attack on the University of Maastricht during the Christmas holiday 2019, SURF was (t)asked by the universities to setup a central SOC for the universities and other education and research institutes affiliated with SURF. In this talk we will elaborate on the project of realising the SURFsoc, the components that make up the SURFsoc, as well as the tender we did to procure the SIEM part of the SOC from the market. Deployment starts in January 2021 and by the time of TNC should be in production with 15 connected and protected institutions, meaning we will be able to present on the challenges faced during implementation and deployment as well. In a few years time we expect to have more than 50 institutions connected to SURFsoc.
The Global Research and Education Network (GREN) Map will provide a dynamic, real-time visualization of the value and reach of the GREN, providing not only a visualization of its topology, but also a vital marketing and external relations tool showing the value and reach of the GREN at both a national and institutional level.
The demo will highlight and display:
1. the unique, distributed approach taken in both the development of the GREN Map and its implementation architecture;
2. the pilot implementation of the GREN map, across the 14 partners in the Canadian NREN and early international adopters; and
3. the current status of GREN Map and next steps.
With the Oracle Cloud Infrastructure (OCI), you can provision highly available compute instances on bare metal servers without a hypervisor, ensuring full control plane and network isolation, performance guarantees, and repeatability of your experiments. You can leverage the same cloud-optimized hardware, firmware, software stack, and networking infrastructure for your virtual machine instances and databases. With the Oracle Data Science Cloud platform, you can leverage Jupyter Notebooks and other code-first environments for your data driven research. Find out more about our compute shapes (HPC, GPU, etc.), storage options (block volumes, object store, file storage) and network services (FastConnect, DNS, etc.) and view a quick demo on how to launch cloud services via the OCI web interface.
SCARR is a flexible, secure, remote vulnerability scanning service for network administrator among GARR constituency. SCARR provides detailed information about identified issues in user network assets, also suggesting remediation.
The demo will cover the following actions
- SCARR purpose and approach
- How to submit a vulnerability assessment
- How the requests are distributed and parallelized
- How to monitor running assessments
- How to retrieve jobs output report
- How to halt and resubmit jobs
‘If I can do it, so can you” is the inspiring and motivating story of one woman’s determination to succeed. 25 years ago Professor Sue Black was a single parent with three small children living on a council estate in Brixton.She is now one of the top 50 women in tech in Europe, received an OBE, is an award-winning computer scientist, radical thinker, keynote speaker, social entrepreneur and Professor of Computer Science and Technology Evangelist at Durham University. Sue talks about her passion for getting everyone excited about the opportunities that technology offers, how she brought her family out of poverty and built a successful career through education, and a passion to succeed.
Nowadays more than ever, students expect convenience and freedom of choice, to study what, when and where they want. Not only during their formal education, but also as they develop throughout their lives. Institutions must provide the flexibility that students demand, by making educational offerings more flexible, facilitating student mobility, and issuing digital certificates.
At SURF we started a national approach to use technology and infrastructure as enabler for flexible education. In this presentation we show how projects like the Open Education API; ‘the standard for sharing educational data’, eduID; ‘a single student identity that is independent of an institution’ and Edubadges; ‘issuing digital certificates to students’ are enablers for enhanced flexibility in education.
Deploying services across a multi-region cloud infrastructure ensures their availability. Kubernetes Cluster Federation (KubeFed) offers a good approach to multi-region kubernetes cluster. Coupling it with several layer such as OpenStack and Juju it allows a user to have a federated cluster deployed in almost no time and with zero need of knowing the details of the underneath infrastructure. At GARR we setup such mechanism on three main data centers federating Kubernetes clusters on each region. We experimented with Kubernetes Cluster Federation, which allows the management of the federated clusters through a single set of APIs present in a single cluster. The goal is to reach a multi-region infrastructure that could ensure transparent HA for the users’ services deployed.
With GN4-3N, the GÉANT network infrastructure is undergoing massive changes – from the large expansion of the fibre footprint to the embracement of openness and disaggregation at the line system level. This session will provide you with an overview of what is changing and how the GÉANT network infrastructure is evolving to match future challenges. The new network will provide the European research and education community with stable and high-capacity international connectivity for many years to come. See how this ambitious project transforms the position of GÉANT in the global scenery.
In 2015 CARNET began the e-Schools project with the aim of creating digitally mature schools and preparing pupils for the job market, further education and lifelong learning. Using Policy-led Multi-Criteria Analysis, the project has focused on two main types of service, user-oriented and technical prerequisites. The presentation will set out how the services were conceptualised and will describe the challenges of scaling the services to the whole education system, particularly during the COVID-19, and transitioning to emergency distance education. We will conclude with an evaluation of the impact of e-Schools and the services provided.
