Campus Network-as-a-Service (CNaaS) is a service within SUNET, providing a fully managed service for LAN/WLAN networks at university campuses. |
There are three parts to the documentation of CNaaS at SUNET:
As part of this project a network management system called CNaaS-NMS is being developed to automate the management of the campus networks, the software is open source and can be used by anyone outside of SUNET as well. The main focus areas are zero-touch provisioning, device configuration management and firmware upgrades.
Some presentations and demo videos of CNaaS-NMS can be found on the product documentation page
Source code available at Github
Initial Software Architecture document from 2019 (things might have changed since then)
In order to provide end users with an authentication mechanism CNaaS NAC was invented. It relies on freeradius (https://freeradius.org) for user authentication using 802.1X with MAB as fallback for clients not being able to use 802.1X.
Source code is available on GitHub: https://github.com/sunet/cnaas-nac
Freeradius can either be integrated towards the existing user database (LDAP, Active Directory etc) or use Postgres to store credentials. CNaaS NAC provides both an API and a web interface to handle users if Postgres is chosen for storing credentials.