campus lan at nkn member
play

Campus LAN at NKN Member Institutions RS MANI rsm@nkn.in 3 rd - PowerPoint PPT Presentation

Oct 22, 2022 •229 likes •513 views

Campus LAN at NKN Member Institutions RS MANI rsm@nkn.in 3 rd Annual workshop 1/7/2015 1 Efficient utilization Come from: Good Campus LAN Speed Segregation of LANs QoS Resilient Access Controls ( L2 and L3) NMS

  1. Campus LAN at NKN Member Institutions RS MANI rsm@nkn.in 3 rd Annual workshop 1/7/2015 1

  2. Efficient utilization Come from: – Good Campus LAN • Speed Segregation of LANs • QoS Resilient • Access Controls ( L2 and L3) • NMS – Good Collaboration ( National / International) – Good Internet Governance Scientists/ Researchers 3 rd Annual workshop 1/7/2015 2

  3. Various Components • Campus network best practice • Different Layers function • Firewall/IPS • AAA/ DHCP/ DNS • Server Farm • Security Best practices IPV4 & IPv6 • VPN Services • Gateway Services 3 rd Annual workshop 1/7/2015 3

  4. Typical Campus Network NKN NKN Link 1 LINK 2 Architecture Edge Outer Edge Router Switch Router Firewall Firewall with IPS- Standby with IPS-active core switch DHCP server 3 rd F 2 nd F USERS 1 st F Distribution switch 10G Fibre Gnd F Sever Switch 10G 3 rd F backbone 2 nd F USERS Distribution 1 st F Switch Gnd F CAT 6a / 7 3 rd Annual workshop 1/7/2015 4 1G Fibre

  5. Security Devices • Firewall/IPS integrated Stateful Inspection Firewall • Maximizes network security with clear, deterministic L3/L4 policies • Reputation-based Intrusion Prevention .Identify the source of and block denial of service (DoS), distributed denial of service (DDoS), SYN flood, threat protection up to Layer 7. • Zero-Day Protection with Anomaly Detection • The Adoption and use of IPv6 • Remote Access VPN solution, provide VPN client and clientless access. 3 rd Annual workshop 1/7/2015 5

  6. Some of the Best Practices Campus Security • Switch should support Dynamic port security, DHCP Dynamic ARP inspection, IP source guard • Use SSH to access devices instead of Telnet • Enable AAA and roles-based access control (RADIUS/TACACS+) for the CLI on all devices • Enable SYSLOG to a server. Collect and archive log • When using SNMP use SNMPv3 • Configure access-lists to limit who all can access management and CLI services • Enable control plane protocol authentication where it is available 3 rd Annual workshop 1/7/2015 6

  7. Layer 2 Snoop Attack 00:0e:00:aa:aa:aa 00:0e:00:bb:bb:bb Only Three MAC Addresses Allowed on the Port: Shutdown 400,000 Bogus MACs per Second Solution: Problem: Port Security Limits MAC Flooding Attack and Locks Down Port and Sends an SNMP Trap Flood Switch CAM Tables with Bogus Macs; Turning the VLAN into a Hub and Eliminating Privacy 3 rd Annual workshop 1/7/2015 7

  8. DHCP Snooping 1 DHCP Server 1000s of DHCP Requests to Overrun the 2 DHCP Server • DHCP requests (discover) and responses (offer) tracked • Rate-limit requests on trusted interfaces; limits DoS attacks on DHCP server • Deny responses (offers) on non trusted interfaces; stop malicious or errant DHCP server 3 rd Annual workshop 1/7/2015 8

  9. AAA server Strengthens Supports Increases Security Compliance Efficiency Enables corporate Enforce consistent Reduces IT overhead governance through security policy, through centralized consistent access ensure endpoint identity management policy for all users health, deliver a and integrated policy and devices secure network enforcement fabric 3 rd Annual workshop 1/7/2015 9

  10. Multi-Homing • Basic requirement – IP numbers to be owned ( V4 or V6) – ASN number ( 16 Bit or 32 Bit) – Service Providers capable of doing BGP – Router Capable BGP and Holding the routes – Trained Manpower 3 rd Annual workshop 1/7/2015 10

