SCinet Security Boosted by Utah’s CloudLab Site

November 2, 2016

Nov. 2 — SCinet is the backbone of SC, and the volunteer-driven Network Security Team goes to great lengths to protect that backbone from threats. Planning network security strategies and tactics begins nearly a year before the conference. As threats evolve, the team relies on new partnerships and innovative solutions to overcome emerging challenges. This year, the team is collaborating with CloudLab, a cloud computing testbed funded by the National Science Foundation (Grant No. CNS-1302688), to analyze terabytes of network traffic data during SC.

In observance of October’s National Cyber Security Awareness Month, we visited with Jeff Boote and Alan Commike, co-leads of the SCinet Network Security Team, and Robert Ricci, PI for CloudLab, about how this collaboration benefits exhibitors, attendees and volunteers at SC16.

Who shares in the responsibility for network security at SC?

Alan Commike and Jeff Boote: Network security touches every layer of SCinet. When you build a powerful network like SCinet from the ground up annually, network security cannot be achieved in isolation and it needs to be built into the network from the very start. Planning for SCinet starts nearly a year prior to the show opening. As the general SCinet architecture takes shape, the Network Security Team works closely with other SCinet teams – including Wide Area Networking, Routing, Fiber, Interconnect, DevOps, Edge Networking and the Help Desk – to ensure vendors, attendees and researchers have a successful SC. We also engage conference-goers in sharing the responsibility for computer security at SC. The SCinet Help Desk provides copies of our security tips handout, with security best practices for SC and beyond. If we find a compromised system, we help remediate the issue and then engage in conversation about how to secure the system going forward.

How has the network security strategy for SCinet changed over time? What, if anything, has remained consistent?

AC and JB: The goal has remained consistent through the years: we protect SCinet and all vendor, exhibitor and attendee resources that connect to it during SC. The challenge is to do so while working within the parameters of a very high-speed, high-traffic, open network. As threats become more sophisticated, the Network Security Team scales up protection efforts. In the past, we concentrated on protecting SCinet’s border, and now we are closely examining what’s happening inside the network, too. We spend as much effort looking for malicious intent on the commodity WiFi network as we do on the border between SCinet and the Internet at large. This year, we are partnering with CloudLab, which has a facility in Salt Lake City that provides the flexibility, autonomy and computational power we need to analyze network traffic and mitigate potential threats. The partnerships and the tools we rely on to secure SCinet continue to evolve, but the goal of finding bad actors on the network early and reliably is the same as it was 10 years ago.

What is CloudLab and how does it help the research community?

Robert Ricci: CloudLab is a facility that empowers researchers and educators to build their own clouds. Those who have used a cloud that is commercially-provided or owned by their home institution may be well aware of the limitations of not having full view or control over all layers, including the network, virtualization and the storage system. This is fine for a lot of work, but if you want to push forward the basic notion of what the cloud is and what it is good for, then you need to be able to work on those layers. That is where CloudLab comes in. CloudLab provides users with a set of resources they can use to build their own clouds, in which they can see everything and are in complete control. There are three main CloudLab sites: the University of Wisconsin – Madison, Clemson University and the University of Utah. CoudLab is funded by the National Science Foundation, so researchers and educators can apply for an account at www.cloudlab.us and use the lab at no cost.

What else makes CloudLab unique?

RR: CloudLab offers a lab facility that allows researchers to push the technology further without fear of breaking something others rely on. Researchers working in a production environment are bound by a tension between wanting to push the infrastructure to its edge – making it go beyond uses intended by designers or operators – and being held back by the fear that doing so will break it. We need testbeds in which researchers can push, prod and poke the technology with more flexibility and without fear. This is the kind of environment that CloudLab offers.

The CloudLab site in Utah has an emphasis on energy-efficient clouds. Our equipment includes both traditional server platforms and lower-power options using ARM architecture. Soon we will add Intel systems-on-chips designs. CloudLab machines have power instrumentation that allows users to evaluate not only the performance and robustness of the technologies, but also how “green” they are. Researchers can test different architectures to examine tradeoffs between power, performance and other metrics.

How will SCinet Network Security use CloudLab at SC16?

AC and JB: The Network Security Team probes and analyzes all of SCinet. We begin the process in late October during staging week to ensure SCinet equipment is not compromised when we bring it into the Salt Palace. Our job starts as soon as the first piece of SCinet equipment is powered on since we often see external probing and attacks soon after the network goes online. This provides us with a baseline, and we expand our analysis as more components of SCinet are brought online. During SC16, terabytes of analysis data, including logs, metadata and possible indicators of compromise, will be sent over a private, encrypted connection from SCinet to CloudLab. This secure connection is made possible by the ability to create private networks on the Utah Education Network and the University of Utah’s Science DMZ, which is managed by University Information Technology and the Center for High Performance Computing.

