DTF report Erez Etzion 78 ACCU Meeting December 5, 2007.

Slides:

Advertisements

Similar presentations

Module 13: Implementing ISA Server 2004 Enterprise Edition: Site-to-Site VPN Scenario.

Advertisements

File Server Organization and Best Practices IT Partners June, 02, 2010.

Departmental drop-in session. The Staff project has three main aims: 1.Provide a standard image for all Windows Machines 2.Consolidate user.

Impact of the Recent UC Denver Remote Computing Audit May, 2010.

1 Configuring Internet- related services (April 22, 2015) © Abdou Illia, Spring 2015.

Module 5: Configuring Access for Remote Clients and Networks.

Jeff Patton & Doug Whiteley It Service Group IT Roundtable July 15 th, 2009 Thin Clients & Terminal Services.

Understand Virtualized Clients Windows Operating System Fundamentals LESSON 2.4.

NICE Watch NICE Watch Synchronization module NICE Watch is a special module enabling synchronization of label production process with.

ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.

Terminal Services Terminal Services is the modern equivalent of mainframe computing, in which servers perform most of the processing and clients are relatively.

Faten Yahya Ismael.  It is technology creates a network that is physically public, but virtually it’s private.  A virtual private network (VPN) is a.

11 MAINTAINING THE OPERATING SYSTEM Chapter 5. Chapter 5: MAINTAINING THE OPERATING SYSTEM2 CHAPTER OVERVIEW Understand the difference between service.

11 MAINTAINING THE OPERATING SYSTEM Chapter 5. Chapter 5: MAINTAINING THE OPERATING SYSTEM2 CHAPTER OVERVIEW  Understand the difference between service.

Test Review. What is the main advantage to using shadow copies?

Bag – O – Bytes Brought to you by The FPB Help Desk X6322 VPN and Case Software Center Sept 8 th, 2004.

Using Skype For Business

Chapter 7: Using Windows Servers to Share Information.

VPN: An Easy Software / Appliance Solution for Remote Access Robert Gulick, EdD DBA/Technology Trainer Parma City School District

Introduction to VPN for MVS. Presented by Kevin D. Burney Computer Systems and Network Architect Office of the Vice Chancellor of Budget and Finance.

Tutorial 11 Installing, Updating, and Configuring Software

Microsoft Internet Security and Acceleration (ISA) Server 2004 is an advanced packet checking and application-layer firewall, virtual private network.

6.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 6: Administering User Accounts.

INSTALLING MICROSOFT EXCHANGE SERVER 2003 CLUSTERS AND FRONT-END AND BACK ‑ END SERVERS Chapter 4.

CERN’s Computer Security Challenge

1 Technology Coordinator Meeting Humanities 019 Friday, March 29, 2002.

Project Management Methodology Project Closing. Project closing stage Must be performed for all projects, successfully completed or shut off by management.

The Microsoft Baseline Security Analyzer A practical look….

PPD Computing “Business Continuity” David Kelsey 3 May 2012.

1 © 2004, Cisco Systems, Inc. All rights reserved. CISCO CONFIDENTIAL Support for Vista Unity 5.0(1)

Hands-On Microsoft Windows Server Introduction to Remote Access Routing and Remote Access Services (RRAS) –Enable routing and remote access through.

How to use Remote Desktop and Remote Support. What is remote desktop? Remotely control your computer from another office, from home, or while traveling.

1 CERN’s Computer Security Challenges Denise Heagerty CERN Computer Security Officer Openlab Security Workshop, 27 Apr 2004.

Remote Access Using Citrix Presentation Server December 6, 2006 Matthew Granger IT665.

1 Administering Shared Folders Understanding Shared Folders Planning Shared Folders Sharing Folders Combining Shared Folder Permissions and NTFS Permissions.

NETWORK OPERATING SYSTEM INTEROPERABILITY Jason Looney EKU, Department of Technology, CEN.

Chapter Six Maintaining a Computer Part II: Installing, Repairing, and Removing Applications.

2  Supervisor : MENG Sreymom  SNA 2012_Group4  Group Member  CHAN SaratYUN Sinot  PRING SithaPOV Sopheap  CHUT MattaTHAN Vibol  LON SichoeumBEN.

Remote Controller & Presenter Make education more efficiently

Use of CERN’s Computing Facilities Why is security important? What are the rules? HR Induction Programme.