  11. 3 rd Annual workshop 1/7/2015 11

  12. What is an MPLS-VPN? • An IP network infrastructure delivering private network services over a public infrastructure – Use a layer 3 backbone – Scalability, easy provisioning – Global as well as non-unique private address space – QoS – Controlled access – Easy configuration 3 rd Annual workshop 1/7/2015 12

  13. 3 rd Annual workshop 1/7/2015 13

  14. NKN MPLS for CUG LAN of #2 State Each Sub-Interface Router associated with different VPN DC v Cloud Institute #2 NKN VLAN1-VPN Green VLAN2-Blue BACKBONE LAN of #1 VLAN3-Red State TN Contents of RED Institute #1 v VLAN1-VPN Green Contents of Blue VLAN2-Blue Contents of VPN Green Video/ Audio v Multi-VRF Intra-vpn 802.1Q Internet 3 rd Annual workshop 1/7/2015 14

  15. Layer 2 Extensions 3 rd Annual workshop 1/7/2015 15

  16. End to End QoS #2 #3 VC Equipment #4 #8 #9 #5 #7 VC Equipment #6 #10 #11 VC Equipment 3 rd Annual workshop 1/7/2015 16

  17. Inter Service Provider QoS A B B A D C D C E MPLS VPNs The Internet • Many QoS-enabled islands • Richly interconnected providers • No interprovider QoS • No QoS B A D E C Goal: richly connected AND QoS-enabled 3 rd Annual workshop 1/7/2015 17

  18. Defense Depth and Breadth Security Network Operations Edge Center (NOC) Transit  Interface ACLs X AS2  Unicast RPF  Flexible packet AS1 Internet matching  IP option filtering  Marking/rate-limiting  Receive ACLs AS3  Routing techniques  CoPP NKN Core  eBGP techniques  ICMP techniques Transit Network  ICMP techniques  QoS techniques  Routing techniques  Disable unused X Enterprise services Remote Access Network  Protocol specific Systems X filters Core  Password security Internet X  SNMP security  Remote terminal access security X Internal Assets,  System banners Servers  AAA Edge E-mail,  Network telemetry Web Servers 3 rd Annual workshop 1/7/2015 18  Secure file systems

  19. Using Strict Mode uRPF to Battle BOTNETs BGP Trigger Community Target – SRTBH on NKN ISP Partner Edge ISP ISP ISP uRPF Strict On NKN NOC Partner NKN Backbone Edge Access Access Access Access Access POP POP POP POP POP NKN Partner NKN Partner NKN Partner NKN Partner NKN Partner NKN Partner NKN Partner NKN Partner NKN Partner NKN Partner NKN Partner 3 rd Annual workshop 1/7/2015 19

  20. Utilization of Few Members INSTITUTE-1 INSTITUTE-2 3 rd Annual workshop 1/7/2015 20

  21. INSTITUTE-3 INSTITUTE-4 3 rd Annual workshop 1/7/2015 21

  22. High Packet Per Sec DoS ATTACK 3 rd Annual workshop 1/7/2015 22

  23. HIGH BANDWIDTH DoS ATTACK 3 rd Annual workshop 1/7/2015 23

  24. GATEWAY STATS 3 rd Annual workshop 1/7/2015 24

  25. RELAY SERVICE 3 rd Annual workshop 1/7/2015 25

  26. DNS Cache Servers NKN Cloud Reply Reply Request Request The server IP is 14.139.5.5 (anycast) Contact us: support.dns@nkn.in 3 rd Annual workshop 1/7/2015 26

  27. DNS Zone Servers Reply Reply DNS Root NKN Cloud Servers Reply Zone Domain.ac.in Domain.ac.in Domain.ac.in Domain.ac.in Reply transfer to Institute DNS Internet NKN 3 rd Annual workshop 1/7/2015 27

  28. Thank You & Happy NKN Project Implementation Unit National Knowledge Network National Informatics Centre 3rd Floor, Block III, Delhi IT Park, Shastri Park, New Delhi - 110053 CONTACT NKN: 1800 111 555 piu@nkn.in support@nkn.in 3 rd Annual workshop 1/7/2015 28

