NETwork Border At Scale Integrating and Leveraging Individual Security
Network security and network performance are critical to the research, teaching, and learning missions of the higher education community. Attackers continue to develop more sophisticated tools to gain access to student and faculty private data, institutional financial information, and proprietary, often classified, research information, and it is increasingly important for IT staff to detect and prevent these attacks. Because protecting the university’s mission while maintaining privacy expectations and high capacity networks are often at odds, threat prevention systems do not scale to the growing volume of research data at an affordable cost.
NetBASILISK, the NETwork Border At Scale Integrating and Leveraging Individual Security Components project lead by researchers and network engineers at the University of Michigan, seeks to address the challenge of providing highly performant and secure network connections that support data intensive science and high bandwidth network research. Their goal is to enable researchers and network engineers at the University of Michigan to introduce the next level of security and privacy protection with a minimal impact on the speed or volume of network traffic. This project was awarded a National Science Foundation (NSF) grant for this work.
From a network operations perspective, the NetBASILISK project aspires to:
- Advance traffic analysis and configuration automation for extremely large scale networks
- Gain new operational insights about traffic flows, network performance, and the effects of automation
- Deliver best practices and platform components for use by the broader research and education networking community
From a scientific use case perspective, the NetBASILISK project aspires to demonstrate that secure, at scale networks can be built to:
- Connect researchers and local compute and storage infrastructure with remote, off-premise instruments
- Integrate local, on-premise instruments with remote collaborators and commercial cloud offerings
- Enable Internet measurement and monitoring without distorting quantifiable results
- Create a platform for innovative network enhancements (online censorship circumvention using Refraction Networking)