Upcoming Events
Past Events
Media Archive
Registration History
|
|
NERCOMP EVENT
Automated Network Policy Enforcement: Host Registration, Isolation and Remediation
 Printer Friendly Version
|
A major security challenge facing university residential networks and other large-scale end-user networks is the thousands of privately owned and unmanaged computers directly connected to an institution's relatively open, high-speed Internet connections. Security policy enforcement is often lax due to a lack of central control over end-user computers and an inability to tie the actions of these computers to particular individuals. A few times a year there are surge events, including the predictable start of each semester and the unpredictable and increasingly frequent reactions to large-scale security incidents, that require massive support intervention. These unmanaged systems have led to the deployment of network registration, scanning, and remediation systems. These systems allow automation of technical policy enforcement as a condition for network access.
This SIG will review the required data and services, various approaches to deployment, and some potential future directions of these services.
Workshop Organizer/Host: Chris Misra of UMASS Amherst
Date/Time:
Tuesday, February 07, 2006
9:30am - 3:00pm
Registration begins at 8:30am
Location:
UMASS - Amherst
Campus Center
First Floor
Amherst, MA
Click
Here for a Map
Click Here for Directions
Special instructions:
Getting to the Campus Center Parking Garage… From Massachusetts Avenue (after exiting from Route 116) At the second set of lights turn left onto Commonwealth Avenue – Boyden Gymnasium is on the corner of Commonwealth & Massachusetts Avenues. At the next set of lights turn right onto Campus Center Way and proceed up Campus Center Way – The entrance to the Campus Center Parking Garage is at the top of the hill on the right.
Parking is available in the Campus Center Garage, pick up your parking pass at the registration desk and pay $5 when leaving.
Park on the 2nd floor of the parking garage and walk thru the hallway into the Student Center and go down to the first floor.
Pricing:
NERCOMP Members: $77
Non-Members: $177
By clicking on the "Register" button below, you are indicating a commitment to attend and will be held responsible for the registration fee.
Your fee can be refunded if you notify us of a cancellation at least 7 days prior to the event via email to nercomp@nercomp.org.
|
Additional Information
Event Schedule:
8:30am – 9:30am Registration and Coffee
9:30am – 9:40am Welcome and Introduction
9:40am – 10:40am Creating a Safe Computing Environment in a Small Private University
Speaker: Joseph Pangborn, Chief Information Officer, Roger Williams University
How Roger Williams University assessed and addressed the issue of network security, authentication and stability in the ResNet and soon across the administrative Network. Session includes background on RWU, network architecture, a vendor selection, and an implementation and the results.
10:40am – 10:50pm Break
10:50am – 11:50am Defending Against Yourself:
Automated Network Techniques to Protect and Defend Against Your End Users
Speaker: Eric Gauthier, Sr. Network System Engineer, Boston University
One of the major security threats facing University and other large-scale end-user networks, especially those supporting residential or dormitory accesses, comes from insiders -namely the thousands of privately owned, insecure, and unmanaged computers directly connected within an institution's relatively open, high-speed network. Protecting the network itself, critical services, and end-users from themselves requires networks to have the ability to automatically detect, react to, and defend against malicious activity through both preventative and, often, isolation and self-help remediation techniques. This talk will focus on common techniques being used by most university networks to automatically enforce security policies without generally restricting network usage and despite limited administrative control over end user systems. Additionally, the talk will include a brief overview of the work being done by Internet2's SALSA-Netauth working group towards an interoperable framework for linking network authentication and authorization devices into an institutions security framework.
11:50am – 12:50pm Lunch
12:50pm – 1:50pm ABC's of Policy Enforcement (NAC,NAP,TNC,Homegrown)
Speaker: Kevin Amorin, Sr. Security & Network Engineer, Harvard University
This will be an overview of the policy enforcement architectures NAC, NAP, and TNC. Kevin will try and extract the reality from the hype and present what is available today vs. next release. We will focus on which architecture fits best in which environment and what pieces are necessary to make it work. Finally we will discuss how your existing homegrown or commercial solution would possibly integrate with these architectures in the future.
