The Science DMZ: A Network Design Pa8ern for Data- Intensive Science
|
|
- Elisabeth Dortha Wade
- 8 years ago
- Views:
Transcription
1 The Science DMZ: A Network Design Pa8ern for Data- Intensive Science Jason Zurawski zurawski@es.net Science Engagement Engineer, ESnet Lawrence Berkeley National Laboratory KINBER Webinar March 4 th 2015
2 Overview ESnet Overview Science DMZ MoIvaIon and IntroducIon Science DMZ Architecture Network Monitoring Data Transfer Nodes & ApplicaIons Science DMZ Security User Engagement Wrap Up 2 ESnet Science Engagement (engage@es.net) - 3/3/15
3 SC Supports Research at More than 300 Institutions Across the U.S ESnet at a Glance High- speed naional network, opimized for DOE science missions: connecing 40 labs, plants and faciliies with >100 networks (naional and internaional) $32.6M in FY14, 42FTE older than commercial Internet, growing twice as fast $62M ARRA in 2009/2010 grant for 100G upgrade: Universities DOE laboratories transiion to new era of opical networking world s first 100G network at coninental scale The Office of Science supports: 27,000 Ph.D.s, graduate students, undergraduates, engineers, and technicians 26,000 users of open-access facilities 300 leading academic institutions 17 DOE laboratories 8 Culture of urgency: 4 awards in past 3 years R&D100 Award in FY13 5 out of 5 for customer saisfacion in last review Dedicated staff to support the mission of science 3 ESnet Science Engagement (engage@es.net) - 3/3/15
4 Network as Infrastructure Instrument ESnet Vision: ScienIfic progress will be completely unconstrained by the physical locaion of instruments, people, computaional resources, or data. 4 ESnet Science Engagement (engage@es.net) - 3/3/ , Energy Sciences Network
5 Overview ESnet Overview Science DMZ MoIvaIon and IntroducIon Science DMZ Architecture Network Monitoring Data Transfer Nodes & ApplicaIons Science DMZ Security User Engagement Wrap Up 5 ESnet Science Engagement (engage@es.net) - 3/3/15
6 Mo8va8on Science & Researcher are everywhere Size of school/endowment does not ma8er there is a researcher at your facility right now that is a8emping to use the network for a research acivity Networks are an essenial part of data- intensive science Connect data sources to data analysis Connect collaborators to each other Enable machine- consumable interfaces to data and analysis resources (e.g. portals), automaion, scale Performance is criical ExponenIal data growth Constant human factors (Imelines for analysis, remote users) Data movement and analysis must keep up EffecIve use of wide area (long- haul) networks by scienists has historically been difficult (the Wizard Gap ) 6 ESnet Science Engagement (engage@es.net) - 3/3/15
7 Tradi8onal Big Science 7 ESnet Science Engagement (engage@es.net) - 3/3/15
8 Big Science Now Comes in Small Packages and is happening on your campus. Guaranteed. 8 ESnet Science Engagement (engage@es.net) - 3/3/15
9 Understanding Data Trends 100PB 10PB 1PB Small collaboration scale, e.g. light and neutron sources Medium collaboration scale, e.g. HPC codes A few large collaborations have internal software and networking organizations Data Scale 100TB 10TB Large collaboration scale, e.g. LHC 1TB 100GB 10GB Collaboration Scale 9 ESnet Science Engagement (engage@es.net) - 3/3/15
10 Data Mobility in a Given Time Interval (Theore8cal) These tables available: 10 ESnet Science Engagement (engage@es.net) - 3/3/15
11 The Central Role of the Network The very structure of modern science assumes science networks exist: high performance, feature rich, global scope What is The Network anyway? The Network is the set of devices and applicaions involved in the use of a remote resource This is not about supercomputer interconnects This is about data flow from experiment to analysis, between faciliies, etc. User interfaces for The Network portal, data transfer tool, workflow engine Therefore, servers and applicaions must also be considered What is important? Ordered list: 1. Correctness 2. Consistency 3. Performance 11 ESnet Science Engagement (engage@es.net) - 3/3/15
12 TCP Ubiquitous and Fragile Networks provide connecivity between hosts how do hosts see the network? From an applicaion s perspecive, the interface to the other end is a socket CommunicaIon is between applicaions mostly over TCP TCP the fragile workhorse TCP is (for very good reasons) Imid packet loss is interpreted as congesion Packet loss in conjuncion with latency is a performance killer We can address the first, science hasn t fixed the 2 nd (yet) Like it or not, TCP is used for the vast majority of data transfer applicaions (more than 95% of ESnet traffic is TCP) 12 ESnet Science Engagement (engage@es.net) - 3/3/15
13 A small amount of packet loss makes a huge difference in TCP performance Local (LAN) With loss, high performance beyond metro distances is essentially impossible InternaIonal Metro Area Regional ConInental Measured (TCP Reno) Measured (HTCP) Theoretical (TCP Reno) Measured (no loss) 13 ESnet Science Engagement (engage@es.net) - 3/3/15
14 Lets Talk Performance "In any large system, there is always something broken. Jon Postel Modern networks are occasionally designed to be one- size- fits- most e.g. if you have ever heard the phrase converged network, the design is to facilitate CIA (ConfidenIality, Integrity, Availability) This is not bad for protecing the HVAC system from hackers. Causes of fricion/packet loss: Small buffers on the network gear and hosts Incorrect applicaion choice Packet disrupion caused by overzealous security CongesIon from herds of mice It all starts with knowing your users, and knowing your network 14 ESnet Science Engagement - 3/3/15
15 PuPng A Solu8on Together EffecIve support for TCP- based data transfer Design for correct, consistent, high- performance operaion Design for ease of troubleshooing Easy adopion (for all stakeholders) is criical Large laboratories and universiies have extensive IT deployments Small universiies/faciliies have overworked/understaffed IT departments DrasIc change is prohibiively difficult Cybersecurity defensible without compromising performance Borrow ideas from tradiional network security TradiIonal DMZ Separate enclave at network perimeter ( Demilitarized Zone ) Specific locaion for external- facing services Clean separaion from internal network Do the same thing for science Science DMZ 15 ESnet Science Engagement (engage@es.net) - 3/3/15