SPF, DKIM, DMARC. These are well-known acronyms which show up regularly in some technical posts. And also in advertisements about mail deliverability for would-be spammers. If you had to deal with mail systems, you probably know two things about them:
1- they are used for mail server authentication,
2- they are never really implemented to enforce security policies, merely to respect general good practices.
And that's a shame.
We all know that there is no absolute solution against spam or phishing - or they would have disappeared already.
However, these three RFC, added to the more recent ARC, can be powerful tools to greatly decrease the number of phishing arriving in our mailboxes.
This presentation introduces the Router for Academia, Research and Education (RARE) project, developed within the Network Technologies and Services Development WP (WP6) of the GÉANT GN4-3 project. RARE provides a full-fledged open-source router implemented thanks to a line-rate data plane (P4) with an open source control plane (FreeRouter) supporting a rich protocol feature set. To support testing and validation, a GÉANT P4 Laboratory (GP4L) has been deployed on four PoPs; this also offered for research purposes. RARE has also been deployed in different production scenarios.
In-person conferences were made impossible by the Covid pandemic. Online meetings could not recreate the same experience and audience involvement. Thus, GARR refined a way to recreate the look and feel of a conference (stage, audience, coffee breaks interactions) and a tools set (both open and commercial-on-premise software) to make large e-conferences as close as possible to the in-person experience. GARR will present how a online event with 10 parallel session, 70+ speakers and more than 1200 attendees successfully took place, while granting a good user experience and preserving data sovereignty.
At TNC18, we presented the first demo of eduTEAMS. There, we showcased how the AARC Blueprint Architecture can be used to implement an Authentication and Authorization Infrastructure (AAI) as a Service solution for the research and education community to create and manage virtual teams. Three years later, eduTEAMS is enabling thousands of researchers and students to access research and educational services across Europe. We invite the participants of TN21 to join us recounting a journey that started at TNC18; a journey in delivering large scale, production Identity and Access Management services using eduTEAMS.
Regional RENs have limited economies of scale compared to large NRENs. This joint presentation shows how the University of Trieste, the leading institution within the LightNet cooperation agreement, overcame this challenge by applying innovative architectural approaches to build a flexible, multi-purpose REN that supports regional high performance computing, connects to two NRENs, and above all is economical. These include a regional spine and leaf packet services architecture that delivers scalability and redundancy, an open optical line system that supports native and alien wavelengths as well as WSON restoration, and a consolidated management system with integrated performance monitoring and OTDR.
The Resource Public Key Infrastructure helps protect IP prefixes against BGP hijacking, making RPKI and important tool to improve routing security. Deploying RPKI may be challenging for NRENs. Many NRENs manage IPv4 address space that was allocated before the existence of the Regional Internet Registries. Managing RPKI for this "legacy" space may require a manual process to interact with the RIR. In this talk, we show how NRENs can run their own RPKI Certificate Authority, allowing them to automate RPKI management, for address space from both the legacy and the RIR pool, irrespective of which RIR manages the address space.
This talk is about getting rid of services. Usually we try to keep them alive as long as we can. And if we try to shut them down, we cannot. Because suddenly it is people’s most favourite service or some important person is relaying her life on it or without that service a baby kitten dies. Like Tom Petty says in Learning to Fly: "But what goes up, must come down". But he also figured: "Coming down is the hardest thing". Learn how we can get rid of services. Let us find out how to successfully bring the wave down.
GÉANT has for many years used a growing stack of legacy and bespoke software components for doing historical network analytics and high-level information sharing. This presentation describes the motivation and path from that legacy stack to a new and more maintainable system called BRIAN (Backbone Router Interface ANalytics).
eduMEET is an open source video conferencing system based upon the webRTC API framework that allows video conferencing capabilities to supported from within a web browser, thus removing the need to install a specific application.
It was developed by the GN4-3 project for the R&E community and places particular emphasis on privacy and trustworthiness, which may be lacking in some commercial solutions.
eduMEET is delivered as software packages. It provides a free licence and low-cost means for organisations themselves to establish a web-conferencing service and tailor it to their needs.
During the demo functional features of eduMEET will be presented.
WiFiMon is a Wi-Fi network monitoring and performance verification system and a new GÉANT service. It is capable of detecting performance issues, measuring and visualising throughput as well as providing additional information about Wi-Fi setup, e.g. signal strength and link quality.
This demo will describe the WiFiMon components, the metrics collected from monitored networks and the capabilities WiFiMon provides in eduroam-enabled networks by correlating measurements with the available RADIUS and DHCP logs. The WiFiMon team will demonstrate the WiFiMon
automated installation procedure, providing additional details regarding the configuration steps, as well as introduce the audience to the WiFiMon UI.
We demonstrate a practical key management scheme for a quantum key distribution network (QKDN) where QKD devices from different vendors are interoperated by a standard key interface. Our scheme is entirely based on a standard model and can be easily integrated into existing telecommunication networks.
