August 15 2016 Operations PY 9 Planning Greg

August 15, 2016 Operations PY 9 Planning Greg Peterson Operations Director gdp@utk. edu

Operations 2

PY 9 Project and L 2 KPIs - Operations Goal Subgoal Provide reliable, Sustain the Ecosystem efficient, and secure infrastructure Sustain the Ecosystem Metric Level Metric Name Project KPI Provide excellent user Project KPI support Provide reliable, Sustain the Ecosystem efficient, and secure infrastructure L 2 KPI Provide excellent user Sustain the Ecosystem L 2 KPI support 3 Mean composite availability of core services (%) Mean time to ticket resolution (hours) Hours of downtime with direct user impacts from an XSEDE security incident Mean rating of user satisfaction with tickets closed by the XOC Target 99. 9% < 16 hours 0 hours 4. 5

PY 9 Priorities • Office (2. 4. 1) • Coordination of Operations activities, reporting, reviews • Cybersecurity (2. 4. 2) • Vulnerability scanning and mitigation • Incident Response and Operational security • Operate XSEDE CA, CI Logon Service, Kerberos Realm • Maintain CA trust repository • DTS (2. 4. 3) • Maintain DTS services (e. g. , perf. Sonar, DNS, Gridftp logging, maddash) • Monitor Internet 2 and Globus Online performance • XOC (2. 4. 4) • Provide user support • Monitor central services • Sys. Ops (2. 4. 5) • Maintain and monitor XSEDE enterprise services • Deploy VMWare cluster and AWS instances 4

What’s New or Changing in PY 9 New: • DTS will identify candidate new data transfer protocols and methods as potential alternatives to Grid. FTP-based data transfer • DTS will define and share likely use case scenarios for any new protocols and methods • Sys. Ops hybrid cloud deployment • Sys. Ops will develop new/better reporting tools for RT metrics 6

What’s New or Changing in PY 9 Changing: • Security and XSO leadership • Results of CUI analysis could change risk assessments • DTS will work with Internet 2 to improve metrics collected across new XSEDEnet L 3 VPN topology • XOC leadership 7

What’s New or Changing in PY 9 Discontinued: • DTS completed activities to implement scalable architecture for XSEDEnet connectivity • DTS completed activities to implement IPv 6 over XSEDEnet 8

PY 8 ± 5% Exercise 5% Increase impacts: • Security can do additional audits/reviews, more in-depth risk assessment • DTS would put more effort into evaluating alternate data transfer options • XOC would provide additional effort for help desk, developing/maintaining procedures and documentation • Sys. Ops would increase effort for AWS certification/training and security training 9

PY 8 ± 5% Exercise 5% Decrease impacts: • Security would have less effort (slower response) for policies/standards; cease efforts on federated intel sharing • DTS would reduce efforts for improved metrics collection from Internet 2 • XOC would reduce effort in monitoring central resources and reduce effort in developing/maintaining procedures and documentation • Sys. Ops would decrease travel funds (i. e. , fewer attending PEARC) 10

PY 9 Publications Being Considered • Paper on Operations overview to help document transition (2. 4. 1) • ML/NLP results on automated ticket classification/routing (2. 4. 1) • Policies updated (2. 4. 2) • LUG 2019 paper and tutorial (2. 4. 3) • Paper on multisite virtual organization infrastructure management (2. 4. 5) 11

Recommendations Being Addressed in PY 9 • Risk Assessment/Cyber program review – Mapping of NIST 800 -171 controls for CUI (controlled unclassified information) data to XSEDE policies (2. 4. 2) – [NSF review panel] • Migration to cloud services (AWS) and enhanced VMWare migration support (2. 4. 5) – [NSF review Panel] 12