VOMS server resilience Voms.gridpp.ac.ukS.Dolgobrodov Manchester Tier2 22nd GridPP Collaboration Meeting.

Slides:

Advertisements

Similar presentations

Security Update Server Registration, Active scanning and Windows patching.

Advertisements

Clique/Trust Solution Suitable for Level 2 Grid. Trusted Host Database Remote database of IP addresses, port ranges etc. Accessible by firewall administrators.

Information Management and Technology

Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).

The Enterprise Guide to Video Conferencing Created using iThoughts [...] [...]

EMS ROMC Environment monitoring system for ROMC..

CIS 193A – Lesson9 Network Infrastructure. CIS 193A – Lesson9 Focus Question What are three high level subnets a corporate intranet will want to support?

Report of Liverpool HEP Computing during 2007 Executive Summary. Substantial and significant improvements in the local computing facilities during the.

Database Administration and Security Transparencies 1.

1 © 2004, Cisco Systems, Inc. All rights reserved. CCNA 3 v3.1 Module 6 Switch Configuration.

An Approach to Secure Cloud Computing Architectures By Y. Serge Joseph FAU security Group February 24th, 2011.

An Introduction to System Administration Chapter 1.

System and Network Security Practices COEN 351 E-Commerce Security.

1 Version 3.0 Module 8 Virtual LANs. 2 Version 3.0.

Network Security Testing Techniques Presented By:- Sachin Vador.

Cisco – Semester III Documentation. What is it most important component of a good network?  Documentation.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 6 Enterprise Security.

NETWORKS Lauren Hickman Patrick McCamy Morgan Pace Noah Ryder.

Chapter 16 AAA. AAA Components  AAA server –Authenticates users accessing a device or network –Authorizes user to perform specific activities –Performs.

Sample School Website Sydney Region ITSU School Support

Final Design and Implementation

Andrew McNab - Manchester HEP - 22 April 2002 UK Rollout and Support Plan Aim of this talk is to the answer question “As a site admin, what are the steps.

1 Network Statistic and Monitoring System Wayne State University Division of Computing and Information Technology Information Technology.

Module 13: Configuring Availability of Network Resources and Content.

Current Job Components Information Technology Department Network Systems Administration Telecommunications Database Design and Administration.

Security Middleware and VOMS service status Andrew McNab Grid Security Research Fellow University of Manchester.

Version 4.0. Objectives Describe how networks impact our daily lives. Describe the role of data networking in the human network. Identify the key components.

Web Infrastructure Team Our Services and our Hardware Owen Le Blanc.

STORING ORGANIZATIONAL INFORMATION— DATABASES CIS 429—Chapter 7.

Enterprise Computing With Aspects of Computer Architecture Jordan Harstad Technology Support Analyst Arizona State University.

 Definition  Components  Advantages  Limitations Contents  Definition Definition  Functions Functions.

Environment for Information Security n Distributed computing n Decentralization of IS function n Outsourcing.

CSU - DCE Internet Security... Privacy Overview - Fort Collins, CO Copyright © XTR Systems, LLC Setting Up & Using a Site Security Policy Instructor:

Cloud Computing & Amazon Web Services – EC2 Arpita Patel Software Engineer.

Networks. A network is formed when a group of computers are connected together. Computers in a Local Area Network (LAN) are fairly close together, generally.

Note1 (Admi1) Overview of administering security.

Information System Audit : © South-Asian Management Technologies Foundation Chapter 10 Case Study: Conducting an Information Systems Audit.

Chapter 2 Securing Network Server and User Workstations.

CLOUD COMPUTING JAZ PATERNOSTER. DEFINITION Cloud computing is the use of ‘the cloud’ as a place to save files rather than in a personal computer, allowing.

Experiment Management System CSE 423 Aaron Kloc Jordan Harstad Robert Sorensen Robert Trevino Nicolas Tjioe Status Report Presentation Industry Mentor:

University of Bristol 5th GridPP Collaboration Meeting 16/17 September, 2002Owen Maroney University of Bristol 1 Testbed Site –EDG 1.2 –LCFG GridPP Replica.

