Georgia State University Cyberinfrastructure Plan

Similar documents
OneUConn IT Service Delivery Vision

IT Town Hall Meeting

ACCI Recommendations on Long Term Cyberinfrastructure Issues: Building Future Development

Montana State University Campus Cyberinfrastructure Plan January 2015

Bringing OpenStack to the Enterprise. An enterprise-class solution ensures you get the required performance, reliability, and security

Higher Education in Texas: Serving Texas Through Transformational Education, Research, Discovery & Impact

THE WORLD S BEST- CONNECTED DATA CENTERS EQUINIX MIDDLE EAST & NORTH AFRICA (MENA) Equinix.com

Table of Contents Table of Contents...2 Introduction...3 Mission of IT...3 Primary Service Delivery Objectives...3 Availability of Systems...

Cisco Unified Computing System Delivering on Cisco's Unified Computing Vision

Secure, scalable storage made simple. OEM Storage Portfolio

2017 Resource Allocations Competition Results

Achieving Digital Transformation: FOUR MUST-HAVES FOR A MODERN VIRTUALIZATION PLATFORM WHITE PAPER

Accelerate Your Enterprise Private Cloud Initiative

How to Leverage Containers to Bolster Security and Performance While Moving to Google Cloud

DATA CENTRE SOLUTIONS

NSF Campus Cyberinfrastructure and Cybersecurity for Cyberinfrastructure PI Workshop

Cisco Cloud Architecture with Microsoft Cloud Platform Peter Lackey Technical Solutions Architect PSOSPG-1002

BUILDING the VIRtUAL enterprise

Data center interconnect for the enterprise hybrid cloud

The Nasuni Security Model

STRATEGIC PLAN

MODERNIZE YOUR DATA CENTER. With Cisco Nexus Switches

Best Practices in Securing a Multicloud World

Security Guide Zoom Video Communications Inc.

That Set the Foundation for the Private Cloud

Virtustream Cloud and Managed Services Solutions for US State & Local Governments and Education

Networks

Overcoming IT Challenges in the Education Segment Leveraging Cloud and On-Premise Resources for Maximum Impact

Converged Platforms and Solutions. Business Update and Portfolio Overview

Enterprise-ready Unified communications platform

UPS system failure. Cyber crime (DDoS ) Accidential/human error. Water, heat or CRAC failure. W eather related. Generator failure

Understanding As-a-service: Teradata IntelliCloud

Cloud Confidence: Simple Seamless Secure. Dell EMC Data Protection for VMware Cloud on AWS

Vision of the Software Defined Data Center (SDDC)

Dell EMC Hyper-Converged Infrastructure

Cisco ONE Enterprise Cloud Suite

University of British Columbia

Cisco HyperFlex and the F5 BIG-IP Platform Accelerate Infrastructure and Application Deployments

The FlashStack Data Center

Communication Service Provider

BUCKNELL S SCIENCE DMZ

YOUR APPLICATION S JOURNEY TO THE CLOUD. What s the best way to get cloud native capabilities for your existing applications?

Hyper-Converged Infrastructure: Providing New Opportunities for Improved Availability

Virtualized Network Services SDN solution for service providers

Your Data Center is Everywhere. Unified Computing System Data Center Campaign Overview Marketing Cheat Sheet

A Cloud WHERE PHYSICAL ARE TOGETHER AT LAST

Choosing the Right Cloud Computing Model for Data Center Management

Move, manage, and run SAP applications in the cloud. SAP-Certified Infrastructure from IBM Cloud

Cisco UCS Mini Software-Defined Storage with StorMagic SvSAN for Remote Offices

How Cisco IT Deployed Cisco Firewall Services Modules at Scientific Atlanta

Cyber Partnership Blueprint: An Outline

University Lowers Barriers, Fortifies Security with Virtualization

Exchange 2007 End of Service: Modernize with Office 365. Todd Sweetser Technical Solutions Professional

First Session of the Asia Pacific Information Superhighway Steering Committee, 1 2 November 2017, Dhaka, Bangladesh.

