Overview of SoC Network
This page is has been moved to the new
SoC Document Repository. The
new URL for this page is:
https://docs.comp.nus.edu.sg/node/1357
School of Computing (SoC) operates a network interconnecting 6
buildings in 2 clusters with about 5000 network points, providing users
with Fast Ethernet and Gigabit Ethernet connectivity, Wireless LAN up to
54 Mbps, 56K/ISDN dialup and VPN access. SoC Network is built to be
scalable, highly available, fault tolerant and fully redundant to
provide users with the highest level of network service and maximum
network availability.
SoC's network is managed by our own network team so as to provide
better support and enhance the teaching, research and administrative
needs of our staff and students.
We also operate two computer rooms, one at COM1 and the other at SOC1.
Our newer computer room at COM1 is designed to support high density
compute clusters of up to 20KW per rack, and uses advanced cooling
technologies such as chilled water cooled racks.
Above basic infrastructure services, SoC Network also provides you
with a complete range of services such as the NOC (Network Operations
Centre) website, security management services, email service, directory
services, network time services, web reverse proxy, etc.
The network today is used not just to connect computers, but also for
video conferencing, surveillance cameras, telephones and smartcard door
access systems. This is the convergence of Data, Voice and Video on a
single unified IP communications network.
Network Infrastructure
- The layer 2 and layer 3 core of SoC network is formed by a mesh
of 8 Cisco Catalyst 6x09 switches with highly fault tolerant, fully
redundant everything.
(more information)
- 130 edge sitches, 60 wireless access points.
- Redundant links to access layer edge switches and redundant uplinks
to NUS ComCen.
- A pair of Cisco FWSM Firewalls provide redundant firewall protection
for SoC network.
- A pair of TopLayer AppSwitch provide non-stop
attack mitigation and flow mirroring to IDS sensors.
- Out-of-band on-site management access to equipment via console ethernet
and serial network.
- Out-of-band remote network access via modem and broadband for network
engineering staff.
Network Access
- SoC network currently connects some 3400 computers, surveillance
cameras, telephones, smartcard door access systems and other
devices.
- Physical network access in SoC includes ethernet connectivity at 10/100
Mbps (gigabit ethernet available only in Machine Room) and 802.11
wireless LAN access up to 54 Mbps. Users are connected to either:
- Inside SoC network, to one of the
SoC Sub-Networks. All
computers connected to SoC network require to be
pre-registered. The majority of
network access in SoC falls in this category.
- SoC Plug-and-Play Network, typically
in public areas such as corridors. There is no pre-registration, but
users must login to the network in order to obtain network
access.
- Wireless LAN access with complete coverage in SoC premises.
- Dialup service includes 60 56K/ISDN lines.
- VPN service (SoC-VPN), based on the open source OpenVPN software.
Network Services
- Intrusion Detection System
- Domain Name System
- DHCP and Dynamic Domain Name System
- Application Load Balancers with SSL hardware accelerators
- LDAP Directory Service
- RADIUS and TACACS Services
Application Services
- NOC Website: A web portal for everything networked in SoC. This website
serves as a control centre for all SoC network operations and a
web-based front end for many network applications and ancillary services.
The NOC website is at
https://noc.comp.nus.edu.sg.
(more info)
- Security Vulnerability Assessment: Fully automated security vulnerability
assessment systems continually scan all registered systems for potential
vulnerabilities. This sytem integrates management, reporting and
enforcement capabilities.
- Directory Service: A LDAP (light-weight directory access protocol)
server provides networked address book information on all SoC
users.
- Voice-Over-IP (VOIP) software-based IP telephony system.
- Outgoing SMTP Server. (more info)
- PGP Key Server: Distribution of PGP public keys.
- Network Time Service: This provides networked time service via NTP
(Network Time Protocol) so that all systems can keep somewhat
synchronised time.
- Finger Service: Gateway to directory information.
- IRC Service: Experimental status.
- FTP Mirror: In collaboration with NUS ComCen, SoC is operating the
mirror.nus.edu.sg anonymous
FTP mirror. This site, located in SoC network, mirrors several
popular FTP software archives so that local users can enjoy faster
access and yet save on Internet bandwidth.
Updated: 23 Sep 2008
|