Presentation is loading. Please wait.

Presentation is loading. Please wait.

Requirements of a Network

Published byElisa Carneiro Canedo Modified over 6 years ago

Similar presentations

Presentation on theme: "Requirements of a Network"— Presentation transcript:

1

2 Requirements of a Network
Good working relationship with IT Secure location for antenna and receiver Uninterrupted power Capability to log on remotely

3 The SC RTN We manage the accounts in-house We have a user fee
We have one type of subscription Have application and user agreement online

4 The South Carolina Real Time Network
NCSP NCHE NCSH NC77 NCMR NCPO NCRO NCLU NCWH NCSL GACC Built in 2006/ We are in the third generation of software. We are using our second set of servers. Operate using VMWare and virtual servers. SC Real Time GPS Network (SC RTN) SC RTN comprises 53 base stations continuously collecting and transmitting GPS data SC RTN provides real-time corrections, via cell phones, to users in the field operating GPS equipment Users in the field provided with real-time coordinates and elevations accurate to foot 471 Subscribers to the SC Real Time Network include, but are not limited to: Registered Professional Land Surveyors and Engineers Geographic Information System (GIS) Professionals Federal, State, County and Municipal Planners SCDOT and SCDOT Contractors using GPS Machine Control for Road Construction The Army Corps of Engineers SCHA Legend HEIGHT MODERNIZATION STATION Located at non-SCDOT site SCEB HEIGHT MODERNIZATION STATION Located at SCDOT site PROPOSED SITE

5 The SC DOT Thirty six receivers All assigned an internal 10. address
Data streams to the SCDOT headquarters SLA between the two offices VPN between SCDOT and ORS server farm

6 Other Locations Educational facilities Municipal Buildings
Colleges, Technical Colleges Municipal Buildings Court Houses, Public Works facilities, Pump Houses, State Port Authority, State Offices Fire Departments Each facility was unique. Some use inhouse IT. Others, like the Fire Departments, have contracted ISP and IT services.

7 Network Configuration First Generation
We are using virtual servers, VMWare. Probably one of the first to do this in the US back in 2006/ Was cheaper for us and more flexible.

8 Network Configuration Second Generation

9 Receiver Trimble NetR9

10 Firewalls and Protection
Servers are not in the same domain as the rest of the SCGS and ORS. The DMZ was set up to operate as a Workgroup. In the first generation, there were three non-SC DOT sites operating with public IP addresses. With the transition to the second generation, IT as those sites either changed or became more diligent and the addresses were NATed (Network address translation). The firewall has permissions established for the NATed address and the port. The permission allows two way communication since the servers on our end initiate the “call” for data from the reference stations. This is made from one server, the GPStream. In the first generation, each of the three servers initiated a call for data, thus three times the traffic on the network. From the SCGS end, the system administrators have access provided to the network using vSphere Client. If I perform system updates or load firmware after hours, I use a Cisco application to establish a secure link to the ORS intranet, and remotely log onto my workstation at my office. Here I am able to log onto each of the servers, or, to the GPStream server and then to each of the reference stations.

11 Static IP Address For security reasons, we need to have DHCP turned off. Firewalls are configured for a specific address which may not be provided with a power loss and DHC reassigning a new address to the device.

12 IO and HTTP Some IT administrators will not allow you to have a web server operating on http using port 80. Here you can assign a port and enable https. Firewall permissions for the data are allowed for a specific IP address and port.

13 Password Protection

14 The Situation SCGS was contacted by an  IT contractor working for a municipality that hosts one of our base stations. The IT contractor had received an from the IT service provider stating that a device, identified by our specific IP address, had been used to create false requests for data. The “requests” appeared to be from the target of a cyber-attack but were actually generated through the NTP server of the GNSS receiver. The small amount of data used to create the requests in turn generates an exponentially larger amount of data directed at the target. Upon notification from the IT provider, the IT contractor disconnected our device from the municipality’s network. SCGS remotely disabled the NTP server at one of our functioning base stations. SCGS has learned that the affected receivers were identified and exploited by a malicious search program. All SCGS receivers are now operating as NTP client only with the NTP server disabled. 

