2002 - cesnet

More documents

Recommendations

Info

If our capacity allows, we would like to experimentally open a part of the systemto third parties, which is, moreover, closely related to the aforementionedpossibility of generating FAQ outputs.Also, we would like to concentrate on issues concerning the transfer of oldrecords/requests into archives in order to speed up searching for up-to-dateinformation.192 High-speed National Research Network and its New Applications <strong>2002</strong>
19 Security of Local CESNET2NetworksCESNET2 consists of a number of standalone local networks containing computerswith various operating systems. Ensuring the security of a large heterogeneousnetwork brings about great demands for the work capacity of theiradministrators, and it is known that especially large university networks oftenhave insufficiently secured machines. The objective of the second year of thisproject was to make the unenviable job of administrators easier by providingthem with the access to the security audit technology, a system for detectingunauthorized accesses to the network, and a system for an unconventional fightagainst network viruses and hackers.19.1 Security AuditDuring 2001, we started running the NESSUS program, which can be freely distributedwithin the GNU licence, under the Linux operating system (kernel 2.4,Debian, RedHat, and SuSE distributions) at all three workplaces. The programperforms the actual network security audit – in the graphical or line mode(running the program in the graphical mode is more user-friendly). NESSUS allowsselection of the audit category (only safe or also potentially unsafe tests),detailed selection of individual security tests, scanning of TCP and UDP portsincluding the range, specification of the maximum number of simultaneouslytested machines, etc. New security tests are published regularly on the NESSUSFTP server (ftp.nessus.org) and can be downloaded from this location automatically.All machines that are to be tested within one NESSUS session have a commonconfiguration file. If the machines need to be tested using different types oftests, the tested machines can be divided into several groups and their auditscan be run separately. To facilitate the program control and distribution of results,we have added the following functions:• inspection of machines in a protected network and reporting of differencesfrom the last detected status (Front End program)• distribution of the audit results to appropriate persons (PTS, BackEnd)• other auxiliary functions (results sending – REP, results decoding – DEC)Based on the requirements of administrators of the CESNET network in Dejvice,the WebBackEnd (WBE) was created, as well. This program significantly simplifiedaccess to the audit results: the results are no longer sent to individualadministrators by e-mail as in the BE program, but they are published by theHigh-speed National Research Network and its New Applications <strong>2002</strong>193
Page 1 and 2:
2002High-speed NationalResearch Net
Page 3 and 4:
Table of Contents1 Introduction 92
Page 5 and 6:
6.4.3 Support of Special Events. .
Page 7 and 8:
14.3 Cisco ICM Software . . . . . .
Page 9 and 10:
1 IntroductionThe report presented
Page 11 and 12:
2 Brief SummaryThe research plan ti
Page 13 and 14:
men. We designed the basic concept
Page 15 and 16:
2.4 Other ProjectsThe objective of
Page 17 and 18:
3 Operation of CESNET2During 2002,
Page 19 and 20:
Canarie622 MbpsESNET622 MbpsGÉANT/
Page 21 and 22:
central network core routers with t
Page 23 and 24:
The existing logical topology of mu
Page 25 and 26:
The logical core topology anticipat
Page 27 and 28:
Within the informative part, we req
Page 29 and 30:
3.6 Statistical Traffic Analysis3.6
Page 31 and 32:
Figure 3.8: Influence of time step
Page 33 and 34:
Praha-Plzeň, 2.5 GbpsPraha-Ústí
Page 35 and 36:
CESNET2-GÉANT, 1.2 Gbps (october)C
Page 37 and 38:
Part IStrategic Projects
Page 39 and 40:
4 Optical Networks and theirDevelop
Page 41 and 42:
US (TeraGrid with backbone 4 × 10
Page 43 and 44:
ApplicationMiddlewareHigh bandwidth
Page 45 and 46:
4.2.2 User InterfaceSubscribers (me
Page 47 and 48:
ers will move and that other types
Page 49 and 50:
GermanyCheb10 G34 MPlzeňGÉANT 622
Page 51 and 52:
It is also possible to implement th
Page 53 and 54:
Chemical Technology and PASNET, we
Page 55 and 56:
Manufacturerwww.accton.comwww.actio
Page 57 and 58:
particularly based on the fact that
Page 59 and 60:
0101 NRZlaserMach-ZendermodulatorED
Page 61 and 62:
Cisco ONS 15201boosterfiber 130 kmC
Page 63 and 64:
