Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Networking

Lab Courses, FYPs, and Workshops Support

advertisement 
Lab Courses, FYPs, and Workshops Support
The linux hosts in Networking lab and NTEC lab were upgraded to CentOS 5.0 so that the lab
work in IEG3831, IEG3841, IEG7006, and summer workshops can catch up with the current technologies.
The guidelines in IEG3831 demo unit have been rewritten so as to give more hints for the students to debug
their lab works and hence reduce the corresponding courses loading. Old SCSI disks and UPS in
Networking lab have been renewed to ensure its stability for its lab course support. Two old servers in
NTEC lab has been renewed to ensure the continuous support of summer workshop and the PTMSC lab
course. For the preparation of the VoIP lab work, VoIP equipment and its software emulators have been
setup. Besides general computing purpose, IE Computing Lab also support the robot lab in the course
IEG1001, home networking lab in the course UGB2010N, and one FYP. Besides project lab, I2A lab has
supported two FYPs related to Multimedia rich applications which require special equipments for HDTV
capturing and transmission. Besides support students’ Playpen activities, Playpen Lab has supported the lab
work in course IEG4130, an MPhil Honeynet Project, and the WINDS project.
In order to gear up our students with better competitiveness in their future career development, a
13-week (total 20 hours) UNIX and Admin Script training course has been offered to all IE students,
including graduated students. 62 students have registered this training course and finally 4 students have
passed the final exam of this course and obtained the certificates of “Proficiency in UNIX and Admin
Script” issued by the IE department. According to our survey after this course, most students welcome this
course; however due to the heavy loading of their existing course works, most of them could not complete
the course.
Fig x.1 Computing Lab was packed with students
taking the UNIX training course
Fig x.2 Department Chair presented the UNIX course
certificate to the awarded students
Facilities Enhancement and Service Upgrade
In this year, there was a major upgrade in Research Labs network infrastructure. Now each
research lab has its own edge switch with Gigibit uplink and its own separate VLAN. This new network
infrastructure can significantly improve its network management and security incident handling. Now each
research lab can be more easily monitored, controlled, and debugged with its own separate VLAN. This
network infrastructure also facilities the contamination and damage control due to virus infection or
misconfiguration of network equipment by GA or RA.
Cisco Firewall Service Module (FWSM) has been deployed to protect internal servers or hosts.
Now Linux hosts in Computing Lab, iSCSI servers, high interaction client honeypots (Capture-HPC),
individual office hosts, and a Honeywall server are put in a private network behind this FWSM. Client
hosts in general office and a guest VLAN are also protected by this FWSM. Stress test on idle connection
has been tested in the FWSM. In order to smooth the installation of FWSM and internal private network
deployment, network routing and internal network DNS view for internal private network have been
implemented for all hosts in IE department. Now any hosts in IE department whether using real IP or
private IP can access hosts in internal private networks via the internal network routing and internal
network DNS view. This network upgrade is transparent to end users without reconfiguring their hosts’
network setting.
Network cabling and patching in EB1 have
been upgraded with new network
manageable edge switches and new network
cables. After this upgrade, all network ports
in EB1 are fully patched and hence the
network infrastructure in EB1 can be
managed more effectively and
professionally.
Fig x.3 Fully patched network in EB1
Fully patched network in EB1
VoIP has been deployed for some technical staff and visitor offices. Users can easily access their
office phone lines or voice boxes via their desktop hardware SIP phone or software SIP phone on their
mobile devices. Besides facilitate voice conferencing, our VoIP infrastructure also allows our staff who
need to share a single phone line in their office can have their own phone lines.
During the last Olympic game Beijing 2008, we have collaborated with Tsinghua University to
transmit HDTV to each other in 7X24 for the Olympic game programs. In this exercise, we confirm that
our network infrastructure has no problem in supporting HDTV multicast in 7X24. End users with proper
desktop or notebook hardware can view the HDTV smoothly and our network infrastructure loading did not
have noticeable increase during the HDTV multicast. Before the Olympic game, our network has been
multicasting TVB, ATV, and J2 channel in 7X24. Now we have replaced the J2 channel with the TVB
interactive news channel.
Fig x.4 Multicast 30M HDTV traffic in 7X24
Fig x.5 Core router CPU loading (green line) did not have
noticeable increase
Fig x.6 Multicasting the live 2008 Beijing Olympic HDTV streaming from Tsinghua University.
IPV6 in IE and INE networks have been migrated from JUCC blocks to CUHK managed blocks
so that we can have better route control and debugging in IPV6 related projects and courseware supports.
As broadband network penetration becomes high in Hong Kong and large data applications are common,
we find that the usage of our IPsec-vpn is increasing. We foresee that our current VPN server should not
have the capacity to handle the coming VPN connection requests in next year. We have planned the VPN
server upgrade in the next academic year.