Don't be shy and get into the Network Carousel. Start networking with a speedy, 4 minute, randomly selected 1-on-1 meet with one of the many other participants attending the conference. Perhaps catching up with someone you know or...someone new to meet!
Please use a working microphone and webcam.
To deal with the critically important climate emergency, international scientific cooperation is the only way to go. Adaptation to a new climate and mitigation of emissions will take enormous resources from developed and developing countries. We need a global exchange of scientific information on adaptation/mitigation strategies, as well as close cooperation to reduce economic inequalities, and together we could build up a new society and socio-economic system based on the Sustainable Development Goals. This system will have higher resiliency, where we could have a much better equilibrium with nature and climate. Education, open science, and open data sharing is a central piece in this new society, where collaboration is essential.
ESnet is developing its own 100G smartNIC based on FPGA technology. In this talk we will describe the architecture of the smartNIC. We will show how it can be customized for High Touch network services in our ESnet6 WAN network. As well we will describe how it is used at our scientific instruments for new EDGE services and streaming of large science data. Examples of real time integration from our synchrotron ( ALS-Advanced Light Source ) and electron microscope ( NCEM-National Center for Electron Microscopy ) will be presented. We hope to explain how this unique technology, developed in house, allows us to build R&E specific solutions that are not possible with vendor supplied hardware and software. This project is done jointly with contributions from the Xilinx CTO office.
The BELLA Programme is set to revolutionise R&E collaboration opportunities for Latin America and Europe and 2021 is the year that BELLA connectivity will be delivered across the Atlantic and in South America.
The presentation will describe what the BELLA landscape and seascape will mean for researchers on the two continents, with higher capacities, enhanced connectivity services and lower latency. It will focus on specific user communities that will immediately benefit from the realisation of BELLA, and will reflect on the unique collaboration with EllaLink that has made this all possible.
SeamlessAccess started its rollout just as COVID-19 began to impact our world. What was anticipated as a “soft launch” suddenly saw a new level of urgency in the scholarly communications world to enable federated identity to access scholarly content. Dependency on FIM is creating an urgent demand from all stakeholders to improve online access in a way that’s intuitive to the end-user and still protects their privacy. In this session, we will look at how FIM access models have significantly changed in 2020, from the SP, Library, and Federation Operator perspectives. The session will conclude with a Q&A.
What is it about preservation that so often makes it an afterthought when it comes to publishing data sets? Quite apart from the problem of funding, one of the biggest pain points is that (most) researchers aren’t preservation specialists.
A few years ago, Jisc seized upon this (and other) pain points and set about solving these problems. The end result is Jisc's Preservation, Repository, and Research Data Connector offers. A suite of interconnected services designed to make life easier for end users. This presentation describes the development process, the underlying data model and the direction of travel for future development.
Awards ceremony for the 2021 GÉANT Community Award and the Vietsch Foundation Medal of Honour. Celebrating the people who keep making a difference in our community.
The OCRE project makes funding available to demonstrate the benefit adoption of commercial cloud services on research outcomes. The experience gathered through this activity will lead to valuable insight into the actual expectations and experiences of researchers with commercial cloud and earth observation services. It should lead to improved insight into where NRENs can deliver value to the research communities with the right combination of commercial and community services and in close cooperation with institutional and national IT service providers.
We’ll present our analysis of the experience gathered through the interaction with awarded projects in fall 2020 and spring 2021 which we expect will contribute further to the understanding of the role of commercial services in the researcher’s toolbox and the discussion of NREN engagement with research.
The Australian Access Federation (AAF) began building a cloud identity provider (IdP) platform in 2016. This followed repeated requests from Australian universities as they adopted cloud infrastructure strategies.
The resulting platform, Rapid Identity Provider, now has significant adoption across AAF's subscribers after a slow start. Rapid IdP supports three different identity configurations:
a local identity database;
interfacing with an LDAP directory; or
* connecting to cloud identity solutions such as Okta or Azure AD.
The presentation will provide an overview of the architecture and cover the major product and commercial challenges we've faced in making the service sustainable.
AI and machine learning have tremendous potential and are evolving rapidly. But what does this mean for education and research?
Based on stakeholder research SURF formulated a vision towards the use of AI and ML in research and education. SURF employs a constructive strategy towards AI, while also combining this with a focus on public values as concerns around vendor lock-in, interoperability, data-sovereignty, and ethics are urgent and growing.
During the presentation, we will share SURF's present state of affairs, our plans and ambitions, and actions for the upcoming year. In the hope to initiate discussion about future possibilities and joint-efforts.