VMware vsphere 4.0 The best platform for building cloud infrastructures

NTT Com Press Conference March 1, 2016 #enterprisecloud

Introduction to iscsi

Internet2 NET+ Security and Identity Portfolio

Innovative Solutions. Trusted Performance. Intelligently Engineered. Comparison of SD WAN Solutions. Technology Brief

We make hybrid cloud deliver the business outcomes you require

Leveraging Software-Defined Storage to Meet Today and Tomorrow s Infrastructure Demands

OUR VISION To be a global leader of computing research in identified areas that will bring positive impact to the lives of citizens and society.

As one of the world s preeminent hosting providers with deep. enterprise infrastructure and application expertise, NaviSite offers

VMWARE CLOUD FOUNDATION: INTEGRATED HYBRID CLOUD PLATFORM WHITE PAPER NOVEMBER 2017

Securely Access Services Over AWS PrivateLink. January 2019

Government IT Modernization and the Adoption of Hybrid Cloud

Transform to Your Cloud

MODERNIZE INFRASTRUCTURE

CoreMax Consulting s Cyber Security Roadmap

The Business Case for Virtualization

Northern New Mexico College - Campus Cyberinfrastructure Plan 1. Introduction

You Might Know Us As. Copyright 2016 TierPoint, LLC. All rights reserved.

Sony Adopts Cisco Solution for Global IPv6 Project

Hybrid Cloud for Business Communications

Communications Transformations 2: Steps to Integrate SIP Trunk into the Enterprise

Outline. March 5, 2012 CIRMMT - McGill University 2

Top 5 Reasons to Consider

Vendor: Cisco. Exam Code: Exam Name: Cisco Sales Expert. Version: Demo

It is requested that the Board approve the Northern Arizona University s Network Upgrade and Wireless Expansion Project.

Cloud Computing: Making the Right Choice for Your Organization

Eucalyptus Overview The most widely deployed on-premise cloud computing platform

Connectivity to Cloud-First Applications

CloudLab. Updated: 5/24/16

A guide for assembling your Jira Data Center team

Logicalis What we do

Cloud FastPath: Highly Secure Data Transfer

Enabling IT Redundancy and Scalability for High-Availability Logistics Software

3.0 NETWORX ARCHITECTURE FOR IP-BASED SERVICES (L ) (M.2.1) (a), M.2.1.1(a))

Kaltura Platform: Ultimate Deployment Flexibility

W H I T E P A P E R : O P E N. V P N C L O U D. Implementing A Secure OpenVPN Cloud

Security & Compliance in the AWS Cloud. Amazon Web Services

THE CUSTOMER SITUATION. The Customer Background

Dell EMC Enterprise Hybrid Cloud for Microsoft Azure Stack. Ahmed Iraqi Account Systems Engineer Dell EMC North & West Africa

EMC ACADEMIC ALLIANCE

IPv6 in Internet2. Rick Summerhill Associate Director, Backbone Network Infrastructure, Internet2

The Cisco WebEx Node for the Cisco ASR 1000 Series Delivers the Best Aspects of On-Premises and On-Demand Web Conferencing

Cloud-Enable Your District s Network For Digital Learning

Hybrid IT for SMBs. HPE addressing SMB and channel partner Hybrid IT demands ANALYST ANURAG AGRAWAL REPORT : HPE. October 2018

Awareness Technologies Systems Security. PHONE: (888)

STATEMENT OF WORK. DHS Desktop Virtualization Project

Transcription:

Georgia State University Cyberinfrastructure Plan Summary Building relationships with a wide ecosystem of partners, technology, and researchers are important for GSU to expand its innovative improvements in terms of curriculum, faculty, students, research, and technology while increasing security and compliance. GSU is developing and deploying a hybrid cloud and data-centric cyberinfrastructure in support of the institution s learning, research, and outreach missions. GSU is shifting from an enterprise and on-prem. Cyberinfrastructure towards a hybrid focus Cyberinfrastructure to benefit from self-service, compliant solutions, and diverse partners including cloud vendors. One of the GSU goals is to enable researchers to work and collaborate from anywhere with any collaborators while improving security, productivity, and compliance. This eresearch focus includes grants, collaboration, data-intensive activity, grid-computing, cloud computing, and open data. One of the key challenge and focus is to enable non-traditional researchers, students, and staff members to benefit from cloud solutions to HPC resources while reducing the learning curve. Introduction Georgia State is one of the Nation s premier urban public research universities solving global challenges in human health. Researchers at Georgia State utilize the university s state-of-the art facilities working across disciplines to address critical quality of life issues such as cancer, obesity, inflammation, vaccines, child and adult literacy, and public health issues related to smoking, among others. Research Cyber Infrastructure (CI) plays a crucial role to provide access to a wide variety of tools enabling researchers to compete on the highest level and have better collaboration with partner institutions in the US as well as internationally. The university recognized the need to improve common infrastructure in order to increase engagement of broader academic community. In the last three years, the research, academic, and administrative components of the GSU campus have worked closely to create a unique set of tools to manage all aspects of modern day research needs. The current plan is designed to provide further development of cyber infrastructure capabilities including enhancements of Campus networking, upgrading On-Campus and cloud storage, and increasing hybrid allocation of HPC (High Performance Computing) to support modern requirements for research and learning. Key components of today s successful studies are increased demand on storage for big data, quick and effortless ways to transport data to key researchers and students, team collaboration among national and international communities, processing data efficiently, and security and compliance of the process from start to finish 1

