Slides from my talk on R&D innovation projects around the Janet network for the HEAnet / Juniper Innovation Day, September 2015. I talk about some recent Janet R&D initiatives such as our Reach scheme for connecting industry to the network, our end to end performance initiative, and our Safe Share project for secure access to sensitive data by researchers - e.g. medical records. There is also a recap of some of our recent activity around equipment sharing, our shared data centre, connectivity and deals with major cloud providers.
Janet Network R&D Innovation - HEAnet / Juniper Innovation Day
1. Janet Network R&D Innovation
Martin Hamilton
Photo credit: FacebookJanet Network R&D Innovation - HEAnet / Juniper Innovation Day29/09/2015
2. Janet Network R&D Innovation
Martin Hamilton
Photo credit: FacebookJanet Network R&D Innovation - HEAnet / Juniper Innovation Day29/09/2015
3. Janet Network R&D Innovation
1. About Jisc
2. R&D initiatives – what’s next?
– Software defined networking (SDN) testbed
– End to end performance initiative (E2EPI)
– Secure access to sensitive data for research (Safe Share)
– Industry connectivity (Janet Reach)
3. Conclusions
– IT as Innovation inTechnology, not business as usual
– What would Google do?
5. 1. About Jisc
› Registered charity championing the use of digital technologies in
research and education
› National deals and shared services for UK Universities and Colleges, e.g.
- Janet, world leading research network
- eduroam global wireless roaming
- Groundbreaking content deals with publishers
- Cloud brokerage with Amazon, Google, Microsoft
› Aiming to complement RCUK and Innovate UK / Catapults
- Open Educational Resources,OpenAccess and Open Data
- Just launched asset sharing initiative
9. About Jisc
Netflix
Voicenet
Akamai
Virgin Radio
Bogons
Logicalis UK
Pipex / GXN
BBC
Datahop
InTechnology
INUK
Simplecall
LINX multicast
Gamma
Google
Simplecall
Redstone
Updata
aql
Voicenet
Google
Limelight
Limelight
Akamai
BTnet
Init7
Amazon
Microsoft EU (viaTN)
Telekom Malaysia
Globelynx
10Gbit/s
1Gbit/s
100Gbit/s
GÉANT
GÉANT+
LINX
Microsoft EU (viaTW)
Total external connectivity ≈ 1Tbit/s
Leeds
Akamai
Google
VM for LGfLInTechnology
NHS N3
Exa Networks
Synetrix BBC (HD 4K pilots)
One Connect
Glasgow
&
Edinburgh
HEAnet
BBC (Pacific Quay)
Gamma
BBC (HD 4K pilots)
NHS N3
SWAN (Glas)
SWAN (Edin)
Manchester
Telecity
Harbour
Exch.
Telehouse
North &
West
VM for LGfL
RM for Schools
VM for LGfL
RM for Schools
GlobalTransit
Tata
jas / 26 Sep 2015
IXManchester
IXLeeds
GlobalTransit
Level3
GlobalTransit
Level3
10. 1. About Jisc
Amazon cloud portal
› Monthly invoicing - credit cards are no longer
required for payment
› Itemized billing - consolidated across
users/departments
› Billing inGBP, not dollars
› Setting of budget limits for individual user
accounts or departments
› The retrieval of service usage information within
own areas of responsibility
› Volume-discounts through aggregation across
multiple educational institutions
www.jisc.ac.uk/amazon-web-services
11. 1. About Jisc
Assent (formerly Project
Moonshot)
› Single, unifying technology that enables
you to effectively manage and control
access to a wide range of web and non-
web services and applications.
