UCSF IT has a substantial body of Amazon Web Services (AWS) that are available and offered under the title Secure Enterprise Cloud (SEC). The SEC is comprised of a core platform of services that integrate the AWS cloud into the UCSF network as well as the security tools needed to deliver a secure computing environment. Using the cloud services available under the SEC allows you to conduct your cloud-based research needs in a safe and secure way.
Services
1. SEC Core Platform Account: The Core Platform is provided via a separate AWS account/Azure Subscription provisioned for departments and labs who have staff to support their own IT and infrastructure needs. Individuals who wish to use the SEC Core Platform must access their cloud console from the UCSF network. If you are a department wishing to access compute resources for your cloud or hybrid architecture or to provide a cloud based secure service, or if you are a lab looking to develop custom computing pipelines, this may be the option for you. This account is secured according to UCSF policy for sensitive data. Access is granted using UCSF single sign-on and restricted to individuals who have an active directory account. This type of account is provisioned for departments and labs who have staff to support their own IT and infrastructure needs. For more information from UCSF IT and how to gain access to services on this platform, Request a Consult.
This may be the option for you if you are:
- A department wanting to access compute resources for your cloud or hybrid architecture
- A department wanting to provide a cloud-based secure service
- A lab looking to develop custom computing pipelines
2. Research Analysis Environment: UCSF's Research Analysis Environment (RAE) is a secure data hosting and compute service for UCSF researchers and their internal or external collaborators. RAE provides research teams with a professionally managed, secure, collaborative environment in which to manage files containing sensitive data and is available to all UCSF students, faculty, staff, and any non-UCSF collaborators who are sponsored by a member of our community. RAE also provides remote desktop capability with applications that allow investigators to view, manipulate, and save their data entirely in a protected environment without requiring files to be stored on their own computers. The RAE Cloud has both storage and compute options available and is built on the SEC Core Platform.
This may be the option for you if:
- You have research needs where technical staff may not be available
3. Storage Gateway Service: The Storage Gateway Service is a network file service that delivers a network file share to the subscribing department or lab. This file service is backed by AWS S3 storage in the SEC Core Platform. Files stored in Gateway File Share have access controlled by the Active Directory. The file gateway service presents a file share inside the UCSF Network, accessible via on-premise and VPN to EC2 instances in the AWS Secure Enterprise Cloud. Storage Gateway Service is available to researchers under RAE and directly under UCSF IT for all other cases. Costs are passed through directly to the department and are set by AWS.
This may be the best option for you if:
- You have cold storage, large files, images or archive files
- You are migrating data to AWS for access by EC2 instances
Directions
- Review the current cloud options at UCSF.
- For advice on developing a cloud-based application, request a consult here.
- To request an UCSF Secure Enterprise Cloud AWS account, request a consult here.
- To request a product or feature, use this form.
Support
For any questions or additional support, please contact the cloud team at [email protected].