Blue Waters: Security at Scale

By Nicole Hemsoth

May 3, 2013

If there’s one mandate that all IT and business professionals can agree on, it’s the need for security. For the largest systems in the world, keeping IT assets safe presents a unique set of challenges. Take the NCSA Blue Waters supercomputer as an example. The machine must be open and accessible to a collaborative-leaning scientific community while guarding against malicious activity. The person in charge of this balancing act is Adam Slagell. As Chief Information Security Officer for the National Center for Supercomputing Applications (NCSA) at the University of Illinois, Slagell is part of a team responsible for securing this massive resource.

Blue Waters is a leadership-class machine capable of sustained petascale performance on a range of scientific and engineering applications. The 11.6 petaflop (peak) system is comprised of 237 Cray XE6 racks, 32 Cray XK7 racks with NVIDIA Kepler GPUs, and 7 I/O racks. It also includes 1.5 petabytes of high-speed memory, 25 petabytes of usable online storage, and 300 petabytes near-line tape capacity.

As one of the largest computational systems in the world, Blue Waters faces some unique security challenges as Slagell can attest to:

“Traditional security technologies like inline intrusion prevention systems, stateful firewalls, and security appliances can take a 10 Gbps connection down to 500Mbps easily,” observes Slagell. “NCSA, which has well over 100 Gbps of external WAN connections (and plans to go to 300 Gbps), can’t come close to operating efficiently with those kinds of bottlenecks. Instead NCSA relies on passive monitoring techniques, making heavy use of ICSI’s open-source Bro network security monitor to understand and protect its network.”

The open-source traffic analyzer, Bro, was developed over many years by the International Computer Science Institute (ICSI) – an independent, non-profit computer science research center. Current ICSI Director Vern Paxson created the first version in 1995 at the Lawrence Berkeley National Laboratory. Work on Bro continues under the stewardship of ICSI with funding from the National Science Foundation.

Slagell explains that Bro has evolved to bridge the traditional gap between academic research and operations. The cyber-security tool has been deployed by major universities, research labs, supercomputing centers, open-science communities, as well as industry sites.

“Bro remains unique in its analysis capabilities as it is not limited to any particular detection strategy – a major restriction of traditional intrusion detection systems,” writes Slagell. “Bro instead provides a flexible platform for implementing a range of sophisticated, in-depth traffic analyses that are tailored to the needs of individual sites.”

To say that Bro has evolved over the years is an understatement. Before Blue Waters, NCSA only had to monitor a single optical link. With the addition of a brand-new datacenter housing a multi-million dollar supercomputer, NCSA’s monitoring responsibilities grew to dozens of 10G connections with planned 100G connections. The center moved from a single host running Bro to a cluster of 80 Bro workers, with plans for a 20 more.

In addition to increasing Bro’s scalability, there have been other improvements as well, for example in the area of intrusion detection. The developer team optimized this capability, adding policy-driven enhancements that allow the system to respond more quickly to potential incidents. Bro can also monitor traffic across multiple network zone boundaries.

For the development team at ICSI, Bro’s deployment at one of the world’s most prominent supercomputer centers is a validation of years of hard work. They now have confirmation that Bro is suitable for large-scale deployments in operational settings. But there’s no time for resting on laurels in the cat and mouse game of security. ICSI’s Networking and Security professionals are already focused on future iterations of Bro that can monitor for more sophisticated attacks over faster networks.

Subscribe to HPCwire's Weekly Update!

Be the most informed person in the room! Stay ahead of the tech trends with industy updates delivered to you every week!

First All-Petaflops Top500 List Debuts; US Maintains Performance Lead

June 17, 2019

With the kick-off of the International Supercomputing Conference (ISC) in Frankfurt this morning, the 53rd Top500 list made its debut, and this one's for petafloppers only. The entry point for the new list is 1.022 petaf Read more…

By Tiffany Trader

Nvidia Embraces Arm, Declares Intent to Accelerate All CPU Architectures

June 17, 2019

As the Top500 list was being announced at ISC in Frankfurt today with an upgraded petascale Arm supercomputer in the top third of the list, Nvidia announced its intention to make Arm a full citizen in the processing arch Read more…

By Tiffany Trader

Jack Wells Joins OpenACC; Arm Support Coming

June 17, 2019

Perhaps the most significant ISC19 news for OpenACC wasn’t in its official press release yesterday which touted growing user traction and the notable addition of HPC leader Jack Wells, director of science, Oak Ridge Le Read more…

By John Russell

HPE Extreme Performance Solutions

HPE and Intel® Omni-Path Architecture: How to Power a Cloud

Learn how HPE and Intel® Omni-Path Architecture provide critical infrastructure for leading Nordic HPC provider’s HPCFLOW cloud service.

