ESnet Measurement & Analysis Intern Felix Renken is a senior student from Technische Universität Berlin, majoring in Computer Science with a focus on Media Technologies and Signal Processing. Originally from a rural area near Hamburg in northern Germany, he moved to Berlin to pursue his college education. He arrived in Berkeley in March and will be going home in early July.
During his internship, Felix worked on developing an open-source Grafana plugin for visualizing network data that can be used in ESnet’s Stardust system, which collects precise network measurement data and allows users to retrieve information about specific equipment over a given time range. (Learn more about Stardust via this talk by Ed Balas and Andy Lake.) Felix’s plugin enables users to visualize various data collected by Stardust, revealing the relationship between pairs of data from different destinations for a single source and showcasing common attributes in nodes and links along with the option to visualize AS paths. The plugin is currently undergoing the Grafana community plugin review process; the source code is available on GitHub. It is installed on Stardust too, for anyone who wants to check it out.
During my search for interesting internship opportunities, I came across ESnet’s student program and contacted Marc Körner and Katrina Turner to get more information on the projects they supervise. I eventually applied for the “Data Visualization of Network Measurement Data” project. It encompasses the development of an open-source tool that visualizes network data in an exciting way. The opportunity of getting work experience in a research environment greatly appealed to me. And, of course, the chance to spend time in California!
What is the most exciting aspect of your field right now?
The cross-disciplinary nature of visualizing data is particularly interesting to me. It utilizes principles from design, statistics, and computer science, offering opportunities to learn from diverse perspectives.
How was Berkeley different from Berlin? What fun things did you do here?
Berkeley and Berlin are distinct in so many aspects. Berkeley is, of course, much smaller in size than Berlin, and I really enjoyed being in a city that is less hectic. People here seem more relaxed. And the fact that Berkeley is somewhat shaped by its university was also something that I’m not used to from Berlin or any other German city. Cycling here was scarier than in Berlin though. Another thing is the accessibility to the fantastic nature around Berkeley. I went hiking a lot and will definitely miss being in close proximity to beautiful trails when going back to Germany. Other fun things I did were camping and eating a lot of burritos.
Network cybersecurity must strike a delicate balance between openness and safety. ESnet has long focused more on the first, in order to facilitate scientific communication, data sharing, and collaboration. But in today’s Wild West of ransomware, phishing, and other threats, safeguarding this vital network is equally critical.
Deputy Chief Information Security Officer (CISO) Alex Withers oversees a reorganized, two-part structure for security at ESnet: the Security Engineering group, which he heads, and a new Threat & Vulnerability Management group, which Chief Security Officer Adam Slagell is leading during the search for a senior threat hunter/DOE community coordinator. For Security Engineering, among Alex’s responsibilities are overseeing ESnet’s effort to comply with the federal Zero Trust requirements — an approach to cybersecurity that goes beyond “trust but verify” and treats all networks and traffic as potential threats. Alex will be making sure that any new security policies, procedures, and architecture do not impede ESnet’s vision of enabling scientific progress that is completely unconstrained by the physical location of instruments, people, computational resources, or data.
Alex has deep experience in threat intelligence sharing, policy and compliance, and security architecture. Most recently he was the CISO and cybersecurity division manager at the National Center for Supercomputing Applications at the University of Illinois. While at NCSA, Alex oversaw groups responsible for security operations, applied cybersecurity research, cybersecurity engagement, and scientific computing in the HIPAA and Controlled Unclassified Information [CUI] space. He was a PI or co-PI on several National Science Foundation awards for projects focused on intrusion detection, threat intelligence dissemination, and capabilities-based authorization for access to scientific computing resources. Before NCSA, Alex worked for Brookhaven National Laboratory as a security and systems engineer for over 10 years.
Alex grew up in Alaska and now lives in Urbana, Illinois, where he works out of ESnet’s Champaign office with Adam and Security Engineering team members Kapil Agrawal, Michael Dophelde, and Sam Oehlert, as well as about a dozen other ESnetters. He’s an avid long-distance runner – as are his wife and two of his four children. In the last few years, Alex has completed around a dozen ultra-marathons, or “ultras,” ranging from 50 km to 100 miles – something he’s “always reluctant to tell people about because it sounds crazy.”
What brought you to ESnet?