Network performance metrics are useful to network engineers, but user experience indicators linked to SLAs provide a real view on how the network is behaving for the end users. Having such indicators, for each different class of users, available to the NREN NOC in charge of managing their customers’ networks is essential when dealing with a Campus Network Management as a Service (CNaaS) offering. This presentation will describe and demo an automatically deployed scalable measuring infrastructure using perfSONAR that will present those metrics and indicators in a comprehensive monitoring dashboard.
Scaling out an OpenStack cloud can be a time-consuming and tedious task. During our mission to deliver the first OpenStack cloud offering by GRNET, we designed and implemented a set of tools and processes to make deployment and operation of OpenStack-based clouds at scale effortless and error free. We are presenting our tools ecosystem and design which allows us to push the button, the command actually, and scale out our cloud with a few thousand cpu cores during our... lunch break!
Without the global R&E community, the Copernicus programme would struggle to have the impact it has had, especially during the year of crisis: Bush fires, COVID-19, earthquakes, man-made disasters... Throughout it all the Copernicus programme has been supplying a steady stream of data to scientists and decision makers around the world. At the heart of the delivery and operation of this world leading flagship programme are the NRENs and RENs, who have diligently and successively built upon past successes to ensure the data reaches where it needs to be. This presentation will showcase the journey that we have been on since 2014.
We will present the Messaging and Collaborative platform provided by RENATER to the French Research and Higher Education community, which is hosted and operated by RENATER.
This service aims to provide a real alternative to major commercial platforms, and takes into account French government data security recommendations, for example data are stored in France by RENATER.
A new Security Baseline for NRENs and NREN members has been created as part of the new Security workpackage within the GN4 project. The aim of this baseline is to help us understand the current security stance and environment across the NREN world, but also to help NRENs improve their own processes around security planning and updates. The baseline is mapped to international standards but provides a more accessible approach to auditing your security position.
GÉANT participated in the development of the baseline, but what would it really mean for us to complete the full baseline review and secure our own lifeboats?
This demonstration will detail the research conducted towards a PhD study where a causal diagram was developed for use as a knowledge-sharing and decision-making tool for NREN value-added services adoption. Content includes background, demonstration of the model and how it was refined and validated.
The research takes a constructivist paradigm approach to modelling factors that affect the adoption of value-added NREN services, using systems thinking and design science research methods. The model was developed, refined and validated from information gathered through a review of literature, interviews and surveys with international experts and using the researcher’s performative judgement, as a practitioner.
Higher education revenue has declined sharply in the wake of COVID-19. Identifying new revenue streams has become more important to underpin federation sustainability.
This joint demonstration by Jisc, and AAF will show two activities aimed at diversifying income sources to help contain costs for core R&E customers.
Demo 1: Monetising the Central Discovery Service demonstrates Jisc's experiments in monitising traffic to the Central Discovery Service.
Demo 2: Commercial Verification Services shows how Australia and the UK have unlocked value from attribute data following successful implementations of the privacy-preserving VerifID platform.
We will also highlight several unexpected non-financial benefits.
NMaaS is a service developed and maintained by the GÉANT Project. NMaaS is offered to all members of the GÉANT community including NRENs, end Institutions, research projects and individuals with the indent to ease local networking monitoring and management by moving the NMS installation to a secure NMaaS cloud. NMaaS supports on-demand deployment of multiple applications including Prometheus, Grafana, WiFiMon, perfSONAR and many other.
Demo session will cover a brief introduction to the Network Management as a Service and a live walkthrough of the process of deploying and accessing new application instance using the NMaaS Portal available at https://nmaas.eu.
Digital Earth Africa is working with global partners to make Earth observation data free and accessible to the whole of Africa. The data can be used to inform crucial decision-making that will improve lives and contribute towards a more sustainable future for the continent.
Strong professional and technological networks are vital to Digital Earth Africa’s success, with research and education networks often at the forefront of progress. Dr. Adam Lewis will speak to the immense power of Earth observation in building a better future for Africa and the critical role that effective networks have in making this happen.
The Netherlands is aiming to accelerate innovation in higher education and research. Universities have ambitious goals like having a more flexible education, improving access to more diverse learning materials, and (open) access to data. Digital sector facilities for higher education and research of the future should reflect these goals. Several public organizations such as SURF and the National Research Council organize national facilities for higher education and research.
The CIO’s of 50 Dutch universities recognized the need for national digital sector-facilities to be aligned. They therefore initiated, along with SURF, the Higher Education Sector Architecture (HOSA). A team of enterprise architects from universities in close alignment with different stakeholders defined the first version of the HOSA.
This presentation is a follow-up to the TNC19 presentation “AmLight-INT: In-band Network Telemetry to support big data applications”. Our goal is to present the current status of the AmLight-INT project, INT applications developed, and how INT is being used to support science workflows.Network troubleshooting and monitoring are essential in the network management routine. A novel approach, In-band Network Telemetry (INT), allows monitoring directly on the data plane.
