I don't see the problem Henry. The Site manager is the individual who
has overall responsibility for the operation of a Site, not the
operation of the institute. At RAL we do not control the firewall but we
have a process for requesting and justfying the opening of ports.
I haven't read every line of the document, is there something that
causes a problem?
John
> -----Original Message-----
> From: Testbed Support for GridPP member institutes
> [mailto:[log in to unmask]] On Behalf Of Henry Nebrensky
> Sent: 16 September 2005 15:20
> To: [log in to unmask]
> Subject: Re: VO Boxes - there will be a GridPP position on
> this discussion
>
> On Fri, 16 Sep 2005, Alessandra Forti wrote:
>
> > Hi,
> >
> > a VObox security policy document has been released today.
> >
> > https://edms.cern.ch/document/639856/
> >
> > Since it will be part of the discussion at the operation
> workshop, any
> > comment is apreciated.
>
> "2 Definitions
> A Site is a set of Grid Services provided by an institute.
> ...
> The Resource Administrator of a site is the person
> responsible for providing and maintaining a Grid Resource or
> Grid Service at that site.
> The Site manager is the individual who has overall
> responsibility for the operation of a site."
> ^should be 'S'?
>
> I think this is too simplistic - it may be that at large
> Sites the "Site manager" has enough clout to decide e.g.
> which ports should be open and to/from where, but at smaller
> sites (like Brunel) we have to get clearance from higher up.
> (Maybe in some sense we're only "Resource Administrators")
>
> So in practice we'd have to take the completed questionnaire
> to someone in our Institute's CS dept. anyway, and the
> situation is still basically that
>
> > >
> --------------------------------------------------------------------
> > > - Experiments/VOs wishing to operate services on hosts
> inside Brunel
> > > University's network and/or externally visible within the
> > > brunel.ac.uk domain must apply in writing to the head to
> Computer Services here.
> > >
> --------------------------------------------------------------------
> > > --
>
> except that we're acting as the middleman, with the obvious
> inefficiencies that implies.
>
> Thanks
>
> Henry
>
> --
> Dr. Henry Nebrensky [log in to unmask]
> http://people.brunel.ac.uk/~eesrjjn
> "The opossum is a very sophisticated animal.
> It doesn't even get up until 5 or 6 p.m."
>
|