RMCMOA Workshop Agenda - 8/11 - 8/13/15
 Share
The version of the browser you are using is no longer supported. Please upgrade to a supported browser.Dismiss

 
View only
 
 
Still loading...
ABCDEFGHIJKLMNOPQRSTUVWXYZAA
1
FULL RMACC/RMCMOA Agenda
2
8/11/2015TopicSpeakerLocationDurationAbstract
3
1:00pm - 1:30pmNSF CC*IIE Introduction
Overview of program
Statistics of proposals received
What will next solicitation look like
Kevin ThompsonWolf 20430 minutes
4
1:30pm - 2:30pmHPN for beginners/introduction
Risk and risk management
Jason ZurawskiWolf 20460 minutesAbstract: Modern research and education activities rely on high speed networks for a number of common tasks. Examples include, but are not limited to, remote communication and collaboration, scientific data curation, and at-scale experimentation. With the creation of a "fastlane" for networking in your enterprise environment comes a number of rewards for the users, and risks for the campus. This talk will introduce some of the basics of HPN, and set up some of the more advanced topics that will be discussed during the workshop.
5
3:00pm - 3:45pmHPN support to research
User engagement
Jason ZurawskiWolf 20445 minutesAbstract: Building fast networks is only the first step toward advancing innovation on a campus; working with end users is an important and necessary step to ensure that upgrades can be properly realized. This talk will introduce the concept of "Science Engagement", the process of explaining and integrating technology into the process of science for campus users.
6
3:45pm - 4:15pmIntroduction to performance measurementJason ZurawskiWolf 20430 minutesAbstract: A common barrier to network adoption within the scientific community is the perception by users that the network is "slow" or "unreliable". This may be because they are accustomed to the performance of slower networks (commercial connections), their applications and use cases are not taking full advantage of network resources, or perhaps because there are known problems on the network (e.g. packet loss) that reduce performance. Network Measurement is an important tool in the CI engineer's toolbox to validate "end-to-end" paths, and set expectations for network use. This talk will offer a high level overview, with further exploration occurring later in the workshop.
7
4:15pm - 5pmBoF to level set for the rest of the week
Get input for the next two days
Jason Zurawski, Scot Colburn, & RMCMOA TeamWolf 20445 minutes (or greater)Abstract: Community discussion on the state of CI procurement, installation, management, and support. Discuss your positive/negative feelings in this space, and help the workshop organizers level-set for the remainder of the week on topics to discuss, or avoid.
8
8/12/2015TopicSpeakerLocationDurationAbstract
9
10:15am - 10:45amWhat do you want to get out of this workshopPat BurnsWolf 30130 minutes
10
11:00am - 11:30amSecurity - don't want to be at risk - how might you do this in your network
Basic cybersecurity
ScienceDMZ still makes sense for small schools
Doesn't have to be expensive
Data Transfer Node (DTN)
Bro
Pete RuprechtWolf 30130 minutes
11
2:45pm - 3:15pmCampus Network Design - Integrating research requirements into the campus network designScot ColburnWolf 30130 minutesAbstract: Network hardware vendors push extravagant network topologies; real networks are often built with a focus on minimizing cost or maximizing utility. Altering or augmenting a network is often difficult and risky. A good network design balances usability, security, and performance. ESnet’s ScienceDMZ is a good model, but how do we implement it or adapt its tenets to our own campus?
12
3:45pm - 4:15pmXSEDE and OSGOSG - Rob Gardner - UofChicagoWolf 30130 minutes
13
XSEDE - Bruce Loftis - CU-Boulder
14
8/13/2015TopicSpeakerLocationDurationAbstract
15
8:30am - 10:30amGlobus - An Introduction to Using and Administering Globus for Research Data ManagementSteve TueckeWolf 30190 minutesOver the past four years, Globus has become a preferred service for moving and sharing research data at hundreds of campuses across the U.S. and abroad. With the recent release of data publication and discovery capabilities, Globus now provides useful tools for managing data at every stage of the research lifecycle. In the first half of this session, participants will learn about the features of the Globus service, and how to use it for delivering robust research data management services that span campus systems, national cyberinfrastructure, and public cloud resources. In the second half of this session, participants will learn how to connect your own storage systems to the Globus service. This session is designed for research computing providers and users who are new to Globus, and will help you answer questions like: How can Globus help researchers simplify the transfer, sharing, and publication of increasingly “big” data? How can a campus computing facility efficiently deliver research data management services to end users? How can such services be integrated into existing campus computing infrastructure? What issues are typically encountered in setting up data transfer nodes (e.g. security), and how should they be addressed? Note: We encourage you to also attend the later session titled “Globus New Features and Roundtable Discussion”, where we will discuss Globus in more depth with experienced Globus admins.
16
10:30am - NoonGlobus - Big Data - Globus New Features and Roundtable DiscussionSteve TueckeWolf 30190 minutesWe invite campus research computing administrators (and all Globus users) to a demonstration of new Globus features (e.g., data publication, sharing enhancements, management console), a presentation of future Globus directions, and an open roundtable discussion. We would like you to share experiences about your usage of Globus, and solicit input on new feature requests. This will be a great opportunity to meet and engage with the Globus team and other Globus users in an informal setting. Bring your toughest questions! If you're planning to attend, you may want to browse our new feature request forum (https://support.globus.org/forums/20533066) and select features that are of particular interest to consider in the discussion.
17
1:00pm - 2:30pmSecurity (Regional/Campus/Data Center)Joe Breen - Session ChairWolf 30190 minutesAbstract: Security involves a multi-layered approach. How can an entity leverage the regional, campus, and data center approaches and relationships for the best protection of the end-user, especially in the high performance computing large transfers or latency sensitive academic and research traffic?
18
Regional Level
- Use Case: What happens when machines with big bandwidth capabilities are stuck behind firewalls and traditional performance inhibiting controls?
- How can a regional help?
- Risk Management/Mitigation from a regional perspective
- Tools used
Kelly Genessy (UEN)25 minutesAbstract: The regional network can serve as a first line of defense for campuses and their respective data center environments. Developing this relationship and working closely with the regional can help in troubleshooting WAN issues and help in securing borders. Big science data and latency sensitive science or arts data may exist behind a firewall (due to compliance) or may be able to exist in a Science DMZ with specific controls. In either location, these environments can be the objects of attack. How can a regional help mitigate those attacks?

