Bandwidth capacity:
The LCG backbone has a capacity of 960Gbps. The connections to the Tier1s have a aggregated
capacity of 90Gbps.
The GPN backbone has a capacity of 80 Gbps. The firewall is 20Gbps and can be upgraded up to
80Gbps. GPN and LCG are connected with 40Gbps uplink.
The connectivity to the research backbones is 10Gbps and provided by Geant2, Abilene, Esnet;
the connectivity to the general purpose Internet is 300Mbps and provide by three ISP (Colt,
Level3, Global Crossing).
Security:
Network security is undergoing major changes.
The CERN main firewall, that protects the whole site from the global Internet, has been updated
in order to be able to handle the increased traffic and to deal with daily policy updates. The
hardware is now capable to handle at least 20Gbps. A new software framework for the
management of the whole system is in the final test phase.
New policies and filtering points have been deployed in order to protect the different domains at
CERN one from the other, especially the most vital systems.
All the plugs to the network are now secured, with checking the credentials of the machines and
of the users that try to connect.
Monitoring:
The network monitoring is now managed by a single system, Spectrum. It collects all the data and
traps from all the CERN's network equipment, and it can proxy these information to external
system, like the LHCOPN's Perfsonar and Monalisa.
Manageability:
Standardization has been put in place wherever possible, included in the networks of the
experiments that now rely on the standard services. Procedures for new installations and faults
isolation and repair have been simplified and standardized, thus increasing the intervention time
and the overall reliability.
157
Page1
Page156
Page158
Page177