The data will be used for real-time and historical analysis, which looks at what happened over the past few hours and days during SC. The analysis occurring within the CloudLab computer cluster provides us with actionable intelligence regarding what is happening on SCinet. While lessons learned from that analysis carries over to our planning efforts for the next SC, we discard collected data at the end of the show to protect exhibitor, attendee and volunteer privacy.

RR: CloudLab provides SCinet’s Network Security Team with the resources needed to analyze those terabytes of data. Network data will be securely routed to computer clusters hosted in the University of Utah’s Downtown Data Center, just a few blocks from the Salt Palace. With CloudLab’s flexibility, the team will have complete control over the environment and can set up the processing pipeline to best meet their needs.


Source: SC16

Subscribe to HPCwire's Weekly Update!

Be the most informed person in the room! Stay ahead of the tech trends with industy updates delivered to you every week!

Senegal Prepares to Take Delivery of Atos Supercomputer

January 16, 2019

In just a few months time, Senegal will be operating the second largest HPC system in sub-Saharan Africa. The Minister of Higher Education, Research and Innovation Mary Teuw Niane made the announcement on Monday (Jan. 14 Read more…

By Tiffany Trader

Google Cloud Platform Extends GPU Instance Options

January 16, 2019

If it's Nvidia GPUs you're after to power your AI/HPC/visualization workload, Google Cloud has them, now claiming "broadest GPU availability." Each of the three big public cloud vendors has by turn touted the latest and Read more…

By Tiffany Trader

A Big Data Journey While Seeking to Catalog our Universe

January 16, 2019

It turns out, astronomers have lots of photos of the sky but seek knowledge about what the photos mean. Sound familiar? Big data problems are often characterized as transforming data into insights – which is exactly wh Read more…

By James Reinders

HPE Extreme Performance Solutions

HPE Systems With Intel Omni-Path: Architected for Value and Accessible High-Performance Computing

Today’s high-performance computing (HPC) and artificial intelligence (AI) users value high performing clusters. And the higher the performance that their system can deliver, the better. Read more…

IBM Accelerated Insights

Resource Management in the Age of Artificial Intelligence

New challenges demand fresh approaches

Fueled by GPUs, big data, and rapid advances in software, the AI revolution is upon us. Read more…

STAC Floats ML Benchmark for Financial Services Workloads

January 16, 2019

STAC (Securities Technology Analysis Center) recently released an ‘exploratory’ benchmark for machine learning which it hopes will evolve into a firm benchmark or suite of benchmarking tools to compare the performanc Read more…

By John Russell

A Big Data Journey While Seeking to Catalog our Universe

January 16, 2019

It turns out, astronomers have lots of photos of the sky but seek knowledge about what the photos mean. Sound familiar? Big data problems are often characterize Read more…

By James Reinders

STAC Floats ML Benchmark for Financial Services Workloads

January 16, 2019

STAC (Securities Technology Analysis Center) recently released an ‘exploratory’ benchmark for machine learning which it hopes will evolve into a firm benchm Read more…

By John Russell

IBM Quantum Update: Q System One Launch, New Collaborators, and QC Center Plans

January 10, 2019

IBM made three significant quantum computing announcements at CES this week. One was introduction of IBM Q System One; it’s really the integration of IBM’s Read more…

By John Russell

IBM’s New Global Weather Forecasting System Runs on GPUs

January 9, 2019

Anyone who has checked a forecast to decide whether or not to pack an umbrella knows that weather prediction can be a mercurial endeavor. It is a Herculean task: the constant modeling of incredibly complex systems to a high degree of accuracy at a local level within very short spans of time. Read more…

By Oliver Peckham

The Case Against ‘The Case Against Quantum Computing’

January 9, 2019

It’s not easy to be a physicist. Richard Feynman (basically the Jimi Hendrix of physicists) once said: “The first principle is that you must not fool yourse Read more…

By Ben Criger

The Deep500 – Researchers Tackle an HPC Benchmark for Deep Learning

January 7, 2019

How do you know if an HPC system, particularly a larger-scale system, is well-suited for deep learning workloads? Today, that’s not an easy question to answer Read more…

By John Russell

HPCwire Awards Highlight Supercomputing Achievements in the Sciences

January 3, 2019

In November at SC18 in Dallas, HPCwire Readers’ and Editors’ Choice awards program commemorated its 15th year of honoring achievement in HPC, with categories ranging from Best Use of AI to the Workforce Diversity Leadership Award and recipients across a wide variety of industrial and research sectors. Read more…

By the Editorial Team

White House Top Science Post Filled After Two-Year Vacancy

January 3, 2019

Half-way into Trump's term, the Senate has confirmed a director for the Office of Science and Technology Policy (OSTP), the agency that coordinates science poli Read more…

By Tiffany Trader

Quantum Computing Will Never Work

November 27, 2018

Amid the gush of money and enthusiastic predictions being thrown at quantum computing comes a proposed cold shower in the form of an essay by physicist Mikhail Read more…