16 The Science DMZ Superfecta Engagement Partnerships EducaIon & ConsulIng Resources & Knowledgebase Engagement with Network Users Data Transfer Node High performance Configured for data transfer Proper tools Dedicated Systems for Data Transfer Performance TesIng & Measurement perfsonar Enables fault isolaion Verify correct operaion Widely deployed in ESnet and other networks, as well as sites and faciliies Network Architecture Science DMZ Dedicated locaion for DTN Proper security Easy to deploy - no need to redesign the whole network 16 ESnet Science Engagement (engage@es.net) - 3/3/15
17 Overview ESnet Overview Science DMZ MoIvaIon and IntroducIon Science DMZ Architecture Network Monitoring Data Transfer Nodes & ApplicaIons Science DMZ Security User Engagement Wrap Up 17 ESnet Science Engagement - 3/3/15
18 Abstract Deployment Simplest approach : add- on to exising network infrastructure All that is required is a port on the border router Small footprint, pre- producion commitment Easy to experiment with components and technologies DTN prototyping perfsonar tesing Limited scope makes security policy excepions easy Only allow traffic from partners (use ACLs) Add- on to producion infrastructure lower risk IdenIfy applicaions that are running (e.g. the DTN is not a general purpose machine it does data transfer, and data transfer only) Start with a single user/user case. If it works for them in a pilot, you can expand 18 ESnet Science Engagement (engage@es.net) - 3/3/15
19 Local And Wide Area Data Flows Border Router perfsonar Enterprise Border Router/Firewall WAN 10G 10GE perfsonar Clean, High-bandwidth WAN path 10GE Site / Campus access to Science DMZ resources Science DMZ Switch/Router 10GE Site / Campus LAN 10GE High performance Data Transfer Node with high-speed storage Per-service security policy control points perfsonar High Latency WAN Path Low Latency LAN Path 19 ESnet Science Engagement (engage@es.net) - 3/3/15
20 Non- R1 Campus This paradigm is not just for the big guys there is a lot of value for smaller insituions with a smaller number of users Can be constructed with exising hardware, or small addiions Does not need to be 100G, or even 10G. Capacity doesn t ma8er we want to eliminate fricion and packet loss The best way to do this is to isolate the important traffic from the enterprise Can be scoped to either the expected data volume of the science, or the availability of external facing resources (e.g. if the pipe to KINBER/3ROX/ MAGPI is small you don t want a single user monopolizing it) Factors: Are you comfortable with Layer 2 Networking? How rich is your cable/fiber plant? Can you create a dedicated facility for science? 20 ESnet Science Engagement (engage@es.net) - 3/3/15
21 Non- R1 Campus Fiber Rich Environment 21 ESnet Science Engagement - 3/3/15
22 Non- R1 Campus Layer 2 Switching 22 ESnet Science Engagement (engage@es.net) - 3/3/15
23 Non- R1 Campus Single Facility 23 ESnet Science Engagement - 3/3/15
24 Non- R1 Campus Every campus will be different If you are not fiber rich, other choices may be needed. If the researchers don t want to move to a dedicated facility, your opions are also limited Have discussions lay out what is possible and what is not ROI Statements: Eliminate congesion where you can the network path for the science user does not traverse the core - > be8er performance for her, and everyone else Improve the process of science the next Ime they go for an NSF/DOE/ NIST grant, they can say (with confidence) the network does what they need it to do Encourage others that are suffering in silence to seek you out. Once you have a success story, there will be others asking about it. 24 ESnet Science Engagement (engage@es.net) - 3/3/15
25 Overview ESnet Overview Science DMZ MoIvaIon and IntroducIon Science DMZ Architecture Network Monitoring Data Transfer Nodes & ApplicaIons Science DMZ Security User Engagement Wrap Up 25 ESnet Science Engagement - 3/3/15
26 Performance Monitoring Everything may funcion perfectly when it is deployed Eventually something is going to break Networks and systems are complex Bugs, mistakes, SomeImes things just break this is why we buy support contracts Must be able to find and fix problems when they occur (even if they have been that way for a long Ime) Must be able to find problems in other networks (your network may be fine, but someone else s problem can impact your users) TCP was intenionally designed to hide all transmission errors from the user: As long as the TCPs coninue to funcion properly and the internet system does not become completely pariioned, no transmission errors will affect the users. (From RFC793, 1981) 26 ESnet Science Engagement (engage@es.net) - 3/3/15
27 SoV Network Failures Hidden Problems Hard failures are well- understood Link down, system crash, sowware crash TradiIonal network/system monitoring tools designed to quickly find hard failures Sow failures result in degraded capability ConnecIvity exists Performance impacted Typically something in the path is funcioning, but not well Sow failures are hard to detect with tradiional methods No obvious single event SomeImes no indicaion at all of any errors Independent tesing is the only way to reliably find sow failures 27 ESnet Science Engagement - 3/3/15
28 Sample SoV Failures Rebooted router with full route table normal performance Gradual failure of optical line card Gb/s degrading performance repair one month 28 ESnet Science Engagement - 3/3/15
29 Tes8ng Infrastructure perfsonar perfsonar is: A widely- deployed test and measurement infrastructure ESnet, Internet2, US regional networks, internaional networks Laboratories, supercomputer centers, universiies A suite of test and measurement tools A collaboraion that builds and maintains the toolkit By installing perfsonar, a site can leverage over 1300 test servers deployed around the world perfsonar is ideal for finding sow failures Alert to existence of problems Fault isolaion VerificaIon of correct operaion Open Source, widely supported by a number of stakeholder organizaions 29 ESnet Science Engagement (engage@es.net) - 3/3/15