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

THE STUDY TEAM -Mrs. Brnice Richard, student in Sciences po Rennes Campus de Caen and

THE STUDY TEAM -Mrs. Brnice Richard, student in Sciences po Rennes Campus de Caen and

THE STUDY TEAM -Mrs. Brnice Richard, student in Sciences po Rennes Campus de Caen and member of the ESO laboratory. -Mrs. Danielle le Bihan, member of the European Jean Monnet Chair, professor of Public Law and Vice-President of the

446 views • 7 slides
CAF 09 Presentation Autumn 2020 Abdus Salam Jan FCA, FPFA Faculty Member PAC Khyber Campus

CAF 09 Presentation Autumn 2020 Abdus Salam Jan FCA, FPFA Faculty Member PAC Khyber Campus

ASJ CAF 09 Presentation Autumn 2020 Abdus Salam Jan FCA, FPFA Faculty Member PAC Khyber Campus - Peshawar ASJ Certificate in Accounting & Finance CAF - 09 Audit & Assurance ICAPs Grids & Weightings for CAF -09 ASJ SN

485 views • 33 slides
Pecan Campus Technology Campus Starr County Mid Valley Nursing & Allied Campus Campus

Pecan Campus Technology Campus Starr County Mid Valley Nursing & Allied Campus Campus

Pecan Campus Technology Campus Starr County Mid Valley Nursing & Allied Campus Campus Health Campus STC is One of Three Community Colleges in Texas Accredited to Offer Applied Bachelor Degrees Technology Management Computer and

391 views • 23 slides
Member Institution Johanna Fishbein (Chair) UWC South East Asia, Dover Campus Jennifer Dewar

Member Institution Johanna Fishbein (Chair) UWC South East Asia, Dover Campus Jennifer Dewar

Member Institution Johanna Fishbein (Chair) UWC South East Asia, Dover Campus Jennifer Dewar Duolingo English Test Kristin Dreazen Edvice London Joe Giacalone Marist College Sherrie Huan The University of Sydney Joey Kirk University of

404 views • 12 slides
Patricia Kenneh Member PA Jennifer Gray Brumskine Member NY Amelia Moore Member PA Dr. Glenn W.W.

Patricia Kenneh Member PA Jennifer Gray Brumskine Member NY Amelia Moore Member PA Dr. Glenn W.W.

Name Position State Washington Doe Chairman DE G. Christopher Weay Co-Chairman MD Ezax Smith Secretary MD Albert Cooper Treasurer FL Patrick Thompson Ex Officio Board Member NY Louise Beer Member NY Agnes Donnie Member PA Patricia Kenneh Member

459 views • 15 slides
WHY COLLEGE? OUR CAMPUSES Granton Campus Sighthill Campus Milton Road Campus Midlothian

WHY COLLEGE? OUR CAMPUSES Granton Campus Sighthill Campus Milton Road Campus Midlothian

WHY COLLEGE? OUR CAMPUSES Granton Campus Sighthill Campus Milton Road Campus Midlothian Campus ABOUT EDINBURGH COLLEGE 36% of all Scottish undergraduate entrants come via college OPTIONS FOR LEAVING SCHOOL College Modern

416 views • 19 slides
City Campus City Campus Welcome to City of Glasgow College City Campus External Entrance from

City Campus City Campus Welcome to City of Glasgow College City Campus External Entrance from

City Campus City Campus Welcome to City of Glasgow College City Campus External Entrance from Cathedral Street City Campus One Project: Two Campuses Beacons of educational excellence Both the City and Riverside Campuses take full advantage of

637 views • 60 slides
Campus Computing Infrastructure (CCI) Initiative 97+ Data Campus Data Center CCI Centers

Campus Computing Infrastructure (CCI) Initiative 97+ Data Campus Data Center CCI Centers

