|
Size: 5768
Comment:
|
← Revision 36 as of 2017-08-22 12:55:59 ⇥
Size: 5602
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 2: | Line 2: |
| NICHT FERTIG!! | |
| Line 5: | Line 3: |
| == Notebook Registration at DESY Zeuthen == | /!\ '''This web page will no longer be updated.''' Please use this link for [[https://dv-zeuthen.desy.de/services/notebook_registration/|current information]]. ---- <<BR>> |
| Line 7: | Line 7: |
| [[TableOfContents]] | [[http://dvinfo.zeuthen.desy.de/NoteBook_Registrierung|NoteBook Registrierung ]] {{http://www-zeuthen.desy.de/icons/german.gif}} <<TableOfContents>> |
| Line 11: | Line 13: |
| * To connect a notebook or an other mobile device to the DESY Zeuthen network the responsible person and the MAC addresses of the device have to made known with the computer center. * Two different network access methods exists, one to the internal network and the other one corresponds approximately to the one of an externel host. * The DESY Computer Security Council (RSR) demands that the person who wants to use a computer in the internal DESY network, feels also responsible for the computer security of this device. After the confirmation of the user the device will be classified as a trusted device. |
* To connect a notebook or other mobile device to the DESY Zeuthen network, the responsible person and the MAC address(es) of the device have to be registered with the computer center. * Two different classes of network access exist: * One with access to the internal network * The other one is mostly like that of anonymous hosts somewhere on the internet * The [[http://rechnersicherheit.desy.de/e8/index_eng.html|DESY Computer Security Council (RSR)]] requires that a person who wants to attach a computer in the internal DESY network signs responsible for the computer security of this device. After the confirmation of the user, who needs to be in possession of an account at DESY, the device will be classified as a trusted device. |
| Line 15: | Line 19: |
| In the following you can find some more information about the both network access classes, WLAN and also cable attached access. | In the following you can find some more information about both network access classes, WLAN and also cable attached access. |
| Line 17: | Line 21: |
| === Network Access - 2 classes === | == Network Access - 2 classes == |
| Line 19: | Line 23: |
| ==== Limited Access ( guest subnet ) ==== Für das Gästenetz existiert eine Kabel basierte und eine drahtlose Schnittstelle. [[BR]] Der Netzwerkzugang ist vor allem für Gäste gedacht, die sich nur kurzfristig bei DESY aufhalten und erfolgt innerhalb weniger Minuten. Interne Dienste können nur sehr beschränkt genutzt werden (kein Login in Windows Domaine, kein AFS). Die Zugangsmöglichkeiten entsprechen im Wesentlichen dem anderer externer Rechner. ||<tablestyle="background-color:#FFE0DF;">Die [:mac address: MAC-Adressen] des Gerätes und die verantwortliche Person müssen dem Rechenzentrum bekanntgemacht werden.|| Die Registrierung kann erfolgen * durch eine Mail an uco-zn@desy.de, Bearbeitung während der normalen Arbeitszeit, {{{ Subject: Registrierung eines Notebooks |
=== Limited Access === ==== DESY-guest ==== In the DESY-guest network, a cable based and a wireless network interface are provided. <<BR>> The DESY-guest subnet is mainly provided for guests staying at DESY for a limited time. Gaining access to it only takes a few minutes. Access to internal services is limited (no Login into Windows Domain). The access rights basically correspond to those of anonymous external hosts, but some services (email, printing, AFS, ntp, web) are available. ||<tablestyle="background-color:#FFE0DF; width:100%">The [[mac_address| MAC addresses]] of the device and the responsible person must be made known to the computer center.|| The registration can be done * by sending an email to <<MailTo(uco-zn AT desy DOT de)>> (processed by humans during normal working hours) {{{ Subject: Registration of a Notebook |
| Line 28: | Line 34: |
| Mac WLAN: Mac Eth: Ablaufdatum der Registrierung: (max. 1Jahr, Standard:7 Tage) }}} * über ein WEB-Formular [[BR]] http://register.ifh.de/cgi-bin/register?conf=notebook [[BR]] Es ist erreichbar innerhalb des LAN (außer vom Gästenetz) und kann von jedem Benutzer verwendet werden, der einen Account bei DESY hat. 15 Minuten nach der Registrierung sollte der Netzzugang möglich sein. Das Ablaufdatum der Registrierung ist auf 1 Jahr begrenzt, standardmäßig ist eine Woche eingestellt. |
Mac WLAN: Mac Eth: Requested expiration date for the registration: (max: 1 year, default: 7 days) }}} * or through a web form (automatic processing 24x7) <<BR>> https://regmacs.zeuthen.desy.de/ <<BR>> The URL is accessible from the '''internal''' network and can used by any user who has an account at DESY. 15 minutes after submitting the form, the registered device should be able to access the guest subnet. The expiration date of the registration is limited to one year, the default is one week. ==== eduroam ==== The wireless network eduroam is another WLAN guest network which is provided. It can be used by guests whose home institutes offer the service eduroam. No further registration at DESY is required. DESY employees can take part in the eduroam project.