30 Lookup Service Directory Search: hyp://stats.es.net/servicesdirectory/ 30 ESnet Science Engagement - 3/3/15
31 perfsonar Dashboard: hyp://ps- dashboard.es.net 31 ESnet Science Engagement - 3/3/15
32 Overview ESnet Overview Science DMZ MoIvaIon and IntroducIon Science DMZ Architecture Network Monitoring Data Transfer Nodes & ApplicaIons Science DMZ Security User Engagement Wrap Up 32 ESnet Science Engagement - 3/3/15
33 Dedicated Systems Data Transfer Node The DTN is dedicated to data transfer Set up specifically for high- performance data movement System internals (BIOS, firmware, interrupts, etc.) Network stack Storage (global filesystem, Fibrechannel, local RAID, etc.) High performance tools No extraneous sowware LimitaIon of scope and funcion is powerful No conflicts with configuraion for other tasks Small applicaion set makes cybersecurity easier 33 ESnet Science Engagement - 3/3/15
34 Data Transfer Tool Comparison In addiion to the network, using the right data transfer tool is criical Data transfer test from Berkeley, CA to Argonne, IL (near Chicago). RTT = 53 ms, network capacity = 10Gbps. Tool Throughput scp: 140 Mbps HPN patched scp: 1.2 Gbps wp 1.4 Gbps GridFTP, 4 streams 5.4 Gbps GridFTP, 8 streams 6.6 Gbps Note that to get more than 1 Gbps (125 MB/s) disk to disk requires properly engineered storage (RAID, parallel filesystem, etc.) 34 ESnet Science Engagement (engage@es.net) - 3/3/15
35 Overview ESnet Overview Science DMZ MoIvaIon and IntroducIon Science DMZ Architecture Network Monitoring Data Transfer Nodes & ApplicaIons Science DMZ Security User Engagement Wrap Up 35 ESnet Science Engagement - 3/3/15
36 Science DMZ Security Goal disentangle security policy and enforcement for science flows from security for business systems RaIonale Science data traffic is simple from a security perspecive Narrow applicaion set on Science DMZ Data transfer, data streaming packages No printers, document readers, web browsers, building control systems, financial databases, staff desktops, etc. Security controls that are typically implemented to protect business resources owen cause performance problems SeparaIon allows each to be opimized 36 ESnet Science Engagement (engage@es.net) - 3/3/15
37 Performance Is A Core Requirement Core informaion security principles ConfidenIality, Integrity, Availability (CIA) Owen, CIA and risk miigaion result in poor performance In data- intensive science, performance is an addiional core mission requirement: CIA à PICA CIA principles are important, but if performance is compromised the science mission fails Not about how much security you have, but how the security is implemented Need a way to appropriately secure systems without performance compromises CollaboraIon Within The OrganizaIon All paries (users, operators, security, administraion) needs to sign off up this idea revoluionary vs. evoluionary change. Make sure everyone understands the ROI potenial. 37 ESnet Science Engagement (engage@es.net) - 3/3/15
38 Security Without Firewalls Data intensive science traffic interacts poorly with firewalls Does this mean we ignore security? NO! We must protect our systems We just need to find a way to do security that does not prevent us from geyng the science done Key point security policies and mechanisms that protect the Science DMZ should be implemented so that they do not compromise performance Traffic permi8ed by policy should not experience performance impact as a result of the applicaion of policy 38 ESnet Science Engagement (engage@es.net) - 3/3/15
39 Firewall Performance Example Observed performance, via perfsonar, through a firewall: Almost 20 Imes slower through the firewall Observed performance, via perfsonar, bypassing firewall: Huge improvement without the firewall 39 ESnet Science Engagement (engage@es.net) - 3/3/15
40 Overview ESnet Overview Science DMZ MoIvaIon and IntroducIon Science DMZ Architecture Network Monitoring Data Transfer Nodes & ApplicaIons Science DMZ Security User Engagement Wrap Up 40 ESnet Science Engagement - 3/3/15
41 Challenges to Network Adop8on Causes of performance issues are complicated for users. Lack of communicaion and collaboraion between the CIO s office and researchers on campus. Lack of IT experise within a science collaboraion or experimental facility User s performance expectaions are low ( The network is too slow, I tried it and it didn t work ). Cultural change is hard ( we ve always shipped disks! ). ScienIsts want to do science not IT support The Capability Gap 41 ESnet Science Engagement (engage@es.net) - 3/3/15
42 Bridging the Gap ImplemenIng technology is easy in the grand scheme of assising with science AdopIon of technology is different Does your cosmologist care what SDN is? Does your cosmologist want to get data from Chile each night so that they can start the next day without having to struggle with the tyranny of ineffecive data movement strategies that involve airplanes and white/brown trucks? 42 ESnet Science Engagement - 3/3/15
43 The Golden Spike We don t want ScienIsts to have to build their own networks Engineers don t have to understand what a tokomak accomplishes MeeIng in the middle is the process of science engagement: Engineering staff learning enough about the process of science to be helpful in how to adopt technology Science staff having an open mind to be8er use what is out there 43 ESnet Science Engagement (engage@es.net) - 3/3/ , Energy Sciences Network
44 Establishing Requirements h8p:// requirements/network- requirements- reviews/ The purpose of these reviews is to accurately characterize the near- term, medium- term and long- term network requirements of the science conducted by each program office. The reviews a8empt to bring about a network- centric understanding of the science process used by the researchers and scienists, to derive network requirements. We have found this to be an effecive method for determining network requirements for ESnet's customer base. 44 ESnet Science Engagement (engage@es.net) - 3/3/15
