Title : NZITF Update
An update on some NZITF work:
Threat Intelligence and the NZITF’s Threat Intelligence Sharing Platform, whilst ‘Threat Intel’ is a bit of a 'vendor buzz word' this talk will focus more on the creation of the NZITF’s platform. Plus a general update regarding NZITF’s work over the last couple of years.
Barry has been involved with NZITF since 2009 serving initially on the steering committee and then the Board (following incorporation of the society in 2011). Barry also co-founded and is on the Board of iSANZ (Information Security Awards NZ).
Barry spent a number of years in the British Army where he specialised in investigations, IT Forensics, IT Security and the protection of critical assets. In 2005 he left the Army and headed to New Zealand, initially working in the private sector as a security consultant and then as a security specialist for a global engineering firm. Following this, Barry spent a few years working for the New Zealand Government Communications Security Bureau (GCSB), filling the role of Operations Lead for the Centre for Critical Infrastructure Protection (CCIP) and later the Head of Consultancy Services at National Cyber Security Centre (NCSC). Barry joined the .nz Domain Name Commission as the Manager, Security Policy in October 2012.
Title : Networking the Pacific Islands
When is it faster to hop on a satellite link than it is to take a subsea fibre route? When is sneaker-net faster faster than ftp between two networks in the same town? Answer to both: when you're a small island in the South Pacific. Take the lowest population density on earth, add a gaggle of governments, a handful of cables, and more satellites than you can shake a stick at, and you've got some interesting problems. This talk will cover developments in Pacific connectivity since the launch of Southern Cross Cable through band new subsea fibre cables, satellite networks, and Internet Exchanges, and will take a look at where things might go given projects underway today.
Jonathan began his Internet career working for an ISP in Lawrence, Kansas in 1995. He installed his first 802.11 hotspot in 1998, and has been hooked on wireless ever since.
After moving to New Zealand in 2003, Jonathan founded and built an open access wireless and microwave carrier used by most of the country's telecommunications carriers. He gained experience in radio engineering, telecommunications infrastructure, carrier Ethernet services, and end-to-end performance monitoring while building and managing a contiguous network of 400+ links around the country. He installed New Zealand's first gigabit capacity radio links, in the 23, 60, and 80GHz frequency bands, and helped shape the national policy around use of millimetre wave spectrum for broadband.
Since 2011 Jonathan has been a consulting engineer to a wide range of organisations in New Zealand.
Title: Country-level topology map using RIPE Atlas, NZ-edition
Using the RIPE Atlas probes located on a country, and a crafted list of destinations "within" the country, we generate a large number of ICMP Paris traceroutes, from which we derived the BGP adjacencies that together make a "network map". The visualization is interactive and allows discovery by the user.
Sebastian Castro is Technical Research Manager at NZRS, with an interest on DNS, Internet measurements, visualization and machine learning.
Title : SmartOps
Through the eyes of a WiSP in taking DevOps and network automation practices to the next level by creating smart operations through the integration of business process, network & systems engineering and automation.
Title : GPON: How is it going?
In July 2014, Ultrafast fibre launched its first product with 1 Gbps downstream bandwidth and in October 2016, it expanded the product range with higher upstream products. This presentation will discuss the performance of the GPON technology within the UFF network and the impact that the release of the 1 Gbps has had on the bandwidth consumption. Specifically the utilisation of specific GPON segments will be reviewed against the profile of End Users on those segments.
An introduction to future higher speed GPON technologies will be provided which will be developed into an architecture of how they may be deployed within a UFB network and what products could be developed using that technology.
The presentation will finish with a brief look at the opportunities that NFV will provide for the OLTs.
Peter is the Chief Architect for Ultrafast Fibre where he has oversight of the technical architecture and strategy of the company including the public fibre network and the products that are offered to the retailers. His prior role within UFF was as the Engineering Manager responsible for the deployment of the layer 2 equipment during UFF’s construction phase.
