AMRES NOC Bojan Jakovljevi 8 th TF-NOC meeting, Athens 2013. Who - - PowerPoint PPT Presentation

amres noc
SMART_READER_LITE
LIVE PREVIEW

AMRES NOC Bojan Jakovljevi 8 th TF-NOC meeting, Athens 2013. Who - - PowerPoint PPT Presentation

Apr 05, 2023 727 likes •1.01k views

AMRES NOC Bojan Jakovljevi 8 th TF-NOC meeting, Athens 2013. Who are we? AMRES is National Research and Education Network of Serbia Initial development of the AMRES network started in the early 90s when first faculties of the University of

slide-1
SLIDE 1

AMRES NOC

Bojan Jakovljević

8th TF-NOC meeting, Athens 2013.

slide-2
SLIDE 2

Akademska mreža Srbije www.amres.ac.rs

Who are we?

AMRES is National Research and Education Network of Serbia Initial development of the AMRES network started in the early 90’s when first faculties of the University of Belgrade (UoB) were connected to the Belgrade University Computer Centre(UBCC) with links up to 128kb/s capacities First connection from the UBCC to the Internet was established on 28th February 1996 with a capacity of 64kb/s At the end of the 90’s the four largest Universities in Serbia were connected to each other with digital links (2Mb/s) and established the AMRES network

University of Belgrade University of Novi Sad University of Niš University of Kragujevac

slide-3
SLIDE 3

AMRES network - beginnings

From that time carriers of development and operations of the AMRES network have been CCs from these four universities UoB (University of Belgrade) was a legal representative for the AMRES network and BUCC had the leading role in a coordination of all activities Until 2007 development of AMRES network had been the result of joint activities between these four universities, the support of Ministry of Education and Science and through participation in various international projects in the region (SEEREN, SEEREN2) and some donations (Max Planck Institute for Physics Munich) This model of work was retained until 2007 when the government launched an AMRES project.

Akademska mreža Srbije www.amres.ac.rs

slide-4
SLIDE 4

AMRES project (2007 – 2010)

AMRES project was created with the aim to establish an organizational model of management, system operation and development of the AMRES network. Technical work was organized through AMRES service centres - computing centers of Universities in Belgrade, Novi Sad, Nis and Kragujevac Through the activities in the project it was established

  • Better integration among UCCs
  • Procedures of operations are unified
  • Definition of services are harmonized and became common for all users
  • New services were developed

Results from the AMRES project were the basis for the foundation of AMRES institution – separate legal entity (2010-2011)

Akademska mreža Srbije www.amres.ac.rs

slide-5
SLIDE 5

AMRES institution (2011 – current)

Obtaining legal status AMRES has become an institution responsible to build, develop and manage the national research and education computer network

  • f the Republic of Serbia (AMRES network), like the NRENs in other

countries. Organization structure: Managing board Supervisory board Office of the Director Departments for infrastructure and infrastructure resources (5 engineers) Departments for computers security (3 engineers) Department for services and user support (4 engineers)

Akademska mreža Srbije www.amres.ac.rs

slide-6
SLIDE 6

AMRES network

Internal network ~3800km of dark fiber optics, but

  • nly ~2000km are currently in use

The optics was leased for 15 years period through SEELight project 20 cities are connected currently (46 PoPs – inside institutions – no professional data-centers) All dark fiber links are leased from

  • ne provider (Telekom Srbija)

~185 institution are connected (~95% dark fiber, ~4% SHDSL-2Mb/s

  • r ADSL-16M/768k, %1 analog leased

lines) ~200 000 end users

Akademska mreža Srbije www.amres.ac.rs

slide-7
SLIDE 7

AMRES network

Internal network

Pure IP/Ethernet network No optical transmission system on links (neither DWDM nor CWDM) Exceptions are links Novi Sad – Subotica (passive CWDM OADM), Belgrade – Niš (SDH system – Telekom Srbija – 155Mb/s) For the links with distances more than 100km we use transceivers for 120km (32dB), 160km(37dB) or 200km(41dB)

