2
NSF Campus Cyberinfrastructure PI and Cybersecurity Innovation for Cyberinfrastructure PI Workshop NSF Program (either CC or CICI): CC Project Title: CC* Networking Infrastructure: Building a Science DMZ Network for UC Merced October 3-4| Albuquerque, New Mexico PI: Suzanne S. Sindi co-PIs: Nicola Lercari, Ashlie Martini, Thomas DeFanti, Michael Spivey Program Area: Campus Cyberinfrastrc (CC-NIE) Award Number: 1659210 Suzanne Sindi Assistant Professor of Applied Mathematics Organization: UC Merced Email: [email protected] Jeffrey Weekley Director of Cyberinfrastructure & Research Computing Organization: UC Merced Email: [email protected]

NSF Program (either CC or CICI): CC - · PDF fileNSF Campus Cyberinfrastructure PI and Cybersecurity Innovation for Cyberinfrastructure PI Workshop NSF Program (either CC or CICI):

Embed Size (px)

Citation preview

Page 1: NSF Program (either CC or CICI): CC - · PDF fileNSF Campus Cyberinfrastructure PI and Cybersecurity Innovation for Cyberinfrastructure PI Workshop NSF Program (either CC or CICI):

NSF Campus Cyberinfrastructure PI and Cybersecurity Innovation for Cyberinfrastructure PI Workshop

NSF Program (either CC or CICI): CC

Project Title: CC* Networking Infrastructure: Building a Science DMZ Network for UC Merced

October 3-4| Albuquerque, New Mexico

PI: Suzanne S. Sindico-PIs: Nicola Lercari, Ashlie Martini, Thomas DeFanti, Michael Spivey

Program Area: Campus Cyberinfrastrc (CC-NIE)

Award Number: 1659210

Suzanne SindiAssistant Professor of Applied

MathematicsOrganization: UC Merced

Email: [email protected]

Jeffrey WeekleyDirector of Cyberinfrastructure & Research ComputingOrganization: UC MercedEmail: [email protected]

Page 2: NSF Program (either CC or CICI): CC - · PDF fileNSF Campus Cyberinfrastructure PI and Cybersecurity Innovation for Cyberinfrastructure PI Workshop NSF Program (either CC or CICI):

NSF Campus Cyberinfrastructure PI and Cybersecurity Innovation for Cyberinfrastructure PI Workshop

October 3-4, 2017 | Albuquerque, NM

Campus-wide Scientific Impact:

• GB-TB Data storage and transfer

• Computational portability

• Streamlined Analysis

• Real-time visualization

• CogSci, Mathematics, Engineering, Physics, Chemistry, Biology, World Heritage, Social Sciences, Public Humanities

Solution(s) or Deliverables: Build a dedicated Science DMZ Network• 10-100Gbps throughput dedicated to

research traffic

• Topologically distinct from but supported by the NGN Network (production network)

• Fully instrumented w/ network measurement tools (perfSONAR)

• Dedicated Data Transfer Nodes (FIONAs) for Faster Data end-to-end

Challenge or Approach: UC Merced lacks a dedicated Science DMZ Network• Campus production network ill-suited

for data intensive research

• Current security model hampers big data movement

• Networked data collaboration requires repeatability, predictability and robustness to succeed

Metadata tag: High-speed Networking

• https://it.ucmerced.edu/high-speed-networking/

• Pacific Research Platform, ready!

• Multi-disciplinary

• High-impact for women and minority students (67% of undergrads)

• Leverages previous NSF support (Award ACI-1429783)

Building a Science DMZ at UC Merced

Company:

Project:

Drawing Name:

Author(s):

Colloborators:

Date:

University of California, Merced

High Performance Research / Science DMZ

HPR Edge Router Design Revision: 4 08‐September‐2017

Nathan Bremmer

Nathan Bremmer (UCM), Al Espinoza (UCM, Michael Allen (Brocade)

Cenic EdgeCisco 4900m

CENIC DC(Sac/Triangle Court)

CENIC HPR (Sac/Triangle Court)

PAN0

UCM_Core_0(MLXe‐16)

UCM_Core_1(MLXe‐16)

UCM DC Edge 1BrocadeMLXe‐4

UCM HPR Edge 1

Brocade MLXe‐8

ucm‐fiona00.ucmerced.edu ucm‐Perfsonar00.ucmerced.edu

PAN1

Load Balancer

Load Balancer is required to translate to and from IPv4/

IPv6 as not all HPR locations will be running 100% IPv6.

We are exploring the possibility of using our existing Palo 

Alto firewalls for this function, otherwise it will require the 

purchase of a new F5 load Balancer.

NetworkDistribution

Center

wave.ucmerced.edu (Head Node)

COB2_195C_4Kave_Agg0(Brocade ICX‐7750)

COB2_195c_WAN_Agg0(Dell X‐4012)

COB2_Local_Render_Agg(Dell X‐4012)

wave.dtn.ucmerced.edu (Primary Transfer Node)

ICX‐7750 and the Dell 4012 switches will need to be replaced 

because they do not support 100G speeds. The recommended 

product is the Brocade Data Center switch model SLX‐9140/

9540 

wave01.ucmerced.edu (Render  Node)

wave02.ucmerced.edu (Render  Node)

wave03.ucmerced.edu (Render  Node)

wave09.ucmerced.edu (Render  Node)

wave06.ucmerced.edu (Render  Node)

wave10.ucmerced.edu (Render  Node)

wave07.ucmerced.edu (Render  Node)

wave04.ucmerced.edu (Render  Node)

wave05.ucmerced.edu (Render  Node)

wave08.ucmerced.edu (Render  Node)

Modular ResearchCenter #1

Modular ResearchCenter #2

Modular ResearchCenter #3

ModularDC_CoreClusterMLXe‐8

Cluster Storage

Merced Cluster