OSHEAN Member Services

In addition to access to commodity internet and Internet2, OSHEAN provides a varied assortment of services to its members. An introduction to each of the services currently available to members is presented here. Please contact us for more information about how your organization could utilize these services.

		Nautilus 2.0 Through Nautilus, OSHEAN provides members with a fully customizable platform, incorporating tools that provide security features such as bandwidth monitoring, packet header analysis, and intrusion detection. Newer features include Vulnerability Assessments involving Vulnerability Scanning and a detailed Vulnerability Assessment Report. Members can also add-on features for a Network Intrusion Detection System featuring modules such as Snort, nTop, Base and IPAudit. Nautilus includes the initial customization and setup by OSHEAN, email and telephone support, and member training on breach supervision. Members have the option for future enhanced support from OSHEAN. The basic subscription agreement is three (3) years, with renewal options at the conclusion of the initial term. Currently, OSHEAN is waiving all associated subscription fees, resulting in a service that is free of charge to members. Nautilus 2.0 which is now available provides several improvements to the platform. These include improved operating system and software package management, redundant hardware, and software improvements including a new and improved version of IPAudit, dubbed "Periscope." New Wireless Security Technology Rogue access points pose a threat to network security and allow unauthorized access from miles away. New emerging threats are targeting wireless protocols, such as Bluetooth and WiMax. In addition, with all of this wireless traffic comes the need to monitor the various spectrums for troubleshooting and security problems. To help your organization keep pace with the ever changing world of information security, the Nautilus platform will be extended to reach into the various mediums that exist within your network, such as 802.11 and Bluetooth wireless monitoring Our current research and development efforts are focused on this space, with the goal being to provide an extensible wireless sensor which will report back to a central Nessus server. We are working in collaboration with others in the open-source community to develop all of the necessary components and link them together. Please contact the OSHEAN Security Team for more information on Nautilus 2.0.
		Beacon Fiber Network OSHEAN provides members with access to dark fiber through Master Service Agreements held with several fiber vendors, which allows our members to receive greater bandwidth for reduced costs. For members connecting to dark fiber, the OSHEAN staff act as the project manager for installation and implementation and provide technical support. Circuits are shared whenever possible, facilitating even greater reduction in costs to our members.
		Security Training OSHEAN Network Security Training Schedule for Winter/Spring 2008 It is our intention to continue to foster the network security training program that we started in 2006 with the training we were able to offer our members as a part of our Governor's Workforce Improvement Grant. To that end, OSHEAN is pleased to present the following three network security training courses this winter/spring. These courses are SANS Institute courses presented by instructors from within the OSHEAN staff and our member institutions. Registration for these training courses can be found on the SANS Institute web site by following the links below. SEC452 IP Packet Analysis Instructor Larry Pesce from Care New England February 26th, 2008 (3.5 hour course) 9:00AM-12:30PM Course description SEC514 Advanced Network Worm and Bot Analysis - Hands On Instructor Steve Marcelino from Care New England March 25th, 2008 (1 Day Course) 9:00AM - 5:00PM Course description SEC517 Cutting-Edge Hacking Techniques - Hands On (2-day) Instructor Paul Asadoorian from OSHEAN, Inc. April 15th-16th, 2008 (2 Day) 9:00AM - 5:00PM Course Description These training events will all be held at our office 6946 Post Road Suite 402 North Kingstown, RI 02852 Directions Please feel free to contact us if you have any questions regarding these training offers or would like to suggest other courses for us to present. We look forward to having you join us! We will be hosting additional security training throughout 2008. Information will be posted here as soon as the schedule has been finalized.
		Ruckus Music Service OSHEAN has entered into an agreement with Ruckus Entertainment to provide students at any participating institution of higher education with access to free, legal music to be played on their Windows computers. Ruckus also offers access to downloadable movies and television shows while the student is on campus, for a per semester fee. Similarly, there is a per semester fee for Ruckus-To-Go, which allows the student to play the music on their MP3 player (this service is not compatible with iPods). This service is proving to be very popular with students at our member institutions of higher education.
		Video Commons OSHEAN provides video streaming and video conferencing services to members. Subscribers enjoy access to the Internet2 Commons Multipoint Control Unit (MCU) which serves to bridge multiple video conferencing units into a single call, as well as a Starbak Streaming Server and Starbak OSA (Windows Media Player streaming server). Provisioned video conferencing equipment and assistance with both setup and management of streaming events are available for members who subscribe to the Video Commons Service.
		IPICS Bryant University has conducted early field trials of a new product that allows members to utilize hand-held radios on their IP communications network. Working much like Voice over IP (VoIP) does for telephones, the Cisco IPICS product allows a user with a hand-held radio (walkie-talkie) to communicate with others who have radios or software on their computer that emulates a radio. Bryant has been successful in using this tool to integrate their radios within their Department of Public Safety, Physical Plant and Residential Life. They have also been working with the North Smithfield Fire Department to integrate communication between the fire department and Bryant's campus security when an incident on campus requires the fire department. In addition, Bryant has been able to utilize the OSHEAN backbone to connect with CCRI to test the capabilities of campus-to-campus radio interoperability over IP. Bryant has agreed to work with OSHEAN to deploy this communication tool at other campuses. OSHEAN is seeking members who want to take advantage of this advanced communication tool to help communications within their organization or with first responders with whom members interact. We feel this could be a great tool to assist our members with their disaster preparedness efforts.
