The University of Reading Globus Gatekeeper

The ITS Globus Gatekeeper is a dedicated server currently running Globus 2.4.3 with the "fork" job manager. Other job managers (e.g Condor) will be added upon request. Its purposes are to:

• act as a single point of reference for all campus Globus servers wanting to access the external Globus Gatekeepers, and to
• act as a single point of reference for all external Globus Gatekeepers to access campus Globus servers through.

The purpose of this is so that there is only a single Globus firewall policy for the whole campus, no matter how many machines are running Globus. If your Globus machines want to pass the firewall to an external site they do it via our secured Gatekeeper rather than directly from your machine. Currently we have a firewall policy per machine running Globus. This will have little measurable performance impact on your use of Globus but will improve your security by making the managed and monitored IT Services gatekeeper the target for any exploits rather than your own.

Only users registered with IT Services may make use of the Globus Gatekeeper. If you wish to be one of these users you should contact the University e-Science Co-ordinator (s.m.gough@readingNOSPAMPLEASE.ac.uk) with your Globus certificate subject line and the username assigned to you by ITS. We will then get back to your with further instructions. To find out your certificate subject line, type this in the same directory as your certificate (here assumed to be called usercert.pem):

openssl x509 -subject -noout -in usercert.pem

This will return your subject line, for example:

subject= /C=UK/O=eScience/OU=Reading/L=ITS/CN=Globus User

-- SteveGough - 16 Mar 2004