Providing effective and non-intrusive security within NERSC’s Open
Science HPC environment introduces a number of challenges for both
researchers and operational personnel. As what constitutes HPC expands
in scope and complexity, the need for timely and accurate decision
making about user activity remains unchanged. This growing complexity
is balanced against a backdrop of routine user and application
attacks, which remain surprisingly effective over time.
This presentation describes current efforts at NERSC to maintain
system integrity without getting in the way of the science being done
here. These efforts include network monitoring, 2 factor
authentication as well as ssh and host based data analysis"