Campus Computing Infrastructure (CCI) Initiative 97+ Data Campus Data Center CCI Centers Efficiencies Aggregation 2011 2012 2013 2014 Strategy Short Term Long Term Identify initial shared, campus- sponsored Evolve Campus IT

654 views • 6 slides
Woodlands Health Campus YAN Yan Director, Campus Planning Woodlands Health Campus Michael LEONG

Woodlands Health Campus YAN Yan Director, Campus Planning Woodlands Health Campus Michael LEONG

Woodlands Health Campus YAN Yan Director, Campus Planning Woodlands Health Campus Michael LEONG Director Confidential SAA Architect Health Campus in the North of Singapore Urban Master Plan Improved Industrial/ Housing

291 views • 12 slides
Campus Forum Conference ACU Brisbane campus Towards the Learning Society. Professor Jim Nyland

Campus Forum Conference ACU Brisbane campus Towards the Learning Society. Professor Jim Nyland

2013 Australian Universities Heads of Campus Forum Conference ACU Brisbane campus Towards the Learning Society. Professor Jim Nyland Associate Vice Chancellor ACU (Brisbane campus) ACU Brisbane campus The Impact of exponential growth of

338 views • 12 slides
Campus Master Plan Presentation #2 January 19, 2020 What is a Campus Master Plan? A roadmap

Campus Master Plan Presentation #2 January 19, 2020 What is a Campus Master Plan? A roadmap

Campus Master Plan Presentation #2 January 19, 2020 What is a Campus Master Plan? A roadmap document that guides the decision making process for the physical development of the campus. Believing the campus has the potential to manifest the

633 views • 45 slides
Campus Master Plan Presentation #3 January 26, 2020 What is a Campus Master Plan? A roadmap

Campus Master Plan Presentation #3 January 26, 2020 What is a Campus Master Plan? A roadmap

Campus Master Plan Presentation #3 January 26, 2020 What is a Campus Master Plan? A roadmap document that guides the decision making process for the physical development of the campus. Believing the campus has the potential to manifest the

413 views • 37 slides
Who you gonna call? Navigating Complex Discrimination and Retaliation Issues on Campus Ms.

Who you gonna call? Navigating Complex Discrimination and Retaliation Issues on Campus Ms.

Who you gonna call? Navigating Complex Discrimination and Retaliation Issues on Campus Ms. Congeniality? Professor X has been a faculty member with the department for many years. She has always had difficulty working well with others but over

410 views • 11 slides
Telecom Bretagne Brest 2 campus Rennes A mettre : photos des sites Toulouse Lannion 2

Telecom Bretagne Brest 2 campus Rennes A mettre : photos des sites Toulouse Lannion 2

Telecom Bretagne Brest 2 campus Rennes A mettre : photos des sites Toulouse Lannion 2 secondary sites : Campus ISAE Page 1 Institut Mines-Tlcom DS Tlcom Bretagne Member of Mines-Telecom Institute 12 555 students 8% of

483 views • 21 slides
National Grid-Buffalo Niagara Medical Campus Energy Innovation Partnership AERTC Conference |

National Grid-Buffalo Niagara Medical Campus Energy Innovation Partnership AERTC Conference |

National Grid-Buffalo Niagara Medical Campus Energy Innovation Partnership AERTC Conference | October 12, 2011 Introduction to the Buffalo Niagara Medical Campus Key facts: Institutions: 9 member institutions, including University at

75 views • 6 slides
EAT RIGHT CAMPUS EAT RIGHT MOVEMENT E AT R IGHT C AMPUS (ERC) Eat Right Campus initiative of

EAT RIGHT CAMPUS EAT RIGHT MOVEMENT E AT R IGHT C AMPUS (ERC) Eat Right Campus initiative of

EAT RIGHT CAMPUS EAT RIGHT MOVEMENT E AT R IGHT C AMPUS (ERC) Eat Right Campus initiative of FSSAI is a powerful tool to create an environment of safe food and healthy eating for residents and visitors in various campuses:

350 views • 22 slides
Cable & Wireless Communications Plc Caribbean Investor Briefing 1 July 2011 Disclaimer This

Cable & Wireless Communications Plc Caribbean Investor Briefing 1 July 2011 Disclaimer This

Cable & Wireless Communications Plc Caribbean Investor Briefing 1 July 2011 Disclaimer This presentation contains forward-looking statements that are based on current expectations or beliefs, as well as assumptions about future events.