1:50pm – 2:50pm Automated Incident Handling and Remediation
Speaker: Aaron J. Colon, Network Assistant, University of Massachusetts Amherst
Because of the size of the University of Massachusetts computing community, and the shortage of staff common to many workplaces, it became necessary to develop scripts, tools and processes automate the detection, processing, and remediation of computers systems. Types of problems we encounter include copyright violations, virus infection, and bandwidth abuse. The tools and processes we have developed are largely custom perl scripts, modified open source tools such as Netreg and ARSPerl, and commercial products including Remedy.
2:50pm - 3:00pm Wrap-up and End
Speaker:
Aaron Colon
Aaron Colon is a graduate of the University of Massachusetts, Amherst in Computer Science and native of the Pioneer Valley. As an employee of UMASS Amherst, he continues the maintenance and development of network management and security tools which he began working with as an undergraduate.
Speaker:
Eric Gauthier
Eric Gauthier is currently the senior network systems engineer for Boston University's Office of Information Technology, involved with network architecture planning and supporting the campus-wide network infrastructure. This infrastructure supports more than 20,000 concurrent end systems, spans across the main 200 building campus, and includes intra and inter-building wiring, wired and wireless access, campus-wide routing and switching, and Internet/Internet2 connectivity for IP/IPv6 unicast and multicast services. Eric also helped to design and implement the University's current "registration" and security enforcement system and to integrate it with the network infrastructure. For the past 18 months, Eric has been involved with the SALSA-Netauth working group within the Internet2 consortium and has been one of the editors for documents that the group has generated. During that past ten years, he was worked as a network and systems engineer in diverse settings including the small enterprise, large University, and several regional and large-scale ISPs, including Exodus Communications.
Speaker:
Joseph Pangborn
Joseph Pangborn has over 18 years of management experience in the technology field. Joseph came to the university from a successful career at the Rhode Island Department of Elementary and Secondary Education, where he held the position of director of network and information systems. In this position, he was responsible for budget management, network operations, technology architecture/development, design management, installation, and security. He also serves as a technical advisor to the non-profit educational collaboratives of RINet, and the non-profit consortium OSHEAN, formed to foster the development of a communications infrastructure for Rhode Island's research, educational, and public service community.
Joseph is a graduate in engineering from University of Rhode Island.
Speaker:
Kevin Amorin
Kevin Amorin is the Senior Network & Security Engineer at Harvard University Kennedy School of Government. At the Kennedy School Kevin oversees network security, network design, and a range of projects. Kevin is active in several information security organizations including SALSA NetAuth and Internet2/Educause. Kevin is the Co-Creator of PacketFence, an opensource registration and worm mitigation product. Current projects include working toward the development of an open standard for end point policy enforcement. His other interests include distributed systems, wireless security, and teaching. Prior to joining the staff at Harvard University in 2001, Kevin worked with Microsoft, Taos Consulting, Lucent, and Motorola. Kevin received his B.S in Computer Science from WPI, and his Masters in Computer Science from Northeastern University.
Related Media Files:
nercomp-SIG.ppt
Contact Information:
Lisa DiMauro
860-345-2081
ldimauro@wesleyan.edu
Hotel Information:
Rooms are available at the Campus Center Hotel located right on campus.
Rooms are reserved under Block Number 1493, the rate is $70 per night. The room block will be released on January 23rd.
Call the hotel directly at: 1-413-549-6000
For additional information go to:
http://www.aux.umass.edu/hotel/
Technical Requirements:
|
|
NERCOMP reserves the right to use any photographs or other mechanical recordings taken at NERCOMP events in promotional materials.
No mechanical recordings of any kind may be used at NERCOMP events without the prior written consent of NERCOMP organizers and presenters.
The views and opinions expressed at NERCOMP events do not necessarily reflect those of NERCOMP, nor does NERCOMP make any representation regarding the information presented at NERCOMP events.
|
|
|
 |
|
EDUCAUSE
Read more about our affiliate organization, EDUCAUSE
and how we all work together to further the cause of using technology to
improve academia....
|
|
|
|
Board of Trustee Election
Wednesday, March 10, 2010
The Board of Trustees election is complete. We are happy to announce that the following people have ...
|
|
|
|