Presentation is loading. Please wait.

Presentation is loading. Please wait.

The travelling physicist problem at the KFKI campus József Kadlecsik KFKI Research Institute for Particle and Nuclear Physics

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "The travelling physicist problem at the KFKI campus József Kadlecsik KFKI Research Institute for Particle and Nuclear Physics"— Presentation transcript:

1 The travelling physicist problem at the KFKI campus József Kadlecsik KFKI Research Institute for Particle and Nuclear Physics kadlec@sunserv.kfki.hu

2 Background Five independent research institutes sharing a common backbone network: KFKI Atomic Energy Research Institute KFKI Research Institute for Particle and Nuclear Physics Research Institute for Technical Physics and Materials Science Research Institute for Solid State Physics and Optics Institute of Isotopes and Surface Chemistry

3 Access control Redundant stateful packet filter at the border Only gateway machines available from outside on given service port(s) Outgoing client access is not limited (usually) Proxies, reflectors: VRVS reflector running H.323. Gatekeeper & proxy, planned VNC reflector, planned

4 Central services DNS service (delegated domains) Time service SMTP gateways, POP/IMAP, mailing lists Campus web server, webmail CA, planned Hosting: Grid cluster (50 CPU, 2TB)

5 Central SMTP service Three redundant mail gateways Postfix MTA + amavis + McAfee virus scanner Body checking for “dangerous” content Spam filtering Outgoing E-mail is not forced trough the mail gateways

6 No central... User management File service POP/IMAP service – but centralized IMAP support via webmail

7 One-way travelling Lack of big experimental equipment – physicists hosted occasionally Institute members travel regularly: CERN, US labs, fusion labs (Garching, JET), etc. Exception: cluster for Grid Planned Tier-2 center Planned access control via packet filtering and/or using PKI

8 Guests Temporary accounts opened From the accounts they have as much right as the local users Use local resources lightly, mostly to get access to their home institute

9 Access from outside The gateways are available only over: Telnet – will be closed down in April Ssh POP/IMAP – will be closed down in April POP/IMAP over SSL/TLS Floating licence servers from selected places SMTP AUTH access over SSL/TLS planned for travelling physicists, ADSL and cable modem users Password authentication

10 Specialized tools Webmail: main internal IMAP servers are available from outside over HTTPS No VPN support yet

11 Internal informations Informations are usually available freely to anyone: Addresses Phone book E-mail addresses Organizational informations Internal mailing lists and archives are protected

12 Supporting travellers Travelkit, available from the web: Putty binary Complete installation, configuration and erasing instructions in Hungarian Carrying hardware-autodetecting CD-based Linux system (Knoppix) suggested, CD image available from the web ADSL/cablemodem users are regarded as anyone outside (SMTP AUTH is a missing bit)

Download ppt "The travelling physicist problem at the KFKI campus József Kadlecsik KFKI Research Institute for Particle and Nuclear Physics"

Similar presentations

Caltech Proprietary Videoconferencing Security in VRVS 3.0 and Future Videoconferencing Security in VRVS 3.0 and Future Kun Wei California Institute of.

Caltech Proprietary Videoconferencing Security in VRVS 3.0 and Future Videoconferencing Security in VRVS 3.0 and Future Kun Wei California Institute of.
... Objective 1. 2. e-mail 3. Internet Working ISP TOT, TT&T, CAT,SAMART Dial up ADSL Leased Line Satellite.

... Objective Internet Working ISP TOT, TT&T, CAT,SAMART Dial up ADSL Leased Line Satellite.
Site report for KFKI RMKI Piroska Giese HEPiX ‘99 meeting at RAL 14-16 April.

Site report for KFKI RMKI Piroska Giese HEPiX ‘99 meeting at RAL April.
Physics Network Integration Chris Hunter. Physics network team Chris Hunter : Network Manager David Newton : Network Support Technician Room DWB 663 Phone.

Physics Network Integration Chris Hunter. Physics network team Chris Hunter : Network Manager David Newton : Network Support Technician Room DWB 663 Phone.
Firewall Simulation Teaching Information Security Using: Visualization Tools, Case Studies, and Hands-on Exercises May 23, 2012.

Firewall Simulation Teaching Information Security Using: Visualization Tools, Case Studies, and Hands-on Exercises May 23, 2012.
Net security - budi rahardjo Overview of Network Security Budi Rahardjo CISCO seminar 13 March 2002.

Net security - budi rahardjo Overview of Network Security Budi Rahardjo CISCO seminar 13 March 2002.
Packet Analyzers, a Threat to Network Security. Agenda Introduction The background of packet analyzers LAN technologies & network protocols Communication.

Packet Analyzers, a Threat to Network Security. Agenda Introduction The background of packet analyzers LAN technologies & network protocols Communication.
Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.

Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.
Linux+ Guide to Linux Certification, Second Edition Chapter 14 Network Configuration.

Linux+ Guide to Linux Certification, Second Edition Chapter 14 Network Configuration.
Technology Update TSAG Meeting 9/12/02. Announcements: Mandatory Password Changes Coming in October! (Postponed) End of BootP (November 1) DNS Cleanup.

Technology Update TSAG Meeting 9/12/02. Announcements: Mandatory Password Changes Coming in October! (Postponed) End of BootP (November 1) DNS Cleanup.
Lesson 18-Internet Architecture. Overview Internet services. Develop a communications architecture. Design a demilitarized zone. Understand network address.

Lesson 18-Internet Architecture. Overview Internet services. Develop a communications architecture. Design a demilitarized zone. Understand network address.
Email Infrastructure Mark Rosenberg UCCSC. UCCSC – August 9, 2005 What is LBNL? A Department of Energy National Laboratory, operated by the University.

Infrastructure Mark Rosenberg UCCSC. UCCSC – August 9, 2005 What is LBNL? A Department of Energy National Laboratory, operated by the University.
Information Networking Security and Assurance Lab National Chung Cheng University Guidelines on Electronic Mail Security

Information Networking Security and Assurance Lab National Chung Cheng University Guidelines on Electronic Mail Security
Beth Johnson April 27, 1998. What is a Firewall Firewall mechanisms are used to control internet access An organization places a firewall at each external.

Beth Johnson April 27, What is a Firewall Firewall mechanisms are used to control internet access An organization places a firewall at each external.
Update and Discussions on Technology Initiatives TSAG Meeting 4/11/02.

Update and Discussions on Technology Initiatives TSAG Meeting 4/11/02.
Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
PKI Network Authentication Dartmouth Applications Robert Brentrup Educause/Dartmouth PKI Summit July 27, 2005.

PKI Network Authentication Dartmouth Applications Robert Brentrup Educause/Dartmouth PKI Summit July 27, 2005.
CT NIKHEF Nov 2003 1 Mail NIKHEF CT system support.

CT NIKHEF Nov Mail NIKHEF CT system support.
Remote Accessing Your Home Computer Using VNC and a Dynamic DNS Name.

Remote Accessing Your Home Computer Using VNC and a Dynamic DNS Name.
E-mail Technical Coordinators Meeting Chris Bongaarts Steve Siirila January 11, 2006.

Technical Coordinators Meeting Chris Bongaarts Steve Siirila January 11, 2006.

Similar presentations

Ads by Google