Effective and Economical Protection for High-Performance Research and Education Networks
As scientific research requires free exchange of information and ideas among collaborators world-wide, scientists depend critically on full and open access to the Internet. Yet in today’s world, such open access also exposes sites to incessant network attacks. Some of the most powerful networks today remain particularly hard to defend: for the 100G environments and backbones that facilitate modern data-intensive sciences, classic inline firewalls remain infeasible options. This project is developing effective and economical network protection for critical high-performance science infrastructure that exploits their specific characteristics and constraints. Researchers are creating a comprehensive security framework that integrates software and hardware through two main thrusts. First, they are increasing the performance of network monitoring by offloading expensive low-level operations from software into switches and NICs. Second, they will expand visibility into R&E networks and then leverage that new capability for responding actively to malicious activity. The approaches cater specifically to the scientific domain and enable finely tailored security decisions for protecting users, instruments, and data. The researchers will leverage a widely deployed open-source network security monitor as their implementation platform, and work with two vendors to integrate the new capabilities into their devices.
Funding provided by NSF grant #1642161.