Cisco DUO – universal multi-factor authentication

11/27/2023 |

Cisco DUO – security in subscription

 

Multi-factor authentication, also known as MFA (Multi Factor Authentication), is currently an essential element of securing access at the edge of the network, and in environments requiring an increased level of security, also internal access to networks and applications. As part of multi-factor authentication, in addition to standard data such as user and password, an additional factor generated by the system is introduced. Only by providing three correct elements, the user can be authenticated and granted access to network resources.

Upgreat Systemy Komputerowe Sp. z o. o. is an experienced Premier Partner of Cisco Systems. We will implement two-factor authentication with Cisco DUO and secure your network.


Below are the most important features of the Cisco DUO system:

  • Cisco DUO is a cloud solution, and its implementation does not require additional resources in the customer's infrastructure. It's quick and relatively easy.
  • Cisco DUO offers the following additional authentication factor options: confirmation from a mobile application, a short SMS text message, a phone call, and a hardware token.
  • Cisco DUO provides an API compliant with the SAML 2.0 standard, allowing for easy integration with any application. This allows you to authenticate access to many applications, such as: Office 365, Salesforce, Dropbox, Zoom and others.
  • Built-in integration with directory services: Active Directory and Azure AD.
  • Integration with a wide range of remote access termination solutions. Among others: Cisco FirePower, Fortinet, Sonicwall, Paloalto.
  • The list of ready-made integration platforms can be found at https://duo.com/docs
  • In Premier and Advantage versions, monitoring the security status of customer devices, operating systems and applications and verifying their compliance with policies.
  • The infrastructure for European entities is located in the AWS environment in Europe.
  • The list price is 3$ per user per month for Cisco DUO Essentials, 6$ for Advantage, and 9$ for Premier.
  • Subscription licensing.

 

Contact persons:

LunaNet – network services on the Moon

11/16/2023 |

INTRODUCTION

 

Despite skeptical voices about space exploration -> https://www.scientificamerican.com/article/why-well-never-live-in-space/ The Artemis program is a fact.

 

The official goals of the Artemis program are:

  • Astronaut landing on the moon,
  • Construction of a permanent lunar base, which will act as a starting point for future space missions, including those aimed at Mars,
  • Conducting scientific research and astronomical observations in conditions of reduced gravity and in the absence of an atmosphere,
  • Although you will not find such information on NASA's website, you cannot forget about military, geostrategic and raw material issues.

 

IN interview for Politico NASA chief Bill Nelson said: "It's a fact: we are in a space race." And about the Chinese: “And it is true that it is better to be careful that they do not reach an [important] place on the Moon under the guise of scientific research. And it is not impossible that they will say: "Stay away, we are here, this is our territory."

It is also true that a large-scale conflict on Earth will begin with the destruction of satellites in low Earth orbits (LEO) in order to limit the enemy's military capabilities, and whoever controls the Moon will have an easier time controlling the space around the Earth. The US Department of Defense declares: "Operating in space is an integral part of the way the U.S. military fights."

An important part of plans to implement geostrategic goals and the Artemis program itself is network communication, i.e. "LunaNet: A Flexible and Extensible Lunar Exploration Communication and Navigation Infrastructure". Since, as one might assume, LunaNet is also intended to have military applications, it means that a network on the Moon will be created.

 

LUNANET

 

The requirements for communication within the LunaNet network are as follows:

  • Interoperability thanks to the use of standard communication solutions,
  • Support for multiple government and private users and vendors,
  • Service delivery orientation,
  • Scalability,
  • Openness thanks to the use of widely recognized technologies,
  • Resistance to damage,
  • Security and resistance to cyber threats,
  • Possibility of using LuneNet technology on other celestial bodies.

 

 

LunaNet will provide communication between objects on the Moon itself and communication with Earth. The network infrastructure will be built based on nodal points that will be placed on the surface of the Moon, in lunar orbits and on or around the Earth.

