OSG Cyber Security OSG Site Administrators workshop Indianapolis August 6-7 2009 Doug Olson LBNL Health.

Slides:



Advertisements
Similar presentations
Presented by Ben Serebin Tue, June 15, Every 2 nd Tuesday of the Month. Same Time and Place Visit for Presentation.
Advertisements

Clique/Trust Solution Suitable for Level 2 Grid. Trusted Host Database Remote database of IP addresses, port ranges etc. Accessible by firewall administrators.
Firewall Simulation Teaching Information Security Using: Visualization Tools, Case Studies, and Hands-on Exercises May 23, 2012.
Security Q&A OSG Site Administrators workshop Indianapolis August Doug Olson LBNL.
1 Ports and Services An Audit Approach ReliabilityFirst CIP Webinar Thursday, September 30, 2010 Lew Folkerth, Senior Engineer - Compliance.
OSG Area Coordinators Meeting Security Team Report Mine Altunay 05/15/2013.
Open Science Grid Use of PKI: Wishing it was easy A brief and incomplete introduction. Doug Olson, LBNL PKI Workshop, NIST 5 April 2006.
System and Network Security Practices COEN 351 E-Commerce Security.
ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.
Implementing a Secure Console Server The Cyclades Project Co-Op Summer 2003 by Robert Perriero.
Introduction to Course Content. Computer Center, CS, NCTU 2 Outline  What SA Should do.  What You can expect to learn from this course.  What attitude.
OSG Logging Architecture Update Center for Enabling Distributed Petascale Science Brian L. Tierney: LBNL.
Voyager Server Security and Monitoring Best practices and tools.
Site Security and Administration Steve Cobrin.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Damian Leibaschoff Support Escalation Engineer Microsoft Becky Ochs Program Manager Microsoft.
UK GRID Firewall Workshop Matthew J. Dovey Technical Manager Oxford e-Science Centre.
OSG Area Coordinators Meeting Security Team Report Kevin Hill 08/14/2013.
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Pakiti.
OSG Site Provide one or more of the following capabilities: – access to local computational resources using a batch queue – interactive access to local.
Honeypot and Intrusion Detection System
Eric Holtel.  Introduction  Project Description  Demonstration  Deliverables  Conclusion.
OSG Security Kevin Hill. Goals Operational Security – Identify software vulnerabilities – observing the practices of our VOs and sites, and sending alerts.
G RID M IDDLEWARE AND S ECURITY Suchandra Thapa Computation Institute University of Chicago.
Security Update Mingchao Ma HEPSYSMAN - Security 1 st July 2009.
OSG Area Coordinators Meeting Security Team Report Mine Altunay 04/3/2013.
OSG Security Review Mine Altunay December 4, 2008.
1 ECHO SSL Ordering With ECHO 9.0 Dan Pilone. 2 Agenda Introduction SSL Ordering Overview Order Fulfillment Features Provider Requirements Configuring.
IHEP Grid CA Status Report Wei F2F Meeting 8 Mar Computing Centre, IHEP,CAS,China.
OSG Area Coordinators Meeting Security Team Report Mine Altunay 8/15/2012.
Training and Dissemination Enabling Grids for E-sciencE Jinny Chien, ASGC 1 Training and Dissemination Jinny Chien Academia Sinica Grid.
Introduction to OSG Security Suchandra Thapa Computation Institute University of Chicago March 19, 20091GSAW 2009 Clemson.
OSG Area Coordinators Meeting Security Team Report Mine Altunay 6/6/2012.
Host Security Overview Onion concept of security Defense in depth How secure do you need to be? You can only reduce risk Tradeoffs - more security means:
Rob Davidson, Partner Technology Specialist Microsoft Management Servers: Using management to stay secure.
Opensciencegrid.org User Support in/and OSG Doug Olson, LBNL 2 nd EGEE/LCG Operations Workshop CNR, Bologna 25 May 2005.
The OSG and Grid Operations Center Rob Quick Open Science Grid Operations Center - Indiana University ATLAS Tier 2-Tier 3 Meeting Bloomington, Indiana.
GRID Centralized Management of the Globus grid-mapfile Carlo Rocca, INFN Catania.
Operations Activity Doug Olson, LBNL Co-chair OSG Operations OSG Council Meeting 3 May 2005, Madison, WI.
Auditing Project Architecture VERY HIGH LEVEL Tanya Levshina.
OSG Site Admin Workshop - Mar 2008Using gLExec to improve security1 OSG Site Administrators Workshop Using gLExec to improve security of Grid jobs by Alain.
OSG Area Coordinators Meeting Security Team Report Mine Altunay 4/11/2012.
Chapter 3 Pre-Incident Preparation Spring Incident Response & Computer Forensics.
OSG Area Coordinators Meeting Security Team Report Mine Altunay 02/13/2012.
OSG Storage VDT Support and Troubleshooting Concerns Tanya Levshina.
Recent lessons learned: Operational Security David Kelsey CCLRC/RAL, UK GDB Meeting, BNL, 5 Sep 2006.
26/01/2007Riccardo Brunetti OSCT Meeting1 Security at The IT-ROC Status and Plans.
Open Science Grid OSG Resource and Service Validation and WLCG SAM Interoperability Rob Quick With Content from Arvind Gopu, James Casey, Ian Neilson,
Opensciencegrid.org Operations Interfaces and Interactions Rob Quick, Indiana University July 21, 2005.
OSG PKI Transition Impact on CMS. Impact on End User After March , DOEGrids CA will stop issuing or renewing certificates. If a user is entitled.
Open Science Grid Security Activities D. Olson, LBNL OSG Deputy Security Officer For the OSG Security Team: M. Altunay, FNAL, OSG Security Officer, D.O.,
OSG Area Coordinators Meeting Security Team Report Mine Altunay 8/15/2012.
Incident Response Forensics and Review OSG Security Drill OSG Site Administrators workshop Indianapolis August Anand Padmanabhan UIUC.
Why you should care about glexec OSG Site Administrator’s Meeting Written by Igor Sfiligoi Presented by Alain Roy Hint: It’s about security.
New OSG Virtual Organization Security Training OSG Security Team.
Grid Colombia Workshop with OSG Week 2 Startup Rob Gardner University of Chicago October 26, 2009.
INFSO-RI Enabling Grids for E-sciencE Workshop WLCG Security for Grid Sites Louis Poncet System Engineer SA3 - OSCT.
Avenues International Inc.
Operations Interfaces and Interactions
Working at a Small-to-Medium Business or ISP – Chapter 8
Configuring ALSMS Remote Navigation
Chapter 6 Application Hardening
Secure Software Confidentiality Integrity Data Security Authentication
Accelerator Network Safety at PSI
Introduction:. Vendor : Cisco Certifications : Next-Generation Firewall Express Security Engineer Exam Name : Cisco ASA Express Security Exam Code :
Intro to Ethical Hacking
Intro to Ethical Hacking
Bethesda Cybersecurity Club
Adding Computational Resources to SURAgrid (the document) September 27, 2007 Mary Trauner SURA Consultant.
Presentation transcript:

