#acl DvGroup:read,write,delete,revert,admin All:read 
 
NICHT FERTIG!!

== Notebook Registration at DESY Zeuthen ==

[[TableOfContents]]

== Notebook and Mobile Devices (Internet) Network Access @ DESY Zeuthen ==

 * To connect a notebook or an other mobile device to the DESY Zeuthen network the responsible person and the MAC addresses of the device have to made known with the computer center.
 * Two different network access methods exists, one to the internal network and the other one corresponds approximately to the one of an externel host. 
 * The DESY Computer Security Council (RSR) demands that the person who wants to use a computer in  the internal DESY network, feels also responsible for the computer security of this device. After the confirmation of the user the device will be classified as a trusted device.

In the following you can find some more information about the both network access classes, WLAN and also cable attached access.
 
=== Network Access - 2 classes ===

==== Limited Access ( guest subnet ) ====
    Für das Gästenetz existiert eine Kabel basierte und eine drahtlose Schnittstelle. [[BR]]
    Der Netzwerkzugang ist vor allem für Gäste gedacht, die sich nur kurzfristig bei DESY aufhalten und erfolgt innerhalb weniger Minuten. Interne Dienste können nur sehr beschränkt genutzt werden (kein Login in Windows Domaine, kein AFS). Die Zugangsmöglichkeiten entsprechen im Wesentlichen dem anderer externer Rechner.
    ||<tablestyle="background-color:#FFE0DF;">Die [:mac address: MAC-Adressen] des Gerätes und die verantwortliche Person müssen dem Rechenzentrum bekanntgemacht werden.||
    Die Registrierung kann erfolgen
    * durch eine Mail an uco-zn@desy.de, Bearbeitung während der normalen Arbeitszeit, 
                              {{{ 
    Subject: Registrierung eines Notebooks
        
    Mac WLAN:  Mac Eth:
    Ablaufdatum der Registrierung: (max. 1Jahr, Standard:7 Tage)      
                              }}}
    * über ein WEB-Formular [[BR]]
 	http://register.ifh.de/cgi-bin/register?conf=notebook [[BR]]  
    Es ist erreichbar innerhalb des LAN (außer vom Gästenetz) und kann von jedem Benutzer verwendet werden, der einen Account bei DESY hat. 15 Minuten nach der Registrierung sollte der Netzzugang möglich sein. Das Ablaufdatum der Registrierung ist auf 1 Jahr begrenzt, standardmäßig ist eine Woche eingestellt.


==== 1. Internal access ====
 a. via cable attached Ethernet interface for trusted devices (see [#Trusteddevice below])
 a. via wireless interface[[BR]]
 in addition to being trusted, the device has to use a special SSID and a WEP key. These are
 identical for the internal networks at DESY, both in Hamburg and Zeuthen.[[BR]]
 You will get the SSID and WEP key from uco-zn on request. If you do not use the WEP key your registered notebook will only get access to the guest subnet. 
==== 2. External access  (guest subnet, non trusted devices) ====
	cable based and wireless interface [[BR]]
        The network access to non trusted devices will be limited to the same services like other external hosts (no AFS).
    	||<tablestyle="background-color:#FFE0DF;">The [:mac address: MAC address] of the device and the responsible person must be made known to the computer center.||
        * For this purpose the Web form [[BR]]
 	http://register.ifh.de/cgi-bin/register?conf=notebook [[BR]]
 	must filled out inside the local area network. [[BR]] 
        '''Everyone who has an account at DESY''' is authorised to fill the Web form '''from every PC (excluded guest subnet)'''.[[BR]]
        15 minutes after the registration the notebook should get access to the network. The maximum expiration time of registration is one year, the default 7 days.
        * From outside you can send a request to UCO Zeuthen, email uco-zn@desy.de, asking to register the mac addresses of your notebook. 

[[Anchor(Trusteddevice)]]

=== How to register as a trusted device ===

The DESY Computer Security Council (RSR) demands that the persons 
responsible for a computer that should be connected to the internal DESY 
network have to read
  http://www.desy.de/rsr/intern/rsr-stat-2003-01-rules.html
obey the rules and sign the form mentioned there. The form has to be 
sent to uco Zeuthen:
     {{{
         email : uco-zn@desy.de 
         fax : +49 33762 77216 
         surface mail : DESY Zeuthen, UCO, Platanenallee 6, 15738 Zeuthen}}}

 * We denote a notebook for which a signature of the responsible person is available a '''trusted device '''.
 * For DESY notebooks centrally supported by DV Zeuthen you should only take attention:
   [http://dvinfo/NotebookSecurityWindows Notebook Security Windows]  and 
   [http://dvinfo/NotebookSecurityLinux Notebook Security Linux ] [[BR]]
   If you follow these instructions you meet the requirements given in the RSR statement.
 * Whereas the wireless network interfaces of devices registered at DESY in Hamburg are considered as trusted devices too,
 you have to register the cable based network interface in Zeuthen additionally.
 * All mobile devices for which the responsible person did not sign the document mentioned above are '''non trusted devices'''.
 * After the receipt of the signed form we will activate the internal network access for the notebook.
 * If you would like to connect your notebook to the internal DESY network in Hamburg too we will communicate the information to the network group in Hamburg and initiate the registration of the '''wireless''' interface if necessary. You have to contact the [http://www-it.desy.de/network/intranet/services/dns/beauftragte.html network segment administrator] to register the '''cable''' interface.