Akademska mreža Srbije www.amres.ac.rs

slide-8
SLIDE 8

AMRES network

External links Primary link to GEANT network

  • 10Gb/s

Secondary (backup) path is CBF to HUNGARNET - 1Gb/s CBF to SARNET (Regional R&E network in B&H – Republika Srpska) – 1Gb/s

Akademska mreža Srbije www.amres.ac.rs

slide-9
SLIDE 9

AMRES network devices

Most of devices on core network are from Cisco vendor Cisco 6509 in AMRES service centers (2xBUCC, 1xARMUNS, 1xJUNIS, 1xARMUK) Cisco 3550, 3560, 3750 in other PoPs Internet gateway device - Juniper MX 480 Access network devices – Cisco 2950, 2960, Juniper EX3200, EX2200, TCL and ZTE (on some PoPs inside UoB – donation from PRC)

Akademska mreža Srbije www.amres.ac.rs

slide-10
SLIDE 10

AMRES services

Network and connectivity services:

IPv4 and IPv6 unicast, multicast VPN service DNS service Network Support service – Network monitoring

IP & DNS Registration services:

IP-address allocation (RIPE LIR for IPv4, IPv6 etc.) Domain name registration ( ac.rs, Cyrillic domain ак.срб)

Security services:

AMRES CSIRT: Computer Security Incident Response Team Proxy service – 6x Cisco IronPort Web applainces, 1x managament applaince Netflow monitoring tool

Authentication & "Mobility" services:

Identity management systems Server Certificate Service – AMRES Registration Authority for TCS EDUROAM

Akademska mreža Srbije www.amres.ac.rs

slide-11
SLIDE 11

AMRES services

Hosting service

Webhosting E-mail server hosting DNS zone hosting

Media storage and streaming facilities:

Media portal Streaming facilities (streaming server)

Network communication tools & conferencing

Videoconferencing service (MCU) Gatekeeper service

Network computing resources

GRID computing (Co-ordination within NREN community, offering CPU)

E-Learning /e-research

Virtual Learning Environments (MOODLE) Digital Repositories – KOBSON - Serbian Library Consortium for Coordinated Acquisition of

international scientific journals

Akademska mreža Srbije www.amres.ac.rs

slide-12
SLIDE 12

AMRES services

User interaction - knowledge dissemination

Consultancy and advise (for all provided services) Training: workshops, seminars Hold admin conferences NREN publications: cookbooks/user manuals (through GN3activity CBP and other internal processes)

All services are provided with cooperation with AMRES service centers or some other institutions.

Akademska mreža Srbije www.amres.ac.rs

slide-13
SLIDE 13

ICmyNet.IMS

ICmyNet.IMS - Networking Information and Monitoring System Developed by the BUCC for the needs of monitoring AMRES network infrastructure and services Most important monitoring tool for the work

  • f AMRES NOC

“Starting point” for AMRES network troubleshooting Networking information system Hierarchically

  • rganised

information presented by a tree Information database for devices (inventory management), institutions, IP addresses, administrative and technical contacts etc. Monitoring system Passive and active monitoring the network status – status

  • f

devices, ports, links, services. Performs visualisation

  • f

network (graphs, charts - MRTG), performance measurement and reporting (monitors, reports, events), failure notification (alerts, actions)

Akademska mreža Srbije www.amres.ac.rs

slide-14
SLIDE 14

ICmyNet.IMS

Information database

Akademska mreža Srbije www.amres.ac.rs

slide-15
SLIDE 15

ICmyNet.IMS

Graphs – topology information

Akademska mreža Srbije www.amres.ac.rs

slide-16
SLIDE 16

ICmyNet.IMS

Alerts dashboard - current alerts (active alarms)

Akademska mreža Srbije www.amres.ac.rs

slide-17
SLIDE 17

ICmyNet.IMS

SLA report – Service availability statistics

Akademska mreža Srbije www.amres.ac.rs

slide-18
SLIDE 18

ICmyNet.Flow

ICmyNet.Flow is a tool for deep network traffic investigation, analysis and reporting. It is based on NetFlow statistics, exported from network devices to ICmyNet.Flow server. It is used by AMRES NOC/CSIRT team for monitoring AMRES network traffic structure, for correlation and checking of the abuse complaints and in a process of resolution some issues or incidents in the network.

