Hi, we are currently in discussion with our local network security people about the plan to make certain data accessible to outside scientists via ftp - this implies that the host running the ftp daemon runs with their ethernet ports inside a dmz. On the other hand, all NSD access is through IB (and should stay that way). The biggest concerns are around the possible intrude from that ftp host (running as GPFS client) through the IB infrastructure to other cluster nodes and possible causing big troubles on the scientific data. Did anybody here has similar constrains and possible solutions to mitigate that risk ?
best regards, Martin _______________________________________________ gpfsug-discuss mailing list gpfsug-discuss at spectrumscale.org http://gpfsug.org/mailman/listinfo/gpfsug-discuss
