It is 18 months or so since the C&IT Committee approved in principle the move to a "default deny" policy at the edge of the University network. This session will review the technical and operational issues surrounding that decision. It will also describe some of the progress there has been towards implementing it both within EUCS and in other Departments. Security issues are wide ranging and it is expected there will be some opportunity for discussion and digression according to the attendees' interests.
Slides available in HTML at http://www.ucs.ed.ac.uk/~ercm20/netsec2002/
I will describe how we have approximately one thousand PCs running three "managed desktop" distributions, based on either MS Windows 95 or 98SE. The three independently controlled distributions include fifty hardware bases, one hundred applications, fifty printer drivers and one hundred printer queues. The historical and continued close cooperation with the Faculty Group and Library will be shown to have been instrumental in bringing this project to fruition. I will present our system build and update mechanisms, as well as how we deliver the "user experience" of the system. A general brief on the benefits and problems we have encountered with such "managed desktops" will be given, along with some ideas for future developments.
Slides available in PDF from here.
University wide provision and consumption of data for the automation of platform administration and management. Case study: The Universal Username dataset.
Slides available from web site here.