Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Computer Networks

Deploying Grids on Campus Networks Andrew Cormack Chief Security Adviser, UKERNA

advertisement 
Deploying Grids on Campus
Networks
Andrew Cormack
Chief Security Adviser, UKERNA
A.Cormack@ukerna.ac.uk
Campus Grid workshop, NESC
©The JNT Association, 2005
World Pictures
Grid World
Research
oriented
Everyone friendly
Same rules everywhere
Common trust level
Peaceful
Campus Grid workshop, NESC
Campus Network World
Service
oriented
Good guys & bad guys
Rules vary
Internal trust frontiers
Hostile background noise
©The JNT Association, 2005
How to bring these worlds together?
Campus Grid workshop, NESC
©The JNT Association, 2005
Issues for Network Managers
How to design networks?



That provide service
That limit spread of problems
That protect systems that can’t protect themselves
Tools available



Physical design – capacity planning
Logical design – group systems with similar requirements
Control points – routers & firewalls protect and contain
Campus Grid workshop, NESC
©The JNT Association, 2005
Issues for Grid Managers
Putting research systems in a hostile environment


Must secure all software (o/s, services & apps)
Grids are designed to spread problems!
Grids need firewalls



To reduce network congestion
To reduce intensity of system/software management
To contain the spread of problems
Design Grids to be firewall-friendly


Don’t expose yourself to threats
Don’t expose others to threats
Campus Grid workshop, NESC
©The JNT Association, 2005
Issues for Everyone
How to monitor/measure Grid performance?
Grids should be doing useful work
 Grids should not be doing bad things

How to detect and respond to incidents?
Grid incidents may not be network incidents
 Network “incidents” may be Grid successes!

Campus Grid workshop, NESC
©The JNT Association, 2005
Ideas to make Campus Grids easier
Clear agreed purpose -> policies -> implementation
Standard system image(s)

Automatic updates, patches etc reduce firefighting
Recognisable (private?) network addresses

Mostly for ease of configuration, not host security
Work with, not against, network level controls
Effective incident detection & response plan

Incidents will spread fast and far in a grid
Campus Grid workshop, NESC
©The JNT Association, 2005
Collecting Best Practice
UKERNA Grid Deployment Technical Guide
General Principles
 Tools, Techniques & Resources

Appendices: Specific Package Issues
 1st Edition:
Globus pre web services, Condor
Future versions maintained and developed by
practitioners?
Campus Grid workshop, NESC
©The JNT Association, 2005
Related documents
How Do I Look Up Room Capacity & Details
How Do I Look Up Room Capacity & Details
Formal Languages for Grid and Web Services e-Science Institute 7-8 July 2003
Formal Languages for Grid and Web Services e-Science Institute 7-8 July 2003
Document10905381 10905381
Document10905381 10905381
The Four Functions of the Computer
The Four Functions of the Computer
SuperJANET5 for Science and Research David Salmon UKERNA
SuperJANET5 for Science and Research David Salmon UKERNA
Download
advertisement