› These include cloud infrastructures, High
Performance Computing, Grid Computing
and commonly deployed services such as
email, file store, remote access and
instant messaging
www.jisc.ac.uk/assent
12. 1. About Jisc
Equipment sharing
› Brokered industry access to £60m
public investment in HPC
› Working with EPSRC to pilot the
Kit-Catalogue software, sharing
details of 1,000s of items of high
value equipment
› Newcastle University alone is
sharing £16m+ of >£20K value
equipment
Photo credit: HPC Midlands
http://bit.ly/jiscsharing
14. 1. About Jisc
ESISS
› Pen testing
› Reporting for audit
compliance
› Security consultancy
› Led byTigerTeam
accredited Senior
SecurityTester
www.jisc.ac.uk/esiss
15. 1. About Jisc
www.jisc.ac.uk/financial-x-ray
Financial X-Ray
› Easily understand and compare
overall costs for particular
services
› Develop business cases for
changes to IT infrastructure
› Mechanism for dialogue
between finance and IT
departments
› Highlight comparative cost of
shared and commercial third
party services
21. 2. R&D initiatives
Software Defined Networking (SDN) testbed
› Meeting at UCL in March 2013 (10 Universities and Janet
team)
› The testbed should:
– Connect SDN-enabled user testbeds by a SDN-enabled core
– Give access to SDN-enabled core to researchers who don’t have SDN-
enabled testbeds
– Support a broad variety of tests with minimum limitations
– Have a rich topology (at least a triangle one)
23. 2. R&D initiatives
Software Defined Networking (SDN) testbed
› HP 3800 switches supporting OF 1.3.1 (no double-tagged operations
yet) and L2/L3 protocols
› The access and core Lightpaths are transparent for user traffic
› Each HP 3800 switch has three 10GE ports:
– Two for connectivity with other HP 3800 switches through per-port
core Lightpaths
– One for connectivity with user testbeds
› Testbed traffic should beVLAN tagged & each testbed user is assigned
a range ofVLAN IDs
24. 2. R&D initiatives
Software Defined Networking (SDN) testbed
Use mode 1:Time shared
› One test at a time
› Testbed user group has unfettered access to the
switches for a period of time
› When the work is finished, next user group gets access
25. 2. R&D initiatives
Software Defined Networking (SDN) testbed
Use mode 2: Sliced
› Several tests are carried out concurrently and independently by several
testbed user groups
› Also know as the eat-your-own-dogfood option
› Two open source options: Flowvisor and Flowspace Firewall. Both only
support OpenFlow 1.0
› Virtual OpenFlow Instances (HP)
– Up to four instances
– Mutiple controllers per instance
– VLAN-based slices
26. 2. R&D initiatives
Software Defined Networking (SDN) testbed
› What do you need?
–Switch hardware?
–Other infrastructure?
–VMs?
› Is access via a range ofVLANs limiting?
–How else might the testbed be sliced?
› GÉANTTestbed Service – find out more at
http://services.geant.net/gts
27. 2. R&D initiatives
Software Defined Networking (SDN) testbed
Conclusions:
› One component in a move towards more automated network
provisioning
› Internal use may happen first
› User control of the network is still some time away
– Inter-domain SDN and “Trust”
– Janet’s other services have high availability requirements
– Not just isolation of slices due to the protocol
– Implementation quality in software
29. 2. R&D initiatives
Rationale:
› General growth of HE/FE user traffic
› Increased use of off-site data centres, including the new Jisc shared data centre (and
another coming…)
› Increased outsourcing of systems/services to the cloud
› Communities wanting to run increasingly demanding networked applications
› And emerging communities wanting to do the same
› New requirements on universities, e.g. archival of research data as required by funding
bodies
› A rise in trans-national education
End to End Performance Initiative (E2EPI)
30. 2. R&D initiatives
End to End Performance Initiative (E2EPI)
Aims of the project:
› Help sites get the best from their Janet IP connection
› Identify existing and emerging user communities seeking to run high performance
networked applications (be that high throughput, low latency, or…)
› Determine, document and share best practices
› Foster discussion with and between the research communities, network operators (inc.
Janet NOC & the campus IT teams) and network researchers
› Help set expectations, and raise awareness of issues
› Raise ‘high water marks’
› Offer specialist support & tools (2 FTEs being recruited)
31. 2. R&D initiatives
End to End Performance Initiative (E2EPI)
Who is it for?