5 IP version 6Further expansion of
Page 65 and 66:
5.2.1 IPv6 Network TopologyFor the
Page 67 and 68:
Missing in this list are especially
Page 69 and 70:
5.2.7 Connecting End Site NetworksI
Page 71 and 72:
5.4 IPv6 User Services and Applicat
Page 73 and 74:
sible reprogramming of functions, a
Page 75 and 76:
IPBIpb_0HFEHfe_1SORSor_0LUPLup_0RQR
Page 77 and 78:
As regards our router on the PC pla
Page 79 and 80:
the activities of our project. In 2
Page 81 and 82:
6 Multimedia Transmissions6.1 Objec
Page 83 and 84:
scaling is considerably restricted;
Page 85 and 86:
Figure 6.1: Modified program for sh
Page 87 and 88:
6.3.5 Direct Support for Pilot Grou
Page 89 and 90:
programs which control the integrat
Page 91 and 92:
Figure 6.4: Example of broadcast fr
Page 93 and 94:
Figure 6.5: Set of tuners and serve
Page 95 and 96:
and transfer the solution to an ope
Page 97 and 98:
The actual computing capacity of Me
Page 99 and 100:
7.1.2 Information ServicesMetaCentr
Page 101 and 102:
Figure 7.1: Grid nodes for SC2002an
Page 103 and 104:
(December 2002). This was one of th
Page 105 and 106:
the use of 158 processors). When we
Page 107 and 108:
8 Voice Services in CESNET2The proj
Page 109 and 110:
Figure 8.1: Number of phone calls i
Page 111 and 112:
VoGWs of members involved in the pr
Page 113 and 114:
connection and compare the features
Page 115 and 116:
• Extensive possibilities for the
Page 117 and 118:
H.323 WorldSIP PhoneMS Messengerand
Page 119 and 120:
ation with students at the Strahov
Page 121 and 122:
9 Quality of Service in HighspeedNe
Page 123 and 124:
In addition, Juniper routers make u
Page 125 and 126:
We tried to divide the capacity of
Page 127 and 128:
low with respect to the capacity of
Page 129 and 130:
Figure 9.10: Loss rate on Prague-Po
Page 131 and 132:
sendingapplicationTCP senderseqackp
Page 133 and 134:
Figure 9.13: Example of a course of
Page 135 and 136:
Part IIInternational Projects
Page 137 and 138:
10 GÉANTSince 1996, CESNET has bee
Page 139 and 140:
Figure 10.2: Utilization of individ
Page 141 and 142: 11 DataGridSince 2001, our research
Page 143 and 144: Therefore, we organized a meeting w
Page 145 and 146: 12 SCAMPISCAMPI (Scaleable Monitori
Page 147 and 148: 12.3.1 WP0 - Requirement AnalysisTh
Page 149 and 150: 1 6 12 18 24 30requirements analysi
Page 151 and 152: Part IIIOther Projects
Page 153 and 154: 13 Online Education Infrastructurea
Page 155 and 156: 13.1.2 Construction of a Teleinform
Page 157 and 158: with high-capacity disk memories co
Page 159 and 160: If the collaboration of individual
Page 161 and 162: ten, whereas items in the hyperlink
Page 163 and 164: Besides that, we processed some lec
Page 165 and 166: CallManager was designed using open
Page 167 and 168: tre, when we were forced to handle
Page 169 and 170: 15 Intelligent NetFlow AnalyserThe
Page 171 and 172: In the second half-year, we complet
Page 173 and 174: 15.4 ConclusionDuring 2002, our tea
Page 175 and 176: • data space consolidation (easy
Page 177 and 178: ecord size [kB] 256 512 1024 2048 4
Page 179 and 180: Figure 16.3: Nishan-Linux measureme
Page 181 and 182: 16.3.1 No SecurityThe initiator is
Page 183 and 184: vices. These features mainly involv
Page 185 and 186: Figure 17.1: www.cesnet.cz• We ha
Page 187 and 188: The meeting was broadcast live via
Page 189 and 190: Most of the problems connected with
Page 191: Standard manipulator (privileged us
Page 195 and 196: Moreover, the program was complemen
Page 197 and 198: in the network of AV ČR Praha-Krč
Page 199 and 200: 19.5 Future Plans, Expected Further
Page 201 and 202: InternetNTPEthernetKPCPPSLabelPPSLa
Page 203 and 204: generated by the NTP server. Its ou
Page 205 and 206: 21 Platforms for Streaming andVideo
Page 207 and 208: streaming serverAAA (LDAPS) server1
Page 209 and 210: 21.5 Video Content CollaborationPla
Page 211 and 212: First of all, we had to define an a
Page 213 and 214: international-scale broadcast will
Page 215 and 216: Part IVConclusion and Annexes
Page 217 and 218: 23 ConclusionThe current developmen
Page 219 and 220: AList of connected institutionsA.1
Page 221 and 222: institutionconnection [Mbps]Institu
Page 223 and 224: Karásek Miroslav, Ing., DrSc. Czec
Page 225 and 226: Voral Pavel, Ing.Voříšek Martin,
Page 227 and 228: Burčík J.: Optické přepínání
Page 229 and 230: Veselá S.: Aktivity sdružení CES
Page 231 and 232: Krsek M.: Platformy pro streaming m
Page 233 and 234: Zatloukal K., Křivánek V.: Videok
Page 235 and 236: Satrapa P.: Scavenger: Za Internet
show all

2002 - cesnet

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?