<<BR>> Please contact <<MailTo(uco-zn AT desy DOT de)>> to obtain a WLAN account for 'eduroam'. ||<tablestyle="background-color:#FFE0DF; width:100%">Detailed information can be found at [[http://it.desy.de/services/networks/wlan_at_desy/eduroam/index_eng.html|eduroam]]|| === Internal Access for Trusted Devices === ==== Trusted Devices ==== The DESY Computer Security Council (RSR) issued a set of rules and recommendations to be followed by anoyone operating computers attached to the DESY internal network: http://rechnersicherheit.desy.de/e8/e84/e351/index_eng.html By signing the form mentioned there, you acknowledge and accept these rules. A device is classified as trusted if the form signed by the responsible person has been filed with UCO Zeuthen: <<BR>> ||<tablestyle="background-color:#FFF2E5; width:100%">eMail : <<MailTo(uco-zn AT desy DOT de)>><<BR>>Fax : +49 33762 77216<<BR>>Address: DESY Zeuthen, UCO, Platanenallee 6, 15738 Zeuthen|| For DESY notebooks centrally supported by DV Zeuthen, you only need to turn your attention to [[NotebookSecurityWindows|Notebook Security Windows]]<<BR>> and sign a special form when the notebook is claimed from the computing after installation. ==== Cable Based Network Access ==== * It is not yet possible to transfer cable MAC addresses of notebooks already registered at DESY Hamburg to Zeuthen. * The computing center in Zeuthen is not yet able to register your cable Mac address in DESY Hamburg.<<BR>>Please contact the corresponding [[http://www-it.desy.de/network/intranet/services/dns/qip/qip.php|network segment administrator ]] in Hamburg if you need access to the cable based internal network in there. ==== Wireless Network Access ==== To use one of the internal [[http://dv-zeuthen.desy.de/services/wlan/| wireless networks]] a registration (MAC address, user name, institute, email address) is necessary. You will receive the access parameter from UCO. The registration is valid in Hamburg and Zeuthen. |
| Line 36: | Line 68: |
| ==== 1. Internal access ==== a. via cable attached Ethernet interface for trusted devices (see [#Trusteddevice below]) a. via wireless interface[[BR]] in addition to being trusted, the device has to use a special SSID and a WEP key. These are identical for the internal networks at DESY, both in Hamburg and Zeuthen.[[BR]] You will get the SSID and WEP key from uco-zn on request. If you do not use the WEP key your registered notebook will only get access to the guest subnet. ==== 2. External access (guest subnet, non trusted devices) ==== cable based and wireless interface [[BR]] The network access to non trusted devices will be limited to the same services like other external hosts (no AFS). ||<tablestyle="background-color:#FFE0DF;">The [:mac address: MAC address] of the device and the responsible person must be made known to the computer center.|| * For this purpose the Web form [[BR]] http://register.ifh.de/cgi-bin/register?conf=notebook [[BR]] must filled out inside the local area network. [[BR]] '''Everyone who has an account at DESY''' is authorised to fill the Web form '''from every PC (excluded guest subnet)'''.[[BR]] 15 minutes after the registration the notebook should get access to the network. The maximum expiration time of registration is one year, the default 7 days. * From outside you can send a request to UCO Zeuthen, email uco-zn@desy.de, asking to register the mac addresses of your notebook. [[Anchor(Trusteddevice)]] === How to register as a trusted device === The DESY Computer Security Council (RSR) demands that the persons responsible for a computer that should be connected to the internal DESY network have to read http://www.desy.de/rsr/intern/rsr-stat-2003-01-rules.html obey the rules and sign the form mentioned there. The form has to be sent to uco Zeuthen: {{{ email : uco-zn@desy.de fax : +49 33762 77216 surface mail : DESY Zeuthen, UCO, Platanenallee 6, 15738 Zeuthen}}} * We denote a notebook for which a signature of the responsible person is available a '''trusted device '''. * For DESY notebooks centrally supported by DV Zeuthen you should only take attention: [http://dvinfo/NotebookSecurityWindows Notebook Security Windows] and [http://dvinfo/NotebookSecurityLinux Notebook Security Linux ] [[BR]] If you follow these instructions you meet the requirements given in the RSR statement. * Whereas the wireless network interfaces of devices registered at DESY in Hamburg are considered as trusted devices too, you have to register the cable based network interface in Zeuthen additionally. * All mobile devices for which the responsible person did not sign the document mentioned above are '''non trusted devices'''. * After the receipt of the signed form we will activate the internal network access for the notebook. * If you would like to connect your notebook to the internal DESY network in Hamburg too we will communicate the information to the network group in Hamburg and initiate the registration of the '''wireless''' interface if necessary. You have to contact the [http://www-it.desy.de/network/intranet/services/dns/beauftragte.html network segment administrator] to register the '''cable''' interface. |
== Availability of Network Facilities == * You have to contact the computing center to find out wether a certain socket is suitable for connecting a mobile device (no matter whether it's registered for internal access or for guest access only). To request clearing a socket for mobile device use, please email <<MailTo(uco-zn AT desy DOT de)>> . Please make sure to include the complete socket number. * Disconnecting a PC from any other network wall socket and connecting your notebook instead will block the socket. Please don't do this. |
![/!\](/moin_static1911/sinorca4moin/img/alert.png "/!\"){kind=small}
This web page will no longer be updated. Please use this link for current information.
