Improving Data Mobility & Management for International Climate Science

Use Internet2 SiteID

Already have an Internet2 SiteID?
Sign in here.

Internet2 SiteID

Best practices for Securing the Science DMZ

Time 07/16/14 09:20AM-09:40AM

Room GC402

Session Abstract

The Science DMZ model is a widely deployed and accepted architecture allowing for movement and sharing of large-scale data sets between facilities, resources, or institutions.
In order to help assure integrity of the resources served by the science DMZ, a different approach should be taking regarding
necessary resources, visibility as well as perimeter and host security. Based on proven and existing production techniques
and deployment strategies, we provide an operational map and high level functional framework for securing a science DMZ utilizing a “defense in depth” strategy including log aggregation, effective IDS filtering and management techniques, black hole routing,
flow data and traffic baselining.


Speaker Nicholas Buraglio Energy Sciences Network (ESnet)

Presentation Media

media item thumbnail Securing the Science DMZ

Speaker Nicholas Buraglio Energy Sciences Network (ESnet)