Franske ITC 2900 SP17 Possible Projects: Difference between revisions
BenFranske (talk | contribs) (Created page with "=Possible Projects= ==Capture the Flag Competition== ===Introduction=== Setup the infrastructure required and run a capture the flag competition for ITC students. ===Resources...") |
BenFranske (talk | contribs) No edit summary |
||
(5 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
=Possible Projects= | =Possible Projects= | ||
== | ==Customer Relationship Management Database Implementation== | ||
===Introduction=== | ===Introduction=== | ||
Work with a non-profit museum to implement an updated membership database using the CiviCRM customer relationship management (CRM) database tool. You will need to install the software, identify how the museum can use it to meet their membership database needs, create training materials/videos for key museum personnel, and develop a strategy for importing the existing Microsoft Access based member database into the new software. | |||
===Resources=== | ===Resources=== | ||
* | * Linux web server | ||
* CiviCRM software and appropriate plug-ins | |||
===Deliverables=== | ===Deliverables=== | ||
* Working CiviCRM server implementation setup for use as member database | |||
* Training materials/videos for museum personnel on common CiviCRM tasks related to museum use | |||
* Data migration plan for existing membership database | |||
* Prepare a whitepaper detailing your research, testing process, and results | |||
==VMware Virtual Machine Automation and Permissions== | |||
===Introduction=== | |||
The ITC department utilizes VMware based virtual machines for a variety of classes. There is currently a manual process to create many virtual machines for each class (including virtual networks, etc.), modify them during the semester (such as wiping the virtual hard drive, etc.), and assign students permissions to them, etc. In addition there have been challenges in identifying the minimum set of permissions which students need access to in order to use the VMs in a class but not have access to interfere with other VMs running for other classes or for departmental services. Your goal is to automate as much of the deployment, configuration, maintenance, etc. as possible as well as to determine the appropriate permissions for students so they do not encounter permissions errors when completing course tasks but do not have overly broad permissions. | |||
===Resources=== | |||
* VMware ESXi Servers | |||
* VMware vCenter Server | |||
* Test VMs | |||
===Deliverables=== | |||
* Permissions recommendations for VMware | |||
* VMware Automation Scripts | |||
* Prepare a whitepaper detailing your research, testing process, and results | |||
==Low Cost Wireless Experimentation== | |||
===Introduction=== | |||
Your goal with this project is to try and squeeze some more life out of old Linksys WRT300N routers. By installing the OpenWRT software on them you will be able to experiment with setting up VLANs, mesh wireless networks, enterprise wireless networking, etc. Mesh wireless networking allows for each node in the network to also act as a repeater for the network extending the overall network range and capacity. | |||
===Resources=== | |||
* Linksys WRT300N Routers | |||
* OpenWRT Software | |||
* Wireless clients | |||
===Deliverables=== | |||
* Updated documentation for installing and using current versions of OpenWRT on the WRT300N routers to be shared on the OpenWRT wiki site | |||
* Build and test a mesh network | |||
* Prepare a written whitepaper and oral presentation detailing the process, criteria, results, and configurations | |||
==Asterisk PRI Integration== | |||
===Introduction=== | |||
The ITC department currently has a "PSTN Simulator" running Cisco IOS and CUCME (Cisco Unified Communications Manager Express) but the configuration is complex and difficult to manage. Your goal is to implement the same functionality of the PSTN Simulator using the open-source Asterisk PBX. This will require some experimentation with the Asterisk VoIP PBX software as well as experimentation surrounding integrating it with the T1 ports on the Cisco hardware. | |||
===Resources=== | |||
* Cisco Routers with T1 cards | |||
* Asterisk PBX Software | |||
===Deliverables=== | |||
* Design, implement and test configurations which replicate PSTN Simulator functionality using Asterisk | |||
* Document all configurations | |||
* Prepare a written whitepaper and oral presentation detailing the process, criteria, results, and configurations | |||
==Network Access Control== | |||
===Introduction=== | |||
