The GÉANT CERT team secures the logical and physical infrastructure of the GÉANT network and all data crossing the network, responding to network security incidents and mitigating breaches, weaknesses and risks. Specifically, this relates to the prevention, detection, reporting, and mitigation of incidents targeting the GÉANT network infrastructure.
Of the potential hundreds of events detected each month, a percentage requires the GÉANT CERT team to work with CERTs (also known as CSIRTs) from among the national research and education networking (NREN) organisations, and in certain cases, international teams. This work covers investigating the incident, recommending and supporting the network integrity.
GÉANT CERT’s role includes monitoring systems for malicious events and taking proactive measures to ensure systems are not compromised. The GÉANT CERT team also assists NRENs and their associated CSIRTs to mitigate or to recover from incidents affecting the GÉANT network and/or targeting or originating from NRENs. GÉANT CERT is actively engaged in the European and international CSIRT community, which shares data and experiences, and is a member of TF-CSIRT, Trusted Introducer, and FIRST. GÉANT CERT consists of the following GÉANT teams:
- Security Team
- GÉANT Operations Centre
Furthermore, GÉANT CERT team protects the corporate assets of GÉANT and is the team responsible for incident response.
GÉANT CERT is the Computer Emergency Response Team (CERT) of GÉANT serving users of services delivered by GÉANT. The main constituents are National Research and Education Networks (NRENs) in the GÉANT Project. It deals with computer and network security incidents related to DDOS, Bots, Spamming and infrastructure vulnerabilities that involve services operated by GÉANT - for example the GÉANT Project network.
The primary constituency are NRENs and associated CERTs. Towards its constituency, the role of the GÉANT security team is to assist the NRENs and especially the associated CERTs to mitigate or to recover from the incidents affecting the GÉANT network and or targeting or originating from GÉANT NRENs.
The full RFC2350 document for GÉANT CERT is available to download.