Network Operations​

Network Operations​

GÉANT's terabit-ready network is the most advanced and well-connected research and education network in the world​​.​

Managing such a large network is a complex task and GÉANT has created an expert support structure to ensure the reliability, integrity and security of the GÉANT network and its users. We also support the EUMEDCONNECT and FED4FIRE​ network infrastructures.​

GÉANT supports the excha​nge of knowledge and best practices among the network operations staff of our member organisations through the SIG-NOC special interest group.

GÉANT Operations Centre (GOC)

Supporting network and service delivery round the clock.

Day-to-day management of the GÉANT network is handled by the Operations Centre (GOC). The GOC acts as a first point of contact for its subscribers and other NOCs (network operations centres). It:
  • receives reports of service problems;
  • diagnoses network problems;
  • oversees repairs and corrective maintenance;
  • resolves issues pertaining to the network and supported services and assists as required;
  • monitors network health;
  • creates tickets for network incidents and planned maintenance.
The GÉANT Operations Centre is active 24x7x365 (366 in a leap year!) days per year. The GOC has a particular responsibility for the support of GÉANT multi-domain services, i.e. those services that span several national networks and GÉANT. In this capacity the GOC ensures the reliable and ongoing operation of those central systems and processes which underpin the multi-domain services.

The GOC also provides 24x7 support for the EUMEDCONNECT and EaPConnect  network infrastructures.

Operational network management

The GÉANT Operations Centre is one of the  specialist teams within the operations department, which handles the coordination and execution of GÉANT's operational service provision.

Provision of the GÉANT network is a large and complex international service supporting a wide range of users and projects across Europe and the rest of the world. Many of the technologies used by these projects are at the leading edge of high performance networking. GÉANT engineers work closely with the technology providers to develop support and management systems to operate this network and the services on it.

Network Security

​Securing the GÉANT network, data and se​rvices

NSH​aRP Process

All networks are seeing a rise in malicious attacks with hackers from around the world seeking to penetrate or disrupt network services. These attacks not only cause delays and affect users of the networks but can often be used by hackers to cloak more aggressive threats. Of these Distributed Denial of Service (DDoS) attacks can be some of the most visible and hardest to counter but there are many different security threats that NRENs need to be able to identify and defend against.

GÉANT has implemented a range of functions and facilities to help support NRENs in identifying, tracking and mitigating against anomalous traffic patterns.

The NSHaRP process encompasses all the necessary tools for incident detection and response offering a range of capabilities from detection and automatic alerting to mitigation and investigation, to quickly and effectively inform affected users and to manage the mitigation process.

NSHaRP extends the NRENs' detection and mitigation capability across into the GÉANT network and to its borders with other networks, therefore enabling the attack to be mitigated before it transits the GÉANT network. This is a highly innovative and unique security service in that it caters for different requirements from each NREN, by enabling the customization of their NREN specific alerts in their hands.

NSHaRP capabilities

Detection and Alerting
Automated anomaly alerts - Interested NREN can subscribe to automated anomaly alerts to receive e-mail alerts when its infrastructure is affected by an event they classified as malicious. A ticket is automatically created with the GOC in pending auto-close state which automatically closes after 5 days if no response is received. NREN can request blocking, further investigation or monitoring of the event.

Mitigation
Firewall on Demand - NRENs with eduGAIN access can subscribe to FoD (Firewall on Demand) to allow themselves to propagate flowspec rules to GÉANT Project backbone network against their administrative IP space when a D(D)oS attack takes place. Alternatively, they can open a ticket with GOC to apply flowspec rules on their behalf.

Remote Trigger to Blackhole - All European NRENs can use BGP community 20965:0008 to advertise single IPv4 or IPv6 destination addresses from within their administrative IP space to GÉANT to discard any traffic on GÉANT borders in the case of a severe D(D)oS attack. Once again, alternatively, NREN can open a ticket with GOC to apply RTBH rules on behalf of the NREN.

Incident Response Process and Capabilities

GÉAN​T Computer Emergency Response Team (CERT)​​​

The GÉANT CERT team secures the logical and physical infrastructure of the GÉANT network and all data crossing the network, responding to network security incidents and mitigating breaches, weaknesses and risks. Specifically, this relates to the prevention, detection, reporting, and mitigation of incidents targeting the GÉANT network infrastructure.

Of the potential hundreds of events detected each month, a percentage requires the GÉANT CERT team to work with CERTs (also known as CSIRTs) from among the national research and education networking (NREN) organisations, and in certain cases, international teams. This work covers investigating the incident, recommending and supporting the network integrity.

GÉANT CERT’s role includes monitoring systems for malicious events and taking proactive measures to ensure systems are not compromised. The GÉANT CERT team also assists NRENs and their associated CSIRTs to mitigate or to recover from incidents affecting the GÉANT network and/or targeting or originating from NRENs. GÉANT CERT is actively engaged in the European and international CSIRT community, which shares data and experiences, and is a member of TF-CSIRT, Trusted Introducer, and FIRST. GÉANT CERT consists of the following GÉANT teams:

  • Security Team
  • GÉANT Operations Centre

Furthermore, GÉANT CERT team protects the corporate assets of GÉANT and is the team responsible for incident response.


​GÉANT CERT Team - RFC 2350 ​​​

GÉANT CERT is the Computer Emergency Response Team (CERT) of GÉANT serving users of services delivered by GÉANT. The main constituents are National Research and Education Networks (NRENs) in the GÉANT Project. It deals with computer and network security incidents related to DDOS, Bots, Spamming and infrastructure vulnerabilities that involve services operated by GÉANT - for example the GÉANT Project network.​

Constituency
The primary constituency are NRENs and associated CERTs. Towards its constituency, the role of the GÉANT security team is to assist the NRENs and especially the associated CERTs to mitigate or to recover from the incidents affecting the GÉANT network and or targeting or originating from GÉANT NRENs

The following document details the compliance of GÉANT CERT to RFC2350

  SEC-GEANT CERT RFC2350

Incident​​ Response Process & Capabilities

Accr​​editations

Contact Us

Meet the Second Line Support Team

GÉANT Operations Centre: Service Level Targets

Operations Centre KPIs

Contact Us

Want to send an email but need the address? Call the Operations Centre. ​

GÉANT Operations Centre
+44 1223 733033