Presentation is loading. Please wait.

Presentation is loading. Please wait.

Www.egi.eu EGI-InSPIRE RI-261323 EGI-InSPIRE www.egi.eu EGI-InSPIRE RI-261323 Security Monitoring Daniel Kouřil EGI-TF 2011.

Published byMalcolm Owens Modified over 8 years ago

Similar presentations

Presentation on theme: "Www.egi.eu EGI-InSPIRE RI-261323 EGI-InSPIRE www.egi.eu EGI-InSPIRE RI-261323 Security Monitoring Daniel Kouřil EGI-TF 2011."— Presentation transcript:

1 www.egi.eu EGI-InSPIRE RI-261323 EGI-InSPIRE www.egi.eu EGI-InSPIRE RI-261323 Security Monitoring Daniel Kouřil EGI-TF 2011

2 www.egi.eu EGI-InSPIRE RI-261323 Overview Nagios Pakiti Security dashboard Plans

3 www.egi.eu EGI-InSPIRE RI-261323 Pakiti Pakiti v3 prototype deployed for evaluation purposes Mainly data collection Scalable enough so far (over 11 000 reports) History kept OVAL-based evaluation under development

4 www.egi.eu EGI-InSPIRE RI-261323 Nagios Probe changes CRL Fixed compatibility with 2 hashes in CA distribution Fixed timestamp substitution algorithm Pakiti-client Updated to version 3 Torque Added more checks to avoid reporting “UNKNOWN” Migration from org.sam.sec to eu.egi.sec The probes are no longer gLite specific Added support for ARC sites

5 www.egi.eu EGI-InSPIRE RI-261323 Current coverage support Computing Element capability Monitored (681 endpoints) CE (gLite) (304 endpoints) CREAM-CE (gLite) (356 endpoints) ARC-CE (ARC) (21 endpoints) Not monitored (8 endpoints) gLite-CE (dead?) (5 endpoints) GRAM5 (globus) (1 endpoint) unicore6.TargetSystemFactory (unicore) (2 endpoints) Actual monitored entities 573 hosts 4552 services

6 www.egi.eu EGI-InSPIRE RI-261323 Nagios - plans Support for other middleware Unicore Globus Probe other capabilities (?) SE, LFC VOMS ….

7 www.egi.eu EGI-InSPIRE RI-261323 Security dashboard A pilot produced and updated according to feedback Collects results from Nagios and Pakiti and provides their visualations Further discussions planned this week

8 www.egi.eu EGI-InSPIRE RI-261323 Security dashboard - functions Access control Aauthorization based on GOC DB and EGI SSO in order that security staff access only data in their own scope (EGI / NGI or site ) Overview Visualize security problems Summarized by ngi or site Summarized also by tests With historical details provided within a chart permalinks to access directly to the desired information Possibility to create /update notepads : with a mail to Site Security Officer with a template adapted to the current problems on the site Pith the possibility to visualize the status of the related problems

9 www.egi.eu EGI-InSPIRE RI-261323 Metrics - Generate dynamically metrics with the choice of : format : table or charts ngi or site testname type of metrics : number of issues or sites possibility to save charts (csv, pdf, jpg ) Events Possibility to declare / delete events : rotation declaration, monitoring downtimes … Remaining work Extension of the notepad to tickets into RT

10 www.egi.eu EGI-InSPIRE RI-261323 Overview 10

11 www.egi.eu EGI-InSPIRE RI-261323 11 Metrics

12 www.egi.eu EGI-InSPIRE RI-261323 12 Events

13 www.egi.eu EGI-InSPIRE RI-261323 Security dashboard utilization All NGI security contact to check issues in the NGI and follow up Several goals: Cleaning up the dashboard Testing the operations procedures Defining crucial alarms Spotting false alarms, problems in probes, etc. A wiki page with pointers will be published shortly

14 www.egi.eu EGI-InSPIRE RI-261323 Discussions Site-wide monitoring SWAT – a meeting scheduled Explanation – draft at the wiki Nrpe ? Integration with operations procedures Meeting (?) GGUS access control

Download ppt "Www.egi.eu EGI-InSPIRE RI-261323 EGI-InSPIRE www.egi.eu EGI-InSPIRE RI-261323 Security Monitoring Daniel Kouřil EGI-TF 2011."

Similar presentations

Www.egi.eu EGI-InSPIRE RI-261323 EGI-InSPIRE www.egi.eu EGI-InSPIRE RI-261323 Unified Middleware Distribution (UMD): SW provisioning to EGI Mario David.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Unified Middleware Distribution (UMD): SW provisioning to EGI Mario David.
EGEE-III INFSO-RI-222667 Enabling Grids for E-sciencE www.eu-egee.org EGEE and gLite are registered trademarks Pole 3 – COD TOOLS Cyril L’Orphelin - CNRS/IN2P3.