The Inver Hills ITC department has an academic, demonstration, and research network ("ITCnet") which uses network devices from Cisco and HP and supports a number of virtual machines, hosts, and devices including Windows, Linux, Android, iPhone, and more. Network ports are not physically securable but it may be possible to improve security on this network by implementing some type of Network Access Control (NAC) which restricts access to network resources until a user authenticates to the network. Users on our network are stored in an Active Directory system which is also accessible through LDAP and RADIUS methods. It has been determined in previous groups that PacketFence is a reasonable option for NAC but test implementations with switches and wireless APs have not been completed. You task would be to setup and test PacketFence with the Cisco and HP/3Com switches we use as well as with the Ubiquiti UniFi APs (running OpenWrt) and to document your results. | |||
===Resources=== | |||
* Cisco Switches | |||
* HP/3Com Switches | |||
* Wireless APs and Controllers | |||
* Windows Server / Active Directory | |||
* PacketFence Open Source NAC | |||
===Deliverables=== | |||
* Design and implement a test network environment | |||
* Determine, test, and document configurations which will meet the 802.1x and captive portal requirements | |||
* Prepare a written whitepaper and oral presentation detailing the process, criteria, results, and configurations | |||
==Logfile Collection and Analysis== | |||
===Introduction=== | |||
The Inver Hills ITC department has an academic, demonstration, and research network ("ITCnet") which is comprised of a number of physical and virtual hosts running various operating systems including several versions of Windows server and desktop, several Linux distributions, vmWare host servers, and BSD along with network devices from Cisco and HP. In an effort to better understand and track what's happening on this network a number of monitoring tools have been implemented over the past year including Nagios and Cacti which can poll SNMP and service availability data from these various systems and devices. We'd like to take this to the next step by centralizing log file collection and analysis and allowing us to use a single program or web portal for viewing log events across all these devices. | |||
===Resources=== | |||
Software programs you may want to evaluate in this space are: | |||
* Logstash | |||
* Fluentd | |||
* Nxlog | |||
* Graylog2 | |||
* LOGalyze | |||
* Octopussy | |||
* SNARE | |||
* OSSEC | |||
* syslog-ng | |||
You may research and evaluate other programs as well. Programs should be able to collect logs from our wide variety of host OSs and devices for central monitoring. Strong preference should be given to free and open source packages as we are a resource constrained department. | |||
===Deliverables=== | |||
* Design and implement a test environment for logfile collection and analysis which includes the wide variety of hosts and network devices which may generate logging | |||
* Install and test a minimum of three logfile collection and analysis packages | |||
* Develop criteria for evaluating the packages | |||
* Develop a recommendation on the best choice based on department constraints | |||
* Prepare a written whitepaper and oral presentation detailing the process, criteria, results, and recommendation | |||
==Remote Access Lab Equipment== | |||
===Introduction=== | |||
The Inver Hills ITC department has some Cisco lab equipment which could be a valuable learning environment for students to connect to and use remotely. VPN access is already available for students to connect to ITCnet remotely but they are currently unable to access lab devices remotely. Access to lab devices should be controlled by the ITCnet Active Directory user groups. Computers in the lab topology should be provided through the existing VM infrastructure. | |||
===Resources=== | |||
* Standard lab pod equipment | |||
* Virtual Machine Infrastructure | |||
* Cisco Switches | |||
* HP Switches | |||
* Windows Server / Active Directory | |||
===Deliverables=== | |||
* Design, document, and build a lab topology which will work for a variety of classes and which utilizes VMs on the existing infrastructure for client PCs | |||
* Research, configure, and document configuration of remote terminal servers for access to Cisco device console ports which authenticate back to Active Directory | |||
* Research, test, and document the use of the remote access environment | |||
* Prepare a written whitepaper and oral presentation detailing the process, criteria, results, and recommendation | |||
=Taken Projects= | |||
==Samba as an Active Directory Server== | |||
===Introduction=== | |||
Setup Samba as a full Active Directory server on Linux with Windows client PCs. Test user login, filesharing, directory management, group policy enforcement, etc. Compare with a Windows server setup including costs. | |||
===Resources=== | |||
* Samba 4 on Linux Server | |||
* Windows Client PCs | |||
* Windows Server | |||
===Deliverables=== | |||
* Samba 4 based AD server | |||
* Prepare a whitepaper detailing the installation, configuration, and management of a Samba 4 AD environment as well as comparisons to a Windows Server environment | |||
==Automated Linux Deployment== | |||
===Introduction=== | |||