Operating Systems & Information Services CERN IT Department CH-1211 Geneva 23 Switzerland t OIS Update on Windows 7 at CERN & Remote Desktop.

2.1 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 2: Examining.

1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved. CNIT 221 Security 2 ver.2 Module 8 City College.

Operational Circular No 5 Use of CERN Computing Facilities.

Computer Security Risks for Control Systems at CERN Denise Heagerty, CERN Computer Security Officer, 12 Feb 2003.

CERN - European Organization for Nuclear Research Beyond ACB – VPN’s FOCUS June 13 th, 2002 Frédéric Hemmer & Denise Heagerty- IT Division.

Virtual Private Network. ATHENA Main Function of VPN  Privacy  Authenticating  Data Integrity  Antireplay.

MICROSOFT TESTS /291/293 Fairfax County Adult Education Courses 1477/1478/1479.

Windows Terminal Services for Remote PVSS Access Peter Chochula ALICE DCS Workshop 21 June 2004 Colmar.

Managing Servers Lesson 10. Skills Matrix Technology SkillObjective DomainObjective # Using Remote DesktopPlan server management strategies 2.1 Delegating.

Virtual Private Network (VPN) 1. A corporation with multiple geographic sites can use one of two approaches to building a corporate intranet. – Private.

Labs. Session 1 Lab: Installing and Configuring Windows 7 Exercise 1: Migrating Settings by Using Windows Easy Transfer Exercise 2: Configuring a Reference.

Virtual Private Network Access for Remote Networks

Review of IT General Controls

Chapter 7: Using Windows Servers

Managing Windows Security

Office 365 Migration Your migration date: January 20,

Lab A: Planning an Installation

Affinity Depending on the application and client requirements of your Network Load Balancing cluster, you can be required to select an Affinity setting.

Application Layer Honolulu Community College

Objectives Differentiate between the different editions of Windows Server 2003 Explain Windows Server 2003 network models and server roles Identify concepts.

How to Fix Outlook Error 0x800cce05? For Assistance

Configuring Internet-related services

Erez Etzion / Chris Onions ACCU Meeting December 3, 2008

Setup Microsoft Office 365 &

CLOUD COMPUTING.

Windows Server Administration Fundamentals

The Move Towards Windows 10

Designing IIS Security (IIS – Internet Information Service)

Office 365 – How NOT to do it UKNOF43.

Presentation transcript:

DTF report Erez Etzion 78 ACCU Meeting December 5, 2007

Closure of VPN services Motivation – risk of worms Decision – discontinue on January 29 th 2008 Recommended modifications listed on the IT site (mail, internal web, DFS, Terminal services, SSH) In some cases the alternative working methods are less convenient and/or provide reduced performance compared to VPN. Windows DFS File synchronization is not possible from off-site without VPN. File transfer (including mapping a local disk to a WTS session) is possible. Remote installation of software was possible with VPN. This practice is not recommended therefore no alternative will be provided. Users must instead bring their computers physically to CERN. 78 ACCU MeetingDesktop Forum report, Erez Etzion2

Special cases.. If a case were to arise where VPN is vital for the mission of the organization and no alternative solution is available within the timescale, a temporary extension could possibly be maintained for the user concerned. This would require that the case is justified and supported by the user’s Department Head (or Deputy). The configuration of the device and working method of the user connecting to VPN would need to be agreed by a member of the security team in order to minimise the risk. 78 ACCU MeetingDesktop Forum report, Erez Etzion3 USER suggestion CISCO secured VPN access

78 ACCU Meeting4Desktop Forum report, Erez Etzion

Restrictions on running Skype P2P software at CERN The use of Skype P2P telephony software is NOT permitted at CERN. Article 4.1 of the Skype End User License Agreement allows computers running Skype to be used to route third party traffic. The algorithm which Skype uses to select these so-called "supernodes" appears to take account of bandwidth availability. We have seen in practice that computers running Skype at CERN become supernodes rather quickly. Its use is therefore not permitted within the CERN site.Skype End User License Agreement To our knowledge, other IP telephony products do not cause such problems, e.g. Microsoft Messenger included by default in Windows/XP (but note that you may need to upgrade to the latest version). Information for NICE users is available at 78 ACCU Meeting5Desktop Forum report, Erez Etzion NEWS - after a lot of effort there is good news. All has been agreed to allow the use of skype at CERN "as is" so with no support from CERN. This is waiting final approval by the office of the Department Head copied on this mail.