- Use Case: What happens when machines with big bandwidth capabilities are stuck behind firewalls and traditional performance inhibiting controls?
- How can a regional help?
- Risk Management/Mitigation from a regional perspective
- Tools used
19
Campus Level
- How to use security zones, including Science DMZ, to enhance holistic security posture of an institution
- Handling protected data
- FISMA/FERPA/HIPAA/PCI/etc.
- Risk Management/Mitigation
- Security Tools used
- How to secure the Science DMZ - using RTBH/uRPF/other tools
Jake Johansen - UU (VTC via Zoom)25 minutesAbstract: Multiple layers of security become finer grain within a campus. A campus deploys security zones to expose only the pertinent pieces to the internet. The Science DMZ represents a specific security zone that supports security tools applied in a manner that allows full line-rate performance and optimum low latency. Techniques such as Bro, Remotely Triggered Black Hole Routing, unicast Reverse Path Forwarding, Snort, netflow monitoring, and commercial tools such as QRadar work in both the enterprise and the Science DMZ, though in different use patterns. By deploying a Science DMZ and using the same tools in a slightly different manner, campuses can leverage expertise and utilize the Science DMZ to provide a holistic security posture that enhances the capability and nimbleness of an environment. The separation of the zones allows tight security approaches to handling protected or regulated data (FISMA/FERPA/HIPAA/PCI/etc.) and different approaches to the Science DMZ and other zones. No zone is without security. The security approach matches the security zone.
20
Data Center Level
- Handling protected data
- HIPAA/FISMA/standard cluster security in addition to the border of the Science DMZ
- VM separate
- Risk Management/Mitigation
- Tools used
Wayne Bradford - UU25 minutesAbstract: In the data center, multiple layers of security achieve an even finer granularity. How does one balance increasing compliance regulations in the multiple virtual environments, High Performance Computing environments and large server environments for science and art?

What are some of the techniques employed at the host level, network level, etc. to deploy different security zones like the Science DMZ, HIPAA, etc.?

This discussion will cover some of the risk management and mitigation in the data center and different processes employed. The discussion will also cover some of the security approaches to Science DMZ Data Transfer Nodes and other Data Transfer Nodes.
21
Panel Q&AAll15 min
22
3:00pm - 4:30pmPerformanceScot Colburn - Session ChairWolf 30190 minutesAbstract: This tutorial for network engineers will focus on how to find and find and fix performance problems. We review our tools for Flow analysis, Active Measurement, Passive Measurement, Monitoring, Change Control, Policy Enforcement, and Help Desk. We discuss some specific problems and how we used our tools to find and fix them.
23
Active Measurement, Monitoring, and morePete Siemsen
24
Flow AnalysisPaul Dial
25
Passive Measurement and Performance Dramas in Real LifeJohn Hernandez
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
Loading...
 
 
 
Sheet1