...
- In special circumstances, especially for Cornell-owned hardware, they can be put consider putting them on Cornell's "GreenNet" (ethernet)
- ChemIT's networks are reserved for systems managed by ChemIT
- Configuration, Active Directory log-in (enforcing p/w strength and consequences), patching oversight, anti-virus oversight.
...
Recommendations/ |
| Boot 1 | Boot 2 | Host | Guest | Network: | Notes | ||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Option 1 | Windows | Debian | N/A | N/A | GreenNet | Easiest to set up. | ||||||
| Option 2 | Windows | When Debian, but only run as a boot OS when h/w performance needed: . | Windows | Debian, from Boot 2 installation partition. Run Debian this way, unless need h/w performance. | ChemIT: FreedNet, if Windows is indeed usually running. | Doable? Cost-effective, time-wise? | ||||||
| Option 3 ? |
|
|
|
|
| Windows | Debian | N/A | N/A | ChemIT: FreedNet | Easiest to set up. | |
| Option | Windows | Debian | N/A | N/A | ChemIT: Public IP | Easiest to set up. |
Specifics
OSes
John responsible for dual-boot capabilities. Can pull all networking info from Windows OS's configuration.
...
No VPN required to print or access CIT SFS file shares.
ChemIT network
In general, these networks are reserved for systems managed by ChemIT.
- Configuration, Active Directory log-in (enforcing p/w strength and consequences), patching oversight, anti-virus oversight.
- A secure configuration for desktops includes not running server-like software (like SSH).
- ChemIT responsible for the security of these networks.
The Freed research network has strong protections, by both a Strong protections by router and ACLs.
- Does not permit in-bound SSH to desktop.
Systems in the ChemIT network are more vulnerable to each other than from outside-the-network systems.
- Thus, must exert efforts to prevent situations in which a single compromised system becomes a launching-point to all the other systems on that same network.