AMRES NOC Bojan Jakovljević. 8 th TF-NOC meeting, Athens 2013.

AMRES NOC Bojan Jakovljević 8 th TF-NOC meeting, Athens 2013.

Who are we? AMRES is National Research and Education Network of Serbia Initial development of the AMRES network started in the early 90 s when first faculties of the University of Belgrade (UoB) were connected to the Belgrade University Computer Centre(UBCC) with links up to 128kb/s capacities First connection from the UBCC to the Internet was established on 28 th February 1996 with a capacity of 64kb/s At the end of the 90 s the four largest Universities in Serbia were connected to each other with digital links (2Mb/s) and established the AMRES network University of Belgrade University of Novi Sad University of Niš University of Kragujevac

AMRES network - beginnings From that time carriers of development and operations of the AMRES network have been CCs from these four universities UoB (University of Belgrade) was a legal representative for the AMRES network and BUCC had the leading role in a coordination of all activities Until 2007 development of AMRES network had been the result of joint activities between these four universities, the support of Ministry of Education and Science and through participation in various international projects in the region (SEEREN, SEEREN2) and some donations (Max Planck Institute for Physics Munich) This model of work was retained until 2007 when the government launched an AMRES project.

AMRES project (2007 2010) AMRES project was created with the aim to establish an organizational model of management, system operation and development of the AMRES network. Technical work was organized through AMRES service centres - computing centers of Universities in Belgrade, Novi Sad, Nis and Kragujevac Through the activities in the project it was established Better integration among UCCs Procedures of operations are unified Definition of services are harmonized and became common for all users New services were developed Results from the AMRES project were the basis for the foundation of AMRES institution separate legal entity (2010-2011)

AMRES institution (2011 current) Obtaining legal status AMRES has become an institution responsible to build, develop and manage the national research and education computer network of the Republic of Serbia (AMRES network), like the NRENs in other countries. Organization structure: Managing board Supervisory board Office of the Director Departments for infrastructure and infrastructure resources (5 engineers) Departments for computers security (3 engineers) Department for services and user support (4 engineers)

AMRES network Internal network ~3800km of dark fiber optics, but only ~2000km are currently in use The optics was leased for 15 years period through SEELight project 20 cities are connected currently (46 PoPs inside institutions no professional data-centers) All dark fiber links are leased from one provider (Telekom Srbija) ~185 institution are connected (~95% dark fiber, ~4% SHDSL-2Mb/s or ADSL-16M/768k, %1 analog leased lines) ~200 000 end users

AMRES network Internal network Pure IP/Ethernet network No optical transmission system on links (neither DWDM nor CWDM) Exceptions are links Novi Sad Subotica (passive CWDM OADM), Belgrade Niš (SDH system Telekom Srbija 155Mb/s) For the links with distances more than 100km we use transceivers for 120km (32dB), 160km(37dB) or 200km(41dB)

AMRES network External links Primary link to GEANT network - 10Gb/s Secondary (backup) path is CBF to HUNGARNET - 1Gb/s CBF to SARNET (Regional R&E network in B&H Republika Srpska) 1Gb/s

AMRES network devices Most of devices on core network are from Cisco vendor Cisco 6509 in AMRES service centers (2xBUCC, 1xARMUNS, 1xJUNIS, 1xARMUK) Cisco 3550, 3560, 3750 in other PoPs Internet gateway device - Juniper MX 480 Access network devices Cisco 2950, 2960, Juniper EX3200, EX2200, TCL and ZTE (on some PoPs inside UoB donation from PRC)

AMRES services Network and connectivity services: IPv4 and IPv6 unicast, multicast VPN service DNS service Network Support service Network monitoring IP & DNS Registration services: IP-address allocation (RIPE LIR for IPv4, IPv6 etc.) Domain name registration ( ac.rs, Cyrillic domain ак.срб) Security services: AMRES CSIRT: Computer Security Incident Response Team Proxy service 6x Cisco IronPort Web applainces, 1x managament applaince Netflow monitoring tool Authentication & "Mobility" services: Identity management systems Server Certificate Service AMRES Registration Authority for TCS EDUROAM

AMRES services Hosting service Webhosting E-mail server hosting DNS zone hosting Media storage and streaming facilities: Media portal Streaming facilities (streaming server) Network communication tools & conferencing Videoconferencing service (MCU) Gatekeeper service Network computing resources GRID computing (Co-ordination within NREN community, offering CPU) E-Learning /e-research Virtual Learning Environments (MOODLE) Digital Repositories KOBSON - Serbian Library Consortium for Coordinated Acquisition of international scientific journals

AMRES services User interaction - knowledge dissemination Consultancy and advise (for all provided services) Training: workshops, seminars Hold admin conferences NREN publications: cookbooks/user manuals (through GN3activity CBP and other internal processes) All services are provided with cooperation with AMRES service centers or some other institutions.

