"Once it was on the backbone, it could move unfettered across the entire infrastructure to all their collaborators."
"The hardest part was convincing the IT teams this is a secure way," says Cotter. "CIOs are not going to get fired with a researcher saying 'my data is moving slowly'. But they will get fired if they have a major compromise, a security breach."
He says the ScienceDMZ was a "pragmatic approach" as it gave the researchers the performance they need without having to upgrade the entire campus infrastructure.
"It allows an institution to support high performance scientific applications by applying security policies appropriate to research data, not the complicated, performance sapping security measures required to protect business servers and desktop applications."
REANNZ selected Juniper Networks EX3300 Ethernet Switch as the endpoint for NZGL's zero loss firewall link. Cotter explains Juniper's EX3300 switch is built to data centre operational standards, which are a more demanding specification than needed for access switches put in wiring closets. "Essentially, it is a cost-effective device that that can handle 10-Gigabit Ethernet connections at wire speed—without dropping packets."
"One of the things I have found, a lot of organisations, parts of their networks are not constructed out of high quality equipment," says Lindsay. "We were very adamant with REANNZ that we want Tier 1 provider equipment."
"We did not state we required Juniper but they came up with a Juniper solution and we were really happy with that," says Lindsay. "Part of the attraction of the science DMZ is being able to do things around how network traffic is directed and so we've also embraced the concept of software-defined networking (SDN) as something we will leverage in the future."
Having a vendor with a strong SDN roadmap was important, says Lindsay.
Lindsay says a partial science DMZ has been implemented, with genetic researchers at the University of Otago as its first end users, and is working with other research groups to get connected to the system in upcoming months. "We want to have these arrangements in place with all of the major customers of NZGL," says Lindsay.
Cotter says NZ Genomics was the first organisation in New Zealand to give the Science DMZ concept much thought and apply it.
He says other organisations have asked REANNZ to look at their architecture to see if a similar system can be deployed. "It is definitely generating a lot of interest.
"We have to find ways to remove roadblocks to collaboration with our international partners," he explains. Embracing data intensive science "is critical to our ability to be competitive as a nation".
Sign up for Computerworld eNewsletters.