Establishing new Identity Federations in Africa presents challenges the African RRENs - ASREN, Ubuntunet and WACREN have decided to tackle. To support the NRENs and their communities, the AfricaConnect3 project is focusing on actions aimed at boosting the spawning of new identity federations, starting from the leading countries.
This presentation will provide a view of the current situation, the goals and ongoing activities driven by AfricaConnect3 in the process of supporting the establishment of new identity federations, and the African catch-all federation.
Despite the challenges of 2020, network time synchronization finally hit two milestones that had been anticipated for a number of years. Both the IETF and the IEEE published major new security mechanisms for the Network Time Protocol (NTP) and the Precision Time Protocol (PTP). It is now time to focus on the deployment of these significant improvements in the security of network time synchronization infrastructure. This presentation will talk about the standards, the status of implementations, initial deployments, and data from these deployments along with information on how to transition your existing infrastructure to make use of these new capabilities.
To enable a network engineer to troubleshoot performance issues efficiently, their tools not only need to be powerful but also user friendly. Following common perfSONAR user requests, we set out to develop a new GUI that helps engineers trigger on-demand measurements with an easy-to-use visual front-end. This presentation will discuss two common use cases, the design and the architecture of this new GUI and demonstrate its ease of use and integration within the perfSONAR landscape.
Over the years, CERN activities and services have become increasingly reliant on commercial software and solutions to deliver core services, often enticed by interesting financial conditions that recognise CERN's statuses as “academic", "non-profit", “research", etc. Once installed, well spread and heavily used, the leverage used to attract CERN service managers to the commercial solutions tends to disappear. We will describe the methodology used to identify suitable alternatives, and the progress towards a future that priorities Open Source, avoids vendor lock-in, keeps hands on the data and delivers the same service to everyone. We will focus particularly on Identity Management.
The role of NRENs in supporting education has been increasing over the last two years and with the start of the COVID-19 pandemic their roles accelerated exponentially. NRENs and educational institutions have faced a rapid conversion from traditional face to face learning to a more blended and online approach. This transformation has created significant challenges and opportunities that we aim to present to the TNC audience. Key messages include: Digital transformation (tools, services and scaling up), Data stewardship, Learning analytics, Student mobility (eduID, micro credentialing), Public values and platformisation.
Advanced research and education networks nowadays represent the top existing infrastructures delivering the highest quality, bandwidth, speed and reliability. They enable a set of services in all which are just impossible to deploy on other networks. While NRENs and international backbones easily support these features, when we come to local campuses, the quality of delivered network services is often strongly degraded due to the need to protect local users and services from security threats, A DMZ approach can help in many cases, but still there is a limited knowledge on how to implement it or similar concepts. This presentation aims to stimulate a more accurate approach by Security Administrators, Network Policy Makers, Administrative Managers and Users.
Current encryption algorithms rely on hard mathematical problems such as the integer factorisation problem. It is estimated that once over a thousand qubit computers become available, current strength encryption based on elliptic-curve factorisation could be considered possible to overcome. Quantum communication, quantum cryptography and post-quantum encryption algorithms are interesting technologies.
Establishing a Quantum Key Distribution (QKD) network is a promising way of making quantum-secure communication possible. Network providers need to start analysing ways of adding quantum-proof security to their networks.
SURFcumulus: the Next Wave is about value creation of cloud services for Research & Education by a structured and community serving approach. The first wave of SURFcumulus delivery was a simple transactional type of service. In the past few years the SURFcumulus proposition has evolved and now is moving towards a new value proposition (the Next Wave) including professional services for cloud implementation and managed services, governance & operations and a community SaaS solution for Virtual Research Environments, Remote Examination and Azure in the Classroom (for educational purposes). In this presentation typical challenges are presented, and the answers SURF has found on these.
This field of Open Science provides many opportunities for GÉANT and the NRENs. The community is uniquely placed to ensure Europe-wide coverage and offer consistency to provision. This paper will portray the current landscape of research data support in several European countries, summarising the key challenges faced by research communities and institutions, and identifying possible opportunities. These include strategic coordination of national Open Science agendas, a European-wide procurement framework for research data services akin to the current OCRE cloud provision, research community collaboration and possibly data service installation and delivery.
The tide of high-level programming has reached the network data plane layer, enabling a flexible ASIC utilisation. The benefits and challenges of Data Plane programming will be highlighted through the results of activities within the Data Plane Programming task in the Network Technologies and Services Development work package WP6 of the GÉANT GN4-3 project. The presentation will focus on two use cases: DDoS identification and high precision network monitoring using In-Band Network Telemetry in NRENs networks.
Decentralized Collaborative Learning Networks provide the perfect infrastructure for biomedical scenarios where we wish to use advanced data analysis based on AI and ML techniques on patients’ private and sensitive data. Such datasets are common in hospitals, clinics and research institutions connected by NRENs.