		Safe Harbor Emergency Communications Service OSHEAN working through its membership in NEREN has collaborated with affiliates in Connecticut and Massachusetts to provide a service that will allow its members to utilize the NEREN network to reach a disaster preparedness communications site in Springfield, MA. Dubbed the Safe Harbor project, the plan is to house communications servers such as web servers, email servers, and perhaps VoIP servers that would allow OSHEAN members to maintain their presence on the Internet should some disaster or emergency occur at their main site. OSHEAN has established a test Wiki server that has a Web site for each member. This "mock" emergency Web site is being used by members to help facilitate discussions within their organizations about how they might want to utilize the Safe Harbor service as a tool in their disaster preparedness toolkit. OSHEAN can provide rack space, power, and Internet access to members who wish to locate a server at the Springfield facility. The Springfield site is already connected to the NEREN network, so there is no additional communications fee for OSHEAN members to reach the site. We encourage all members to take advantage of the on-going discussions that are occurring regarding disaster preparedness to benefit from the sharing of best practices among the members and outside authorities. OSHEAN stands ready as a resource for all members in helping determine what resources would best address individual member needs.
		Additional Security Services Vulnerability Scanning This service will provide members with a self-service application which will test their network from the OSHEAN core for vulnerabilities. Based on open-source technologies such as Nessus and inProtect, it will give members an understanding of the vulnerabilities within their network infrastructure, and provide recommendations for mitigating or eliminating exposures in network services. The OSHEAN security staff will continually update the database of plugins, enabling the scanner to find the latest vulnerabilities. In addition the staff will provide input on many of the database entries so that members can have the benefit of expert analysis. This service is free for all OSHEAN members. Please contact the OSHEAN Security Team for more information and account setup. Penetration Testing A penetration test is a comprehensive test of the member organization's IT infrastructure. This begins with web reconnaissance (Also referred to as intelligence gathering). These tests are the foundations for the remainder of the assessment. Online tools, such as Google are employed to browse publicly available sources in an attempt to recover data about the client's environment and operation. Wireless Penetration Testing Wireless penetration testing provides and understanding of the vulnerabilities in the organization's wireless network infrastructure. In addition a report on rogue access points, mis-configurations and the use of insecure wireless protocols is prepared. This service also includes recommendations for mitigating or eliminating exposure in the wireless network infrastructure. Web Application Testing Web application testing represents an ever-growing area of IT auditing and assessments that needs constant attention and new skills. As technology evolves in this area, and more organizations come to rely upon web technologies and associated applications to run their businesses, security is increasingly important. In order to assess these applications a specialized tool for web application vulnerability scanning will assist in finding the majority of vulnerabilities and provide a good foundation for finding more problems through manual testing. Please contact the OSHEAN Security Team to learn more about these new testing services. Security Awareness Training The Network Security Awareness half day course is offered for the individual just beginning to explore computer security. This course is designed to teach participants with limited security experience important concepts and technology that every Internet user should know. Participants in this course learn about many different threats, antivirus programs, firewalls, anti-spyware, identity theft, Phishing, how to create strong passwords and more. This course will raise their awareness and give participants the basic skills they need to protect themselves from various threats on the Internet whether at home, on the road or at work. Participants will benefit from this course if they have ever wanted to understand computer and information security or if they know they are vulnerable, but do not know how to make their computers more secure. After taking this course, they will have a basic foundation of knowledge to protect themselves and their computers including a real appreciation for computer and information security. Please contact the OSHEAN Security Team to find out when this course is being offered. SILC - Secure Internet Chat Secure Internet Live Conferencing, or SILC, is a modern conferencing protocol which provides rich conferencing and chat features with high security. SILC was designed from the ground up with security in mind, allowing people to communicate securely in a manner similar to IRC. It is extremely useful when two or more people need to communicate securely on a regular basis, or in times of emergency. SILC combines features from both of these chat protocol styles, and can be implemented as either an IRC-like system or an IM-like system. In fact, SILC does not require that a distinction is made between these two protocol styles. Some of the more advanced and security features of the protocol are new to all conferencing protocols. SILC also supports multimedia messages and can also be implemented as a video and audio conferencing system. The OSHEAN SILC server is ready and waiting for you to connect. Come join the member's room - silc.oshean.org! Jabber - Secure Instant Messaging Jabber is best known as "the Linux of instant messaging" -- an open, secure, ad-free alternative to consumer instant messaging services. Under the hood, Jabber is a set of protocols and technologies that enable any two entities on the Internet to exchange messages, presence, and other structured information in close to real time in a secure manner. All technical staff at member locations are welcome to use the OSHEAN Jabber service to communicate with each other and the OSHEAN Security Team. It is a convenient and secure way to communicate about security events, and other OSHEAN services such as Nautilus. Please email the OSHEAN Security Team for more information and account setup. DNS - Redundant Domain Name Services OSHEAN is building a fault tolerant and secure DNS architecture that members can easily take advantage of. The integration of Safe Harbor allows us to spread the DNS server architecture across three redundant and physically separate datacenters. Servers at each location can provide DNS services to the Internet, and become a backup for your own environment. Please email the OSHEAN Security Team for more information and setup.