Re: Closed Network Implementation?

[Michael Sinatra <michael () RANCID BERKELEY EDU>]

On 03/08/13 12:56, Mike Iglesias wrote:
> On 03/08/2013 11:27 AM, Michael Sinatra wrote:
> > Doing it on smaller network segments also allows you to separate research
> > traffic from administrative traffic and it makes it easier to build a Science
> > DMZ (http://fasterdata.es.net/science-dmz/).  You can delegate administrative
> > control of firewall contexts or virtual firewalls to departments, giving them
> > the responsibility--and authority--to further secure their systems.
>
> We're working on implementing a Science DMZ, which will be "outside" the
> firewall.  There's a grant you can apply for to help defray the cost of
> implenting it, which we plan on doing.  I believe the grant is thru NSF.

Yep, the grant is called CC-NIE and I encourage UCI and other EDUs to
submit proposals.  There's also a Science DMZ mailing list which you can
join:

https://listserv.es.net/mailman/listinfo/sciencedmz

Note that CC-NIE grants are for more than just building a Science DMZ,
but Science DMZ can be one of the components of the proposal (and is
specifically called out in the CFP here):

http://www.nsf.gov/pubs/2013/nsf13530/nsf13530.htm

michael