2025 UEN Tech Summit

For UEN's Network Engineering team, we are using a distributed Kubernetes cluster to run our Network Performance measurement software. We'll discuss the reasoning behind our design, the implications a statewide cluster has on applications & performance, and some insights on what can be run on this kind of platform.

This presentation will be a technical discussion about some of our network monitoring & performance infrastructure. Some highlights that will be touched on: - The need to set up a distributed cluster - Pitfalls and caveats with distributed computing, as well as solutions & workarounds to these problems - Results on two years of production use - Future applications and possible strategies.

We are providing families with a number of customizable options within filtering and access. Discussion will include challenges, and successes.

Static roles and hardcoded permissions don’t meet the needs of modern education systems. This session explores how authorization engines enable dynamic, policy-based access control—improving security, flexibility, and scalability across diverse user contexts.

Access control in educational environments is more complex than ever—students, faculty, staff, and systems all interact with sensitive resources under shifting contexts and roles. Traditional models based on static roles and baked-in permissions struggle to keep up. This presentation makes the case for using an authorization engine—a dynamic, policy-based system that externalizes access decisions from your application logic. We’ll focus on Cedar, an open-source language and engine developed by AWS, designed to express fine-grained, context-aware authorization policies. Yes, your LMS comes with its own access controls—but what about the rest of your ecosystem? Authorization engines excel at unifying access policies across diverse systems, APIs, and services, ensuring consistent, auditable, and adaptable permissions. Through real-world examples and live policy demonstrations, we’ll explore how policy-based access control helps IT systems become more secure, scalable, and future-ready.

Finding a budget for CyberSecurity can be hard. Leverage your prior CAPEX expenditures to gather AI training data and uncover your adversary with cheap honeypots.

In this lab we cover some honeypot research conducted at UVU which leveraged old hardware, unused ports, and open source software to create a low-stakes honeypot designed to reveal threat actors. Turn the tables while spending little. Gather AI training data about the latest attempts on your network. In this presentation, I will cover our cybersecurity research deployment in the UVU data center, which can be easily replicated in your environment. We discuss ways to fund such a project for next to nothing. We also talk about the tissue paradigm for this type of project that leverages existing equipment and free software, "If the software breaks or the hardware fails, so what?" I share data on attacks and how that can be converted into valuable intelligence for your production network. I also discuss how you can gather information that is useful to AI. Lastly, we talk about getting your entire site blacklisted by hackers so they don't even bother messing with your network. At the end, we will answer audience questions and explore custom use case scenarios, including scenarios that may benefit you if your firewall is managed by others or if you only have internal resources and need effective trip-wires.