Network Security

Unless you have a expressed a wish to the contrary, your system is only available by logging onto the front end server. The compute nodes are configured using private LAN addresses which are completely invisible to the Internet or your other networks. In addition a network firewall and tcp wrappers package is enabled by default. The default access is to allow unlimited access between the compute nodes and the front end server. Access from the external network to the front end server is restricted to Secure Shell logins.

Additionally the compute nodes are all able to access the external network. e.g to send mail or set clocks using your time servers, mount external network file systems etc.

This configuration provides a high degree of security against unauthorised use and network break ins. Should you wish to modify your firewall, please consult the appropriate section in the System Administration chapter.