Research, test, and document automated solutions for deploying Debian Linux operating systems to physical and virtual machines. Deployment should include installing the base operating system, creating user accounts, installing packages, and pre-loading configuration files. Additional scripting capability such as automatically setting up the machine to authenticate to an Active Directory domain, etc. is appreciated but not required. | |||
===Resources=== | |||
* Linux Servers | |||
* NAS Server | |||
* Windows Server / Active Directory | |||
* Fully Automatic Installation (FAI) framework | |||
* Puppet | |||
* Chef | |||
* CFengine | |||
* Bcfg2 | |||
===Deliverables=== | |||
* Design and implement a test network environment | |||
* Research a variety of options and select a minimum of three promising configurations for testing | |||
* Develop criteria for evaluating the options | |||
* Build and test a minimum of three solutions | |||
* Develop a recommendation on the best choice based on department constraints | |||
* Prepare a written whitepaper and oral presentation detailing the process, criteria, results, and recommendation | |||
==Internet of Things Experimentation== | |||
===Introduction=== | |||
Build Internet of Things (IoT) experiment kits from ITC department supplies. Create an exciting and engaging demonstration project which can be used to show the power of IoT devices. Design a series of lab exercises to introduce students to basic IoT concepts. Basic programming experience in C will be helpful as this is the common programming language for these Arduino-like IoT devices, but you can probably learn the basics enough if you're interested enough in the project during the course of the semester. Basic electronics experience is also helpful, but again you can probably learn enough of this during the semester if needed and you spend enough time working on it. | |||
===Resources=== | |||
* ESP8266 Microcontrollers with WiFi (Adafruit HUZZAH) | |||
* Various electronic components | |||
* Arduino IDE development environment | |||
===Deliverables=== | |||
* Introductory IoT Lab Exercises | |||
* IoT Demo Project | |||
* Prepare a whitepaper detailing your research, testing process, and results | |||
==Web Based Active Directory Account Management== | |||
===Introduction=== | |||
Accounts on the ITC network are currently maintaining in Microsoft Active Directory. Right now some "self service" things like changing your password are a bit complex for users. Your goal would be to implement a self-service portal for Active Directory users where they could log in to a website to do things such as change their password, reset a password, apply for an account, etc. You may find existing web software for this or you may need to write/modify your own software for some functionality. | |||
===Resources=== | |||
* Active Directory infrastructure | |||
* Web server | |||
===Deliverables=== | |||
* Account management web portal | |||
* Configuration documentation of the portal along with any code used/created | |||
* Prepare a written whitepaper and oral presentation detailing the process, criteria, results, and configurations |
Latest revision as of 01:06, 11 January 2017
Possible Projects
Customer Relationship Management Database Implementation
Introduction
Work with a non-profit museum to implement an updated membership database using the CiviCRM customer relationship management (CRM) database tool. You will need to install the software, identify how the museum can use it to meet their membership database needs, create training materials/videos for key museum personnel, and develop a strategy for importing the existing Microsoft Access based member database into the new software.
Resources
- Linux web server
- CiviCRM software and appropriate plug-ins
Deliverables
- Working CiviCRM server implementation setup for use as member database
- Training materials/videos for museum personnel on common CiviCRM tasks related to museum use
- Data migration plan for existing membership database
- Prepare a whitepaper detailing your research, testing process, and results
VMware Virtual Machine Automation and Permissions
Introduction
The ITC department utilizes VMware based virtual machines for a variety of classes. There is currently a manual process to create many virtual machines for each class (including virtual networks, etc.), modify them during the semester (such as wiping the virtual hard drive, etc.), and assign students permissions to them, etc. In addition there have been challenges in identifying the minimum set of permissions which students need access to in order to use the VMs in a class but not have access to interfere with other VMs running for other classes or for departmental services. Your goal is to automate as much of the deployment, configuration, maintenance, etc. as possible as well as to determine the appropriate permissions for students so they do not encounter permissions errors when completing course tasks but do not have overly broad permissions.