45 Overview ESnet Overview Science DMZ MoIvaIon and IntroducIon Science DMZ Architecture Network Monitoring Data Transfer Nodes & ApplicaIons On the Topic of Security User Engagement Wrap Up 45 ESnet Science Engagement - 3/3/15
46 Why Build A Science DMZ Though? What we know about scienific network use: Machine size decreasing, accuracy increasing HPC resources more widely available and potenially distributed from where the scienists are WAN networking speeds now at 100G, MAN approaching, LAN as well Value ProposiIon: If scienists can t use the network to the fullest potenial due to local policy constraints or bo8lenecks they will find a way to get their done outside of what is available. Without a Science DMZ, this stuff is all hard No one will use it. Maybe today, what about tomorrow? We don t have these demands currently. Next gen technology is always a day away 46 ESnet Science Engagement (engage@es.net) - 3/3/15
47 Wrapup The Science DMZ design pa8ern provides a flexible model for supporing high- performance data transfers and workflows Key elements: AccommodaIon of TCP Sufficient bandwidth to avoid congesion Loss- free IP service LocaIon near the site perimeter if possible Test and measurement Dedicated systems Appropriate security Support for advanced capabiliies (e.g. SDN) is much easier with a Science DMZ 47 ESnet Science Engagement (engage@es.net) - 3/3/15
48 The Science DMZ in 1 Slide Consists of four key components, all required: FricIon free network path Highly capable network devices (wire- speed, deep queues) Virtual circuit connecivity opion Security policy and enforcement specific to science workflows Located at or near site perimeter if possible Dedicated, high- performance Data Transfer Nodes (DTNs) Hardware, operaing system, libraries all opimized for transfer Includes opimized data transfer tools such as Globus Online and GridFTP Performance measurement/test node perfsonar Engagement with end users Details at h8p://fasterdata.es.net/science- dmz/ 2013 Wikipedia 48 ESnet Science Engagement (engage@es.net) - 3/3/15
49 Links ESnet fasterdata knowledge base h8p://fasterdata.es.net/ Science DMZ paper h8p:// final.pdf Science DMZ list Send mail to with the subject "subscribe esnet- sciencedmz Fasterdata Events (Workshop, Webinar, etc. announcements) Send mail to with the subject "subscribe esnet- fasterdata- events perfsonar h8p://fasterdata.es.net/performance- tesing/perfsonar/ h8p:// 49 ESnet Science Engagement - 3/3/15
50 Ask us anything: Preparing for CC- DNI Deploying perfsonar Debugging a problem A8ending a training event Designing a network 50 ESnet Science Engagement (engage@es.net) - 3/3/15
51 Thanks! Jason Zurawski Science Engagement Engineer, ESnet Lawrence Berkeley National Laboratory KINBER Webinar March 4 th 2015
The Science DMZ: A Network Design Pa8ern for Data- Intensive Science
The Science DMZ: A Network Design Pa8ern for Data- Intensive Science Jason Zurawski zurawski@es.net Science Engagement Engineer, ESnet Lawrence Berkeley National Laboratory Southern Partnership in Advanced
More informationCampus Network Design Science DMZ
Campus Network Design Science DMZ Dale Smith Network Startup Resource Center dsmith@nsrc.org The information in this document comes largely from work done by ESnet, the USA Energy Sciences Network see
More informationperfsonar Overview Jason Zurawski, ESnet zurawski@es.net Southern Partnerships for Advanced Networking November 3 rd 2015
perfsonar Overview Jason Zurawski, ESnet zurawski@es.net Southern Partnerships for Advanced Networking November 3 rd 2015 This document is a result of work by the perfsonar Project (http://www.perfsonar.net)
More informationAchieving the Science DMZ
Achieving the Science DMZ Eli Dart, Network Engineer ESnet Network Engineering Group Joint Techs, Winter 2012 Baton Rouge, LA January 22, 2012 Outline of the Day Motivation Services Overview Science DMZ
More informationFundamentals of Data Movement Hardware
Fundamentals of Data Movement Hardware Jason Zurawski ESnet Science Engagement engage@es.net CC-NIE PI Workshop April 30 th 2014 With contributions from S. Balasubramanian, G. Bell, E. Dart, M. Hester,
More informationIntroduction & Motivation
Introduction & Motivation WACREN Network Monitoring and Measurement Workshop Antoine Delvaux a.delvaux@man.poznan.pl perfsonar developer 30.09.2015 This document is a result of work by the perfsonar Project
More informationImproving Scientific Outcomes at the APS with a Science DMZ
Improving Scientific Outcomes at the APS with a Science DMZ Jason Zurawski zurawski@es.net Science Engagement Engineer, ESnet Lawrence Berkeley National Laboratory GlobusWorld 2015 April 15 th, 2015 Outline
More informationScience DMZ Security
Science DMZ Security Eli Dart, Network Engineer ESnet Network Engineering Group Joint Techs, Winter 2013 Honolulu, HI January 15, 2013 Outline Quick background Firewall issues Non-firewall security options
More informationIntroduc)on & Mo)va)on
Introduc)on & Mo)va)on This document is a result of work by the perfsonar Project (hdp://www.perfsonar.net) and is licensed under CC BY- SA 4.0 (hdps://crea)vecommons.org/licenses/by- sa/4.0/). Event Presenter,
More informationThe Science DMZ. Eli Dart, Network Engineer Joe Metzger, Network Engineer ESnet Engineering Group. LHCOPN / LHCONE meeting. Internet2, Washington DC
The Science DMZ Eli Dart, Network Engineer Joe Metzger, Network Engineer ESnet Engineering Group LHCOPN / LHCONE meeting Internet2, Washington DC June 13 2011 Overview Science Needs Data Deluge, new science
More informationOptimizing Data Management at the Advanced Light Source with a Science DMZ
Optimizing Data Management at the Advanced Light Source with a Science DMZ Eli Dart, Network Engineer ESnet Network Engineering Group GlobusWorld 2013 Argonne, Il April 17, 2013 Outline Science DMZ background
More informationData Transfer Network (TPN)
