The 300 Leonidas Solution: A Group Project for SRA 221
Monday, December 8th, 2008This is the fruit of my SRA 221 teams’ labor during the fall semester of 2008. We developed an open source virtual security solution for an imaginary bank, but I really believe the idea might actually work.
Our security solution is dubbed, Leonidas, a.k.a Loadbearing Enterprise Operations over Network/Internet Distributed Architecture Systems. Our army of virtual machines (Leonidas1, Leonidas2, Leonidas3…Leonidasn) are called Spartans, a.k.a Scalable Performance Analysis and Resource Tuning Application Nodes. Our team member, Brian Reitz, came up with this acronym during a shower the week before we presented and demoed our solution. Check out slide 7 for an illustration.
The ideal environment for our Leonidas solution would have 30-40 virtual machines running on a single mainframe. System resources would be dynamically adjusted depending on the processing power that a particular virtual machine would require for its tasks.
For a proof of concept, we used Virtual Box, a virtualization software, and created cloned copies of a master Ubuntu machine loaded with:
- Kerberos
- OpenLDAP
- OpenSSH
- Xvnc
- NTP-Server
- Active Directory
- DHCP
- Snort
- Firestarter
Getting all of these services to work in cooperation with one another was difficult challenge, but ultimately, we managed to get a majority of them running successfully. Originally we wanted to create an internal network, but our we never overcame several networking issues with our Ubuntu machines. The Ubuntu box was not able to communicate with any other machine on the network, but a Windows box on the same network successfully pinged the Ubunutu box. The Windows machine oddly enough could also see the ICMP packets traveling on the network.
The team recently invested in 4 Cray CX1 supercomputers, which will be shipping from the factory in a couple days.
Kudos to Albert Chen, Brian Reitz, Renee Stepler, and Anastassia Ioujanina for a great semester project.