His previous positions included the role of Engineering Manager for Wired Country delivering FTTH and licensed spectrum wireless solutions to rural communities, working for a ISP as the Data Networks Manager and then in the business development group of an electricity lines company where Peter managed a FTTH network and engineered the technical solution for the NZ Deaf video relay service trial.
Title : Spectrum for Broadband
Planning Analyst - Radio Spectrum Management
•2017 – 2021 Spectrum outlook. This may be released by the time NZNOG happens, for public consultation. If not soon after.
•Developments on spectrum for broadband in 915 – 928 MHz
•New frequency bands being considered for broadband wireless access in other bands
•Status of 3.5 GHz spectrum renewal and replanning.
•Finally a brief reminder to NZNOG members on compliance matters around 2.4 and 5 GHz spectrum
Peter is a spectrum planner for the New Zealand spectrum regulator (RSM) at MBIE.
His day to day work covers a broad spectrum of topics including maritime issue, RPAS (drones) and intelligent transport systems.
He has previously talked at NZNOG 14, on WLAN compliance issues.
Title : Are we DDoSed Yet
Catalyst has been working on a free software DoS detection system called Are We DDoS'd Yet. It uses some existing free software components along with a code base developed in-house to perform analysis and provide a front-end interface for operators.
Title : Twitter; Scaling a worldwide content backbone
Over the last two years, Twitter has significantly changed its product set to a much more media-rich experience. As a result, we have exponentially scaled our traffic. This has presented a significant challenge to both re-architect the fundamental design of the backbone and keep up with scale.
I will discuss the challenges, wins, and pitfalls we have experienced as we have done this, with the hope that our lessons learned may be of some value to attendees.
Title : State of the New Zealand IX
Over the last few years there have been significant changes in the peering landscape in New Zealand. I’ve also seen this from a few perspective - working for global content providers, New Zealand ISPs, a staff member at Citylink, and now a board member of IX Australia.
This market is very interesting for a number of reasons; but is in a significantly healthier state than it was a few years ago. I will discuss an international perspective on how this is panning out, and how we can attract a greater amount of content locally to New Zealand.
Tim is technical lead for Twitter’s global network organization and on the executive of the Internet Association of Australia. Prior to this, Tim spent just under a decade running ISPs and Exchanges in New Zealand.
Title : Why DANE
Geoff Huston - APNIC
While we’ve been using Certificate Authorities as the foundation stone for secure services on the Internet for many years, its evident that this is a pretty lousy foundation. There is some hope we can do better by relocating trust into a secure DNS framework using DANE, and this presentation explains the issues with CAs and the potential offerred by DANE, and the state of preparedness for this model of name-based security on New Zealand.
Geoff Huston is the Chief Scientist at APNIC, the local Regional Internet Registry. He measures stuff, writes some stuff and talks about stuff, mostly about the Internet.
Title : Cert NZ Updates
Declan Ingram is the role of Manager of Operations for CERT NZ and leads the technical side of CERT NZ’s operations. Mr Ingram has worked for over 17 years in information security, with broad experience in both incident response and security testing. In his previous roles at Datacom TSS, and Securus, and CyberTrust he has been involved in designing and implementing IT security controls and overseeing testing for security vulnerabilities in corporate networks and systems.
Declan will provide an introduction to CERT NZ, and discuss how CERT can help ISPs and service providers when it launches.
Title : Ansible and beyond
Network automation has been a hot topic over the few years in the industry. With the emergence of the tools like Ansible and added support for more vendors it has become much easier to automate routine operations .
Yet we at Vocus DevOps team and perhaps many others find it challenging to implement network automation at scale in a large multi vendor environment. During this session I will take you through our journey trying to highlight new developments and well known practices such as:
- Configurations Management Databases / Inventories
- Programing languages and libraries
- NETCONF / YANG
The session will try to follow “keep it simple stupid” approach so everyone could take something away and use it.