The Science DMZ: A Network Design Pa8ern for Data- Intensive Science Jason Zurawski zurawski@es.net Science Engagement Engineer, ESnet Lawrence Berkeley National Laboratory New Mexico Technology in EducaCon
More informationScience DMZs Understanding their role in high-performance data transfers
Science DMZs Understanding their role in high-performance data transfers Chris Tracy, Network Engineer Eli Dart, Network Engineer ESnet Engineering Group Overview Bulk Data Movement a common task Pieces
More informationESnet Support for WAN Data Movement
ESnet Support for WAN Data Movement Eli Dart, Network Engineer ESnet Science Engagement Group Joint Facilities User Forum on Data Intensive Computing Oakland, CA June 16, 2014 Outline ESnet overview Support
More informationThe Science DMZ and the CIO: Data Intensive Science and the Enterprise
The Science DMZ and the CIO: Data Intensive Science and the Enterprise Eli Dart & Jason Zurawski ESnet Science Engagement Lawrence Berkeley National Laboratory RMCMOA Workshop @ Westnet Conference Tempe,
More informationThe Science DMZ: Introduction & Architecture
The Science DMZ: Introduction & Architecture Eli Dart, Lauren Rotman, Brian Tierney, Jason Zurawski,, Eric Pouyoul ESnet Science Engagement Operating Innovative Networks (OIN) Berkeley, CA Februrary 27
More informationLHCONE Site Connections
LHCONE Site Connections Michael O Connor moc@es.net ESnet Network Engineering Asia Tier Center Forum on Networking Daejeon, South Korea September 23, 2015 Outline Introduction ESnet LHCONE Traffic Volumes
More informationSDN for Science Networks
SDN for Science Networks Inder Monga Eric Pouyoul, Chin Guok and Eli Dart Energy Sciences Network, Scientific Networking Division Disclaimer Two Prime Requirements 1. Data Mobility Long latencies (RTT)
More informationNUIT Tech Talk: Trends in Research Data Mobility
NUIT Tech Talk: Trends in Research Data Mobility Pascal Paschos NUIT Academic & Research Technologies, Research Computing Services Matt Wilson NUIT Cyberinfrastructure, Telecommunication and Network Services
More informationEVALUATING NETWORK BUFFER SIZE REQUIREMENTS
EVALUATING NETWORK BUFFER SIZE REQUIREMENTS for Very Large Data Transfers Michael Smitasin Lawrence Berkeley National Laboratory (LBNL) Brian Tierney Energy Sciences Network (ESnet) [ 2 ] Example Workflow
More informationAddressing research data challenges at the. University of Colorado Boulder
Addressing research data challenges at the University of Colorado Boulder Thomas Hauser Director Research Computing University of Colorado Boulder thomas.hauser@colorado.edu Research Data Challenges Research
More informationGlobus Research Data Management: Endpoint Configuration and Deployment. Steve Tuecke Vas Vasiliadis
Globus Research Data Management: Endpoint Configuration and Deployment Steve Tuecke Vas Vasiliadis Presentations and other useful information available at globusworld.org/tutorial 2 Agenda Globus Connect
More informationTier3 Network Issues. Richard Carlson May 19, 2009 rcarlson@internet2.edu
Tier3 Network Issues Richard Carlson May 19, 2009 rcarlson@internet2.edu Internet2 overview Member organization with a national backbone infrastructure Campus & Regional network members National and International
More informationNetwork performance monitoring Insight into perfsonar
Network performance monitoring Insight into perfsonar Szymon Trocha, Poznań Supercomputing and Networking Center E-infrastructure Autumn Workshops, Chisinau, Moldova 9 September 2014 Agenda! Network performance
More informationNetwork Monitoring with the perfsonar Dashboard
Network Monitoring with the perfsonar Dashboard Andy Lake Brian Tierney ESnet Advanced Network Technologies Group TIP2013 Honolulu HI January 15, 2013 Overview perfsonar overview Dashboard history and
More informationANI Network Testbed Update
ANI Network Testbed Update Brian Tierney, ESnet, Joint Techs, Columbus OH, July, 2010 ANI: Advanced Network Initiative Project Start Date: September, 2009 Funded by ARRA for 3 years Designed, built, and
More informationEnhanced Research Data Management and Publication with Globus
Enhanced Research Data Management and Publication with Globus Vas Vasiliadis Jim Pruyne Presented at OR2015 June 8, 2015 Presentations and other useful information available at globus.org/events/or2015/tutorial
More informationEngagement Strategies for Emerging Big Data Collaborations
Engagement Strategies for Emerging Big Data Collaborations Lauren Rotman, lauren@es.net ESnet Science Engagement Group Lead Lawrence Berkeley National Laboratory APAN 39 th Conference Global Collaborations
More informationEMERGING AND ENABLING GLOBAL, NATIONAL, AND REGIONAL NETWORK INFRASTRUCTURE TO SUPPORT RESEARCH & EDUCATION
EMERGING AND ENABLING GLOBAL, NATIONAL, AND REGIONAL NETWORK INFRASTRUCTURE TO SUPPORT RESEARCH & EDUCATION Dave Pokorney CTO, Director of Engineering Florida LambdaRail NOC UCF Research Computing Day
More informationThe Science DMZ: A Network Design Pattern for Data-Intensive Science
The Science DMZ: A Network Design Pattern for Data-Intensive Science Eli Dart Energy Sciences Network Lawrence Berkeley National Laboratory Berkeley, CA 94720 eddart@lbl.gov Mary Hester Energy Sciences
More informationChapter 7: Distributed Systems: Warehouse-Scale Computing. Fall 2011 Jussi Kangasharju
Chapter 7: Distributed Systems: Warehouse-Scale Computing Fall 2011 Jussi Kangasharju Chapter Outline Warehouse-scale computing overview Workloads and software infrastructure Failures and repairs Note:
More informationA Possible Approach for Big Data Access to Support Climate Science
A Possible Approach for Big Data Access to Support Climate Science Mark Foster Hugh LaMaster NASA Ames Research Center ESNet/Internet2 Focused Technical Workshop: Improving Mobility & Management for International
More informationperfsonar: End-to-End Network Performance Verification
perfsonar: End-to-End Network Performance Verification Toby Wong Sr. Network Analyst, BCNET Ian Gable Technical Manager, Canada Overview 1. IntroducGons 2. Problem Statement/Example Scenario 3. Why perfsonar?