It is possible to develop algorithms, and train AI models to identify, with high precision, rare events in the high throughput imaging data without the actual sharing of the datasets.
Various aspects will be demonstrated, in particular how NRENs can benefit and offer new services based on blockchain technologies to deal with security and privacy challenges.
RARE (Router for Academia, Research & Education) is an innovative fully documented and programmable open source high capacity line-rate router developed by a team within the GÉANT GN4-3 project.
To enable validation of the platform the RARE team has designed a distributed laboratory which was initially spread over four GÉANT PoPs in Europe and has since been extended to other European NRENs and universities, and to both North and South America. This P4 Lab, with a RARE router at each PoP, allows RARE to be tested but also the evaluation of novel systems based on Programmable Dataplanes, in particular the P4 language.
This demo will showcase the capabilities of the P4 Lab in terms of reservation,operation, and use, focusing on the example of RARE.
The demo will also be an opportunity for NRENs or R&E organisations wishing to connect to the P4 Lab, using RARE or other platforms (such as NMaaS that is used to monitor and control RARE routers and the testbed), to speak to the developers and find out more about the process involved.
SOCTools is a suite of opensource tools packaged for simple deployment with pre-built integrations and SSO out of the box.
The main function is a pipeline for ingesting many types of log sources and formats, and to structure them in a common format, along with automatic correlation from one or many sources.
From the Analyst dashboard(s), with a single click, the correlated events can be pushed into a incident handling system with all the metadata, to streamline incident handling.
Don't be shy and get into the Network Carousel. Start networking with a speedy, 4 minute, randomly selected 1-on-1 meet with one of the many other participants attending the conference. Perhaps catching up with someone you know or...someone new to meet!
Please use a working microphone and webcam.
The digital transformation of universities reveals significant challenges that are crucial to the benefit of society. Unfortunately most universities are lagging behind. This keynote discusses the major transformation shifts that should take place in order to avoid missing this opportunity.
The Covid-19 pandemic has brought enormous challenges but also opportunities for innovative action by R&E networks. In Brazil, firstly with the closure of higher education institutions, then a return in virtual or hybrid mode, communication and collaboration services were in high demand and differences in the socioeconomic status of students were even more exposed. To enable democratic access to e-learning content, it was necessary to provide access to mobile networks (4G) for more than 131,000 students at 110 higher education institutions. This presentation will introduce the Connected Students project, its results so far and the results expected in 2021.
Canadians know something about waves, living in the country with the world’s longest coastline. And we know a few things about collaboration, which is why we’re excited to share the details of a series of cybersecurity collaborations among members of Canada’s NREN community. The collaborations reflect a collective approach that contribute to an overall framework that strengthens the cybersecurity stance of the entire ecosystem. Join us and learn how to ride the wave without getting swamped!
Driven by a community engagement effort spanning several years, the Internet2 Next Generation Infrastructure (NGI) is now under active deployment - hardware technicians are in the field, configurations are being tested, and software is under development. This talk will provide an overview of the efforts currently underway with a focus on immediate tangible progress on our efforts to transition onto our new platforms.
eduroam is a very well-known service in the community. It is deployed across thousands of education and research organisations in over 100 countries, and serves billions of roaming end-user authentications each year.
The consortium had to constantly adapt to growth, both proactively and reactively changing its policies, procedures, governance structures, technologies, and support services to enable it sustaining its tremendous growth rate, sometimes 300% per year. The presentation will provide an overview of the major milestones in the eduroam consortium’s development over time, along with a deeper look at recent additions: the eduroam Managed SP service, geteduroam, OpenRoaming, CAT, …
Lightning Talks are 5 minute presentations focusing on one key point. This can be an idea, successful project, a cautionary story, collaboration invitation, quick tip or demonstration. This session is an opportunity for ideas to get the attention they deserve.
The rules for this session are easy: five minutes and only five minutes.
Real agility comes from quick, easy access to tools and information. This is crucial to one’s ability to quickly evolve the one’s activities and output at the same rate at which innovation occurs. This lightening talk will briefly explore this agility in terms of activities relating to teaching and learning, and research.
We will also look at the obstacles (and related misconceptions) to the easy consumption of cloud based digital services. These include digital sovereignty; data security; protection of personal information.
This topic will include the importance of the digital (identical) twin in driving efficiencies in the delivery of all that is SMART through AI (SMART cities; campuses; schools).
If you have IPv4 addresses, you are wealthy. They are worth serious money today. Before selling your stockpile to hungry traders, of course you first have to assess whether your constituency will need them in the future - which might not be an easy question to answer. Let's consider the scenario that you don't need them anymore. What is next? What are the ethical and moral dilemmas that you will find on your path? Will selling those addresses turn you in a modern version of Doctor Faustus or is it just the best thing you can do on your way to become an even better NREN?
