1 / 28

Circuit IT Conferences Update

Circuit IT Conferences Update. Summer 2008. DCN, PACER-Net, & National Gateways. 11 th Anniversary of DCN completion and National Gateways – 10 th for PACER-Net Doubled DCN capacity since 2003 Redundancy for FJC, Notes, CM/ECF, VPN, FAST, PACTS, and court www sites

uzuri
Download Presentation

Circuit IT Conferences Update

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Circuit IT Conferences Update Summer 2008

  2. DCN, PACER-Net, & National Gateways • 11th Anniversary of DCN completion and National Gateways – 10th for PACER-Net • Doubled DCN capacity since 2003 • Redundancy for FJC, Notes, CM/ECF, VPN, FAST, PACTS, and court www sites • Secure external connections to DOJ, CALR, FBI, ILS, and FPD • 25% DCN sites have emergency broadband installed for redundancy

  3. DCN – Circa 2005

  4. Current DCN

  5. Internet Traffic (mbps)

  6. Mail, SPAM, and Misc. • Processing 130 million e-mails monthly from the Internet and another 28 million processed by SDSD for CM/ECF • ~1% E-mails contain viruses • About 94% is Spam and blocked • Websense software renewed until 2010 • BorderManager renewed until 2013

  7. Remote Access • 19,000 VPN Accounts • ~9,000 unique remote access users on VPN monthly via gateways • jport.uscourts.gov is 30% of VPN traffic and exceeding 3,800 unique users per month • Cache cleaner, host checker, dial-in only at gateways, and network access control • EOD and ESS Interim Platform

  8. IPv6 • Test network at 5 locations • Test lab at AO • Address plan for /32 • 2610:01B0:0000:0000:0000:0000:0000:0000 to 2610:01B0:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF • 7.92281625 × 10 to 28th power

  9. NMF Support Threshold Notification – Alert of high utilization MRTG Traffic Charts Cause of Problem Netflow - Source of high utilization

  10. SolarWinds – Network Performance Management Tool

  11. SolarWinds – Site View

  12. New process in the court was running at an unexpected rate and consuming 36% of available bandwidth for weeks before it was corrected.

  13. Notice from Chief Judge reminding employees about appropriate use was very effective.

  14. Court Assistance • Ask that courts log into SolarWinds a couple of times a day just to take a look at your District/Circuit to get a picture of the WAN health • Our view is national with over 600 DCN routers and 180 Pacernet routers plus the gateway devices. • Our top 10 trouble/problem sites may not include your location. • Local court monitoring and notifying the NMF will alert us to an existing problem or potential problem and hopefully result is a more proactive resolution

  15. Security Management FacilityDetection and Containment • Monitoring of IDS and SIMs Correlation Consoles • Firewall and port blocks for containment • Courts notified of detected events • JASIRC notified • IDS team support for remediation

  16. GOOD INTERNET Sites Infected INTERNET On the Internet Thousands of Sites are Compromised User Visit DCN • User visits innocuous well known web sites that are infected • Some Infections are introduced by Pop-Up Ads.

  17. GATEWAY DEFENSE IN DEPTH STOPS THE MAJORITY OF MALWARE INFECTIONS • DCN Users • Infected sites visited or users are unknowingly redirected toSites advisories found on CERT and SANS advisories

  18. DCN PROTECTION

  19. Some Malware Still Makes it Through to DCN Desktops Courts must keep Desktop Antivirus software up-to-date Infected DCN users

  20. Local Proactive Actions that can be Taken • Using WebSense or other secure proxy ( Court Licenses are available for use ) - WebSense makes use of a malware blacklist Titled: “Malicious Websites.” • Vigilant in Microsoft Security patches and Anti-Virus software updates • Keep desktop IE Brower patches up-to-date • Follow Judiciary Guidelines of not using Peer-to Peer-Software and limit the use of browser webmail

  21. PACER PROTECTION

  22. PACER-Net - CISCO SPA Vulnerability data available to the courts • Overall internal security posture rating: ABOVE AVERAGE • Weakness • Patching application was not totally effective • Weak passwords contributed to exposure • Configuration management requires improvements: • securing applications • strong passwords, and • standardized server and workstation builds

  23. Networx Transitionfrom FTS2001 • Schedule – Award in late 2008 and begin installations in 2009 • Services - • Impact to Court • New lines • New routers • Travel to remote locations • Access into buildings

  24. What Courts Can Do – Networx Prep • Most high speed services – DS3/Ethernet require fiber facilities • At large court HQs sites begin investigating what it would take to bring fiber into your building. • Does your building have space – power - HVAC in your telco demarc where a fiber mux could be housed • Do you have a pathway between your demarc and your computer room to support an innerduct run

  25. Questions?

More Related