October 2, 2023
NetSage is an open privacy-aware network measurement, analysis, and visualization service designed to address the needs of today's research and education networks and archives. Modern science is increasingly data-driven and collaborative in nature, producing petabytes of data that can be shared by tens to thousands of scientists all over the world. NetSage is a partnership between Indiana University, University of California Davis, Lawrence Berkeley National Laboratory, and University of Hawaii Mānoa, and is funded by the US National Science Foundation (#1540933)
NetSage was originally funded by the NSF’s international networks program to better understand the use of the funded backbone networks and exchange points. In much the same way as other large-scale NSF facilities track their end users, NetSage was created to understand the use of the networks. The XSEDE (https://www.xsede.org/) high performance computing platform tracks end users by institution, science domain, and project, as does the Open Science Grid computing consortium (https://www.opensciencegrid.org/). NCAR/UCAR (https://library.ucar.edu/) track the use of their data resources in similar ways.
The primary interest of the NetSage project is to understand and visualize large data flows associated with research, education, and science projects. The data that is collected from the Partner Hosting Sites, generally operators of regional networks. The data is de-identified and used to understand the data transfer behaviors for large flows shared between research and education institutions.
II. Scope of this Policy
This policy identifies:
The information NetSage collects about data transferred by its infrastructure;
The ways in which this information may be used and disclosed to third parties; and
The security measures adopted to prevent unauthorized access to this information.
III. What Information Is Collected?
NetSage captures and collects active networking data (for example, latency and throughput from a tool such as perfSONAR) and passive network metadata (for example, SNMP and flow data). This data may consist of packet headers in addition to performance data, but will never contain payload data from flows. Data sets are de-identified before being stored. Partner Hosting Site participants may choose to release additional data unrelated to NetSage, however that data is not part of this policy.
IV. Disclosure of Data
NetSage is the steward of all the network data it collects. NetSage, at the direction of the NetSage Director, may share network data under the following circumstances:
NetSage plans to make summaries of de-identified Partner Hosting Site network traffic data public on the NetSage portal (for example, http://portal.netsage.global for the NSF-funded international networks).
Upon request, Hosting Site Owners can have access to the full, de-identified data sets for their site.
Archived data is not shared with third parties unless the Hosting Site Owner requests it.
V. How Data Is Collected, Retained, and Protected
All de-identified network data is managed under the control of NetSage project members authorized by the NetSage Director.
NetSage takes appropriate steps to protect collected network data from unauthorized access or disclosure. Additionally, NetSage employs industry standard security measures to protect against the disclosure, loss, misuse, and alteration of the information under our control.
VI. Notice for Updates and Changes to Policy
VII. Who to Contact if You Have Questions
Networking data: Active — Network data collected using tools such as perfSONAR
Networking data: Passive — Network traffic data, such as netflow or sFlow data, or data collected using passive monitoring tools such as Tstat
Partner Hosting Site Owners — Verified contact points for the Partner Sites
IX. Relevant Links