eHealth for Technicians
Access to the Network
The connectivity service provides access to the network with a symmetric and guaranteed bidirectional capacity to the system of research networks and the Internet. The project will offer two profiles of access to the network: basic and advanced.
The basic profile, designed for schools and other entities with limited bandwidth needs, such as branch offices of research institutions, libraries and university spin-offs, provides for the creation of a fiber optic link in a single way between the site user and an aggregation sitestrong>, in turn connected to the GARP PoP. This mode will offer capacities from 100 Mbps to 1 Gbps.
The advanced profilestrong> is designed for large users of the research and education community, such as research centers and universities, characterized by high network requirements and provides for the creation of a direct fiber-optic link between the user's site and the PoP GARRstrong>. Depending on the needs of the connected site, the connections can be made in protected mode, ie by laying a pair of fibers on different routes. The capacity of the access circuits available for this type may vary, depending on the needs, from a minimum of 100Mbps up to multiples of 10Gbpsstrong>, with the possibility of easily upgrading in case of increased bandwidth requirements.
For all users of the network, the GARR NOC (Network Operations Center) service is available, which is responsible for the management and operation of the network infrastructure, handles fault management, activating new connections, collecting and publishing statistical traffic data.
Advanced users can request end-to-end connectivity services to make direct physical or virtual links between two or more locations to geographically extend their data centers or segregate specific application data and share resources transparent. These services, priced separately, can be activated and deactivated at the request of the user for periods of shorter duration than the base contract. Based on the technical requirements, there are three types of service:
- end-to-end circuit: an end-to-end interconnection service between two international sites, based on the use of the DWDM transmission network and characterized by low latency and link capacities up to 100 Gbps;
- L2-VPN: Level 2 virtual private networks built using IP / MPLS technology;
- L3-VPN: Level 3 virtual private networks built using IP / MPLS technology.
Digital identity and mobility
eduroam (Education Roaming) is a service that provides secure access to the wireless network. Users visiting roaming at an institute that joins the initiative are able to use the local wireless network (WLAN) using the same credentials (username and password) that they would use in their own institution, without the need for further formalities at the the host institution.
IDEM (IDEntity Management for federated access) aims to provide simple and secure access to online services and content between different organizations. Thanks to the federated system, users of the institutions that subscribe can access the various resources with the same credentials through a single standard authentication procedure (single sign on), without renouncing the confidentiality of personal information and the security of resources, which only the authorized persons can access. The IDEM Federation participates in eduGAIN, the interfaederation promoted by the GÉANT project, which allows to extend the benefits of single sign on federated at European and global level.
GARR Certification Service, which issues digital certificates to people (to sign and encrypt documents) and servers (to protect links and certify the veracity of a site).
Video and Voice
CERT has the task of assisting GARR users in managing IT security incidents and carrying out preventive measures necessary to reduce their risk.
SCARR allows technical contacts to perform vulnerability tests on the machines of the GARR network and obtain a detailed report on the problems encountered and possible solutions.
IP addresses, domains, DNS
GARR Mirror, about 240 TB dedicated to the distribution of the most used public software available on the net.
Through GARR-X Progress, users can use infrastructures and software in a simple, flexible and on-demand manner according to the Cloud paradigm. Access to cloud services, typically in SaaS mode, will mainly be delivered through IDEM federated identities. Some of these services, such as FileSender, are included in the access to the GARR network, while others will be charged, according to pricing models that adapt to the needs of users.
The project proposes a data storage service for research and education on distributed storage, conveyed through the new network infrastructure. The service will transparently integrate existing resources, made available by the GARR community (universities, research institutions, farms such as Re.CA.S. and CRESCO) with those implemented specifically for the project, in order to offer greater robustness and availability of storage and calculation space. The service has two profiles:
- Big Data Storage, designed for organizations and large projects;
- Personal Data Storage - GARRbox, intended for individual teachers and receptors, who can securely store and share files with their colleagues.
Filesender, a web application that allows users to easily and securely send large files to any recipient, obviating the limits usually imposed on e-mail.
IDP in the Cloud service, The IdP in the Cloud service implements a virtual Identity Provider to allow membership of the IDEM identity federation to those organizations that do not intend or are unable to implement an IDP system within the organization, or do not want to expose it directly to the Federation. Depending on the needs of the organization can be configured according to three modes:
- Full: includes IdP, LDAP server, web management interface, provided in SaaS mode in the GARR cloud;
- Replica: includes IdP, LDAP server, supplied in PaaS mode in the GARR cloud;
- Smart: includes only the IdP, provided in PaaS mode in the GARR cloud.
Support for the high availability of critical ICT services
This service, obtained by combining the Virtual Server and Big Data Storage services, allows to replicate the data and applications of institutions or individual usersstrong> (such as DNS, institutional WEB, user database, Mail Server, data backup, etc.) on the Cloud platform , ensuring high redundancystrong> thanks to a configuration without single points of failure and an overabundant sizing.