Campus Network as a Service
CNaaS
Campus Network-as-a-Service (CNaaS) is a service within SUNET, providing a fully managed service for LAN/WLAN networks at university campuses.
CNaaS Documentation
There are three parts to the documentation of CNaaS at SUNET:
- Product documentation - Documents the different products we use. For NMS and NAC documentation, see below. (Public access)
- Service documentation - Documents the SUNET specific processes. (Mixed public/private access)
- Customer documentation - Documents specific details of one customer implementation (Private access)
CNaaS - NMS
As part of this project a network management system called CNaaS-NMS is being developed to automate the management of the campus networks, the software is open source and can be used by anyone outside of SUNET as well. The main focus areas are zero-touch provisioning, device configuration management and firmware upgrades.
Some presentations and demo videos of CNaaS-NMS can be found on the product documentation page
Source code available at Github
Initial Software Architecture document from 2019 (things might have changed since then)
CNaas - NAC (Network Access Control)
In order to provide end users with an authentication mechanism CNaaS NAC was invented. It relies on freeradius (https://freeradius.org) for user authentication using 802.1X with MAB as fallback for clients not being able to use 802.1X.
Source code is available on GitHub: https://github.com/sunet/cnaas-nac
Freeradius can either be integrated towards the existing user database (LDAP, Active Directory etc) or use Postgres to store credentials. CNaaS NAC provides both an API and a web interface to handle users if Postgres is chosen for storing credentials.