ICmyNet.IMS ICmyNet.IMS - Networking Information and Monitoring System Developed by the BUCC for the needs of monitoring AMRES network infrastructure and services Most important monitoring tool for the work of AMRES NOC Starting point for AMRES network troubleshooting Networking information system Hierarchically organised information presented by a tree Information database for devices (inventory management), institutions, IP addresses, administrative and technical contacts etc. Monitoring system Passive and active monitoring the network status status of devices, ports, links, services. Performs visualisation of network (graphs, charts - MRTG), performance measurement and reporting (monitors, reports, events), failure notification (alerts, actions)

ICmyNet.IMS Information database

ICmyNet.IMS Graphs topology information

ICmyNet.IMS Alerts dashboard - current alerts (active alarms)

ICmyNet.IMS SLA report Service availability statistics

ICmyNet.Flow ICmyNet.Flow is a tool for deep network traffic investigation, analysis and reporting. It is based on NetFlow statistics, exported from network devices to ICmyNet.Flow server. It is used by AMRES NOC/CSIRT team for monitoring AMRES network traffic structure, for correlation and checking of the abuse complaints and in a process of resolution some issues or incidents in the network.

AMRES monitoring tools ICmyNet.log, Splunk (free version), Ironport Sawmill ICmyNet.dns Zennos, iperf, NDT, scripts etc.

AMRES NOC organization Evolve over the years Distributed from beginning Divided by geographic region 4 entities responsible for operation of the network 1 entity has a leader role in coordination of activities (UBcc > AMRES institution) Currently: Centralize NOC with some distributed functions (regarding operation of services)

AMRES NOC Network connectivity and services are not charged Support service is based on best-effort principle, without any SLA

AMRES NOC organizational structure NOC is organized in 3 level hierarchy 1 st Level AMRES Helpdesk (5 technicians) 24/7 support through work of UBCC operators Responsible to receive and handle user requests and issues Monitor alarms and events dashboard of monitoring tool and react on it Communicate with service providers NOC regarding network outages Inform customers regarding the network and service outages and estimated time of repair (if available) Send Network SLA reports to customers Maintain equipment inventory database Support work of AMRES CSIRT team - Work on receiving and resolving security incidents CSIRT operators Most of the requests and issues are resolved at this level

AMRES NOC organizational structure 2 nd Level - AMRES Network engineers (6) Knowledge of network technology and basic knowledge of system administration CCNA, JNCIA level of network knowledge Every week we have duty engineer Round-robin principle of change Responsible for coordination activities inside 1 st Level Change and configuration management 3 rd Level service managers and engineers Senior network engineers and system administrators responsible for design and operations of services CCNP, JNCIP-SP level of network knowledge >5 years experience in AMRES network and service environment Engineers from AMRES and the all service centers

Front end Our users are from universities, faculties, research institutes, high schools, collages, libraries, student s dormitories, hospitals, academies etc. Representative from these institutions (administrative and technical contacts) could contact our NOC and request any kind of service. End users can t contact us directly and must do that through the technical contacts from there institution except in some special situation when we work directly with them (some services, less knowledgeable admins) AMRES does not have SLA with our institutions

NOC communication tools To communicate with and keep track of users Request Tracker (TTS), e-mail lists, phone calls, ICmyNet.IMS (Contacts database) To communicate internally Request Tracker (TTS), Instant messaging, regular and ad-hoc meetings, phone calls, e-mails For communication outside AMRES NOC and for inter-noc communication Request Tracker (TTS), e-mails, phone calls

Documentation We document physical and logical topologies, internal and external procedures, service technical designs, contacts etc. Documentation is mostly created using Word, Excel and Visio tools and saved on a file server For some services we use DokuWiki tool

Questions