Title : KotahiNet's LoRaWAN network: Insights
LPWANs (Low Power Wide Area Networks) are increasingly providing complementary public wireless connectivity options to standard IoT technologies such as cellular and wifi. KotahiNet has rolled out one such network based on LoRaWAN, currently covering about half the country's population. This talk looks at this technology, the network architecture, and the lessons learned.
Bio: Vikram is founder of KotahiNet based in Wellington. The company specialises in real-time data from the physical world, aka the Internet of Things. He has previously been CEO of Mega, the Internet Party, and InternetNZ.
Title : Software Systems for Surveying Spoofing Susceptibility
University of Waikato / Caida
Despite source IP address spoofing being a known vulnerability for at least 25 years, and despite many efforts to shed light on the problem, spoofing remains a viable attack method for redirection, amplification, and anonymity. Recently, CAIDA took over stewardship of the spoofer project, with the goal of increasing the density of crowd-sourced measurement of ingress filtering, and publicly providing evidence of where remediation attention should be focused. In this talk, I will discuss the new measurement system we developed, present the public reporting website, and discuss methods to infer absence of ingress filtering.
Matthew Luckie is a Senior Lecturer at the University of Waikato and member of the WAND network research group. From 2012-2015, he was a postdoctoral scholar and then research scientist at CAIDA, UC San Diego. His research interests are in networked systems, particularly topics related to AS-level and router-level Internet topology, and behaviour of Internet protocols.
Title : SDN Southbound APIs in Netops: Exploration of BGP LS and PCEP
Network engineers are continually devising ways to make better use of the available network resources in the face of increasing demand for bandwidth by users. Border Gateway Protocol (BGP) Link State and Path Computation Element Protocol PCEP are the most popular Software Defined Networking South bound APIs after Openflow. The rapid development and interest in both protocols stem from the ease with which they can be used with existing protocols and techniques in Service Provider networks for resource optimization.
This paper is a deep dive into both protocols exploring with packet captures as well a demonstration of applications derived from both protocols that can enhance network operations. This paper uses the Linux Foundation Opendaylight SDN controller in the demonstration of these capabilities. The
SDN controller is well supported and forms the base of commercial SDN controllers from Cisco, Brocade, NEC and other vendors. The routers in the demo lab will be virtual appliances from Cisco and Juniper as they represent a fair reflection of most network operations environment.
It is the aim of this paper to stimulate discussion on intelligent and creative ways traffic engineering is being done in the community as well as schemes that are being investigated. It hopes to also show the ease with which some telemetry can be added without making forklift changes to the existing networks.
Boye Olowoyeye works at 2Degrees Christchurch Network Operations team. He has been with SNAP/2degrees for more than three years. He worked in Unleash/Solaris and was part of the team that built the MPLS network. Before coming to New Zealand, he worked in Nigeria and Kenya for MTN, Bharti Airtel, Nokia Siemens and Ericsson. He is also currently enrolled in the Masters in Information Security and Digital Forensics course in Auckland University of Technology. Boye is JNCIE-SP 2207 and holds current JNCIP-SEC, CCNP and CCDP certifications.
Title : Scaling up a WISP
Lightwire celebrated its 10th birthday earlier this year. The company started off as a commercialisation of a University project with a handful of customers and has now grown to cover the greater Waikato and Bay of Plenty regions. During this time the company has be through several periods of rapid growth, both as a result of building out its own network and purchasing another regional service provider. This talk will cover a some of the issues including business systems, site design, customer support and spectrum management that the company has had to address as the size of the operation has scaled up.
Title : TICSA Updates (NCSC)
Mike Seddon - NCSC
Abstract:TICSA came into effect in 2013 with its newly added Network Security section going live six months later in May 2014.
As the legislation turns three, now is a good time
for another NZNOG update on what this act means for network operators
and how the TICSA team have been working with network operators over the
past three years.
After almost 20 years at Telecom (Spark), Mike left the organisation in 2014 to join the newly formed TICSA team within NCSC. His telco background and passion for information security placed him well as Telecoms Security Officer and he’s now equally well placed to manage the team working with all New Zealands network operators.