NCSA wiki will be offline Friday, Apr 19, 2024, from 1600 hours until Sun, Apr 21, 2024 in order to upgrade Confluence.
Blue Waters Supercomputer
Blue Waters is the largest and fastest system ever developed for the National Science Foundation. It has served thousands of engineers, scientists and educators across the nation over the past few years, in particular, those who scientists with unique jobs that can't be served by other systems. With tens of thousands of nodes and 450 Gbps of external WAN connectivity on an open network, Blue Waters presents a unique set of challenges to secure.
NCSA CyberSecurity team worked to redesign security from the ground up with this new system and the National Petascale Computing Facility during the 5 years going up to full operations. Using risk based methods to develop a new security program and architecture, we have achieved the gold standard of security in the community of NSF cyberinfrastructure being the first system to require two-factor authentication, designing and deploying one of the first 100Gbps network monitoring infrastructures with the Bro IDS, and testing many other security technologies at unprecedented scale.
Bro Network Security Monitor
NCSA and the International Computer Science Institute co-develop the Bro NSM with the work at NCSA being led by CyberSecurity's Adam Slagell. Bro provides a comprehensive platform for network traffic analysis, with a particular focus on semantic security monitoring at scale. While often compared to classic intrusion detection/prevention systems, Bro takes a quite different approach by providing users with a flexible framework that facilitates customized, in-depth monitoring far beyond the capabilities of traditional systems. With initial versions in operational deployment during the mid ‘90s already, Bro finds itself grounded in more than 20 years of research. For more information, see the Bro Overview and our promotional document, Why Choose Bro?
Center Cyber-protection
Cybersecurity at NCSA provides for the protection of the center's digital assets and those of key partners through the many services we provide. We have a 24/7 incident response team that performs full digital forensics and coordinates with law enforcement and other institutions. Preventative security is provided by our vulnerability management program, risk assessments & security architecting, automatic blocking, and more. We run over 60 servers to provide the monitoring, logging and other security services, including one of the largest production Bro clusters in the world. The CyberSecurity division is also responsible for training staff, notifying reliant parties of new vulnerabilities, creating policies and much more security awareness work. Finally, we participate in several organizations and maintain collaborations with XSEDE, CERN, and others in the community.
XSEDE Federation
XSEDE is a federation of service providers and virtual organizations that have come together to bring high-performance computing to scientists at research institutions across the U.S. The mission of XSEDE is to enhance the productivity of scientists and engineers by providing them with new and innovative capabilities and thus facilitate scientific discovery while enabling transformational science/engineering and innovative educational programs.
The XSEDE project is led out of NCSA, and the security operations team in particular is co-led by NCSA CyberSecurity director Adam Slagell and Jim Marsteller at PSC. Jim Basney of NCSA's CyberSecurity division is also the security lead for XSEDE's Software Development and Integration division, driving many of the IdM and security projects like the single-sign-on hub and Duo two-factor authentication integration.