For decades, HPE has been at the forefront of high-performance computing, and we’ve powered some of the fastest and most robust supercomputers in the world. Read more…

IBM Accelerated Insights

5 Benefits Artificial Intelligence Brings to HPC

According to findings from Hyperion Research, simulation is primarily responsible for expanding the global HPC market from $2 billion in 1990 to a projected $38 billion in 2022. Read more…

At ISC: DDN Launches EXA5 for AI, Big Data, HPC Workloads

June 17, 2019

DDN, for two decades competing at the headwaters of high performance storage, this morning announced an enterprise-oriented end-to-end high performance storage and data management for AI, big data and HPC acceleration. I Read more…

By Doug Black

First All-Petaflops Top500 List Debuts; US Maintains Performance Lead

June 17, 2019

With the kick-off of the International Supercomputing Conference (ISC) in Frankfurt this morning, the 53rd Top500 list made its debut, and this one's for petafl Read more…

By Tiffany Trader

Nvidia Embraces Arm, Declares Intent to Accelerate All CPU Architectures

June 17, 2019

As the Top500 list was being announced at ISC in Frankfurt today with an upgraded petascale Arm supercomputer in the top third of the list, Nvidia announced its Read more…

By Tiffany Trader

Jack Wells Joins OpenACC; Arm Support Coming

June 17, 2019

Perhaps the most significant ISC19 news for OpenACC wasn’t in its official press release yesterday which touted growing user traction and the notable addition Read more…

By John Russell

At ISC: DDN Launches EXA5 for AI, Big Data, HPC Workloads

June 17, 2019

DDN, for two decades competing at the headwaters of high performance storage, this morning announced an enterprise-oriented end-to-end high performance storage Read more…

By Doug Black

Final Countdown to ISC19: What to See

June 13, 2019

If you're attending the International Supercomputing Conference, taking place in Frankfurt next week (June 16-20), you're either packing, in transit, or are alr Read more…

By Tiffany Trader

The US Global Weather Forecast System Just Got a Major Upgrade

June 13, 2019

The United States’ Global Forecast System (GFS) has received a major upgrade to its modeling capabilities. The new dynamical core that has been added to the G Read more…

By Oliver Peckham

TSMC and Samsung Moving to 5nm; Whither Moore’s Law?

June 12, 2019

With reports that Taiwan Semiconductor Manufacturing Co. (TMSC) and Samsung are moving quickly to 5nm manufacturing, it’s a good time to again ponder whither goes the venerable Moore’s law. Shrinking feature size has of course been the primary hallmark of achieving Moore’s law... Read more…

By John Russell

The Spaceborne Computer Returns to Earth, and HPE Eyes an AI-Protected Spaceborne 2

June 10, 2019

After 615 days on the International Space Station (ISS), HPE’s Spaceborne Computer has returned to Earth. The computer touched down onboard the same SpaceX Dr Read more…

By Oliver Peckham

High Performance (Potato) Chips

May 5, 2006

In this article, we focus on how Procter & Gamble is using high performance computing to create some common, everyday supermarket products. Tom Lange, a 27-year veteran of the company, tells us how P&G models products, processes and production systems for the betterment of consumer package goods. Read more…

By Michael Feldman

Cray, AMD to Extend DOE’s Exascale Frontier

May 7, 2019

Cray and AMD are coming back to Oak Ridge National Laboratory to partner on the world’s largest and most expensive supercomputer. The Department of Energy’s Read more…

By Tiffany Trader

Graphene Surprises Again, This Time for Quantum Computing

May 8, 2019

Graphene is fascinating stuff with promise for use in a seeming endless number of applications. This month researchers from the University of Vienna and Institu Read more…

By John Russell

Why Nvidia Bought Mellanox: ‘Future Datacenters Will Be…Like High Performance Computers’

March 14, 2019

“Future datacenters of all kinds will be built like high performance computers,” said Nvidia CEO Jensen Huang during a phone briefing on Monday after Nvidia revealed scooping up the high performance networking company Mellanox for $6.9 billion. Read more…