More informationCS 91: Cloud Systems & Datacenter Networks Misc. Topics
CS 91: Cloud Systems & Datacenter Networks Misc. Topics Announcements EC2 username / passwords Lab today Spanner Enables external consistency, based on wall- clock Gme ConvenGonal Wisdom Don t use clocks
More informationGrid Computing Vs. Cloud Computing
International Journal of Information and Computation Technology. ISSN 0974-2239 Volume 3, Number 6 (2013), pp. 577-582 International Research Publications House http://www. irphouse.com /ijict.htm Grid
More informationComputer Networking Networks
Page 1 of 8 Computer Networking Networks 9.1 Local area network A local area network (LAN) is a network that connects computers and devices in a limited geographical area such as a home, school, office
More informationDeploying distributed network monitoring mesh
Deploying distributed network monitoring mesh for LHC Tier-1 and Tier-2 sites Phil DeMar, Maxim Grigoriev Fermilab Joe Metzger, Brian Tierney ESnet Martin Swany University of Delaware Jeff Boote, Eric
More informationOSG CAMPUS INFRASTRUCTURES SERIES
OSG CAMPUS INFRASTRUCTURES SERIES Methods for Network Troubleshooting in Distributed High Throughput Environments --- Webinar Shawn McKee OSG Networking / University of Michigan Physics January 25, 2013
More informationChapter 1 Instructor Version
Name Date Objectives: Instructor Version Explain how multiple networks are used in everyday life. Explain the topologies and devices used in a small to medium-sized business network. Explain the basic
More informationAgenda. Distributed System Structures. Why Distributed Systems? Motivation
Agenda Distributed System Structures CSCI 444/544 Operating Systems Fall 2008 Motivation Network structure Fundamental network services Sockets and ports Client/server model Remote Procedure Call (RPC)
More informationFlexible SDN Transport Networks With Optical Circuit Switching
Flexible SDN Transport Networks With Optical Circuit Switching Multi-Layer, Multi-Vendor, Multi-Domain SDN Transport Optimization SDN AT LIGHT SPEED TM 2015 CALIENT Technologies 1 INTRODUCTION The economic
More informationVMWARE WHITE PAPER 1
1 VMWARE WHITE PAPER Introduction This paper outlines the considerations that affect network throughput. The paper examines the applications deployed on top of a virtual infrastructure and discusses the
More informationThe Science DMZ: A network design pattern for data-intensive science 1
Scientific Programming 22 (2014) 173 185 173 DOI 10.3233/SPR-140382 IOS Press The Science DMZ: A network design pattern for data-intensive science 1 Eli Dart a,,laurenrotman a, Brian Tierney a, Mary Hester
More informationHow To Get More Bandwidth From Your Business Network
Choosing Ethernet Services IS ETHERNET THE RIGHT CHOICE FOR YOUR NETWORK? Business Ethernet Including Ethernet over Copper (EoC) and Ethernet over Digital Signal Cross-connect (EoDSx) Delivers Cost- Effective,
More informationIntegration Guide. EMC Data Domain and Silver Peak VXOA 4.4.10 Integration Guide
Integration Guide EMC Data Domain and Silver Peak VXOA 4.4.10 Integration Guide August 2013 Copyright 2013 EMC Corporation. All Rights Reserved. EMC believes the information in this publication is accurate
More informationFirewall Architecture
NEXTEP Broadband White Paper Firewall Architecture Understanding the purpose of a firewall when connecting to ADSL network services. A Nextep Broadband White Paper June 2001 Firewall Architecture WHAT
More informationResearch at LARC-USP E-Science, Cloud & Big Data Projects. Fernando Redigolo
Research at LARC-USP E-Science, Cloud & Big Data Projects Fernando Redigolo LARC USP Laboratory of Computer Architecture and Networks Department of Computer and Digital System Engineering USP University
More informationRegion 10 Videoconference Network (R10VN)
Region 10 Videoconference Network (R10VN) Network Considerations & Guidelines 1 What Causes A Poor Video Call? There are several factors that can affect a videoconference call. The two biggest culprits
More informationComputer Networks. Definition of LAN. Connection of Network. Key Points of LAN. Lecture 06 Connecting Networks
Computer Networks Lecture 06 Connecting Networks Kuang-hua Chen Department of Library and Information Science National Taiwan University Local Area Networks (LAN) 5 kilometer IEEE 802.3 Ethernet IEEE 802.4
More informationmedia network & internet access
This document explains the design principles behind the Sohonet Media Network, how it provides enhanced ISP services, and provides a single fully integrated connectivity solution. The Sohonet Media Platform
More informationOverview. Firewall Security. Perimeter Security Devices. Routers
Overview Firewall Security Chapter 8 Perimeter Security Devices H/W vs. S/W Packet Filtering vs. Stateful Inspection Firewall Topologies Firewall Rulebases Lecturer: Pei-yih Ting 1 2 Perimeter Security
More informationNetwork Management and Monitoring Software
Page 1 of 7 Network Management and Monitoring Software Many products on the market today provide analytical information to those who are responsible for the management of networked systems or what the
More informationN-CAP Users Guide Everything You Need to Know About Using the Internet! How Firewalls Work
N-CAP Users Guide Everything You Need to Know About Using the Internet! How Firewalls Work How Firewalls Work By: Jeff Tyson If you have been using the internet for any length of time, and especially if
More informationAugust 9 th 2011, OSG Site Admin Workshop Jason Zurawski Internet2 Research Liaison NDT
August 9 th 2011, OSG Site Admin Workshop Jason Zurawski Internet2 Research Liaison NDT Agenda Tutorial Agenda: Network Performance Primer Why Should We Care? (30 Mins) IntroducOon to Measurement Tools
More informationChallenges of Sending Large Files Over Public Internet
Challenges of Sending Large Files Over Public Internet CLICK TO EDIT MASTER TITLE STYLE JONATHAN SOLOMON SENIOR SALES & SYSTEM ENGINEER, ASPERA, INC. CLICK TO EDIT MASTER SUBTITLE STYLE OUTLINE Ø Setting
More information10 Gigabit Ethernet: Scaling across LAN, MAN, WAN
Arasan Chip Systems Inc. White Paper 10 Gigabit Ethernet: Scaling across LAN, MAN, WAN By Dennis McCarty March 2011 Overview Ethernet is one of the few protocols that has increased its bandwidth, while
More informationApproaches for DDoS an ISP Perspective. barry@null0.net ognian.mitev@viawest.com