15 First true Security problem we have encountered

16 Closing The security of a network goes back to having a great cooperation with your local IT department.  Building that alliance is instrumental in offsetting type of cyber attack to a network.  The idea here is that attacks happen 24 hours a day on a network. 

17 South Carolina Geodetic Survey
Thank-you! Matt Wellslager South Carolina Geodetic Survey 5 Geology Rd Columbia, SC 29212

Download ppt "Requirements of a Network"

Similar presentations

Presented by Brad Jacobson The Publisher on the Web Exploiting the new online sales channels.

Presented by Brad Jacobson The Publisher on the Web Exploiting the new online sales channels.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
Mission Statement SC Height Modernization Status In the NGS Database (Height Mod Project) In progress Proposed.

Mission Statement SC Height Modernization Status In the NGS Database (Height Mod Project) In progress Proposed.
Network and Server Basics. 6/1/20152 Learning Objectives After viewing this presentation, you will be able to: Understand the benefits of a client/server.

Network and Server Basics. 6/1/20152 Learning Objectives After viewing this presentation, you will be able to: Understand the benefits of a client/server.
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
Hardware Firewalls: Advanced Feature © N. Ganesan, Ph.D.

Hardware Firewalls: Advanced Feature © N. Ganesan, Ph.D.
Lesson 18-Internet Architecture. Overview Internet services. Develop a communications architecture. Design a demilitarized zone. Understand network address.

Lesson 18-Internet Architecture. Overview Internet services. Develop a communications architecture. Design a demilitarized zone. Understand network address.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Phishing – Read Behind The Lines Veljko Pejović

Phishing – Read Behind The Lines Veljko Pejović
A Guide to major network components

A Guide to major network components
Introduction to the Secure SMTP Server service. Secure SMTP server is a secure, reliable SMTP mail relay server for your outgoing mail. Secure SMTP service.

Introduction to the Secure SMTP Server service. Secure SMTP server is a secure, reliable SMTP mail relay server for your outgoing mail. Secure SMTP service.
Windows Server 2008 Chapter 8 Last Update 2012.05.31 1.0.0.

Windows Server 2008 Chapter 8 Last Update
Hands-On Microsoft Windows Server 2008 Chapter 8 Managing Windows Server 2008 Network Services.

Hands-On Microsoft Windows Server 2008 Chapter 8 Managing Windows Server 2008 Network Services.
1 © 2006 Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Using the Cisco Technical Support & Documentation Website for Security.

1 © 2006 Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Using the Cisco Technical Support & Documentation Website for Security.
Getting Connected to NGS while on the Road… Donna V. Shaw, NGS Convocation.

Getting Connected to NGS while on the Road… Donna V. Shaw, NGS Convocation.
 2013, Infotecs ViPNet Technology Advantages.  2013, Infotecs GmbH In today’s market, along with the ViPNet technology, there are many other technologies.

 2013, Infotecs ViPNet Technology Advantages.  2013, Infotecs GmbH In today’s market, along with the ViPNet technology, there are many other technologies.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.
Mission Statement SC Height Modernization Status In the NGS Database (Height Mod Project) In progress Proposed.

Mission Statement SC Height Modernization Status In the NGS Database (Height Mod Project) In progress Proposed.
Network Operating Systems versus Operating Systems Computer Networks.

Network Operating Systems versus Operating Systems Computer Networks.
1 Chapter Overview Using the New Connection Wizard to configure network and Internet connections Using the New Connection Wizard to configure outbound.

1 Chapter Overview Using the New Connection Wizard to configure network and Internet connections Using the New Connection Wizard to configure outbound.

Similar presentations

Ads by Google