APPLICATIONS - NETWORK SECURITY
Overview
Collaboration and Learning Technologies
Identity Management
Applications Security
Network Security
Voice over IP
High Performance Computing
Disaster Recovery

Terms of Reference for the BCNET Network Security Working Group, September 14, 2006

Purpose
BCNET Network Security is an ongoing working group of the Applications Advisory Committee (APAC), and engages in both discussion sessions and project development. The working group advises the BCNET Technical Committee on matters regarding network security, including best practice, design, policies, procedures, architecture, implementation and operations.

The working group will also serve as a forum where practicing university network engineers can interact with network security experts, and acts as a resource on security matters for other BCNET working groups.

Goal
Ensure that BCNET employs best practises for network device security.

Objective
Develop and implement a BCNET Network Security Plan.

Membership
The working group is initially selected by the BCNET Manager of Network Engineering. The group consists of IT Security representatives from the BCNET members. Additional members may be added to the working group as required. The working group will work closely with the network engineers of the BCNET members.

Current Members
Working Group Lead - Marilyn Hay, BCNET
Peter Van Epp, SFU
Andy Scott, BCIT
Jens Haeusser, UBC
Don McWilliam, BCNET
Eric Van Wiltenburg, UVic
Keir Novik, BCNET

Working Group Scope
Network management should encompass the following functional areas of network security:

  • Ensure the ongoing protection of the network
  • Analyze and minimize risks
  • Network security plan
  • Security policies
  • Monitor security indicators
  • Recognize security incidents and violations and initiate action
  • Password administration

The following observations have been made which BCNET should address. (Noote: this is not an exhaustive list)

  • BCNET does not have a formal Network security plan in place. There has been substantial growth in the number of security related incidents but not in assigned resources.
  • There is minimal system security logging in place. Network monitoring is in place with some RMON devices.
  • Risks assessment is determined as required when threats occur. Documented policies would be of assistance to staff.
  • Security violations are responded to as they are reported generally by passing the report to the customer involved. Staff provide some support to customers in isolating security problems.
  • BCNET maintains a password system for the systems and network devices in its domain, including SNMP password management. These are not under a regular change management system.

Having a Network Security plan in place would drive many of the other areas of concerns. The working group will determine the scope of the Security plan which can be achieved within the project timeframe.

Depending on the level of activity and success of this working group, the project and working group may be carried forward into the next fiscal year.

Activities/Deliverables

  • BCNET requires a documented Network Security Plan. This should include the policies, plans, procedures, and escalation processes in place. Note that BCNET's role is not in policing except in response to violations and to provide some basic measures of network security such as anti-spoof filters.
  • Determine if detection devices for network security violations should be implemented.
  • Communicate the Security Plan with BCNET stakeholders.
    Network Security working group Terms of Reference will be annually updated.
  • Document BCNET Network Security policies and procedures in a Network Security Plan. Implementation is dependent on the Security Plan specifics.
  • Conduct a quarterly vulnerability assessment by member institutions.
  • Oversee an annual risk assessment.
  • Create a summary update for each Board meeting.
  • Oversee the implementation of security policies by the BCNET IT group.
  • Conduct an annual audit.
  • Budget
    The working group members are expected to contribute four to eight hours per month from October 2004 to March 2005 in meetings and participation.

BCNET has assigned a capital budget of $4,000 for possible expenditures.

Operations
The working group will meet as required to meet the project deliverables. The project plan will be updated as work progresses. The working group interacts with the Technical Committee, stakeholders, and experts as required to meet the project deliverables. The working group lead, as a BCNET staff member, reports on the progress of the project to the BCNET Executive Committee every six weeks.

The working group may add participants as required either from the networking groups of the members, or network affiliates, or others as appropriate.

The working group will use the BCNET Intranet site as an information repository.

The working group is to be openly accessible to BCNET Board Members, working group members and BCNET staff.
Member Login
Join BC.NET
  Find out how BCNET's members are using advanced networks
Subscribe to newsletter
   
 

Disclaimer | Privacy Policy | Sitemap
Web design in Vancouver by Graphically Speaking