By John Russell

Cray Unveils Shasta, Lands NERSC-9 Contract

October 30, 2018

Cray revealed today the details of its next-gen supercomputing architecture, Shasta, selected to be the next flagship system at NERSC. We've known of the code-name "Shasta" since the Argonne slice of the CORAL project was announced in 2015 and although the details of that plan have changed considerably, Cray didn't slow down its timeline for Shasta. Read more…

By Tiffany Trader

Summit Supercomputer is Already Making its Mark on Science

September 20, 2018

Summit, now the fastest supercomputer in the world, is quickly making its mark in science – five of the six finalists just announced for the prestigious 2018 Read more…

By John Russell

AMD Sets Up for Epyc Epoch

November 16, 2018

It’s been a good two weeks, AMD’s Gary Silcott and Andy Parma told me on the last day of SC18 in Dallas at the restaurant where we met to discuss their show news and recent successes. Heck, it’s been a good year. Read more…

By Tiffany Trader

US Leads Supercomputing with #1, #2 Systems & Petascale Arm

November 12, 2018

The 31st Supercomputing Conference (SC) - commemorating 30 years since the first Supercomputing in 1988 - kicked off in Dallas yesterday, taking over the Kay Ba Read more…

By Tiffany Trader

The Case Against ‘The Case Against Quantum Computing’

January 9, 2019

It’s not easy to be a physicist. Richard Feynman (basically the Jimi Hendrix of physicists) once said: “The first principle is that you must not fool yourse Read more…

By Ben Criger

Contract Signed for New Finnish Supercomputer

December 13, 2018

After the official contract signing yesterday, configuration details were made public for the new BullSequana system that the Finnish IT Center for Science (CSC Read more…

By Tiffany Trader

House Passes $1.275B National Quantum Initiative

September 17, 2018

Last Thursday the U.S. House of Representatives passed the National Quantum Initiative Act (NQIA) intended to accelerate quantum computing research and developm Read more…

By John Russell

Leading Solution Providers

SC 18 Virtual Booth Video Tour

Advania @ SC18 AMD @ SC18
ASRock Rack @ SC18
DDN Storage @ SC18
HPE @ SC18
IBM @ SC18
Lenovo @ SC18 Mellanox Technologies @ SC18
NVIDIA @ SC18
One Stop Systems @ SC18
Oracle @ SC18 Panasas @ SC18
Supermicro @ SC18 SUSE @ SC18 TYAN @ SC18
Verne Global @ SC18

Nvidia’s Jensen Huang Delivers Vision for the New HPC

November 14, 2018

For nearly two hours on Monday at SC18, Jensen Huang, CEO of Nvidia, presented his expansive view of the future of HPC (and computing in general) as only he can do. Animated. Backstopped by a stream of data charts, product photos, and even a beautiful image of supernovae... Read more…

By John Russell

HPE No. 1, IBM Surges, in ‘Bucking Bronco’ High Performance Server Market

September 27, 2018

Riding healthy U.S. and global economies, strong demand for AI-capable hardware and other tailwind trends, the high performance computing server market jumped 28 percent in the second quarter 2018 to $3.7 billion, up from $2.9 billion for the same period last year, according to industry analyst firm Hyperion Research. Read more…

By Doug Black

HPC Reflections and (Mostly Hopeful) Predictions

December 19, 2018

So much ‘spaghetti’ gets tossed on walls by the technology community (vendors and researchers) to see what sticks that it is often difficult to peer through Read more…

By John Russell

Intel Confirms 48-Core Cascade Lake-AP for 2019

November 4, 2018

As part of the run-up to SC18, taking place in Dallas next week (Nov. 11-16), Intel is doling out info on its next-gen Cascade Lake family of Xeon processors, specifically the “Advanced Processor” version (Cascade Lake-AP), architected for high-performance computing, artificial intelligence and infrastructure-as-a-service workloads. Read more…

By Tiffany Trader

Germany Celebrates Launch of Two Fastest Supercomputers

September 26, 2018

The new high-performance computer SuperMUC-NG at the Leibniz Supercomputing Center (LRZ) in Garching is the fastest computer in Germany and one of the fastest i Read more…

By Tiffany Trader

Houston to Field Massive, ‘Geophysically Configured’ Cloud Supercomputer

October 11, 2018

Based on some news stories out today, one might get the impression that the next system to crack number one on the Top500 would be an industrial oil and gas mon Read more…

By Tiffany Trader

Microsoft to Buy Mellanox?

December 20, 2018

Networking equipment powerhouse Mellanox could be an acquisition target by Microsoft, according to a published report in an Israeli financial publication. Microsoft has reportedly gone so far as to engage Goldman Sachs to handle negotiations with Mellanox. Read more…

By Doug Black

The Deep500 – Researchers Tackle an HPC Benchmark for Deep Learning

January 7, 2019

How do you know if an HPC system, particularly a larger-scale system, is well-suited for deep learning workloads? Today, that’s not an easy question to answer Read more…

By John Russell

  • arrow
  • Click Here for More Headlines
  • arrow
Do NOT follow this link or you will be banned from the site!
Share This