› Communities include: astrophysics, cosmology, particle physics, genomics,
environmental science, oceanography, …
– Participants typically spread widely across Janet
› Don’t necessarily express requirements in networking terms
– “I want to copy 100TB of data to RAL within a week”
› Though some communities are better
– e.g. the LHC Network Forward Look document, 2014
– Tier-1 rising to 20Gbit/s by 2016,Tier-2 to 10Gbit/s
› The e2epi will seek to help communities and their IT teams plan ahead strategically –
good for campuses and for Janet
32. 2. R&D initiatives
End to End Performance Initiative (E2EPI)
Typical bottlenecks:
› Applications & transfer tools: GridFTP, BBCP, etc.
› End systems
– TCP tuning, disk system tuning, etc.
– Excellent advice already at fasterdata.es.net
› Local network architectures
– Reviewing links and devices that might cause bottlenecks
› Wide-area links and connectivity
– Upgrading Janet access links
– Using Janet Lightpath service where appropriate
– Ongoing review of Janet’s peerings to other networks
33. 2. R&D initiatives
End to End Performance Initiative (E2EPI)
Impact on the service user:
› Some firewall architectures are not well-suited to high throughput flows, or may be
applying IDS (intrusion detection) to those flows
› This can often place a significant cap on performance
› The result is some sites now bypass their firewalls
› Example: Sussex – demonstrated in next slide
– Performance rose from 200Mbit/s, to max out 1Gbit/s
› A more elegant approach is to design in a high-performance ‘on ramp’ to the campus
network architecture
– This is the ‘Science DMZ’ approach, originating from Esnet, see fasterdata.es.net/science-dmz/
– Still includes efficient and relevant security measures
35. 2. R&D initiatives
End to End Performance Initiative (E2EPI)
Network monitoring:
› How do we see how well applications use the network?
– What are appropriate tools to measure performance?
› It’s preferable to measure performance as close to the application end points as
possible
– Or ideally within the application
› perfSONAR is popular in GridPP and other communities
– Can measure latency & loss, or raw throughput
– Example in next slide shows an HPC perfSONAR matrix
› The e2epi is exploring the tools that could be used
› Probably no ‘one size fits all’ solution
37. 2. R&D initiatives
What’s next?
› Looking for users to share their experiences – what works, what doesn’t – and any open
challenges – case studies are very welcome
› Join the e2epi Jiscmail list:
– www.jiscmail.ac.uk/cgi-bin/webadmin?A0=E2EPI
› Come to the free Janet e2epi workshop
– London, Oct 19th, registrations are open
– https://www.jisc.ac.uk/events/janet-end-to-end-performance-initiative-workshop-
19-oct-2015
– Help us shape our priorities & strategy for e2epi
– Very interested in HEAnet & client perspectives
End to End Performance Initiative (E2EPI)
39. 2. R&D initiatives
Safe share
› EncryptedVPN infrastructure between
organisations
› Providing enhanced confidentiality and
integrity per ISO27001
› Requirement to move electronic health data
securely and support research collaboration
› Working with biomedical researchers at Farr
Institute, MRC Medical Bioinformatics
initiative, ESRCAdministrative Data Centres
40. 2. R&D initiatives
Safe Share
Use cases:
› University of Oxford - to enable researchers to use home institution credentials for
authentication to request access to datasets for studies, e.g. into dementia
› HeRC, N8HPC – access between facilities using home institution credentials
› eMedLab – partners will be able to use a common AAAI to access this new system for
analysis of (for example) human genome data, medical images, clinical, psychological
and social data
› Swansea University health informatics group – investigatingAssent as an
authentication mechanism to allow use of home institution credentials
43. 2. R&D initiatives
UK e-Infrastructure Security & Access Management WG
› Working group requested by Research Councils UK
–Towards a national e-Infrastructure
–How to reuse wheels
› Chaired/facilitated by Jisc
› Members from various e-infrastructures
› Two year term: just renewed
44. 2. R&D initiatives
UK e-Infrastructure Security & Access Management WG
› Website for publications, minutes, etc.
