Nordic Optical Telescope

Text Size:
Smaller Text Normal Text Larger Text


Follow us on Twitter

next up previous contents
Next: Infrastructure Up: AiC Report to NOT Previous: Instruments


Jacob Clasen & Markku Verkkomieni report:

The interrim plan for the computer system before the new system administrator arrived was to provide a consistent user home directory environment combined with new deployment of the mail and WWW services, all in a network secured by firewalls. All in that order.

A hacker incident in March forced a revision of this plan. The new philosophy became that without a secure network, the implementation of the oter items would possibly be impaired by future attacks. Therefore, the construction of a firewall protection was given highest priority.

With the arrival of the new system administrator, the interrim plan was enhanced and elaborated. The current plan is roughly divided into the following 5 phases:

Phase 1
Network infrastructure & Security.
To establish a protected network.
Two firewalls to protect the SLO network and the ORM network.
Two Virtual Private Network (VPN) machines to establish a tunnel between the ORM and the SLO networks so that private services can be provided in a secure manner across the Internet (i.e. the network link from ORM to the SLO).

Phase 2
Home directories and data storage.
To provide homedirectories and instrument data storage with data loss protection.
On the ORM: one RAID 1+0 storage system that provides home directories and instrument data storage via NFS.
At the SLO: one RAID 5 storage system that provides home directories via NFS.
These two systems will be syncronized in order to contain the same home directory content.

Phase 3
Data recording.
To provide a CD-ROM storage system for high data volumes.
At the ORM, a CD-ROM jukebox of 240 CD-ROM's controlled by a suitable host computer will be provided for CD-ROM production.

Phase 4
Computing services.
To provice new and enhance exsisting services.
Migration of the web server to a different computer.
Implementation/enhancement of the following services: mail, DNS, FTP, printing, IMAP, DHCP, NTP, NIS, NFS, logging and WebMail

Phase 5
To finalize implementation of the plan in a way that a normal day-to-day maintanaince state of the system is obtained.

At the time of writing, phase 1 is completed and phase 2 is ready to be implemented. The main components for phase 3 has been identified and purchase have been approved.

next up previous contents
Next: Infrastructure Up: AiC Report to NOT Previous: Instruments

Tim Abbott, AiC

Back to top Last modified: 16-Aug-2002