EGEE-III INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks Pole 3 – COD TOOLS Cyril L’Orphelin - CNRS/IN2P3.
Www.egi.eu EGI-InSPIRE RI-261323 EGI-InSPIRE www.egi.eu EGI-InSPIRE RI-261323 EG recent developments T. Ferrari/EGI.eu ADC Weekly Meeting 15/05/2012 1.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EG recent developments T. Ferrari/EGI.eu ADC Weekly Meeting 15/05/
HPDC 2007 / Grid Infrastructure Monitoring System Based on Nagios Grid Infrastructure Monitoring System Based on Nagios E. Imamagic, D. Dobrenic SRCE HPDC.

HPDC 2007 / Grid Infrastructure Monitoring System Based on Nagios Grid Infrastructure Monitoring System Based on Nagios E. Imamagic, D. Dobrenic SRCE HPDC.
EGEE-II INFSO-RI-031688 Enabling Grids for E-sciencE www.eu-egee.org EGEE and gLite are registered trademarks Simply monitor a grid site with Nagios J.

EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks Simply monitor a grid site with Nagios J.
SEE-GRID-SCI SEE-GRID-SCI Operations Procedures and Tools Antun Balaz Institute of Physics Belgrade, Serbia The SEE-GRID-SCI.

SEE-GRID-SCI SEE-GRID-SCI Operations Procedures and Tools Antun Balaz Institute of Physics Belgrade, Serbia The SEE-GRID-SCI.
Nagios Demonstration Tom Wlodek SLAC Tier2 workshop 2007-11-29.

Nagios Demonstration Tom Wlodek SLAC Tier2 workshop
UK NGI Operations John Gordon 15 th May 2012. Helpdesk Ticket Workflow NGI Core Services.

UK NGI Operations John Gordon 15 th May Helpdesk Ticket Workflow NGI Core Services.
EGEE-III INFSO-RI-222667 Enabling Grids for E-sciencE www.eu-egee.org EGEE and gLite are registered trademarks GStat 2.0 Joanna Huang (ASGC) Laurence Field.

EGEE-III INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks GStat 2.0 Joanna Huang (ASGC) Laurence Field.
UK NGI Operations John Gordon 15 th May 2012. NGS continuation NGI Security Monitoring VOMS Helpdesk I am reacting to some issues highlighted by Jeremy.

UK NGI Operations John Gordon 15 th May NGS continuation NGI Security Monitoring VOMS Helpdesk I am reacting to some issues highlighted by Jeremy.
EGEE-II INFSO-RI-031688 Enabling Grids for E-sciencE www.eu-egee.org EGEE and gLite are registered trademarks Nagios for Grid Services E. Imamagic, SRCE.

EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks Nagios for Grid Services E. Imamagic, SRCE.
EGEE-III INFSO-RI-222667 Enabling Grids for E-sciencE www.eu-egee.org EGEE and gLite are registered trademarks Service Availability Monitoring – Status.

EGEE-III INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks Service Availability Monitoring – Status.
EGEE-II INFSO-RI-031688 Enabling Grids for E-sciencE www.eu-egee.org EGEE and gLite are registered trademarks Grid Site Monitoring with Nagios E. Imamagic,

EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks Grid Site Monitoring with Nagios E. Imamagic,
EGEE-III INFSO-RI-222667 Enabling Grids for E-sciencE www.eu-egee.org EGEE and gLite are registered trademarks EGEE-EGI Grid Operations Transition Maite.

EGEE-III INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks EGEE-EGI Grid Operations Transition Maite.
US LHC OSG Technology Roadmap May 4-5th, 2005 Welcome. Thank you to Deirdre for the arrangements.

US LHC OSG Technology Roadmap May 4-5th, 2005 Welcome. Thank you to Deirdre for the arrangements.
8 th CIC on Duty meeting Krakow 16-18 05/2006 Enabling Grids for E-sciencE Feedback from SEE first COD shift Emanoil Atanassov Todor Gurov.

8 th CIC on Duty meeting Krakow /2006 Enabling Grids for E-sciencE Feedback from SEE first COD shift Emanoil Atanassov Todor Gurov.
EGEE-III INFSO-RI-222667 Enabling Grids for E-sciencE www.eu-egee.org EGEE and gLite are registered trademarks Regional Dashboard Cyril L’Orphelin - CNRS/IN2P3.

EGEE-III INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks Regional Dashboard Cyril L’Orphelin - CNRS/IN2P3.
Www.egi.eu EGI-InSPIRE RI-261323 EGI-InSPIRE www.egi.eu EGI-InSPIRE RI-261323 How to integrate portals with the EGI monitoring system Dusan Vudragovic.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI How to integrate portals with the EGI monitoring system Dusan Vudragovic.
PIC port d’informació científica EGEE – EGI Transition for WLCG in Spain M. Delfino, G. Merino, PIC Spanish Tier-1 WLCG CB 13-Nov-2009.

PIC port d’informació científica EGEE – EGI Transition for WLCG in Spain M. Delfino, G. Merino, PIC Spanish Tier-1 WLCG CB 13-Nov-2009.
Www.egi.eu EGI-InSPIRE RI-261323 EGI-InSPIRE www.egi.eu EGI-InSPIRE RI-261323 Monitoring of the LHC Computing Activities Key Results from the Services.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Monitoring of the LHC Computing Activities Key Results from the Services.

Similar presentations

Ads by Google