NZ Advanced Network "will draw hackers"

Von David Watson

Universities and other institutions that want to be part of New Zealand"s coming Advanced Network will need to upgrade their security and authentication infrastructure, says Nick Tate, director of AusCERT, Australia"s IT security body.

Speaking at Educause, the conference on IT in tertiary education held in Auckland this month, Tate said a security upgrade to match the network upgrade will be necessary. "When you have a large network capacity, you become a very interesting target for the hacker community."

In Australia, the establishment of the AARNet advanced network meant member institutions had to upgrade their security and other aspects of their IT as a result of the vastly increased bandwidth they had access to, says Tate, who in addition to his AusCERT role is IT services director at the University of Queensland.

"The firewalls you have for megabit networks won"t be the kind you need for gigabit networks -- it"d be sad to limit your access to the network because your firewall can"t cope."

Federated security and identity management among user institutions will also be desirable and PKI (public key infrastructure) and digital certificates may also be needed, he says.

The network will need to be optimized for multicast traffic, which most commercial networks are not, he says. Another issue the New Zealand member institutions will need to look at is potential lawsuits by copyright holders aimed at file sharing.

"Just as you become a target for hackers, you become a target for copyright holders, so you"ll need deep packet inspection to prove you"re not [sharing copyrighted material] and detect any students who are."

While advanced networks bring huge opportunities, they also bring "an interesting set of challenges", Tate says.

New Zealand"s planned advanced network has reached RFP stage and implementation manager Charles Jarvie says responses have already been received.