High performance computing (HPC) aggregates multiple resources to solve complex and computationally intensive applications. Using parallel processing, high-speed networks, and parallel file systems, HPC systems quickly and reliably process enormous amounts of data.
As with enterprise data centers, HPC environments have strenuous security requirements to actively defend the network and the data. However, HPC systems have the added challenge of providing these safeguards without any performance degradation. This secure and performant HPC system can be implemented effectively and efficiently using a multi-layer security model.
Together with scalability, performance, reliability, and ease of management, PanFS is delivering on security by safeguarding data with a layered defense approach. PanFS facilitates extensive, performant, and cost effective security policies with Security-Enhanced Linux (SELinux) per-file security label support enabling SELinux and Multi-Level Security (MLS) policies.
PanFS defends the data layer with a fully managed KMIP-compliant hardware-based encryption-at-rest implementation working closely with well-established enterprise key management solution providers including Thales. PanFS also reinforces the perimeter layer with fine-grained filesystem access control lists (ACLs). The result is that PanFS delivers security and safeguarding of customer data with zero performance impact at multiple layers enabling defense in depth security implementations.
Adding to its rich attribute model history, PanFS DirectFlow provides SELinux security labels support quickly and efficiently. Used with SELinux and Multi-Level Security (MLS), Panasas enables security at the policies level.
PanFS supports Access Control Lists (ACLs), filtering access on each file and directory. Providing more granular control over which user accounts can execute which operations than traditional mode bits, Panasas delivers access control security at the perimeter layer.
Hardware-based with zero performance impact, PanFS delivers AES 256-bit encryption-at-rest and automatic cryptographic erasure through SED technologies. Fully managed and KMIP-compliant, Panasas is working with Thales TCT and Thales CPL to provide a tested and validated integrated solution with CipherTrust Manager ensuring security at the data layer.