Current State and Efforts GSU has taken multiple steps to improve the overall state of the infrastructure. The network backbone includes redundant 10Gbps fiber path for inter building connectivity, geographically split Campus Distribution Facilities (CDF), mini data centers with redundant connections to upstream Internet providers (Inetrnet2/SoX and Peachnet), an allocated network segment for Science DMZ and campuswide WiFi access with EDURoam to all Campus participants. GSU implemented Shibboleth authentication with InCommon membership and is also one of the early adapters of O365 for students and faculty/staff. Several compute clusters were implemented to provide HPC resources to classes and research. Research Administration Research Portal: The Research Portal acts as the digital glue. It is a custom web application hosted in the cloud, built with the researcher in mind. It is a tool that allows the researcher to manage everything on their research, ranging from workshop registration and budget management, to creating compute resources and expanding disk quotas for their HPC projects. They are able to do all of this without any direct interaction from an IT person. Within the Research Portal, users are able to submit forms electronically to the central office reducing processing time, track their funding and expenditures on their projects and track all compliance requirements ranging from IRB protocols to effort reporting for their staff. Georgia State University researchers are also able to create and sponsor accounts for outside individuals. Giving them the ability to access and use compute resources and shared storage, greatly increasing both the security and efficiency in which we are able to collaborate. Campus Networking Core Network: Network Core consists of two enterprise grade routers, each with redundant MSMs (managed switch module or routing engines). These are interconnected by a pair of redundant 10 Gig links and physically located in separate CDFs. These CDFs are located on "opposite" sides of the GSU downtown campus. GSU has a heavy fiber presence in downtown Atlanta. There are 3 direct, physically diverse paths between the two Campus Distribution Facilities (CDF). There are two additional paths that connect to Georgia State University's passive fiber hub. This allows creation of diverse paths from each building back to GSU Network Core in the CDFs. 2

Data Center: Georgia State University s data center provides connectivity for hundreds of hosts, both physical and virtual. The majority are now virtual. Each virtual hosting environment is connected to the Data Center routing/switching infrastructure at 10 Gbps fiber. With applications, such as those for registration and financial and authentication services, utilizing F5 Local Traffic Managers (load balancers) adds even more robustness to the design. Physical hosts that do not require this level of resilience are connected via top of rack switch stacks at 1/10 GBPS. Each switch stack has redundant 10 Gbps connections to the pair of data center routers. Wireless Infrastructure: GSU currently employs a 100% Aruba Wireless Network. It consists of 2400 Access Points at this time. This infrastructure was installed during the 2013-2014 academic year. This provides -65db (or better) coverage in 100% of office, classroom, and general purpose spaces. The amount of APs used also provides for the ability for each user in a classroom to utilize 2+ wireless devices at the same time. Peak-time traffic consists of approximately 15,000 users. Science network: The primary switches are a redundant pair of Extreme Black-Diamond 8810. They are connected directly to edge routes via 10Gbps fiber and have associated firewall rules in place. At this time, there is no formal Science DMZ established. The DMZ backbone includes capacity for the local resources, but is also intended to connect research labs and instruments directly to the DMZ if required. Further advancements of Science DMZ include allocation of IPv6 range for explicit use in research applications, upgrade and increase number of perfsonar monitoring devices, upgrade Data Transfer Nodes (DNT) and connected infrastructure, and deployment of upgraded back-bone network for key research locations. Proposed network upgrade to implement Science DMZ. Implementation of IPv6: GSU network will adopt a phased deployment of IPV6. Dual stack deployments will be the foundation for this transition. Initial phase will be deploying IPV6 within the GSU Science DMZ with a focus on the internal dev cluster, research storage, data transfer nodes, and network performance monitoring tools. Anti-Spoofing and Security: GSU uses enterprise grade edge routers (Cisco Catalyst 6500 series) with a rich set of capabilities in both routers and firewalls. High performance content inspection appliances are installed to inspect all internet-bound content to and from the campus network to provide a confident level of protection against the ever-changing threat landscape. The IIT security department is currently deploying a new set of security tools for endpoint devices and providing scheduled penetration tests of internet facing services as well as vulnerability scans of data center infrastructure servers and the network. 3

