The development of managed eduroam SP started in January 2019 under GN4-3 project, by eduroam development team in WP5. During the course of the project, the eduroam development team was working closely with NRO community and has developed the service prototype. By the end of 2020, it is planned to prepare for running service pilot and completing the PLM gate to transition to pilot. The information in this page is meant to capture all aspects of preparing for the pilot and needed for making the decision. 


What kind of pilot are we running:

It will be limited audience - up to 10 participants that we will invite and manage.

Technically we need to run this on stabile IP address. Two locations in Europe would be preffered. - for HA of the service. We can ask for 2 locations from GEANT IT 

Logging usage information: we will now how many institutions are using, we cannot know who much wifi hotspots are connected. There is possibility to collect stats for number of auths.

We want to have it as "at no additional cost" service, and NROs that want to rely on it at a greater scale and have tighter control can deploy national solutions. 

Think about global model - operators at regional level. - think about this for production.


The transition of the service to pilot generally consist of the subset of the following areas of work (the full list here is relating to production operations):

  1. Documentation preparation and signoff
  2. Test and Validation
  3. GDPR compliance checking
  4. IPR compliance checking
  5. Operational team establishment 
  6. Operational team training
  7. Support team establishment
  8. Support team training
  9. Operational deployment
  10. Service promotion


Teams/people:

NOT RELEVANT FOR PILOT

IN PROGRESS

DONE

No

Work item

Responsible

Comment

Status

Start date

End date

1Preparation of documentation 







Service Description

-Development team prepares

-SO signs off

Need to prepare high level service description

(see eduroam managed SP Service Description)

DONE Stefan Winter to review documentation from the pilot and update if needed - SW: Updated





Service policy (Terms of use, SLA)

-Development team prepares

-SO signs off

Write at the UI that this is pilot and there is no SLA guaranteed. 
do we promise something for production? 





Branding and Visibility

-Development team prepares

-SO signs off

we want to co brand it to eduroam hosted services

need to go through the branding and sites to make the changes




Operational Requirements

-Development team prepares

-SO signs off

We should document what are ops requirements for running pilot (see eduroam managed SP Operational Requirements)

 Paul Dekkers Stefan Winter to update - SW: Updated




OLA

-Development team prepares

-SO and GEANT T&I operation support/Core team sign off

not relevant for pilot (example for production later eduroam Managed IdP OLA)

 Paul Dekkers Stefan Winter have a look to existing one and try to make it eduroam Hosted services.




Operational documentation

-Development team prepares

-SM signs off, test team can validate

Tomasz and Maja through eduroam-OT are the ops team. Documentation not relevant for pilot ( example for production later Dev team prepared this in the corresponding Wiki page)





Operational processes

-Development team prepares

-SM signs off, test team can validate

not relevant

Service order is done through the UI 

Service support is the same like for eduroam supporting services.





User documentation

-Development team prepares

-SM signs off, test team can validate

For pilot -  basic instructions should be prepared (see A guide to eduroam Managed SP PILOT) (for production, see A guide to Managed SP)

DONE Stefan Winter to update - SW: Updated




User support

-Development team prepares

-SM signs off, test team can validate

We dont need anything special for pilot as we will work with a defined group of pilot participants directly






GDPR - data inventory, privacy notice, DPA

-Development team prepares

-SO and T&I service portfolio  reviews

-GDPR accountable signs off

eduroam privacy notice was updated to reflect the changes of eduroam managed SP, and was approved by GEANT DPO eduroam Privacy Notice - Changes for Managed SP 

 
DONE Marina Adomeit to check



2Test and validation





Make a test plan

Development team and Test team prepares

We dont need to do code review for the pilot, but it is a good idea to do test the code during the pilot, as preparation for production

Stefan Winter initiated the scans with Marcin Wolski . It was agreed to do the code scan in second half of 2021



DONE





3IPR compliance checking





IPR compliance

IPR accountable

Route the request through GEANT T&I operation support/Core team

White source review was done by the WP9 team

Results are available to WP9 team, WP5 lead and eduroam team and to GEANT IPR person https://app-eu.whitesourcesoftware.com/Wss/WSS.html#!product;id=78288

Based on the results, GEANT IPR has signed off the IPR compliance check. 

DONE



4GDPR compliance checkingGDPR accountable




Data inventory and mapping

Data inventory and mapping were updated

eduroam Data Mapping

eduroam Data Inventory


was done for the pilot, check the policy. same considerations as for the radius proxies Marina Adomeit 




Update the privacy notice and DPA

eduroam privacy notice was updated to reflect the changes of eduroam managed SP, and was approved by GEANT DPO eduroam Privacy Notice - Changes for Managed SP 

DONE -  check it but it shoudl have been done Marina Adomeit 




5Operational team establishment





Appoint service managerOperations accountable

It comes under the eduroam service family and existing service owner. Paul Dekkers 


DONE




Define roles, skills, manpower neededDevelopment teamproduction will be supported by the eduroam-OT and dev team

DONE




Appoint operational team members

SM

Maja and Tomasz. Paul will check if they want to continue. Srce maintains the Ops system




6Operational team training





Training the operational team

Development team prepares

eduroam-OT is trained

Not needed.

NOT RELEVANT FOR PILOT



7Support team establishment





Establish the support team

Pilot doesn't need dedicated support team - dev team will work with limited pilot participants 




8Support team training





Training of the support team

Development team prepares

eduroam-OT is trained

Not needed.




9Deployment in production





Monitoring set up

eduroam-OT

Done by SRCE. There is one monitoring port that is set up.

double check with dragan if it is in place 




Back-up and restoreeduroam-OT

done with the same tools like for cat, encrypts and sends to AWS

double check with dragan if it is in place 




VM provision


GEANT T&I operation support/Core team

Production - GEANT VM is not the most reliable. We need to add another at another place Amazon or an NREN such as SURF to be determined.  






Installation of the componentseduroam-OT

Stefan, Tomasz, Maja

Radius servers will need to be deployed in the second location. 





10Service Promotion





Web site update

Need to change the branding to the eduroam hosted service. 

Add it under eduroam tools

remove the page https://eduroam.org/eduroam-managed-idp/ and adapt it to hosted tools

TO DO 




Add the service to the partner services portfolio

check if we need this kind of granularity 





Contact the people/NRENs who took part in the infoshare to update them on service availability





Update eduroam flyer with the managed service element










Slide deck for Partner Relations SO







Article for CONNECT






Launch announcement in Tryfon's weekly email when reachedSO/Development team




Write géant blogSO/Development team




Webinar / infoshare





Promotion via the eduroam-SG, by the service managerSO





11PLM Documentation





CBA

Development team and T&I service portfolio guardians

Marina Adomeit to check if there is template 

CBA - eduroam Managed SP pilot v1.0.docx


Marina Adomeit to update for production