Www.monash.edu.au Myles Fenton January 2008 Monash Internet service 2008.

Slides:

Advertisements

Similar presentations

Inter WISP WLAN roaming

Advertisements

Fred P. Baker CCIE, CCIP(security), CCSA, MCSE+I, MCSE(2000)

IPv4 to IPv6 Migration strategies. What is IPv4  Second revision in development of internet protocol  First version to be widely implied.  Connection.

NextGen Wireless Steven Bourque (IST). Overview Introduction Current Wireless Issues Access Point (AP) Hardware Controller Hardware Campus Design Redundancy.

CMPE 150- Introduction to Computer Networks 1 CMPE 150 Fall 2005 Lecture 25 Introduction to Computer Networks.

Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.

Network Asset Management at Jefferson Lab Bryan Hess, Andy Kowalski, Brent Morris,

Wireless and Switch Security NETS David Mitchell.

Presented by Serge Kpan LTEC Network Systems Administration 1.

1 13-Jun-15 S Ward Abingdon and Witney College LAN design CCNA Exploration Semester 3 Chapter 1.

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.

Technology Update TSAG Meeting 11/14/02. Announcements: Spam Open Forum  Monday November 18, 2pm-3pm  OV Presentation Room Campus Operations Center:

Wireless Network Security Lab Last Update Copyright 2011 Kenneth M. Chipps Ph.D.

Firewall and Proxy Server Director: Dr. Mort Anvari Name: Anan Chen Date: Summer 2000.

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

Mr. Mark Welton.  Three-tiered Architecture  Collapsed core – no distribution  Collapsed core – no distribution or access.

Thick v Thin Access Points Lab Last Update Copyright 2014 Kenneth M. Chipps Ph.D.

1 Enabling Secure Internet Access with ISA Server.

4 Network Hardware & Software Network Operating systems: software controlling traffic on the network 2 types of s.ware: server software &client software.

Firewalls CS158B Don Tran. What is a Firewall? A firewall can be a program or a device that controls access to a network.

Alison Davis and Peter Kurtz Port Based Network Authentication in a Lab Environment QUESTNet 2000.

BY- NIKHIL TRIPATHI 12MCMB10.  What is a FIREWALL?  Can & Can’t in Firewall perspective  Development of Firewalls  Firewall Architectures  Some Generalization.

Campus Firewalling Dearbhla O’Reilly Network Manager Dublin Institute of Technology.

CECS 5460 – Assignment 3 Stacey VanderHeiden Güney.

1 October 20-24, 2014 Georgian Technical University PhD Zaza Tsiramua Head of computer network management center of GTU South-Caucasus Grid.

1 Raiders of the lost Arp Customer A Broadband 1.5 Mbps aDSL ISP Network Edge ISP Network Edge Set-top device converts IP into Video Signal for TV Every.

Lab How to Use WANem Last Update Copyright 2011 Kenneth M. Chipps Ph.D. 1.

CTSP TRAINING Router 101 And Networking Basics. You Don’t Need Internet Access to Run or Connect your devices to an Ethernet switch or Router Enable DHCP.

Network Devices.

DHCP Security DHCP Snooping and Security David Mitchell 03/19/2008.

1 Second ATLAS-South Caucasus Software / Computing Workshop & Tutorial October 24, 2012 Georgian Technical University PhD Zaza Tsiramua Head of computer.

1 LAN design- Chapter 1 CCNA Exploration Semester 3 Modified by Profs. Ward and Cappellino.

Overview of Microsoft ISA Server. Introducing ISA Server New Product—Proxy Server In 1996, Netscape had begun to sell a web proxy product, which optimized.

University of Palestine Faculty of Applied Engineering and Urban Planning Software Engineering Department INTRODUCTION TO COMPUTER NETWORKS Dr. Abdelhamid.

NETWORK COMPONENTS Assignment #3. Hub A hub is used in a wired network to connect Ethernet cables from a number of devices together. The hub allows each.

Update on Campus Networks December 2009 Bruce Campbell Director, Network Services Information Systems and Technology.

Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.

VolNet2 Bill White Network Services. September 20, 2004OIT Fall Staff Meeting Why Volnet2? Based on the Security Assessment findings Insecure protocols.

1 Network-level Security at UVa Jim Jokl Common Solutions Group January 2006.

Web Application for Mobile access to students exam Information.

Network Components By Cameron Baker.

CRICOS No J a university for the world real R Queensland University of Technology CRICOS No J Case Study of Internet Access at QUT Rod Swile.

Queensland University of Technology CRICOS No J Internet Access and QUT Presented by: Peter Kurtz February 2008.

Internet Access Services (IAS) – Managing the University’s Internet Costs.

