----- Original Message ----- | On Fri, 29 Oct 2010 06:54:07 -0700 (PDT) | "James A. Peltier" <[email protected]> wrote: | | > I was merely attempting to offer input as to why someone *might* | > require NFSv4. | | Fair enough but you haven't convinced me, how about ipsec, nfsv3, | authpf etc, but I'd still investigate sftps applicability first.
IPSEC was also considered. This lead to two points. First, we do not want to encrypt *everyones* traffic, only research labs with an increased data security requirement. Second, these people are not all in one location and not all people in one location have the requirement it was ruled out because of the number of possibilities for breakage. Take for example a lab that might have 150 machines. 20 of which are engineering, 50 of which are split across several different types of research labs and the remaining computing science labs. Now only 3 in engineering, 40 research labs and 1 in computing science request increased data security. Sure, I could setup those individual workstations with IPSEC clients but that becomes more difficult to maintain. Deploying this is also more difficult to maintain. I'm not saying it's not possible, just more difficult. To be honest, I'm not sure how AuthPF fits into this. Additionally, I'm not sure how it would fit into our HPC systems but if you could provide additional detail if might be an option for me to consider. As for SFTP or any other method that would duplicate data, I have already discussed why it is not a possibility. SSHFS *was and still is* a possibility but it was ruled out because of our HPC needs. -- James A. Peltier Systems Analyst (FASNet), VIVARIUM Technical Director Simon Fraser University - Burnaby Campus Phone : 778-782-6573 Fax : 778-782-3045 E-Mail : [email protected] Website : http://www.fas.sfu.ca | http://vivarium.cs.sfu.ca http://blogs.sfu.ca/people/jpeltier MSN : [email protected]
