1 / 8

CEA Saclay site report Amsterdam

This report outlines the new security scheme implemented at CEA Saclay site in Amsterdam, consisting of four separate levels of network protection. The scheme includes filters for IP services and servers, restrictions on external connections, and access control to DAPNIA machines. It also covers other aspects such as AFS migration, workstation setup, and plans for a Windows Exchange 2000 project and phasing out SMTP servers. The report also mentions the use of the IN2P3 computer center and the integration of new machines from Life Science services into the DataGRID project.

bkimberly
Download Presentation

CEA Saclay site report Amsterdam

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CEA Saclay site reportAmsterdam

  2. New security scheme • four separate levels: • Departemental networks behind firewalls • « CEAnet interne » behind a central firewall • « CEAnet externe » behind a filtered router • « DataGRID » behind the first router of Saclay • New scheme for « CEAnet externe » : • Filters for each IP services and servers even for udp services above the 1024 limit … • No answer to outside ping

  3. connections • telnet and ftp services forbiden: acces through ssh only • Acces to DAPNIA machines from external world: • HEP: • 10 DELL GX 260 running Linux • 2 SUN • Nuclear physics • 2 SUN • Astrophysics • 1 SUN • « bbftp » service opened: • 2 Linux machines • VRVS local reflector soon • Each new connection must be discussed with the CEA security managers …

  4. AFS migration • Open AFS 1.2.9 soon on Linux • « dapafs01 » : IBM AIX 4.3.3 with IBM AFS 3.6: • Should be replaced soon • Third server on the « Orme des Merisiers site » ? • Usage by Astrophysics people now also • Upgrade open questions : • RPMs versus « bos install » for the server side • Binaries only or recompilations • « ext2 » file systems only • 8 gigabytes partitions

  5. Workstations • Windows: • Windows XP by default with Office XP • Windows 2000 for older machines • NICE NT services stopped • Phasing out of NT 4 domains soon • Windows Terminal Server • Linux • Red Hat (from 6.1 to 8.0) • AFS clients • Mac OS X: • No real support • AFS clients • Accepted for some experiments • 1 laptop for tests

  6. Mail • New project : • Windows Exchange 2000 • For the whole CEA community • Beginning next year ? • Phasing out of all the SMTP servers ?

  7. Computer center • We are using the IN2P3 computer center: • Three years « contract » • For HENP people but interest from: • Some Astrophysics experiments • Life Science services for DataGRID or PCRD6 new projects • Some people are using the CEA computer center located in Grenoble • FUJITSU VPP 5000/15 • COMPAQ SC 256 • There are some discussion to move this computer center to another CEA center and to change some machines …

  8. GRID • DataGRID: • 7 PCs running Linux Red Hat 6.2 and edg 1.4.x • Possible integration of new machines from the Life Science services of Saclay and Grenoble • Special sub-network • 6th framework of EU: • EGEE • HEAVEN • E-toile : french project • VTHD network • Cluster installed in Saclay • CEA Grid : new project (Saclay only for the moment).

More Related