Cloud Traceability Working Group Face to Face Report



Similar documents
GridPP36 Security Report

HTCondor at the RAL Tier-1

EGI-InSPIRE. Cloud Security Implementations/Policies/Certification. Sven Gabriel, Nikhef

Virtualisation Cloud Computing at the RAL Tier 1. Ian Collier STFC RAL Tier 1 HEPiX, Bologna, 18 th April 2013

Batch and Cloud overview. Andrew McNab University of Manchester GridPP and LHCb

Configuration Management Evolution at CERN. Gavin

A Complete Open Cloud Storage, Virt, IaaS, PaaS. Dave Neary Open Source and Standards, Red Hat

Dynamic Resource Provisioning with HTCondor in the Cloud

PES. Batch virtualization and Cloud computing. Part 1: Batch virtualization. Batch virtualization and Cloud computing

New resource provision paradigms for Grid Infrastructures: Virtualization and Cloud

IPv6 Traffic Analysis and Storage

Infrastructure as a Service

Platform as a Service and Container Clouds

GUJARAT TECHNOLOGICAL UNIVERSITY

CernVM Online and Cloud Gateway a uniform interface for CernVM contextualization and deployment

This presentation covers virtual application shared services supplied with IBM Workload Deployer version 3.1.

Code-to-Cloud with OpenNebula & Megam Varadarajan Narayanan Kishore Kumar Neelamegam Thomas Alrin Raj Thilak

CMS Experience Provisioning Cloud Resources with GlideinWMS. Anthony Tiradani HTCondor Week May 2015

CHEP Cloud Bursting with glideinwms Means to satisfy ever increasing computing needs for Scientific Workflows

Monitoring Evolution WLCG collaboration workshop 7 July Pablo Saiz IT/SDC

The path to the cloud training

Agile Infrastructure: an updated overview of IaaS at CERN

Towards a New Model for the Infrastructure Grid

A New Approach to Network Visibility at UBC. Presented by the Network Management Centre and Wireless Infrastructure Teams

Application Defined Networking Challenges and Possibilities. Rupert D.E. Brown IB CTO Lead Architect UBS Investment Bank London

Ontology, NFV and the Future OSS September 2015

OpenStack Ecosystem and Xen Cloud Platform

Introduction to Virtualization & KVM

Evaluation and implementation of CEP mechanisms to act upon infrastructure metrics monitored by Ganglia

Using SUSE Cloud to Orchestrate Multiple Hypervisors and Storage at ADP

How To Run A Cloud Server On A Server Farm (Cloud)

Report from the HEPiX Workshop Fall 2013

Private Cloud Management

FUJITSU Software ServerView Cloud Monitoring Manager V1 Introduction

Virtual Machine Management with OpenNebula in the RESERVOIR project

SMB in the Cloud David Disseldorp

Seed4C: A Cloud Security Infrastructure validated on Grid 5000

RED HAT INFRASTRUCTURE AS A SERVICE OVERVIEW AND ROADMAP. Andrew Cathrow Red Hat, Inc. Wednesday, June 12, 2013

Virtualization System Vulnerability Discovery Framework. Speaker: Qinghao Tang Title:360 Marvel Team Leader

ScotGrid. Bolting the door. Network Based Security Mechanisms. David Crooks, Mark Mitchell on behalf of ScotGrid Glasgow

Before we can talk about virtualization security, we need to delineate the differences between the

Postgres on OpenStack

Infrastructure as a Service (IaaS)

Open source software for building a private cloud

Cisco and Splunk: Under the Hood of Cisco IT

UZH Experiences with OpenStack

Cloud Computing for Control Systems CERN Openlab Summer Student Program 9/9/2011 ARSALAAN AHMED SHAIKH

FREE AND OPEN SOURCE SOFTWARE FOR CLOUD COMPUTING SERENA SPINOSO FULVIO VALENZA

Distributed IaaS Clouds and 100G Networking for HEP applications

Cloud Accounting. Laurence Field IT/SDC 22/05/2014

Logicalis Service Defined Enterprise

WM Technical Evolution Group Report

Real-time Data Analytics mit Elasticsearch. Bernhard Pflugfelder inovex GmbH

Bring your virtualized networking stack to the next level

Managing a Tier-2 Computer Centre with a Private Cloud Infrastructure

Software defined Storage The next generation of Storage virtualization

Elasticsearch on Cisco Unified Computing System: Optimizing your UCS infrastructure for Elasticsearch s analytics software stack

15 th April 2010 FIA Valencia

Oracle: Database and Data Management Innovations with CERN Public Day

Open Source and Network Function Virtualization

A unified architecture of IaaS cloud solutions

Next Generation Tier 1 Storage

Science Days Stefan Freitag. 03. November Robotics Research Institute Dortmund University of Technology. Cloud Computing in D-Grid

Scaling Cloud-Native Virtualized Network Services with Flash Memory

Intro to NSX. Network Virtualization VMware Inc. All rights reserved.