OSG Cyber Security OSG Site Administrators workshop Indianapolis August Doug Olson LBNL Health

6Aug09 OSG Security 2 Agenda Welcome, introductions, agenda review (5 min) Security Risks – discussion (10 min) Site Responsibilities & Best Practices (45 min) Incident Response Forensics & Security Drill (30 min) Q&A on Tier 3 Issues (15 min) Certificate Handling (if time permits)

6Aug09 OSG Security 3 Security Risks

6Aug09 OSG Security 4 Site Responsibilities

6Aug09 OSG Security 5 Best Practices Incident Handling & Forensics (See Anand’s talk) Monitoring  discuss monitoring tools in use  monitoring ssh activity monitoring ssh activity Logging  Can you find your log files?  Do you do central log collection (syslog, syslog-ng)? Updates  How often do you do OS updates?  How often to you do VDT updates? Firewalls  Do you use firewalls? What kind? What policies?  Are you familiar with globus & condor port ranges?

6Aug09 OSG Security 6 Incident Response Forensics & Security Drill Anand will describe security drill that was run earlier this year with the Tier 1 centers and cover the forensic techniques used to locate, remove and ban a “bad user”.

6Aug09 OSG Security 7 Q&A on Tier3 issues Open discussion on questions, issues, worries, … that Tier 3 site administrators have Bring your questions!

6Aug09 OSG Security 8 Certificate Handling Managing CA certificates  vdt-update-certs vdt-control --enable vdt-update-certs vdt-control --on vdt-update-certs  vdt-ca-manage vdt-ca-manage vdt-ca-manage setupca --location local --url osg Managing CRLs  Fetch-crl Example gridadmin certificate generationgridadmin  cert-gridadmin –host your.univ.edu –service http … cert-gridadmin Setting up SMIME …

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.