Resources
- VMware ESXi Servers
- VMware vCenter Server
- Test VMs
Deliverables
- Permissions recommendations for VMware
- VMware Automation Scripts
- Prepare a whitepaper detailing your research, testing process, and results
Low Cost Wireless Experimentation
Introduction
Your goal with this project is to try and squeeze some more life out of old Linksys WRT300N routers. By installing the OpenWRT software on them you will be able to experiment with setting up VLANs, mesh wireless networks, enterprise wireless networking, etc. Mesh wireless networking allows for each node in the network to also act as a repeater for the network extending the overall network range and capacity.
Resources
- Linksys WRT300N Routers
- OpenWRT Software
- Wireless clients
Deliverables
- Updated documentation for installing and using current versions of OpenWRT on the WRT300N routers to be shared on the OpenWRT wiki site
- Build and test a mesh network
- Prepare a written whitepaper and oral presentation detailing the process, criteria, results, and configurations
Asterisk PRI Integration
Introduction
The ITC department currently has a "PSTN Simulator" running Cisco IOS and CUCME (Cisco Unified Communications Manager Express) but the configuration is complex and difficult to manage. Your goal is to implement the same functionality of the PSTN Simulator using the open-source Asterisk PBX. This will require some experimentation with the Asterisk VoIP PBX software as well as experimentation surrounding integrating it with the T1 ports on the Cisco hardware.
Resources
- Cisco Routers with T1 cards
- Asterisk PBX Software
Deliverables
- Design, implement and test configurations which replicate PSTN Simulator functionality using Asterisk
- Document all configurations
- Prepare a written whitepaper and oral presentation detailing the process, criteria, results, and configurations
Network Access Control
Introduction
The Inver Hills ITC department has an academic, demonstration, and research network ("ITCnet") which uses network devices from Cisco and HP and supports a number of virtual machines, hosts, and devices including Windows, Linux, Android, iPhone, and more. Network ports are not physically securable but it may be possible to improve security on this network by implementing some type of Network Access Control (NAC) which restricts access to network resources until a user authenticates to the network. Users on our network are stored in an Active Directory system which is also accessible through LDAP and RADIUS methods. It has been determined in previous groups that PacketFence is a reasonable option for NAC but test implementations with switches and wireless APs have not been completed. You task would be to setup and test PacketFence with the Cisco and HP/3Com switches we use as well as with the Ubiquiti UniFi APs (running OpenWrt) and to document your results.
Resources
- Cisco Switches
- HP/3Com Switches
- Wireless APs and Controllers
- Windows Server / Active Directory
- PacketFence Open Source NAC
Deliverables
- Design and implement a test network environment
- Determine, test, and document configurations which will meet the 802.1x and captive portal requirements
- Prepare a written whitepaper and oral presentation detailing the process, criteria, results, and configurations
Logfile Collection and Analysis
Introduction
The Inver Hills ITC department has an academic, demonstration, and research network ("ITCnet") which is comprised of a number of physical and virtual hosts running various operating systems including several versions of Windows server and desktop, several Linux distributions, vmWare host servers, and BSD along with network devices from Cisco and HP. In an effort to better understand and track what's happening on this network a number of monitoring tools have been implemented over the past year including Nagios and Cacti which can poll SNMP and service availability data from these various systems and devices. We'd like to take this to the next step by centralizing log file collection and analysis and allowing us to use a single program or web portal for viewing log events across all these devices.
Resources
Software programs you may want to evaluate in this space are:
- Logstash
- Fluentd
- Nxlog
- Graylog2
- LOGalyze
- Octopussy
- SNARE
- OSSEC
- syslog-ng
You may research and evaluate other programs as well. Programs should be able to collect logs from our wide variety of host OSs and devices for central monitoring. Strong preference should be given to free and open source packages as we are a resource constrained department.