Approaches for DDoS an ISP Perspective barry@null0.net ognian.mitev@viawest.com Home School How everyone starts It s all up to you It s inexpensive (compared to other forms of education) Quality may not
More informationHIGH-SPEED BRIDGE TO CLOUD STORAGE
HIGH-SPEED BRIDGE TO CLOUD STORAGE Addressing throughput bottlenecks with Signiant s SkyDrop 2 The heart of the Internet is a pulsing movement of data circulating among billions of devices worldwide between
More informationInternet Firewall CSIS 4222. Packet Filtering. Internet Firewall. Examples. Spring 2011 CSIS 4222. net15 1. Routers can implement packet filtering
Internet Firewall CSIS 4222 A combination of hardware and software that isolates an organization s internal network from the Internet at large Ch 27: Internet Routing Ch 30: Packet filtering & firewalls
More informationWHITE PAPER. Data Center Fabrics. Why the Right Choice is so Important to Your Business
WHITE PAPER Data Center Fabrics Why the Right Choice is so Important to Your Business Introduction Data center fabrics are emerging as the preferred architecture for next-generation virtualized data centers,
More informationPreparing Your IP Network for High Definition Video Conferencing
WHITE PAPER Preparing Your IP Network for High Definition Video Conferencing Contents Overview...3 Video Conferencing Bandwidth Demand...3 Bandwidth and QoS...3 Bridge (MCU) Bandwidth Demand...4 Available
More informationData Center SDN. ONF SDN Solutions Showcase Theme Demonstrations SDN SOLUTIONS SHOWCASE
Data Center ONF Solutions Showcase Theme Demonstrations Data Center -Enabled Science- DMZ Demonstration Brocade & Indiana University Adaptive Traffic Forwarding for Large Data Flows Using SciPass 2014
More informationSAN Conceptual and Design Basics
TECHNICAL NOTE VMware Infrastructure 3 SAN Conceptual and Design Basics VMware ESX Server can be used in conjunction with a SAN (storage area network), a specialized high speed network that connects computer
More informationFirewall Security. Presented by: Daminda Perera
Firewall Security Presented by: Daminda Perera 1 Firewalls Improve network security Cannot completely eliminate threats and a=acks Responsible for screening traffic entering and/or leaving a computer network
More informationDeploying the ShoreTel IP Telephony Solution with a Meru Networks Wireless LAN
Deploying the ShoreTel IP Telephony Solution with a Meru Networks Wireless LAN Copyright 2005, Meru Networks, Inc. This document is an unpublished work protected by the United States copyright laws and
More informationData Management. Network transfers
Data Management Network transfers Network data transfers Not everyone needs to transfer large amounts of data on and off a HPC service Sometimes data is created and consumed on the same service. If you
More informationOptimizing Data Center Networks for Cloud Computing
PRAMAK 1 Optimizing Data Center Networks for Cloud Computing Data Center networks have evolved over time as the nature of computing changed. They evolved to handle the computing models based on main-frames,
More informationPOWER ALL GLOBAL FILE SYSTEM (PGFS)
POWER ALL GLOBAL FILE SYSTEM (PGFS) Defining next generation of global storage grid Power All Networks Ltd. Technical Whitepaper April 2008, version 1.01 Table of Content 1. Introduction.. 3 2. Paradigm
More informationUniversity of Utah backbone is fully redundant with one or more 10Gb/s connecting each distribution node to a redundant core which connects to a
1 * Dave Pershing 2 University of Utah backbone is fully redundant with one or more 10Gb/s connecting each distribution node to a redundant core which connects to a redundant WAN which connects to redundant
More informationTRUFFLE Broadband Bonding Network Appliance. A Frequently Asked Question on. Link Bonding vs. Load Balancing
TRUFFLE Broadband Bonding Network Appliance A Frequently Asked Question on Link Bonding vs. Load Balancing 5703 Oberlin Dr Suite 208 San Diego, CA 92121 P:888.842.1231 F: 858.452.1035 info@mushroomnetworks.com
More informationSecure Network Design: Designing a DMZ & VPN
Secure Network Design: Designing a DMZ & VPN DMZ : VPN : pet.ece.iisc.ernet.in/chetan/.../vpn- PPTfinal.PPT 1 IT352 Network Security Najwa AlGhamdi Introduction DMZ stands for DeMilitarized Zone. A network
More informationTop Five Things You Need to Know Before Building or Upgrading Your Cloud Infrastructure
WHITE PAPER Top Five Things You Need to Know Before Building or Upgrading Your Cloud Infrastructure Over the last several years, the need for bandwidth has grown dramatically across all types of users.
More informationSplunk/Ironstream and z/os IT Ops
Copyright 2015 Splunk Inc. Splunk/Ironstream and z/os IT Ops John Reda VP Customer Experience Syncsort Incorporated Disclaimer During the course of this presentaion, we may make forward looking statements
More informationLarge Scale Science, The Science DMZ, SDN/OpenFlow, Security and Cyberinfrastructure Architectures
Large Scale Science, The Science DMZ, SDN/OpenFlow, Security and Cyberinfrastructure Architectures Joe St Sauver, Ph.D. (joe@internet2.edu or joe@uoregon.edu) Internet2 Nationwide Security Programs Manager
More informationC20.0001 Information Systems for Managers Fall 1999
New York University, Leonard N. Stern School of Business C20.0001 Information Systems for Managers Fall 1999 Networking Fundamentals A network comprises two or more computers that have been connected in
More informationMEASURING WORKLOAD PERFORMANCE IS THE INFRASTRUCTURE A PROBLEM?
MEASURING WORKLOAD PERFORMANCE IS THE INFRASTRUCTURE A PROBLEM? Ashutosh Shinde Performance Architect ashutosh_shinde@hotmail.com Validating if the workload generated by the load generating tools is applied
More informationJive Core: Platform, Infrastructure, and Installation
Jive Core: Platform, Infrastructure, and Installation Jive Communications, Inc. 888-850-3009 www.getjive.com 1 Overview Jive hosted services are run on Jive Core, a proprietary, cloud-based platform. Jive
More information«The Cloud» Something Old, something New, something Borrowed and something Blue
«The Cloud» Something Old, something New, something Borrowed and something Blue Your entertainers for today Michaël Boeckx Infrastructure Architect I.R.I.S. ICT Marnix Vrambout Datacenter Manager I.R.I.S.
More informationUse of Alternate Path WAN Circuits at Fermilab
Use of Alternate Path WAN Circuits at Fermilab Phil DeMar, Andrey Bobyshev, Matt Crawford, Vyto Grigaliunas Fermilab, PO BOX 500, Batavia, IL 60510, USA demar@fnal.gov Abstract. Fermilab hosts the American
More informationFirewalls. Securing Networks. Chapter 3 Part 1 of 4 CA M S Mehta, FCA
Firewalls Securing Networks Chapter 3 Part 1 of 4 CA M S Mehta, FCA 1 Firewalls Learning Objectives Task Statements 1.3 Recognise function of Telecommunications and Network security including firewalls,..
More informationCMPT 471 Networking II
CMPT 471 Networking II Firewalls Janice Regan, 2006-2013 1 Security When is a computer secure When the data and software on the computer are available on demand only to those people who should have access
More informationA SENSIBLE GUIDE TO LATENCY MANAGEMENT
A SENSIBLE GUIDE TO LATENCY MANAGEMENT By Wayne Rash Wayne Rash has been writing technical articles about computers and networking since the mid-1970s. He is a former columnist for Byte Magazine, a former
More informationHow To Build A Research Platform
Leveraging Digital Infrastructure and Innovative Software Services to Accelerate Scientific Discovery Hervé Guy and Steve Tuecke April 9, 2014 2014 Internet2 Global Summit Denver, CO Software to Support
More informationESSENTIALS. Understanding Ethernet Switches and Routers. April 2011 VOLUME 3 ISSUE 1 A TECHNICAL SUPPLEMENT TO CONTROL NETWORK
VOLUME 3 ISSUE 1 A TECHNICAL SUPPLEMENT TO CONTROL NETWORK Contemporary Control Systems, Inc. Understanding Ethernet Switches and Routers This extended article was based on a two-part article that was
More informationUsing TrueSpeed VNF to Test TCP Throughput in a Call Center Environment
Using TrueSpeed VNF to Test TCP Throughput in a Call Center Environment TrueSpeed VNF provides network operators and enterprise users with repeatable, standards-based testing to resolve complaints about
More informationOptimizing Dell Compellent Remote Instant Replay with Silver Peak Replication Acceleration
Optimizing Dell Compellent Remote Instant Replay with Silver Peak Replication Acceleration A Dell Technical White Paper Abstract This technical report details the benefits that Silver Peak s replication
More informationChapter 5. Data Communication And Internet Technology
Chapter 5 Data Communication And Internet Technology Purpose Understand the fundamental networking concepts Agenda Network Concepts Communication Protocol TCP/IP-OSI Architecture Network Types LAN WAN
More informationInternet Services. Amcom. Support & Troubleshooting Guide
Amcom Internet Services This Support and Troubleshooting Guide provides information about your internet service; including setting specifications, testing instructions and common service issues. For further
More informationLayer 3 Network + Dedicated Internet Connectivity
Layer 3 Network + Dedicated Internet Connectivity Client: One of the IT Departments in a Northern State Customer's requirement: The customer wanted to establish CAN connectivity (Campus Area Network) for
More informationDiagnosing the cause of poor application performance
Diagnosing the cause of poor application performance When it comes to troubleshooting application performance issues, there are two steps you can take to make diagnosis easier, faster and more accurate.
More informationSCADA System Security. ECE 478 Network Security Oregon State University March 7, 2005
SCADA System Security ECE 478 Network Security Oregon State University March 7, 2005 David Goeke Hai Nguyen Abstract Modern public infrastructure systems
More informationBusiness Services. Is Ethernet the Right Choice for Your Network? Learn More: Call us at 877.634.2728. www.megapath.com
Business Services Is Ethernet the Right Choice for Your Network? Learn More: Call us at 877.634.2728. www.megapath.com Is Ethernet the Right Choice for Your Network? Business Ethernet including Ethernet
More informationHEP Compu*ng in a Context- Aware Cloud Environment
HEP Compu*ng in a Context- Aware Cloud Environment Randall Sobie A.Charbonneau F.Berghaus R.Desmarais I.Gable C.LeaveC- Brown M.Paterson R.Taylor InsItute of ParIcle Physics University of Victoria and
More informationRAMCloud and the Low- Latency Datacenter. John Ousterhout Stanford University
RAMCloud and the Low- Latency Datacenter John Ousterhout Stanford University Most important driver for innovation in computer systems: Rise of the datacenter Phase 1: large scale Phase 2: low latency Introduction
More informationWindows Server Performance Monitoring
Spot server problems before they are noticed The system s really slow today! How often have you heard that? Finding the solution isn t so easy. The obvious questions to ask are why is it running slowly
More informationTRUFFLE Broadband Bonding Network Appliance BBNA6401. A Frequently Asked Question on. Link Bonding vs. Load Balancing
TRUFFLE Broadband Bonding Network Appliance BBNA6401 A Frequently Asked Question on Link Bonding vs. Load Balancing LBRvsBBNAFeb15_08b 1 Question: What's the difference between a Truffle Broadband Bonding
More informationCS514: Intermediate Course in Computer Systems
: Intermediate Course in Computer Systems Lecture 7: Sept. 19, 2003 Load Balancing Options Sources Lots of graphics and product description courtesy F5 website (www.f5.com) I believe F5 is market leader
More informationLustre Networking BY PETER J. BRAAM
Lustre Networking BY PETER J. BRAAM A WHITE PAPER FROM CLUSTER FILE SYSTEMS, INC. APRIL 2007 Audience Architects of HPC clusters Abstract This paper provides architects of HPC clusters with information
More informationCS 91: Cloud Systems & Datacenter Networks Networks Background
CS 91: Cloud Systems & Datacenter Networks Networks Background Walrus / Bucket Agenda Overview of tradibonal network topologies IntroducBon to soeware- defined networks Layering and terminology Topology
More informationCSE 3461 / 5461: Computer Networking & Internet Technologies
Autumn Semester 2014 CSE 3461 / 5461: Computer Networking & Internet Technologies Instructor: Prof. Kannan Srinivasan 08/28/2014 Announcement Drop before Friday evening! k. srinivasan Presentation A 2
More information