  • The network layer topology will consist of store-and-forward nodes, which is to guarantee resistance to delays and interruptions in transmission.
  • Data will be exchanged in a multi-hop infrastructure.
  • Access to the network will be through connections to relays on the lunar surface, to relays in lunar orbits, or directly to relays on Earth.
  • The network bandwidth is to ensure the possibility of multiple simultaneous video and voice streams in HD quality.

 

 

SERVICES OFFERED BY THE LUNANET NETWORK

 

LunaNet will provide 3 basic types of services:

  • Network Services (Net) – data transfer services enabling data transfer between nodes over a single link or an end-to-end path spanning multiple nodes.
  • Positioning, Navigation and Timing (PNT) Services – position and speed determination, synchronization and time determination services. PNT also provides location services in the field of search and rescue.
  • Services for Scientific Applications (Sci) – services providing situational alerts and scientific measurements, and working for the safety and protection of people and property. Data from scientific instruments will enable further research and technology development on the Moon.

 

Network Services (Net)

 

Data transmission services will be able to be provided at various levels:

  • At the lowest layer, communication will take place using network services based on the DTN Bundle Protocol (Delay Tolerant Networking),
  • Communication in some parts of the LunaNet network may be routed via IP packets, provided that the IP protocol does not guarantee end-to-end delivery of data to all nodes in the larger network,
  • Some intermediate nodes may switch or forward data on the link or at a lower layer to ensure speed or interoperability.
 
Interoperability between directly adjacent nodes and with the standard network layer will enable the construction of the LunaNet architecture within many types of infrastructure elements, regardless of the frequency band, spacecraft type or service provider.
The entire LunaNet network will meet security requirements such as confidentiality, integrity and availability.
Currently, the basic requirement for Earth/Moon communication is 110Mbps. In 2035, it will be 950Mbps, thanks to complementing radio communication with optical communication from 2029.
 

Positioning and Navigation Services (PNT)

 
Service features:
  •  Navigation on the lunar surface,
  •  Location tracking, including search and rescue (SAR) operations
  • Time synchronization,
  • relative navigation,
  • Autonomy,
  • Time keeping and dissemination (GPS time tracking possible).

 

 

Services for scientific applications (Sci)

 

Service features:

  • The distributed infrastructure will enable the construction of an efficient network and transmission of scientific data from many sources, such as sensors and scientific instruments ("geodesy", radio astronomy),
  • Measurements of the Sun's behavior will enable early response to events that may threaten human safety. It is necessary to use soft X-ray and solar energy particle (SEP) monitoring in a heterogeneous configuration:
    • X-rays arrive from the Sun within 8 minutes of the event starting,
    • The arrival of solar energy particles (SEPs) occurs 200 minutes after the event begins.

 

SUMMARY

 

  • Implementation of the Artemis program and mission requires the use of high-quality communication infrastructure, which should be reliable, flexible and scalable. The LunaNet architecture is open and is being developed not only by NASA, but also other government agencies, international organizations, commercial partners and universities.
  • Users, both humans and robots (!), will be able to use network functionality similar to that available on Earth.
  • The DTN architecture allows infrastructure to be built in stages that do not require continuous end-to-end connectivity for all users. Moreover, the DTN-based network architecture will be fully suitable for use on Mars and other places where the speed of light delays to Earth is much faster than between the Moon and Earth.
  • Position, Navigation and Timing (PNT) services and scientific applications, space weather observation (SpWx), are critical to users of space and the lunar surface, as well as astronaut safety.
  • This architecture directly supports the Artemis program, which aims to ensure a presence on the Moon by 2028.
  • LunaNet's network architecture enables commercial, interagency (U.S. government) and international partnerships and capabilities seen on the terrestrial Internet.
  • Work on LunaNet is well advanced, both at the conceptual level and in detailed technical solutions.
  • There is close cooperation on the development of LunaNet standards between NASA and ESA (European Space Agency).

 

SOURCES

 

The study was prepared based on NASA materials: