CERNET: Guard the campus with technology

In early 2022, when everyone thought that the epidemic was about to end, a new round of epidemic counterattacked. Under the influence of the strong infectious Omikon virus, colleges and universities have successively implemented closed management, and they have been transferred from life to learning to online.

Compared with two years ago, this round of epidemic was extremely pressured on the campus network: two years ago, most of the students were scattered at home. The stable operation of the campus network has become the key point of anti -disease in colleges and universities, which is closely linked to the victory of resistance.

Quick response, resolute action. Faced with the huge challenges brought by the epidemic, the technology of Chinese education and scientific research computer networks and operating units in the technique of using the technology of Purcell to protect the campus.

A full guarantee task

"In order to do a good job of network protection during the prevention and control of the epidemic and improve the online teaching experience, last night, this morning, Shanghai Education City Regional Network and CERNET interconnection lines have been greatly upgraded and expanded in the Xuhui Campus." On the morning of March 14th, Shanghai Transportation, Shanghai Transportation Jiang Kaida, the deputy director of the university information promotion office and the deputy director of the network information center, said on a social platform.

At that time, the epidemic in Shanghai began to be serious, and colleges and universities entered the closed management model, and most of the school activities turned into online. This makes the bandwidth pressure of the Shanghai nodes increase sharply, and the export traffic is almost full, and it must be expanded urgently.

On March 12, after receiving the CERNET main network expansion task, CERNET Shanghai node and Purcell Shanghai resolved resource, and closely cooperated with the Shanghai Education City Regional Network Management Center and the Shanghai Big Data Center Education Information Team to fight continuously. At 2 am on the 14th, a 100 G expansion was completed. The expansion operation to the greatest extent guarantees the needs of Shanghai teachers and students to visit Internet resources during the closed management of campus.

Due to the huge bandwidth pressure of online teaching, the expansion, protection and optimization of bandwidth have become a continuous action during the epidemic.

In early May, CERNET received the news: 20G of the interconnection bandwidth of Tongji University and the Shanghai area has been full, and the school's online teaching activities have been greatly affected. However, based on the multi -round expansion of Shanghai in the early stage, the current line is full, and it is difficult to chase the expansion.

After discussion, the CERNET operation team made suggestions: Open the IPV4 Over IPv6 tunnel with the next generation of Internet CERNET2 line, so that the school can access the business through CERNET2 devices to increase user bandwidth.

However, after trying to access the line, the test results are not ideal, the traffic can not exceed 1m, and the website access is unstable. After repeated testing, the problem was finally discovered, and it was properly dealt with in the first time. After the test again, the traffic successfully ran to 4G. This time the capacity expansion task effectively guaranteed the needs of Tongji University.

A new technical support

If the main network guarantee is a daily work, assisting colleges and universities to prevent and control "mining" is a new job facing CERNET in 2022.

Since March, CERNET Network Center has received technical help from many universities in governance of "mining".

The production process of virtual currency is called "mining". Because Bitcoin has rapidly appreciated in the past few years, the global "mining" activities have become more and more serious. However, the "mining" itself has a huge consumption of energy, and at the same time affects various fields such as finance. Based on this, the relevant national departments increased their governance at the end of last year and required a comprehensive sorting out and investigating the "mining" activities of virtual currencies in various fields. Beginning in March this year, my country's governance of "mining" has entered a tackling period. Among them, colleges and universities have become key governance fields due to their unique hardware foundation and user characteristics.

But how to control mining? It is still a problem for colleges and universities at the beginning of this year. Because there is no past experience, you can learn from. After receiving governance for help, CERNET compares the school's traffic records in half a year through screening data and writing procedures, and combines threat intelligence analysis, situation perception, and related traffic analysis. , Screening thousands of address segments, and finally assisting the school to manage the "mining" behavior in the school in a timely manner.

In the process of governance, the "mining" monitoring platform of Education Network plays an important role. This is a platform developed by CERNET specifically for supporting the prevention of "mining" in the field of education. The platform matches the traffic log with the ip of the mining pool to confirm the IP address with suspected mining. After artificial review, the university notice reminded by universities that may exist to assist colleges and universities to discover the processing of mining activities in a timely manner.

As of June 16, the platform has detected a total of 400 schools of IPs of more than 400 schools suspected of "mining" behavior, collected 9324 mining pool addresses, and the data was updated daily. Govern maps to provide data support for related fields.

It is better to grant people to fish. The CERNET network operation department also jointly released the "Mining Virus Self -examination and Protective Guide" with the Tsinghua University Information Technology Center, which provides practical practical methods for the disposal of mining for universities.