By Tiffany Trader

AMD Verifies Its Largest 7nm Chip Design in Ten Hours

June 5, 2019

AMD announced last week that its engineers had successfully executed the first physical verification of its largest 7nm chip design – in just ten hours. The AMD Radeon Instinct Vega20 – which boasts 13.2 billion transistors – was tested using a TSMC-certified Calibre nmDRC software platform from Mentor. Read more…

By Oliver Peckham

It’s Official: Aurora on Track to Be First US Exascale Computer in 2021

March 18, 2019

The U.S. Department of Energy along with Intel and Cray confirmed today that an Intel/Cray supercomputer, "Aurora," capable of sustained performance of one exaf Read more…

By Tiffany Trader

Deep Learning Competitors Stalk Nvidia

May 14, 2019

There is no shortage of processing architectures emerging to accelerate deep learning workloads, with two more options emerging this week to challenge GPU leader Nvidia. First, Intel researchers claimed a new deep learning record for image classification on the ResNet-50 convolutional neural network. Separately, Israeli AI chip startup Hailo.ai... Read more…

By George Leopold

The Case Against ‘The Case Against Quantum Computing’

January 9, 2019

It’s not easy to be a physicist. Richard Feynman (basically the Jimi Hendrix of physicists) once said: “The first principle is that you must not fool yourse Read more…

By Ben Criger

Leading Solution Providers

SC 18 Virtual Booth Video Tour

Advania @ SC18 AMD @ SC18
ASRock Rack @ SC18
DDN Storage @ SC18
HPE @ SC18
IBM @ SC18
Lenovo @ SC18 Mellanox Technologies @ SC18
NVIDIA @ SC18
One Stop Systems @ SC18
Oracle @ SC18 Panasas @ SC18
Supermicro @ SC18 SUSE @ SC18 TYAN @ SC18
Verne Global @ SC18

TSMC and Samsung Moving to 5nm; Whither Moore’s Law?

June 12, 2019

With reports that Taiwan Semiconductor Manufacturing Co. (TMSC) and Samsung are moving quickly to 5nm manufacturing, it’s a good time to again ponder whither goes the venerable Moore’s law. Shrinking feature size has of course been the primary hallmark of achieving Moore’s law... Read more…

By John Russell

Intel Launches Cascade Lake Xeons with Up to 56 Cores

April 2, 2019

At Intel's Data-Centric Innovation Day in San Francisco (April 2), the company unveiled its second-generation Xeon Scalable (Cascade Lake) family and debuted it Read more…

By Tiffany Trader

Cray – and the Cray Brand – to Be Positioned at Tip of HPE’s HPC Spear

May 22, 2019

More so than with most acquisitions of this kind, HPE’s purchase of Cray for $1.3 billion, announced last week, seems to have elements of that overused, often Read more…

By Doug Black and Tiffany Trader

Arm Unveils Neoverse N1 Platform with up to 128-Cores

February 20, 2019

Following on its Neoverse roadmap announcement last October, Arm today revealed its next-gen Neoverse microarchitecture with compute and throughput-optimized si Read more…

By Tiffany Trader

Announcing four new HPC capabilities in Google Cloud Platform

April 15, 2019

When you’re running compute-bound or memory-bound applications for high performance computing or large, data-dependent machine learning training workloads on Read more…

By Wyatt Gorman, HPC Specialist, Google Cloud; Brad Calder, VP of Engineering, Google Cloud; Bart Sano, VP of Platforms, Google Cloud

In Wake of Nvidia-Mellanox: Xilinx to Acquire Solarflare

April 25, 2019

With echoes of Nvidia’s recent acquisition of Mellanox, FPGA maker Xilinx has announced a definitive agreement to acquire Solarflare Communications, provider Read more…

By Doug Black

Nvidia Claims 6000x Speed-Up for Stock Trading Backtest Benchmark

May 13, 2019

A stock trading backtesting algorithm used by hedge funds to simulate trading variants has received a massive, GPU-based performance boost, according to Nvidia, Read more…

By Doug Black

Qualcomm Invests in RISC-V Startup SiFive

June 7, 2019

Investors are zeroing in on the open standard RISC-V instruction set architecture and the processor intellectual property being developed by a batch of high-flying chip startups. Last fall, Esperanto Technologies announced a $58 million funding round. Read more…

By George Leopold

  • arrow
  • Click Here for More Headlines
  • arrow
Do NOT follow this link or you will be banned from the site!
Share This