Datasheet FUJITSU Software ServerView Cloud Monitoring Manager V1.0

Virtualization. (and cloud computing at CERN)

An Introduction to Virtualization and Cloud Technologies to Support Grid Computing

ovirt self-hosted engine seamless deployment

High Performance Computing OpenStack Options. September 22, 2015

T Mobile Cloud Computing Private Cloud & Assignment

Context-aware cloud computing for HEP

PowerVC 1.2 Q Power Systems Virtualization Center

High Performance Computing (HPC)

Grid vs. Cloud Computing

Proactively Secure Your Cloud Computing Platform

How To Use Elasticsearch

Virtualization Technologies (ENCS 691K Chapter 3)

Cisco Prime Network Services Controller. Sonali Kalje Sr. Product Manager Cloud and Virtualization, Cisco Systems

Accelerate private cloud with Data#3 and IBM

OpenStack IaaS. Rhys Oxenham OSEC.pl BarCamp, Warsaw, Poland November 2013

Virtual Cascade Shark

Introduction to OpenStack

Software Testing and Deployment Using Virtualization and Cloud

Open Source Virtualization with ovirt. DI (FH) René Koch Systems Engineer Siedl Networks GmbH Grazer Linuxtage,

HPC performance applications on Virtual Clusters

Agenda. 1. Welcoming and intro 2. Introduction to RHEL-OSP 3. Deep Dive RHEL-OSP 4. Live Demo 5. OSP-Director 6. What's new in liberty

Traditional v/s CONVRGD

Security Update and Risk Assessment

Hadoop on OpenStack Cloud. Dmitry Mescheryakov Software

The Evolution of Cloud Computing in ATLAS

Cloud and Virtualization to Support Grid Infrastructures

Block Storage in the Open Source Cloud called OpenStack

Cloud Computing and the Data Centre of the Future

Preparing for the 3 rd Platform:

Using LISP for Secure Hybrid Cloud Extension

Scaling Cloud Storage. Julian Chesterfield Storage & Virtualization Architect

Software Defined Data Center An Implementation view

Trials community. Yannick Legré. EGI InSPIRE RI

Cloud How to gain capacity from today s Datacenter A new model for IT Services Delivery & IT use? Cost reduction AND increased flexibility?

Transcription:

Cloud Traceability Working Group Face to Face Report Ian Collier ian.collier@stfc.ac.uk GDB 10 th June 2015 Agenda & notes: https://indico.cern.ch/event/396202/

Areas of investigation from Feb F2F Externally observable behaviour - Hypervisor & netflow logging Logging from inside VMs (no update here) Better tools for managing large volumes of logs Deferred Deletion or Quarantining VMs VO Logging (to be driven by security service challenges) Policy evolution (to follow on from other work)

Actions/Areas of investigation from Feb F2F Externally observable behaviour - Hypervisor & netflow logging Raul Lopes & David Crooks Logging from inside VMs RAL connecting VMs to central loggers Andrew MacNab investigating methods for passing logger info machine/job info vs cloudinit Better tools for managing large volumes of logs RAL & others Deferred Deletion or Quarantining VMs RAL investigating for OpenNebula & CEPH VO Logging Service challenges Sven Gabriel Policy evolution Dave Kelsey following other work.

Externally Observable Behaviour David Crooks Often neglected at our sites but esp in context of virtualisation only thing we can depend upon Presented survey of technologies (see slides for details) Network flow protocols netflow & sflow Concerns about propriety tools, hardware dependencies (support in switches/routers, network capture cards etc.) and software tools Experience of several tools at sites surveyed: Nfsen (Nikhef & Glasgow), ZNetS (IN2P3), Silk (JANET), CERN building Security Operation Centre along lines of OpenSOC see later discussion Software tools for generating network flows softflow (Glasgow), fprobe (CERN) Some discussion of aggregation/analytics tools picked up under management tools Some discussion of separating institutional vs grid data not an issue everywhere Next steps More detailed evaluation and practical investigation

Log management tools Ian Collier David Crooks already noted significant effort investigating ELK (elasticsearch, logstash, kibana) stack particular reference to UK but widely seen elsewhere too RAL have ELK infrastructure (on back of castor work), migration to new hardware longer than planned. In place now. Next step to send logs from cloud into that. RAL have done low level work to tune ELK to better scale for their purposes, this will be ready to share later this year Staff from RAL visited IBM Research recently As a side point saw their cloud security analytics tools use some machine learning techniques. Looking to see if we can work together. We can offer very diverse environments.

Security Service Challenges Ian Collier At Feb F2F agreed the way to test gaps in VO logging for traceability purposes should be by service challenges Sven Gabriel (EGI CSIRT) is organising SSCs for EGI Federated Cloud Also a commitment to apply those to WLCG cloud instances Ian noted there may be some specific issues with such challenges for sites using VAC

Deferred Deletion/Quarantine Ian Collier Want images from VM instances to persist for traceability/forensics purposes after VM is detroyed At RAL have so far implemented this using HTCondor Easy managed by HTCondor but only applies to Condor managed VMs Working on building into storage service tricky to get hooks to work cleanly with OpenNebula will involve developers if necessary Openstack David Crooks has it on his plan Tim Bell noted OpenStack has the functions to defer deletion but causes resource problems and full chain to do it is not there. 300-400 images/hr on Cern production cloud so problems with volume. Upstream would probably be happy to talk about this.

Security Operations Centres Liviu Valsan CERN developing Security Operations Centre much in common with Cisco s open sourced OpenSOC See slides for details Aggregates range of logs, network flows, other intelligence sources in to ELK like framework Romain Wartell noted that commercial providers converging on OpenSOC + BRO IDS OpenSOC is still immature, considerable work to implement But long term for many sites only sensible option Opportunity to collaborate on sharing (some) intelligence sources

OpenSOC http://www.slideshare.net/jamessirota/cisco-opensoc

Summary Active work since February Face to Face Variable progress Most in network flow/log management/soc area Contact Ian Collier is you are interested in participating

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information