Presentation is loading. Please wait.

Presentation is loading. Please wait.

Clique/Trust Solution Suitable for Level 2 Grid. Trusted Host Database Remote database of IP addresses, port ranges etc. Accessible by firewall administrators.

Published byLogan Andersen Modified over 10 years ago

Similar presentations

Presentation on theme: "Clique/Trust Solution Suitable for Level 2 Grid. Trusted Host Database Remote database of IP addresses, port ranges etc. Accessible by firewall administrators."— Presentation transcript:

1 Clique/Trust Solution Suitable for Level 2 Grid

2 Trusted Host Database Remote database of IP addresses, port ranges etc. Accessible by firewall administrators Secure access Quickly propagate changes Compatible with future developments Has access control for VO-level access restrictions

3 Access Method Web interface Certificate based access Access Controls GridSite !

4 Database Structure Updating via VO management tools (such as LeSCs VOM) Also could update via XML-based user database (in development at CLRC DL) Create static web pages accessible from the web

5 Changes to database Additions to a particular VOs allowed list should be moderated Removal of IP addresses should propagate as quickly as possible Firewall administrators must be prompted to inspect the web pages when changes have been made

6 Pros and Cons Quick solution Secure Uses existing applications May result in lengthy firewall rule tables All participating sites must be secure – no weak links Changes to the firewalls need to be made quickly Cant cope with roaming users – no DHCP etc.

7 Conclusions Good solution for more static Level 2 grid Bad solution for dynamic, roaming user grid – how about a VPN?

Download ppt "Clique/Trust Solution Suitable for Level 2 Grid. Trusted Host Database Remote database of IP addresses, port ranges etc. Accessible by firewall administrators."

Similar presentations

Module 13: Implementing ISA Server 2004 Enterprise Edition: Site-to-Site VPN Scenario.

Module 13: Implementing ISA Server 2004 Enterprise Edition: Site-to-Site VPN Scenario.
Static Routing Exercise AFNOG 2003/ Track 2 # 1 Static Routing Exercise u Unix network interface configuration u Cisco network interface configuration.

Static Routing Exercise AFNOG 2003/ Track 2 # 1 Static Routing Exercise u Unix network interface configuration u Cisco network interface configuration.
Virtual LANs.

Virtual LANs.
A “Dynamic” Firewall Jon Hillier Oxford University/ eScience Centre.

A “Dynamic” Firewall Jon Hillier Oxford University/ eScience Centre.
Firewall Simulation Teaching Information Security Using: Visualization Tools, Case Studies, and Hands-on Exercises May 23, 2012.

Firewall Simulation Teaching Information Security Using: Visualization Tools, Case Studies, and Hands-on Exercises May 23, 2012.
Module 5: Configuring Access for Remote Clients and Networks.

Module 5: Configuring Access for Remote Clients and Networks.
Wireless and Switch Security NETS David Mitchell.

Wireless and Switch Security NETS David Mitchell.
Hardware Firewalls: Advanced Feature © N. Ganesan, Ph.D.

Hardware Firewalls: Advanced Feature © N. Ganesan, Ph.D.
MCDST 70-271: Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 14: Troubleshooting Remote Connections.

MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 14: Troubleshooting Remote Connections.
Beth Johnson April 27, 1998. What is a Firewall Firewall mechanisms are used to control internet access An organization places a firewall at each external.

Beth Johnson April 27, What is a Firewall Firewall mechanisms are used to control internet access An organization places a firewall at each external.
IST 228\Ch5\IP Routing1. 2  Review of Chapter 4 Start the router simulator. You will see the prompt Router>. This is the user mode prompt. Change the.

IST 228\Ch5\IP Routing1. 2  Review of Chapter 4 Start the router simulator. You will see the prompt "Router>". This is the user mode prompt. Change the.
1 © 2001, Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Cisco Easy VPN Solutions Applications and Implementation with Cisco IOS.

1 © 2001, Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Cisco Easy VPN Solutions Applications and Implementation with Cisco IOS.
Static VS Dynamic websites. 1-What are the advantages and disadvantages? 2- Which one should you choose and why?

Static VS Dynamic websites. 1-What are the advantages and disadvantages? 2- Which one should you choose and why?
Windows Server 2008 Chapter 8 Last Update 2012.05.31 1.0.0.

Windows Server 2008 Chapter 8 Last Update
Hands-On Microsoft Windows Server 2008 Chapter 8 Managing Windows Server 2008 Network Services.

Hands-On Microsoft Windows Server 2008 Chapter 8 Managing Windows Server 2008 Network Services.
MiVoice Office v6.0. 2 MiVoice Office v6.0 is mainly a service enhancement release, rather than a user feature rich enhancement release.

MiVoice Office v MiVoice Office v6.0 is mainly a service enhancement release, rather than a user feature rich enhancement release.
Internet/Intranet firewall security – policy, architecture and transaction services Written by Ray Hunt This presentation will Examines Policies that influence.

Internet/Intranet firewall security – policy, architecture and transaction services Written by Ray Hunt This presentation will Examines Policies that influence.
© 2012 Cisco and/or its affiliates. All rights reserved. 1 CCNA Security 1.1 Instructional Resource Chapter 10 – Implementing the Cisco Adaptive Security.

© 2012 Cisco and/or its affiliates. All rights reserved. 1 CCNA Security 1.1 Instructional Resource Chapter 10 – Implementing the Cisco Adaptive Security.
TOSIBOX LOCK security options 1 1.

TOSIBOX LOCK security options 1 1.
Course 201 – Administration, Content Inspection and SSL VPN

Course 201 – Administration, Content Inspection and SSL VPN

Similar presentations

Ads by Google