Akademska mreža Srbije www.amres.ac.rs

slide-19
SLIDE 19

AMRES monitoring tools

ICmyNet.log, Splunk (free version), Ironport Sawmill ICmyNet.dns Zennos, iperf, NDT, scripts etc.

Akademska mreža Srbije www.amres.ac.rs

slide-20
SLIDE 20

AMRES NOC organization

Evolve over the years Distributed from beginning Divided by geographic region 4 entities responsible for operation of the network 1 entity has a leader role in coordination of activities (UBcc > AMRES institution) Currently: Centralize NOC with some distributed functions (regarding

  • peration of services)

Akademska mreža Srbije www.amres.ac.rs

slide-21
SLIDE 21

AMRES NOC

Network connectivity and services are not charged Support service is based on best-effort principle, without any SLA

Akademska mreža Srbije www.amres.ac.rs

slide-22
SLIDE 22

AMRES NOC organizational structure

NOC is organized in 3 level hierarchy

1st Level – AMRES Helpdesk (5 technicians) 24/7 support through work of UBCC operators Responsible to receive and handle user requests and issues Monitor alarms and events dashboard of monitoring tool and react on it Communicate with service providers NOC regarding network outages Inform customers regarding the network and service outages and estimated time of repair (if available) Send Network SLA reports to customers Maintain equipment inventory database Support work of AMRES CSIRT team - Work on receiving and resolving security incidents – CSIRT operators Most of the requests and issues are resolved at this level

Akademska mreža Srbije www.amres.ac.rs

slide-23
SLIDE 23

AMRES NOC organizational structure

2nd Level - AMRES Network engineers (6) Knowledge of network technology and basic knowledge of system administration CCNA, JNCIA level of network knowledge Every week we have “duty engineer” Round-robin principle of change Responsible for coordination activities inside 1st Level Change and configuration management 3rd Level – service managers and engineers Senior network engineers and system administrators responsible for design and operations of services CCNP, JNCIP-SP level of network knowledge >5 years experience in AMRES network and service environment Engineers from AMRES and the all service centers

Akademska mreža Srbije www.amres.ac.rs

slide-24
SLIDE 24

Front end

Our users are from universities, faculties, research institutes, high schools, collages, libraries, student’s dormitories, hospitals, academies etc. Representative from these institutions (administrative and technical contacts) could contact our NOC and request any kind of service. End users can’t contact us directly and must do that through the technical contacts from there institution except in some special situation when we work directly with them (some services, less knowledgeable admins) AMRES does not have SLA with our institutions

Akademska mreža Srbije www.amres.ac.rs

slide-25
SLIDE 25

NOC communication tools

To communicate with and keep track of users Request Tracker (TTS), e-mail lists, phone calls, ICmyNet.IMS (Contacts database) To communicate internally Request Tracker (TTS), Instant messaging, regular and ad-hoc meetings, phone calls, e-mails For communication outside AMRES NOC and for inter-NOC communication Request Tracker (TTS), e-mails, phone calls

Akademska mreža Srbije www.amres.ac.rs

slide-26
SLIDE 26

Documentation

We document physical and logical topologies, internal and external procedures, service technical designs, contacts etc. Documentation is mostly created using Word, Excel and Visio tools and saved on a file server For some services we use DokuWiki tool

Akademska mreža Srbije www.amres.ac.rs

slide-27
SLIDE 27

Questions

Akademska mreža Srbije www.amres.ac.rs