Really it was the opportunity for growth — both to tackle new challenges in cybersecurity architecture and for me professionally, to try something new. ESnet is responsible for connecting a massive portion of the scientific computing infrastructure that supports not just this country’s scientific investments but also international collaborations. It’s growing extremely rapidly, and it’s a giant target for all sorts of reasons, whether from state-sponsored attacks or cyber criminals or anything in between. And so it looks like an immense challenge, and that’s very attractive to me.
What is the most exciting thing going on in your field right now?
There’s been a shift in how people view cybersecurity that’s making it easier for us to collaborate and innovate with users.
Traditionally, cybersecurity has had a bad reputation as being the people who say “No, you can’t do this; no, you can’t do that.” And in the research and education sector, the culture tends to be much more open, much more about getting done what has to be done, whether that’s moving data around or access to computing for scientists and their students. That culture has often bumped up against cybersecurity, which tends to want to wall things off. But cybersecurity is now much more about enabling science. As I tell people, “Listen, the funding agencies, the government, have invested billions of dollars in science and in this infrastructure that you rely on for your particle accelerator, electron microscope, whatever. And we want to protect that investment, because at the end of the day, things like cybersecurity incidents, they can disrupt your work. They can stop it dead in its tracks, and that’s money that’s lost.”
So today’s cybersecurity is about understanding how researchers use these systems and devices, how they access them through the network – and working together to make sure that we enable their use and make it available while at the same time very secure. At ESnet, we want to ensure the integrity of the data so that researchers can be productive on their computational systems and networks. That frame of approach is easier than traditional cybersecurity, which is more focused on things like confidentiality and privacy.
What book, movie, or podcast would you recommend?
A podcast I’ve been really enjoying has been “Some Work, All Play” by David Roche and Megan Roche. It’s an excellent inclusive running podcast for all runners, especially trail running, which is a hobby I enjoy.
Running ultras sounds like a little more than just a “hobby.” Tell us more about why you do it?
Well, a lot of people think of it as a very physical sort of endeavor. And I mean…that’s true, and I don’t want to downplay that, but you’d be surprised to find out that it’s not as difficult as you think it is. The real challenge is the mental challenge. It is extremely difficult mentally to go out on a trail and run for hours and hours and hours and hours. You’re really fighting against the urge to drop out and call it a day. And sometimes you’re not successful.
What’s great about it is pushing yourself up against the limits of what you can do. There are people who seriously race these things, and they win. I’m not in any danger of doing that, I assure you. For me, it’s racing against various aspects of yourself. Racing against yourself mentally. Racing against your past self. Maybe you’re going to do better on a race you’ve done before. Sometimes you’re racing against your own stomach, because you have to eat during these things—but it’s not a pleasant task to eat while you’re doing all this running!
It’s very challenging, but it’s also a lot of fun. It’s very rewarding when it works out.
ESnet software engineers Sarah Larsen, Dan Doyle, and Bruce Mah at ESnet’s High Touch demonstration booth
After a pandemic-related in-person hiatus, the Optical Fiber Communication Conference and Exhibition (OFC), sponsored by Optica, IEEE Communication Society, and IEEE Photonics Society, resumed operations with a sold-out event in March 2023 at the San Diego Convention center. More than 11,500 participants and 515 exhibitors attended this global event for optical communications and networking, including almost two dozen from ESnet. Planning & Architecture Acting Group Lead Chris Tracy led ESnet’s multifaceted involvement at OFC23, which ranged from a booth demonstrating ESnet’s High Touch project and panel discussion to helping implement OFCnet, an unconventional high-speed network connecting the show floor to a research center in Chicago.
Staffed by ESnet software engineers Bruce Mah, Sarah Larsen, and Dan Doyle, the ESnet booth presented a high-level technical overview and showed examples of data and analysis from the High-Touch system being deployed in ESnet6, the latest version of ESnet’s backbone network for supporting scientific collaborations and research around the globe. The High-Touch project uses a combination of software and programmable, off-the-shelf hardware to deliver new network services. Its first applications provide high-precision network telemetry, including summarization of network flows and capture of packet headers, which are computed from unsampled streams of packets from multiple 100GE and 400GE links. This demonstration relied heavily on the efforts of ESnet’s Infrastructure team to install and configure dozens of data collection servers across ESnet’s network footprint.