Fig x.6 No. of the VPN users in a year (1 Day Average)
Fig x.7 VPN traffic volume in a week
We have been deploying server virtualization for lab courses and research works for several years
already. As the server virtualization become more and more mature, now some production servers have
also been migrated to vmware hosts for better maintenance, cost effective, resilience, disaster recovery, and
computing resources optimization. Up to now, there are eleven production servers have been migrated to
vmware hosts and keep counting. The servers are auxiliary servers for supporting the services of oracle
database, mail, proxy, software license, DNS, www, Linux gateway, fax, print server … etc.
Several tasks have been accomplished so as to catch up the environment changes and user
demands. Mail server has been tuned up for handling large file attachments and its anti-virus agent has
been migrated to Kaspersky before the TrendMicro expiration. The outgoing mail server has been upgraded
as well to improve our outgoing mail handling. Our DNS servers have been patched and tuned up against
the new DNS poisoning attacks. On the request of IEAA, we have housed the IEAA domain slave servers.
Room Booking System (RBS) has been upgraded to cover the security hole. Department web server was
further tighten up against sensitive information leakage and other web attacks. A forum server has been set
up for work study program students sharing their experiences. Elock system becomes stable and has less
problem after upgrade. As a contingency plan for our WLAN, the IEWave has been upgraded and put into
production as the backup for ERGWAVE which is current short of maintenance fund. A virtual meeting
place has been set up as the contingency plan for technical team weekly meeting during bird or swine flu
breakout. Seminar rooms have been upgraded with new secondary projectors and has supported student
oral exam via video conferencing. I2A Lab 1104 has been tuned up to support general seminar room or
classroom booking. It has been also equipped with 3D video display unit for general school visit demo.
Half PCs in multipurpose computing lab 1109 have been installed with Vista OS which are used for the
evaluation of winxp migration to Vista or Windows 7. The logistic and arrangement of FYP presentation
support have been revised so as to support the FYP presentation effectively. We also loan PDA to FYP
students for their FYP development. In order to have better communication and collaboration between
technical team and general office, regular working meeting for these two parties leader are scheduled. High
Performance Computing CU Grid at ITSC has been tested and introduced to professors and GA. Besides
CU Grid, we also loaned quad core PCs to professor for running stimulation program so as to catch up their
paper deadline. A Lab and Network facilities briefing has been offered to all RLAB coordinators and all IE
students during the IESoc welcome talk. During the briefing, we have reminded all RLAB coordinators
about our UNIX host management service. As requested by professors, we has tailor make a reliable data
backup system for their research lab data.
Department Duties and Value Added Services
Besides regular school visit support, the technical team also supported the following events or
functions in this academic year:
-
HKO workshops
SEA program
Summer Institute Activities
E-CR training
Mainland Students’ Parent visit
-
Academic counseling and course registration
for Mainland Students
IESoc Lab briefing
RLAB guideline and policy briefing
Orientation Day
-
Lab visit from 华南农业大学
Leadership Camp
Honeynet talk to PISA
UGB210N class demo
FYP presentation support
-
Collaborating with Japanese Engineers for
WINDS project
Advice a Mphil student about the honey
wall infrastructure
Pass malware collected samples to a
honeynet project for Botnet analysis
Recognition
a. Two technical staff have been nominated for the 08-09 CUHK Exemplary Service
Award
b. ITSC consulted us about the HTDV multicast setup and is using our HD multicasting
server as the multicast routing testing source. We are also helping ITSC to test the
HTDV multicast within JUCC HARNET
c. Our new backup infrastructure help the faculty disciplinary committee to investigate
students’ assignment plagiarisms by retrieving several students home directory’s
daily snapshot dated back to three months ago. It also makes our server data recovery
procedure within an hour.
d. A visiting scholar was impressed by our rapid telephone setup in his office by VoIP
technology.
e. A team member was invited by Honeynet HK chapter to join their HK chapter and
give a talk to PISA member.
f. A team member computer forensic seminar web page is indexed as the first top entry
in the Google HK webpage search of “computer forensic” key word
g. A team member has been approached by the HK Police Force for the possibility of
jointly offering a diploma program for computer forensics.
h. A postgrad student consulted us about our 3D display setup for his project.
i. A RA appreciated the UNIX course and would like to get the course materials for
reference.
j. A highly compact PC assembly technique that invented by our team member in the
last century is finally copied by Google servers.
Related documents
DS_Tut1 - DistributedSys
DS_Tut1 - DistributedSys
counter-12 march
counter-12 march
What Does Infosec Do? - OIT Help
What Does Infosec Do? - OIT Help
Implementing Information Security and Compliance
Implementing Information Security and Compliance
2012.02-HDTV
2012.02-HDTV
Chapter 8 IP Addressing
Chapter 8 IP Addressing
Power Cost Reduction in Distributed Data Centers
Power Cost Reduction in Distributed Data Centers
Spring 2009 Connections Conference Template
Spring 2009 Connections Conference Template
Success of Foundation Degree students to final year UH
Success of Foundation Degree students to final year UH
The Firewall Services Module
The Firewall Services Module
Document
Document
Download
advertisement