–Also case studies, experiences, discussions, …
› Reports on various aspects of e-infrastructures
–Federated Authentication [Sep 14]
–Security [Nov 14]
–Authorisation/Group Management [May 15]
–Policies [?Dec 15]
49. 2. R&D initiatives
Janet Reach
› £4M funding from UK government to
work towards a Janet which is "open
and accessible" to industry
› Provides industry access to university
e-infrastructure facilities to facilitate
further investment in science,
engineering and technology with the
active participation of business and
industry
› Modelled on Innovate UK
competition process
50. 2. R&D initiatives
Janet Reach
› £4M funding from UK government to
work towards a Janet which is "open
and accessible" to industry
› Provides industry access to university
e-infrastructure facilities to facilitate
further investment in science,
engineering and technology with the
active participation of business and
industry
› Modelled on Innovate UK
competition process
bit.ly/jischpc
52. 3. Conclusions
29/09/2015 Janet Network R&D Innovation - HEAnet / Juniper Innovation Day
Conclusions
› Growing emphasis on what the network enables
› Sharing facilities to reduce the friction of collaboration
– And achieve operating efficiencies
› Astronomical volumes of data – LHC, SKA, 100,000 Genomes
› Joining the dots across the R&D landscape – Catapults,
industrial connectivity, industry access to e-Infrastructure
› But is the network itself a “done deal” or is there a period of further
rapid evolution to come?
53. 3. Conclusions
29/09/2015 Janet Network R&D Innovation - HEAnet / Juniper Innovation Day
Conclusions
› Growing emphasis on what the network enables
› Sharing facilities to reduce the friction of collaboration
– And achieve operating efficiencies
› Astronomical volumes of data – LHC, SKA, 100,000 Genomes
› Joining the dots across the R&D landscape – Catapults,
industrial connectivity, industry access to e-Infrastructure
› But is the network itself a “done deal” or is there a period of further
rapid evolution to come?
54. 3. Conclusions
IT == Innovation inTechnology
› Conventional wisdom: IT as a cost centre
– Is that howTesco and Amazon see it?
› Can you be replaced with a robot?
– Or an outsourcerer / shared service / SaaS / …
› What do (or can) you do that gives your
institution a unique advantage?
– May not be what you are doing now
› What do you need to learn or unlearn?
– Discuss!
29/09/2015 Janet Network R&D Innovation - HEAnet / Juniper Innovation Day
Photo credit:CC-BY-NC
Flickr user Rain Rabbit
55. 3. Conclusion
Example: AutonomousVehicles
› Capability:
– Do we have it in house?
– If not: build, buy or broker?
– New model or updated? Retrofit?
› Capacity:
– Can we do it at scale?
– How do we respond to changes in demand?
› Sector specific:
– Shift from buying cars to renting them
Photo CC BY-NC-SA Flickr user traftery
Photo credit: Google
29/09/2015 Janet Network R&D Innovation - HEAnet / Juniper Innovation Day
56. 3. Conclusions
Example: 5G communications
› From Samsung, China Mobile and Huawei:
– 50Gbit/s peak
– 1Gbit/s generally
– Speeds up to 500km/hr
– Millisecond latency
› Underpinning technology
– mmWave based?
– Massive MIMO arrays?
– Software defined networking / radios?
– New generation of backplanes?
Photo credit:CC-BY-NC
Flickr user Rain Rabbit
29/09/2015 Janet Network R&D Innovation - HEAnet / Juniper Innovation Day
57. 3. Conclusions
Example: 5G trends (projected)
› Bandwidth:
– From streaming Despicable Me 5 in 8K
– To smart sensors in street furniture
› Latency:
– From Call of Duty 12 on HS2
– To tracking your next Amazon Drone delivery
› Massification:
– From 90,000 FACupVines
– To a telepresence session with two rooms
Photo CC BY Flickr user mariusb
Photo credit: CC BY-NC Flickr user willrich
29/09/2015 Janet Network R&D Innovation - HEAnet / Juniper Innovation Day
58. That’s all folks…
Except where otherwise noted, this
work is licensed under CC-BY
Martin Hamilton
Futurist, Jisc, London
(additional material by Andrew Cormack,Tim
Chown, Rob Evans and Henry Hughes)
@martin_hamilton
martin.hamilton@jisc.ac.uk
Janet Network R&D Innovation - HEAnet / Juniper Innovation Day29/09/2015