ESnet High-Touch Architecture and Design: This diagram shows the flow of packets and network measurements through ESnet’s High-Touch system, which uses a combination of programmable, off-the-shelf hardware and software to provide high-precision network telemetry.
ESnet Executive Director Inder Monga and Chris also realized that OFC2023 offered potential for demonstrating network capabilities that went beyond the exhibition floor. Prior to OFC2022, there was no high-speed, “external” network connectivity at the event suitable for data-intensive demonstrations. The conference consisted of technical talks about papers that were being published and vendor booths. At OFC2022, Optica, Lumen, CENIC, Ciena and Smart City successfully showed in a modest proof of concept that external fiber could be brought into the convention center so that a live demonstration could be run on the show floor. For OFC2023, Ciena’s office of the CTO – who was leading the OFCnet effort – approached ESnet about demonstrating high-performance networking applications as well as emerging technologies, and more broadly, bringing some networking focus into the conference.
Working with Ciena staff, ESnet Network Services Optical Network Group Lead Patrick Dorn and Network Engineers Michael Blodgett, Kate Robinson, and Nathan Miller helped build an un-regenerated 400 Gbps link between the OFC show floor in San Diego and the StarLight Data Center in Chicago. “Un-regenerated” means the signal remains solely in the optical domain, e.g. as wavelengths of light, not an electrical signal, for transcontinental distances (more than 4,600 kilometers).
Another interesting feature of this demonstration was that the ESnet team connected ESnet6’s production Infinera FlexILS line system to a Cisco NCS 1010 line system (provided by Cisco to support OFCnet), effectively bridging the purpose-built OFC exhibition network to a live, nation-scale infrastructure. In addition to the Infinera and Cisco line systems, Ciena provided the ultra-long-haul transponder equipment necessary to communicate over such distances, plus the engineering expertise – along with staff from Cisco, ESnet and CENIC – to ensure it all worked.
Using the high-speed channel ESnet established between San Diego and Chicago, researchers from Northwestern University’s International Center for Advanced Internet Research (iCAIR) could showcase data transfer applications being used to move massive scientific datasets. By helping to implement this somewhat unconventional infrastructure, the ESnet team sought to show what might someday be possible when networks can transport 400 Gigabit Ethernet over such long distances without relying on bonding two 200 Gbps wavelengths using inverse muxing.
Some of the ESnet team at OFC23
In addition to the two demonstrations, ESnet staff participated in multiple panel discussions and a bird of a feather (BoF) event at OFC23. For a panel on how high performance research networks continue to drive fundamental science and innovation, Chris Tracy and others used OFCnet and its connection to an external Research & Education network to discuss data transfer for data intensive science, detailed monitoring of science flows within the network, network security considerations in the research network environment, and applications like distributed computing that take advantage of these networks. At the BoF event, Inder presented, while Chris, ESnet staff, and other OFCnet volunteers brainstormed ideas for how OFCnet might evolve as a next-generation optical photonic network for OFC2024. One recommendation: a Sunday workshop titled: “How Can OFC with a Real-Life Testbed Accelerate Innovation in the Design and Operation of Next Generation Optical Photonic Networks?” The BoF participants believe this would provide an opportunity to invite speakers and publish papers within the context of the workshop for these kinds of networking-related topics.
Planning for next year’s iteration of OFCnet (March 24-28, 2024) has already kicked off, with ESnet once again participating in a leadership role. The goals for OFCnet24 are ambitious. The volunteer team hopes to attract attendees from different communities, such as networking science (academia and research labs); make it possible to showcase high performance networking application use cases and other emerging technologies – turning the exhibits floor as a science accelerator; and bridge the exhibit and technical programs by offering the opportunity to present advanced technical papers with live demos.
“It was great to be able to demonstrate some of the innovative services we’re delivering through the High Touch project,” said Chris. “And of course we welcome any opportunity for ESnet to participate in something such as OFCnet that advances the state of the art for networking and allows us to showcase emerging technologies on our network. Next year is going to be even more exciting.”
Marc Lyonnais (right), OFCnet chair and director of external research at Ciena, presented Planning & Architecture Acting Group Lead Chris Tracy (left) and Executive Director Inder Monga (center) with a plaque in thanks for ESnet’s OFCnet efforts
You must be logged in to post a comment.