Identity Management and Federated Access: One of Georgia State s Identity Management initiatives involves implementation of single sign-on (or reduced sign-on) technologies. As a product of these initiatives you will use your CampusID and password to login to many of the systems utilized in daily life at Georgia State. Custom build application provisions CampusID for variety of university s applications including Banner and PeopleSoft. Since 2012 GSU is active participant of InCommon Shibboleth federated identity program with as many as 65 core academic applications connected to the service. AD and LDAP authentication is used for computer, mobile devices and other services. Scaling: GSU will maintain sufficient in-house hardware to incubate new research. This includes a variety of architectures such as traditional high performance/ high throughput (HP/HT) computing clusters, accelerators (GPGPU, Intel Phi), data intensive distributed computing systems (Hadoop, Spark), and virtual machines (cloud). We follow standard and best practices outlined by national leading CI providers (XSEDE, OSG) and industry Compute Cloud provides (Amazon, Microsoft, and Google). Once research grows to a level where it is no longer sustainable by in-house resources, GSU HPC facilitators help researchers to scale out to national and commercial (Cloud) Cyber Infrastructure. Computing Support: Research solutions (RS) maintains extensive documentation on all systems that they support. In addition, the team conducts regular hands-on training sessions on popular topics. Research Solutions also regularly participates in national cyberinfrastructure training sessions carried out by XSEDE, VSCSE, and NCSA. Consultation services are available for researchers upon request. Research Solutions maintains a centrally managed pool of commonly used scientific software. Should a researcher need additional software, HPC facilitators will install it and keep it up to date as long as the research requires it. Virtualization: In 2008 one of the main priorities was to migrate the most of the data center servers to a virtual platform. Today GSU has more than 90 percent of its core infrastructure on VMware s vsphere and Microsoft s Hyper-V. A few benefits from this migration included reduced the overall datacenter footprint, power consumption and amount of network cables. Virtualization also provided easier management of the applications, faster deployment and better backup functionality. Growing Compute Cloud offerings from Microsoft, Amazon and Google are making it easier to adopt Hybrid Cloud practices. Extending Public and Private Cloud use for internal applications as well as on-demand services to the researchers is a one of the strategic goals of the university. Closer participation and integration with Regional (Georgia Tech, Clemson, UNC) and National (XSEDE, OSG) partners is another way to leverage public and academic resources. Fast storage and Archival: More than ever, today s researchers require fast, reliable, and large storage. Individual needs range from a few megabytes to hundreds of terabytes of research data. Right now GSU is providing 1TB of backed up storage per project/user on HPC clusters. This amount of storage is quickly becoming a crippling limitation. The Research Solutions team is addressing the growing demand in both speed and capacity by bringing additional storage online. This includes secure storage and access to shared data among researchers from GSU and partner institutions. Implementation of a high performance parallel file system is one of the major goals for the research infrastructure team. This will be achieved by creating low latency scale-out storage clusters. One of the biggest challenges is to provide a secure, federally compliant (FERPA, HIPAA) place to store and share data. Microsoft and Amazon Cloud could be the answer. Both providers have the highest level 4

of Federal certification and have mature tools to get access to the storage. Cloud storage (Amazon Glacier and Google Nearline) is also an attractive option for long term archival of data. The Research Solutions team is actively working on adding these services to the researcher s toolkit. 5

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback