How the ersa Problem became the ersa Solu3on. Why a network and network security is impera3ve for ersa s NeCTAR cloud. Paul Bartczak Infrastructure



Similar documents
Clusters in the Cloud

Financial Opera,ons Track: ROI vs. ROCE (Return on Customer Experience) Speaker: Robert Lane, Strategic Sourcing Manager, Premier Health Partners

benefit of virtualiza/on? Virtualiza/on An interpreter may not work! Requirements for Virtualiza/on 1/06/15 Which of the following is not a poten/al

Data Center Evolu.on and the Cloud. Paul A. Strassmann George Mason University November 5, 2008, 7:20 to 10:00 PM

Perspec'ves on SDN. Roadmap to SDN Workshop, LBL

The Development of Cloud Interoperability

Connec(ng to the NC Educa(on Cloud

Cloud Compu)ng in Educa)on and Research

Chapter 3. Database Architectures and the Web Transparencies

Project Por)olio Management

LONI Provides UNO High Speed Business Con9nuity A=er Katrina. Speakers: Lonnie Leger, LONI Chris Marshall, UNO

Managed Phone System. Benefits of switching to a cloud based business VoIP solution.

Cloud Compu)ng. Yeow Wei CHOONG Anne LAURENT

Spotlight on Cloud and DCI in APAC

Migrating to Hosted Telephony. Your ultimate guide to migrating from on premise to hosted telephony.

Everything You Need to Know about Cloud BI. Freek Kamst

Scalable Network Monitoring with SDN-Based Ethernet Fabrics

How To Protect Virtualized Data From Security Threats

Data Management in the Cloud: Limitations and Opportunities. Annies Ductan

Building Storage Service in a Private Cloud

Understanding Cloud Compu2ng Services. Rain in business success with amazing solu2ons in Cloud technology

/Endpoint Security and More Rondi Jamison

MAXIMIZING THE SUCCESS OF YOUR E-PROCUREMENT TECHNOLOGY INVESTMENT. How to Drive Adop.on, Efficiency, and ROI for the Long Term

CSER & emerge Consor.a EHR Working Group Collabora.on on Display and Storage of Gene.c Informa.on in Electronic Health Records

PALO ALTO SAFE APPLICATION ENABLEMENT

Developing Your Roadmap The Association of Independent Colleges and Universities of Massachusetts. October 3, 2013

An to Big Data, Apache Hadoop, and Cloudera

Network edge and network core. millions of connected compu?ng devices: hosts = end systems running network apps

Stream Deployments in the Real World: Enhance Opera?onal Intelligence Across Applica?on Delivery, IT Ops, Security, and More

SuperStack Next Exit. Challenges on CC*IIE at UF

UAB Cyber Security Ini1a1ve

An introduction to disaster recovery. And how DrAAS from I.R.I.S. Ondit can help!

DISTRIBUTED SYSTEMS [COMP9243] Lecture 9a: Cloud Computing WHAT IS CLOUD COMPUTING? 2

DDC Sequencing and Redundancy

ISSA Phoenix Chapter Meeting Topic: Security Enablement & Risk Reducing Best Practices for BYOD + SaaS Cloud Apps

OS/Run'me and Execu'on Time Produc'vity

Research Collaboration in the Cloud: - the NeCTAR Research Cloud

Big Data. The Big Picture. Our flexible and efficient Big Data solu9ons open the door to new opportuni9es and new business areas

Building your cloud porbolio APS Connect

BENCHMARKING V ISUALIZATION TOOL

IDA Call 6 for Cloud Computing. Presented by: Don Ng, CISSP don.sh.ng@starhub.com, Senior Manager SaaS Partner Program Date: 12th November, 2012

Best Prac*ces for Deploying Oracle So6ware on Virtual Compute Appliance

Introduction to Cloud Computing

Portable, Scalable, and High-Performance I/O Forwarding on Massively Parallel Systems. Jason Cope

Linux Clusters Ins.tute: Turning HPC cluster into a Big Data Cluster. A Partnership for an Advanced Compu@ng Environment (PACE) OIT/ART, Georgia Tech

The Real Score of Cloud

Corero Network Security

Service Description CloudSure Public, Private & Hybrid Cloud

Enterprise Cloud Solutions

The Future of Cloud Networking. Idris T. Vasi

ITS Strategic Plan Enabling an Unbounded University

Networking Modernize. Open Your Network to Innovation

broadberry.co.uk/storage-servers

RESEARCH DATA STORAGE INFRASTRUCTURE EDUCATION INVESTMENT FUND PROJECT FINAL REPORT

Transcription:

How the ersa Problem became the ersa Solu3on. Why a network and network security is impera3ve for ersa s NeCTAR cloud. Paul Bartczak Infrastructure Manager

About ersa eresearch SA is a collabora3ve joint venture between the University of Adelaide, Flinders University, and the University of South Australia. eresearch SA is the South Australian provider of high- performance compu3ng, data management and storage, research collabora3on, and visualisa3on services for researchers in SA.

Our Infrastructure History Tradi3onal HPC Shop Provided: HPC Storage mostly HPC Custom Hos3ng Services Physical and Virtual User training and support Solu3on Design and Development

Our Infrastructure History Hosted by University of Adelaide - ~80% usage ScaVered across various loca3ons Disparate networking capability Network and Security managed by University of Adelaide ITS - Gateway Downstream Firewalls School DIY

Project Infrastructure Opportuni3es NeCTAR A federated Research Cloud with virtualised research applica3ons that operate in a secure and shared environment, connected to major instruments RDSI Data storage infrastructure connected to the AREN by a high bandwidth connec.on, funded and constructed under the Super Science Na3onal Research Networks (NRN) Project. Including dedicated high speed connec4ons between major nodes

Our New User Base The University of Adelaide Student enrolment ~25,000 Mostly hard science and engineering research

Our New User Base University of South Australia Student enrolment ~38,000 More so_ science and social science research

Our New User Base Flinders University Student enrolment ~18,000 More so_ science and social science research

Ground 0 Tech Team 2.5 +.5 Minions 1 Sys Admin.5 Helpdesk +.5 Other 1 Storage Admin -.5 Other

The Problem What infrastructure capability does ~$4.5M of funding buy? Huge Services real estate poten3al Massive network performance problems Mul3tenant / Public avack target NeCTAR ~2990 vcpu Cloud ~5 PB of Storage 2 x 10 Gbps Internet - redundant 2 x 10 Gbps DaShNet Science DMZ - redundant

Services Mo3va3on Need to cater for all research prac3ces! Secure high performance Infrastructure Flexible Heterogeneous Infrastructure is key: HPC Cloud VMs and HTC Storage Systems and Tiering Various OS and App Flavors Custom Solu3ons

Resource Criteria Staff resources with exper3se in relevant technical areas Cloud Storage Networking High Performance Network Network Security

Missing Pieces Data Centre Space & Environmental Network to support Cloud, Big Data movement and storage dependence Last Mile challenges 100Mb Security: Various Self Service Opera3ng Systems Inter twined networks Significant ins3tu3onal exposure

The Sit Down Formed working par3es with all Unis re RFP s Cloud and Storage architecture Networking and Security Limited IT resource capacity to support opera3onal aspira3ons

Issues and Risks 2 Data Centers required Space & Environmental Bridged networks Locally Public Internet Security Exposure Science DMZ Na3onal network bridge

Soul Searching I am sure I have done this before Employ a network consultant to design the network Vendor RFQ?

RFQ Reality Big Friendly Giant $ prohibi3ve There has to be a more cost effec3ve way Network your problems and reach out for Help! Dell PowerConnect?

Solu3on Proposal

Solu3on Review Solu3on Comparison Footprint Performance; N- S vs. N, E, S, W traffic Affordable Scalability 2x 40 Gbps CORE Tradi3onal vs. Next Genera3on Firewall Cost Licensing & Availability (HA) Support and Training

Solu3on Decision BFG = Telco and Corporate Kit Dell: Network Hardware suppor3ng CERN Next Genera3on Firewall 40/10 Gbps

Force10 Overview

SonicWall Overview

Resource Ra3onalisa3on Seek Dell Professional Services to finalise the Network Design and installa3on Employ a Networking resource to manage the network and work with the vendor for ops purposes Ensure Network Management can be rela3vely self servicing and no more than.5 FTE

Outcomes Secure High Performance Network Ethernet, IB, iscsi, FCoE, FCIP All Service Capability transparently integrated 39.5 Gbps out of 40 LACP Not easy to achieve (NeCTAR) Backbone scaling by 40 Gbps Host connec3vity scaling by 10 Gbps Redundant Data Centre(s) connec3vity = 160 Gbps SABRENet

Network Architecture

There s More Standalone Research Network for SA u3lising SABRENet Universi3es SAHMRI SA Government Hospitals Any Research Ins3tu3on!

Service Considera3ons Predominantly Self Service Cloud Infrastructure Requiring best support effort and up3me = 8 x 5 Not Commercial IT, but just as important Most usage ac3vity is 24/7-365 Mixture of opera3ng systems, applica3ons - none more secure than the other Intertwined / Nested Networks Data Integrity and Security MaVers auto safeguard ~90%

Security Stats

Thus Far = Happy Team Ques3ons?