1 Interview Questions - What is the difference between TCP and UDP? - What is Nagle's Algorithm? - Describe the TCP handshaking process. - What is Slow.

Internet Traffic Management and Accounting at UNSW David Rees Senior Network Engineer.

CRICOS Provider Code: 00113B Internet Traffic Management and Accounting at Deakin University QUESTnet & AARNet Workshop Brisbane – August 2012 Paul Fikkers.

By the end of this session, you will: Understand the term Bandwidth Learn of the different ways we can communicate on a network. Know how we connect to.

Networking Components William Isakson LTEC 4550 October 7, 2012 Module 3.

 In the 1960s, ARPANET (Advanced Research Projects Agency Network), the internet’s predecessor, was invented  ARPANET used two technologies that are.

“End to End VoIP“ The Challenges of VoIP Access to the Enterprise Charles Rutledge VP Marketing Quintum Technologies

Mr C Johnston ICT Teacher BTEC IT Unit 09 - Lesson 09 Network Services.

HOW TO GUIDE: INEXPENSIVE INTERNET PROTOCOL TELEPHONY SOLUTION Created by: Cameron Adkisson Eastern Kentucky University

Firewalls Definition: Device that interconnects two or more networks and manages the network traffic between those interfaces. Maybe used to: Protect a.

Different Traffic Management Techniques for Mobile Broadband Networks

Optical-Based Switching Solutions

Internet and Intranet.

Wireless Modes.

Internet and Intranet.

Lecture # 7 Firewalls الجدر النارية. Lecture # 7 Firewalls الجدر النارية.

Design Unit 26 Design a small or home office network

Firewalls Purpose of a Firewall Characteristic of a firewall

Network Models, Hardware, Protocols and number systems

Firewalls Jiang Long Spring 2002.

Internet and Intranet.

By Seferash B Asfa Wossen Strayer University 3rd December 2003

Internet and Intranet.

Presentation transcript:

Myles Fenton January 2008 Monash Internet service 2008

2 Proxy what? Monash has been running an Internet service for staff and student Internet access since the early 1990’s. For security, auditing and billing purposes Monash has directed staff and student Internet traffic via a ‘proxy’ server farm.

3 The current problem…the business drivers Monash runs gigabit ethernet to every edge port. Monash has a dual gigabit connection to the Internet. The proxy farm has an ever increasing load which is gradually causing performance degradation and this can make the internet appear ‘slow’. The proxy farm is on 4 year old hardware which needs refreshing.

4 The new Internet service for 2008 Solution objective: to continue to provide fast authenticated internet access to the Monash community. The solution: Wire speed Internet authentication and auditing hardware The Cisco SCE hardware is Redundant, highly available and offers 4Gb/s switching with layer 7 packet inspection at micro second latency

5 new Internet service for 2008 New Look Authentication… 2. New web authentication for wired computers: 3. New authentication for wireless 1. Current proxy authentication:

6 new Internet service for 2008 Browser settings the monash proxy.pac needs to be removed

7 new Internet service for 2008 New access New IP range for direct internet access move to public IP’s

8 new Internet service for 2008 Server subnets – IP addresses Staff IP addresses Commercial IP addresses Research IP addresses Wireless ,768 IP addresses VOIP ,768 IP addresses Students ,768 IP addresses IP authentication User authentication

9 new Internet service for 2008 new Internet authentication exemption: (previously mandatory proxy exemption “MPA exemption”) > User Auth IP Auth NetClass:

10 new Internet service for 2008 Internet billing: Introduction of “un-quoated” downloads for Research & Education locations (“on-net”).

11 new Internet service for 2008 Internet logout…why? So when the next person users the computer, they are asked to authenticate and their Internet usage is tracked against their username not yours. Internet logout in the staff environment

12 new Internet service for 2008 Internet logout in the student computer lab environment is the windows/Novell and Linux/MacOSx session logout.

13 new Internet service for 2008 Internet logout in the wireless environment is controlled by disconnecting from the wireless network.

14 Time frames Friday January New service available on x.y staff and x.y student and wireless networks. ITS Service desk support start and ITS public web pages available Monday 25 February 2008 (start of semester) Some faculties will have done the IP migration for student labs and re-imaged the computer labs with the logout settings. Some faculties will have migrated their staff networks. 30 June 2008 Faculties are asked to have migrated their staff and students by mid year. ITS will be encouraging faculties to migrate as early as possible. Existing socks and web proxy farm to be switched off and decommissioned. 20 December 2008 Fall back date for decommissioning web and socks proxy service.

15 Questions? FAQ located at:

16 new Internet service for 2008 Improved Control …. Internet users can be placed into profiles. Each profile can allow/deny certain applications at pre defined speeds

17 new Internet service for 2008 Usage Control… Student usage could? be shaped with weekly quota allocations to curb inappropriate use.