With the help of Cernet, preliminary results in preventing the progress of "mining" in the field of education have achieved preliminary results. It not only guarantees the network security in the education field, but also helps the country's realization of carbon peaks, carbon neutrality, and reflects the education network service education and the state of the country. Big nets.

A struggle against DDOS

In addition to the new challenge of "mining", the campus network also faces some traditional cybersecurity attacks. Among them, DDOS refuses to serve service attacks is a typical representative. Not long ago, the Beijing Health treasure system was attacked overseas during the peak use period, and the means of DDOS were used. How to assist colleges to discover and handle DDOS attacks is also the key task of Cernet. One day in April, the CERNET Network Center received a help from Chongqing: "Some universities were attacked by DDOS, resulting in users unable to access network resources normally."

DDOS refusing to service attack is a traditional attack method. For the purpose of destroying service availability, it will directly cause system or network to be unable to provide normal services. During the epidemic, the school's various tasks were highly dependent on the Internet. At this time, DDOS attacks occurred, which had a more serious impact.

After receiving the obstacle, the CERNET network operating department launched an emergency emergency plan to analyze user traffic information. It was found that this attack was except for a wide range of attacks and the attack methods were diverse. Subsequently, the response plan was urgently analyzed, helping users solve the attack in time and restored the business.

With the complexity of the current international political and economic environment, various DDOS attacks have also emerged endlessly. In order to better protect the main network and campus network, CERNET has continuously improved the traceability and evidence collection ability of DDOS attacks, and has developed multiple attack behavior analysis systems, which has played a significant role in many actual combat.

An IPv6 deployment service platform

During the epidemic, CERNET's technical support for the size deployment of college IPv6 is still conducting in an orderly manner.

In early June, the Gansu Provincial Department of Education notified the IPv6 support evaluation of the portal website of the province's education system in the first quarter of 2022. The evaluation data of the "Education System IPv6 Development Situation Situation Monitoring Platform" shows that the IPv6 construction project of the Gansu Forestry Vocational and Technical College, which is undertaken by the Gansu Branch of the Gansu Branch. Delivery.

Relying on unique technologies, CERNET and Syllars across the country are strongly supporting the IPv6 -scale deployment operations in the education field.

At the end of 2017, the two office issued the "Promoting the IPv6 Signaling Action Plan for the Internet Agreement". Subsequently, the General Office of the Ministry of Education issued a notice on implementing the IPv6 -scale deployment action plan, which clearly states that "by the end of 2020, various types of networks in the education system, and the education system, and the education system, and the education system, and the education system, and the various types of networks, and the education system, and the education system, and the various types of networks, and the education system, and the education system, and the various types of networks of the education system, and The portal and important application systems complete the upgrade and support, support IPv6 access, and the security guarantee system based on IPv6 is basically formed. "

At that time, for most universities across the country, the deployment of IPv6 was unfamiliar and full of various technical challenges. How to provide technical, research, and data support for the promotion of IPv6 scale deployment in education? Based on this, with the support of the Department of Science and Technology of the Ministry of Education and the CERNET Network Center, Purcell Network has developed the "Education System IPv6 Development Situation Monitoring Platform".

By monitoring, collection, analysis, and statistics, the IPv6 network construction, application construction and operation data of relevant units conduct dynamic monitoring and multi -dimensional real -time analysis of the development of IPv6 in the education system. On the platform, the school's IPv6 active users, IPv6 network performance, and website IPv6 support rates are clear at a glance.

In this way, on the one hand, a overall situation can be formed to help the education department understand the overall IPv6 deployment situation of the field, thereby forming a guiding policy. On the other hand, for each college, you can get the multi -dimensional situation of your own IPv6 development, thereby forming a customized IPv6 deployment map, clearing your shortcomings, and timely tracking and replenishing. The development of the platform has supported the IPv6 scale deployment of more than 3,000 units.

CERNET is the pioneer of global IPv6 research. The earliest built -in the world's first pure IPv6 main network CERNET2, and explored and developed the next generation of Internet real source address verification architecture SAVA and the two -generation network transition technology IVI. IPv6 smooth transition is of great significance.

Under the new situation, CERNET and Purcell are also responsible for a new mission. After the two office issued a document to promote the IPv6 scale deployment operation, it was also responsible for the technical service support of the education field to transition to IPv6. Regarding any technical details of colleges and universities in the IPv6 -scale deployment, Purcell technicians across the country are followed up and resolved in a timely manner.

With the technical resources and capabilities of large nets, with their own technical experience and services. During the epidemic, CERNET people provided high -quality and timely network services for tens of millions of educational users, supported resistance and guarded the campus.

- END -