Deliverables
- Design and implement a test environment for logfile collection and analysis which includes the wide variety of hosts and network devices which may generate logging
- Install and test a minimum of three logfile collection and analysis packages
- Develop criteria for evaluating the packages
- Develop a recommendation on the best choice based on department constraints
- Prepare a written whitepaper and oral presentation detailing the process, criteria, results, and recommendation
Remote Access Lab Equipment
Introduction
The Inver Hills ITC department has some Cisco lab equipment which could be a valuable learning environment for students to connect to and use remotely. VPN access is already available for students to connect to ITCnet remotely but they are currently unable to access lab devices remotely. Access to lab devices should be controlled by the ITCnet Active Directory user groups. Computers in the lab topology should be provided through the existing VM infrastructure.
Resources
- Standard lab pod equipment
- Virtual Machine Infrastructure
- Cisco Switches
- HP Switches
- Windows Server / Active Directory
Deliverables
- Design, document, and build a lab topology which will work for a variety of classes and which utilizes VMs on the existing infrastructure for client PCs
- Research, configure, and document configuration of remote terminal servers for access to Cisco device console ports which authenticate back to Active Directory
- Research, test, and document the use of the remote access environment
- Prepare a written whitepaper and oral presentation detailing the process, criteria, results, and recommendation
Taken Projects
Samba as an Active Directory Server
Introduction
Setup Samba as a full Active Directory server on Linux with Windows client PCs. Test user login, filesharing, directory management, group policy enforcement, etc. Compare with a Windows server setup including costs.
Resources
- Samba 4 on Linux Server
- Windows Client PCs
- Windows Server
Deliverables
- Samba 4 based AD server
- Prepare a whitepaper detailing the installation, configuration, and management of a Samba 4 AD environment as well as comparisons to a Windows Server environment
Automated Linux Deployment
Introduction
Research, test, and document automated solutions for deploying Debian Linux operating systems to physical and virtual machines. Deployment should include installing the base operating system, creating user accounts, installing packages, and pre-loading configuration files. Additional scripting capability such as automatically setting up the machine to authenticate to an Active Directory domain, etc. is appreciated but not required.
Resources
- Linux Servers
- NAS Server
- Windows Server / Active Directory
- Fully Automatic Installation (FAI) framework
- Puppet
- Chef
- CFengine
- Bcfg2
Deliverables
- Design and implement a test network environment
- Research a variety of options and select a minimum of three promising configurations for testing
- Develop criteria for evaluating the options
- Build and test a minimum of three solutions
- Develop a recommendation on the best choice based on department constraints
- Prepare a written whitepaper and oral presentation detailing the process, criteria, results, and recommendation
Internet of Things Experimentation
Introduction
Build Internet of Things (IoT) experiment kits from ITC department supplies. Create an exciting and engaging demonstration project which can be used to show the power of IoT devices. Design a series of lab exercises to introduce students to basic IoT concepts. Basic programming experience in C will be helpful as this is the common programming language for these Arduino-like IoT devices, but you can probably learn the basics enough if you're interested enough in the project during the course of the semester. Basic electronics experience is also helpful, but again you can probably learn enough of this during the semester if needed and you spend enough time working on it.
Resources
- ESP8266 Microcontrollers with WiFi (Adafruit HUZZAH)
- Various electronic components
- Arduino IDE development environment
Deliverables
- Introductory IoT Lab Exercises
- IoT Demo Project
- Prepare a whitepaper detailing your research, testing process, and results
Web Based Active Directory Account Management
Introduction
Accounts on the ITC network are currently maintaining in Microsoft Active Directory. Right now some "self service" things like changing your password are a bit complex for users. Your goal would be to implement a self-service portal for Active Directory users where they could log in to a website to do things such as change their password, reset a password, apply for an account, etc. You may find existing web software for this or you may need to write/modify your own software for some functionality.
Resources
- Active Directory infrastructure
- Web server
Deliverables
- Account management web portal
- Configuration documentation of the portal along with any code used/created
- Prepare a written whitepaper and oral presentation detailing the process, criteria, results, and configurations