Contents
Notebook and Mobile Devices (Internet) Network Access @ DESY Zeuthen
- To connect a notebook or other mobile device to the DESY Zeuthen network, the responsible person and the MAC address(es) of the device have to be registered with the computer center.
- Two different classes of network access exist:
- One with access to the internal network
- The other one is mostly like that of anonymous hosts somewhere on the internet
The DESY Computer Security Council (RSR) requires that a person who wants to attach a computer in the internal DESY network signs responsible for the computer security of this device. After the confirmation of the user, who needs to be in possession of an account at DESY, the device will be classified as a trusted device.
In the following you can find some more information about both network access classes, WLAN and also cable attached access.
Network Access - 2 classes
Limited Access
DESY-guest
In the DESY-guest network, a cable based and a wireless network interface are provided.
The DESY-guest subnet is mainly provided for guests staying at DESY for a limited time. Gaining access to it only takes a few minutes. Access to internal services is limited (no Login into Windows Domain). The access rights basically correspond to those of anonymous external hosts, but some services (email, printing, AFS, ntp, web) are available.
The MAC addresses of the device and the responsible person must be made known to the computer center. |
The registration can be done
by sending an email to <uco-zn AT desy DOT de> (processed by humans during normal working hours)
Subject: Registration of a Notebook Mac WLAN: Mac Eth: Requested expiration date for the registration: (max: 1 year, default: 7 days)or through a web form (automatic processing 24x7)
https://regmacs.zeuthen.desy.de/
The URL is accessible from the internal network and can used by any user who has an account at DESY. 15 minutes after submitting the form, the registered device should be able to access the guest subnet. The expiration date of the registration is limited to one year, the default is one week.
eduroam
The wireless network eduroam is another WLAN guest network which is provided. It can be used by guests whose home institutes offer the service eduroam. No further registration at DESY is required. DESY employees can take part in the eduroam project.
Please contact <uco-zn AT desy DOT de> to obtain a WLAN account for 'eduroam'.
Detailed information can be found at eduroam |
Internal Access for Trusted Devices
Trusted Devices
The DESY Computer Security Council (RSR) issued a set of rules and recommendations to be followed by anoyone operating computers attached to the DESY internal network:
By signing the form mentioned there, you acknowledge and accept these rules. A device is classified as trusted if the form signed by the responsible person has been filed with UCO Zeuthen:
eMail : <uco-zn AT desy DOT de> |
For DESY notebooks centrally supported by DV Zeuthen, you only need to turn your attention to Notebook Security Windows
and sign a special form when the notebook is claimed from the computing after installation.
Cable Based Network Access
- It is not yet possible to transfer cable MAC addresses of notebooks already registered at DESY Hamburg to Zeuthen.
The computing center in Zeuthen is not yet able to register your cable Mac address in DESY Hamburg.
Please contact the corresponding network segment administrator in Hamburg if you need access to the cable based internal network in there.
Wireless Network Access
To use one of the internal wireless networks a registration (MAC address, user name, institute, email address) is necessary. You will receive the access parameter from UCO. The registration is valid in Hamburg and Zeuthen.
Availability of Network Facilities
You have to contact the computing center to find out wether a certain socket is suitable for connecting a mobile device (no matter whether it's registered for internal access or for guest access only). To request clearing a socket for mobile device use, please email <uco-zn AT desy DOT de> . Please make sure to include the complete socket number.
- Disconnecting a PC from any other network wall socket and connecting your notebook instead will block the socket. Please don't do this.