Database Systems. Role and Advantages of the DBMS Improved data sharing Improved data security Better data integration Minimized data inconsistency Improved.

Security Policy Update David Kelsey UK HEP Sysman, RAL 1 Jul 2011.

EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE Site Architecture Resource Center Deployment Considerations MIMOS EGEE Tutorial.

Rutherford Appleton Lab, UK VOBox Considerations from GridPP. GridPP DTeam Meeting. Wed Sep 13 th 2005.

The Importance of Proper Controls. 5 Network Controls Developing a secure network means developing mechanisms that reduce or eliminate the threats.

Alex Leifheit NETWORKS. NETWORK A number of interconnected computers, machines, or operations. Key Components Network components, Network Architecture,

General Concerns on WWW Security Name: Huaying Chen ID# Instructor: Dr Mort Anvari.

MICROSOFT TESTS /291/293 Fairfax County Adult Education Courses 1477/1478/1479.

IPv6 security for WLCG sites (preparing for ISGC2016 talk) David Kelsey (STFC-RAL) HEPiX IPv6 WG, CERN 22 Jan 2016.

CHAPTER - 4 COMPUTER NETWORK Dr. BALAMURUGAN MUTHURAMAN

Systems Analysis and Design in a Changing World, 6th Edition 1 Chapter 6 - Essentials of Design an the Design Activities.

Copyright 2002Cisco Press: CCNA Instructor’s Manual Year 2 - Chapter 8/Cisco 3 - Module 8 Network Management, Part 1.

© N. Ganesan, Ph.D., All rights reserved. Windows Server Installation Nanda Ganesan, Ph.D.

SQL Server 2012 Session: 1 Session: 4 SQL Azure Data Management Using Microsoft SQL Server.

VOMS chapter 1&1/2 Alessandra Forti Sergey Dolgodobrov HEP Sysman meeting 5 December 2005.

Chapter 1 : Computer Networks. Lecture 1. Introduction to computer networks: Network definition : A network is a collection of computers and other devices.

IT Audit for non-IT auditors Cornell Dover Assistant Auditor General 31 March 2013.

Staff Training Week ( June 2013) A SECURE AND USABLE COMPUTER SYSTEM FOR ADMINISTRATIVE STAFF Antonio Ruiz González Beatriz Jiménez Valverde.

Information Systems Security

Chapter 7. Identifying Assets and Activities to Be Protected

Gluondb1 (online) Resides on gluon25, own IP address

VOMS deployment for small national VOs and local groups

Chapter 27: System Security

IS4680 Security Auditing for Compliance

Peer-to-Peer Client-server.

Unit 2: Fundamentals of Computer Systems

An Introduction to System Administration

E-LEARNING SOURCES IN COMPUTER NETWORKS SECURITY

 Is a machine that is able to take information (input), do some work on (process), and to make new information (output) COMPUTER.

Presentation transcript:

VOMS server resilience Voms.gridpp.ac.ukS.Dolgobrodov Manchester Tier2 22nd GridPP Collaboration Meeting

Main vulnerable components Computer hardware Computer hardware Main power Main power Network access Network access Database Database Hosting about 20 regional Vos, more than 300 users in total PowerNet VO DBs MySQL

Hardware resilience Machine hardware Machine hardware Backup machine with alias NI device and IP address # This is /etc/sysconfig/network-scripts/ifcfg-eth0:1 DEVICE=eth0:1IPADDR= voms01.gpp.hep.man.ac.uk voms02.gpp.hep.man.ac.uk voms.gridpp.ac.uk Power supply Power supply Separate power lines for the front and backup servers Emergency power backup generator for the farm, air conditioners maintained round the clock. Loss of network Loss of network Separate switch for the front and back up servers.

Software resilience etc Data base backup Data base backup MySQL data bases (one per each VO) daily backing up on the backSecoup servers (3 replicas) keeping them mirrored. The only records under risk are those created during the day. Currently more than 300 records in 19 VOs Security Security ssh access restricted based on IP addresses ssh host keys are not used for access distinctive password from other farm nodes Human factor Human factor A second administrator with documented procedures for recovery.