916 views • 69 slides
POSITIVE ENGAGEMENT OF INMATES POSITIVE ENGAGEMENT OF INMATES IN PRISONS DEPARTMENT OF PRISONS

POSITIVE ENGAGEMENT OF INMATES POSITIVE ENGAGEMENT OF INMATES IN PRISONS DEPARTMENT OF PRISONS

POSITIVE ENGAGEMENT OF INMATES POSITIVE ENGAGEMENT OF INMATES IN PRISONS DEPARTMENT OF PRISONS AND CORRECTIONAL SERVICES, KARNATAKA STATE CRIMINAL JUSTICE SYSTEM CRIMINAL JUSTICE SYSTEM Prisons Prisons Court Court Police Police

572 views • 31 slides
By: Sh. R. K. Bahuguna, CMD Agenda Introduction Infrastructure & Services

By: Sh. R. K. Bahuguna, CMD Agenda Introduction Infrastructure & Services

RailTel Presentation By: Sh. R. K. Bahuguna, CMD Agenda Introduction Infrastructure & Services National Projects Infrastructure Augmentation New Projects & Services Introduction RailTel is a leading Telecom

893 views • 26 slides
Form-Meaning Interface in Constraint-based Unified Grammar: Prosody and Pragmatics PACLIC 19

Form-Meaning Interface in Constraint-based Unified Grammar: Prosody and Pragmatics PACLIC 19

Form-Meaning Interface in Constraint-based Unified Grammar: Prosody and Pragmatics PACLIC 19 Dec 1~3, 2005 Suk-Jin Chang Seoul National University Form Meaning | | Prosody Pragmatics i. intonation

621 views • 60 slides
Efficient Interfacing Campus LAN with NKN RS MANI rsm@nkn.in 2 nd Annual NKN Workshop 25-Oct-13

Efficient Interfacing Campus LAN with NKN RS MANI rsm@nkn.in 2 nd Annual NKN Workshop 25-Oct-13

Efficient Interfacing Campus LAN with NKN RS MANI rsm@nkn.in 2 nd Annual NKN Workshop 25-Oct-13 # Efficient utilization Come from: Good Campus LAN Speed Segregation of LANs QoS Resilient Access Controls ( L2 and L3)

417 views • 40 slides
2017 Business Plan and Strategy Renewable Energy Association of Nigeria About Us An

2017 Business Plan and Strategy Renewable Energy Association of Nigeria About Us An

2017 Business Plan and Strategy Renewable Energy Association of Nigeria About Us An Umbrella for the other associations of renewable energy sector in Nigeria . Providing a unified platform for all Renewable Energy Companies,

549 views • 37 slides
**xzqi&8 dk izLrqfrdj. j.k** k** PAC in year 2020 xqzi&8 1& Jh c`tHkwk.k iqfyl

**xzqi&8 dk izLrqfrdj. j.k** k** PAC in year 2020 xqzi&8 1& Jh c`tHkwk.k iqfyl

**xzqi&8 dk izLrqfrdj. j.k** k** PAC in year 2020 xqzi&8 1& Jh c`tHkwk.k iqfyl egkfujh{kh ih,lh ifpeh tksu eqjknkckn v/;{k 2& Jh d`.k eksgu lsukuk;d prqFkZ okfguh ih,lh bykgkckn lnL; 3& Jh izse xkSre]

593 views • 18 slides
T l Telecommunications i ti Usage Patterns and Usage Patterns and Satisfaction in Lebanon 3

T l Telecommunications i ti Usage Patterns and Usage Patterns and Satisfaction in Lebanon 3

T l Telecommunications i ti Usage Patterns and Usage Patterns and Satisfaction in Lebanon 3 December, 2008 Click to edit Master title style Click to edit Master title style Outline Outline Objective and Scope of the Project Key

208 views • 19 slides

More recommend