In its default configuration, the Red Hat HPC Solution treats one Network interface of the installer node as a public interface on which it imposes a standard firewall policy, while other interfaces are treated as trusted, private interfaces to the cluster nodes. While this can be easily adopted to the customer's preferences, it is the recommended network topology for an installation of the Red Hat HPC Solution. It provides clear separation of the public network from the private cluster-internal network(s). In that topology, the installer node acts as a gateway and firewall, protecting the cluster nodes. This allows a relaxed set of firewall and security settings within the private cluster network, while still maintaining secure operations.

Please consider the installation notes below, when planning your network topology.

For improved security, Red Hat recommends enabling the firewall on the external interfaces of the installer node and maintaining a clean separation between the public networks and the private cluster network. Also customers are advised that optional monitoring tools like Nagios®, Cacti®, or ntop disclose details of the network topology and are only accessible to authorized users over a secure connection. Red Hat recommends to use the encrypted https protocol rather than plain http connections for these services.