UK GRID Firewall Workshop

1
UK GRID Firewall Workshop

• Matthew J. Dovey
• Technical Manager
• Oxford e-Science Centre

2
Background

• Making the Grid Work in a Computing Services
  Environment (1 May 2002) proposed a series of
  workshops to address specific issues.
• First of these to considered use and maintenance
  of firewall within a GRID Environment
• Focus on implementations suitable for Globus
  within a Level 2 Grid (L2G) framework
• Also consider WebServices/GRIDServices
• Open invitation to the UK e-Science community,
  network administrators and firewall
  administrators
• More than 50 people attended.

3
Purpose

• To bring together developers of the UK e-Science
  Grid and computing service providers
• To enable the technical support community and
  e-Science/Grid community to exchange ideas and
  networking/firewall information
• To produce a coherent set of recommendations for
  firewall configuration and maintenance for the
  U.K. Level 2 Grid
• To identify practical workable solutions for use
  with the Grid.

4
Agenda

• Morning - presentations
• Introduction to part of GLOBUS relating to use of
  firewalls - Andrew McNab
• Introduction to Web Services as they relate to
  use of firewalls - Matthew Dovey
• A Dynamic Firewall - Jon Hillier
• A Clique/Trust Firewall - Jon Hillier
• Firewall Configurations - Jon Hillier
• GRID and VPNs Matthew Dovey
• Afternoon
• Break out and discussions

5
Firewall Solutions Presented

• Clique GRID Trust based
• Dynamic Firewall
• VPN (IPSec) Tunnelling

6
Break-out Discussion Issues - 1

• Does the solution offer the required security for
  the GRID projects?
• Are there inherent security weaknesses of the
  solution which would make it less suitable?
• How effective would the solution be for a level 2
  GRID?
• Is the solution scalable beyond a level 2 GRID?
• Would the solution still be valid in protecting a
  GRID based on GridServices or WebServices?

7
Break-out Discussion Issues - 2

• Would the solution still be required for a GRID
  based on GridServices or WebServices?
• Are there technical problems with the solution
  which would affect its use in GRID projects?
• Are there technical problems with the solution
  which would affect its adoption at an
  institution?
• Is the solution consistent with current security
  policies in place at institutions or in GRID
  project?
• Will the solution remain consistent with future
  security policies?

8
Closing Discussion

• Clear responsibility of system administrators of
  Grid resources attached to the Grid and awareness
  of issues and risks associated with the Grid.
• Distinction between network firewalls protecting
  a site and host-based firewalls running on Grid
  resources
• Should each site aim to provide a dedicated
  gatekeeper system?
• A DNS based system should be examined for
  providing a trusted source of Grid IP addresses.
• Develop Clear guidelines for how a secure Grid IP
  address host operates
• Clients are seen as a weak link in the Grid
  security framework - sites may be unwilling to
  provide access for them without knowledge of
  their security credentials.

9
Recommendations

• Trusted host (clique) server is acceptable to
  most sites
• Short term not scalable
• Needs to be securely managed and maintained
• Initial step to provide all Level 2 GRID sites a
  list of IP address and port ranges
• Dynamic firewall may be more scalable and secure
  for host-based firewalls.
• Hybrid host - static IP addresses and dynamic
  firewall - provide an operational Level 2 GRID
  quickly.
• VPN is a longer term possibility using
  off-the-shelf technology, but interoperability
  issues between the current VPN solutions prevent
  this being a short term option