The presentation will show a project for the successful deployment of a Kubernetes Ecosystem at RNP, the Brazilian National Research and Education Network. Establishing and running Kubernetes and related software poses a big and continuous challenge to organizations. The project team had to understand the communities around Kubernetes and they chose to deploy software from many projects in order to achieve the goal: a platform to manage Kubernetes clusters (Rancher), monitoring tools (Prometheus and Grafana), a tool to automate TLS certificates generation (cert-manager), SDS integration (Ceph's RBD integration), network load balancers (MetalLB), backup (Velero) and so on.
There are over 7000 entities in the eduGAIN metadata. The result of serialization of this information yields a file of 60MB. All SAML stacks are functionally able to consume metadata files but the processing requires special treatment from the operational side. As an example, if one uses SimpleSAMLphp to consume the feed, the default memory limits - which should suit practically all PHP applications under normal use-cases - will need to be increased substantially, along with the maximum script execution time. Similarly, in case of a Shibboleth SP, loading directly from eduGAIN metadata can cause noticeable and unwanted downtime.
In the GN4-3 Trust and Identity Incubator project we stress-tested the four common SAML stacks with our mockup-metadata that comes in 10k,15k,30k,50k and 100k elements. In this lightning talk, you'll learn whether there is any SAML stack that can handle such big metadata.
Telomerase is considered the key to cellular immortality, the "fountain of youth." This enzyme allows cells to multiply rapidly without aging. At the same time, telomerase allows cancer cells to divide indefinitely, which is the reason for the formation of tumors.
Scientists from all over the world have been trying to solve this problem for a very long time. But today there is no exact model of the structure of human telomerase, due to the complexity of the structure and the high cost of this study.
Computer modeling methods make it possible to quickly and cost-effectively reconstruct the spatial structure of human telomerase by homology based on the structural data of related templates. The work is done with the help of the State Supercomputer Multi-access Center of the UIIP NASB and the NREN BASNET network infrastructure. Computer methods of molecular dynamics optimize the model and make it accurate enough for rational design drugs and will help to understand that telomerase is eternal life or a panacea for oncology.
In today’s market-driven economy, businesses opt for efficient and more connected control systems that provide more visibility, efficiency, and information about the industrial process. On the other hand, increased connectivity also presents new cybersecurity concerns. Attacks on Industrial Control Systems (ICS) can have a significant impact not only on the organisation, but also within the wider economy, and may even become a threat to human life.
This project proposes a testbed to equip ICS defenders with tools to visualise the ICS cyber kill chain end-to-end, identify weaknesses and harden an ICS environment. This open-source simulation project tries to achieve a realistic and holistic visualisation of an ICS organisation combining nodes typically found in both the Enterprise and Control zones, to grow capacity in the ICS cybersecurity space.
Data repositories are carried out by some of individual institutions and the level of implementation varies. It is still lacking a comprehensive and quality system that can capture all research publications and projects in Ethiopian higher education institutions. It is important to optimize the opportunity offered by the ever-evolving digital environment to consolidate and systematize the increasingly volume of information, it can be journal articles, conference papers, book chapters, thesis, dissertations and researches will be deposited in institutional repositories and be easily
‘findable’ by users. It is envisaged that a national system that catalogues all research publications and projects in Ethiopian higher education would help researchers to efficiently identify a research gap and reduce duplicate works. EthERNet succeeded in its mission of helping Ethiopian esearchers find, access, use/re-use and share research and journals. Many participants who have interest in researches and education will attend the program, I believe it would be great to share
this successful project with all participants.
This talk will provide an overview of distance learning and online education issues in term of technical infrastructure and implementation at one of the Kyrgyzstan university. In the scope of this talk I would like to highlight the importance of online education participant’s computer literacy, contributions of Internet Service Providers to the education sectors in Kyrgyz Republic. In this example I would like to share my own experience in technical support for online education and general problems in implementation of distance education at the sample of of KTMU.
In this lightning talk, we present NetPredict, a platform tool hosted on Google Cloud Platform, that allows real-time deep learning model-based prediction, plugged into actual SNMP statistics from ESnet routers to forecast network utilization up to 48 hours in the future. The tool leverages a unique graph neural network that builds upon Dynamic Convolutional neural network methods to help improve predictions by 85% compared to all statistical and standard deep learning models available.
Incident management is extremely complex, and every organisation and system has its own complexities and priorities. There are also many common elements involved, including ensuring that roles have been clearly established, that those who can fix the problem are being left alone to do so and that communication has started with everyone who needs to be kept updated.
In HEAnet we have recently updated our major incident processes with a focus on the first fifteen minutes, a clear checklist of items, with handy flowcharts, which can be applied to any type of incident and that will form a solid foundation for incident communication and resolution.
Why fifteen minutes? Firstly, I like the alliteration of The First Fifteen Minutes, but also because this is a rough period in which staff can realise there is an incident that needs management, during which more people can be involved and that clients will understand as an acceptable amount of time for very initial communication to start.
This LT will explain some of the thinking behind our choices and outline what those first fifteen minutes look like and show how easy it is to integrate this type of plan into any existing incident management process, or how it can form the basis of an entirely new one.
Given the eduID initiatives that are arising in our community, SURF organised an international eduID-day in March 2020 with the people involved in these initiatives.
In this BoF we will follow-up on the eduID initiatives to get updates from each other and to determine where we can join forces.
Organizer: Maarten Kremers, SURFnet
Adding or removing capacity from the Global R&E Network (GREN) infrastructure can have unexpected routing results that are difficult to detect and impossible to correct without coordination. With new intercontinental links coming on-line over the past few years, and more planned for the near future, we believe the time is right for our community to come together to begin addressing this issue in a more coordinated way. This BOF will bring together R & E networking engineers in an open community discussion on how to approach this problem systematically.
Organizer: Warrick Mitchell, AARNET, and Jennifer Schopf, Indiana University
Many NRENs face challenges in developing and maintaining stakeholder support and securing funding that will ensure their ongoing sustainability. Related factors include regulatory issues and monopolies, budget-conscious financial directors at R&E institutions, changes of government, fluctuating financial markets, etc. Nevertheless, there are many success stories of NRENs that thrive despite local challenges.
This BoF aims to bring together representatives of NRENs who wish to share their experiences of meeting sustainability challenges with others who are experiencing them and are interested in learning about approaches taken around the world.
Organiser: Tom Fryer, GÉANT
This meeting will explore the ways in which European NRENs and international RENs are already supporting Open Science, or have ambitions to do so. This could be in terms of offering services to help store, analyse, transfer and share data, contributing to national Open Science policy and strategy or collaborating with research communities.
The BoF session will brainstorm the various ways in which NRENs are supporting Open Science to identify shared activities which could benefit from collaborative activity. These could take the form of NREN partnerships, facilitation of European-wide approaches, procurement frameworks and support offered by GÉANT.
Organizer: Sarah Jones, GÉANT
A successful digital transformation entails flexibility, efficiency, and self-service provisioning. In other words, a user-centric approach, which implies the usage of Orchestration, Automation and Virtualisation techniques (OAV).
The OAV team in GN4-3 created several resources to help the NRENs in their journey to this digital transformation through OAV (Training, Wiki, Terminology, Blueprint, Mapping of Architectures for NRENs..) The goal of this session is to gather ideas for future work, presenting the existing resources together with use cases from the NRENs. The BoF is an opportunity for NRENs to come together to agree on common actions.
More info: https://wiki.geant.org/display/NETDEV/OAV
Organizers: Tim Chown (Jisc), Maria Isabel Gandia (CSUC/RedIRIS), Ivana Golub (PSNC) and Susanne Naegele-Jackson (FAU/DFN)
This BoF will explore the various network equipment procurement procedures available to NRENs when building their next generation networks. The current GEANT framework for optical line systems will be used as a case study. This framework has been successfully used by many NRENs and has shown the strengths of the GEANT community procurement, however, challenges still exist when applying procurement frameworks to individual NREN needs. This BoF will include speakers from GEANT to explain public procurement law and existing frameworks and will encourage NRENs and to share their experiences of public procurement.
Organizer: Guy Roberts, GÉANT
eHealth is a growing area of interest for many NRENs, but relatively few are already supporting it. A TF or SIG would let interested NRENs join forces, create synergies and develop eHealth support activities together.
A baselining event on eHealth in January, organised by the EU-funded GÉANT and EaPConnect projects, brought together around 70 participants. The organising team is now calling for action to build on the testimonies and feedback from that event by creating a community Task Force.
This BoF will highlight the key outcomes of the baselining events, filter concrete objectives for a potential Task Force, and scout for a steering committee and chair.
Organizers: Mario Reale, GÉANT, Marina de Giorgi, GÉANT and Leonie Schäfer, DFN
This BOF is a session to collect input for, and discuss future activities of the Trust & Identity Incubator. The T&I Incubator, which is part of the GEANT project, uses an agile approach to work on various topics in the T&I space. As such it engages with new topics every six months. This meeting is an open session which welcomes all T&I specialists in the R&E community attending TNC21. This BoF starts with an overview of the T&I Incubator results achieved so far and will then switch to a breakout session format to discuss topics of the next Incubator cycle.
Organizers: Niels van Dijk, SURF, Jule Ziegler, LRZ/DFN, Michael Schmidt, LRZ/DFN