Franske ITC-2900 SP15 Possible Projects: Difference between revisions

From ITCwiki
Jump to navigation Jump to search
No edit summary
No edit summary
Line 56: Line 56:
* Build and test a minimum of three solutions
* Build and test a minimum of three solutions
* Develop a recommendation on the best choice based on department constraints
* Develop a recommendation on the best choice based on department constraints
* Prepare a written whitepaper and oral presentation detailing the process, criteria, results, and recommendation
==Improved Wireless Network Access==
===Introduction===
The Inver Hills ITC department has an academic, demonstration, and research network ("ITCnet"). This network is currently not accessible through wireless access but it would be desirable to have wireless available. Wireless users should connect using 802.1x authentication to a Windows Active Directory server. In some cases it will also be desirable to have users placed into certain VLANs automatically based on their AD groups (dynamic VLANs). To accomplish this with available hardware you will need to utilize the OpenWRT wireless router/access point firmware.
===Resources===
* Cisco Switches
* HP Switches
* Ubiquiti UniFi Wireless APs running OpenWRT
* Windows Server / Active Directory
===Deliverables===
* Design and implement a test network environment
* Research, test, and document the use of Windows Active Directory for 802.1x
* Research, test, and document the use of 802.1x on OpenWRT for user authentication
* Research, test, and document the use of 802.1x on OpenWRT for dynamic VLAN assignment
* Prepare a written whitepaper and oral presentation detailing the process, criteria, results, and recommendation
* Prepare a written whitepaper and oral presentation detailing the process, criteria, results, and recommendation


Line 180: Line 165:
* Install and test a minimum of three solutions
* Install and test a minimum of three solutions
* Develop a recommendation on the best choice based on department constraints
* Develop a recommendation on the best choice based on department constraints
* Prepare a written whitepaper and oral presentation detailing the process, criteria, results, and recommendation
==Improved Wireless Network Access==
===Introduction===
The Inver Hills ITC department has an academic, demonstration, and research network ("ITCnet"). This network is currently not accessible through wireless access but it would be desirable to have wireless available. Wireless users should connect using 802.1x authentication to a Windows Active Directory server. In some cases it will also be desirable to have users placed into certain VLANs automatically based on their AD groups (dynamic VLANs). To accomplish this with available hardware you will need to utilize the OpenWRT wireless router/access point firmware.
===Resources===
* Cisco Switches
* HP Switches
* Ubiquiti UniFi Wireless APs running OpenWRT
* Windows Server / Active Directory
===Deliverables===
* Design and implement a test network environment
* Research, test, and document the use of Windows Active Directory for 802.1x
* Research, test, and document the use of 802.1x on OpenWRT for user authentication
* Research, test, and document the use of 802.1x on OpenWRT for dynamic VLAN assignment
* Prepare a written whitepaper and oral presentation detailing the process, criteria, results, and recommendation
* Prepare a written whitepaper and oral presentation detailing the process, criteria, results, and recommendation

Revision as of 01:05, 14 January 2015

Possible Projects

Logfile Collection and Analysis

Introduction

The Inver Hills ITC department has an academic, demonstration, and research network ("ITCnet") which is comprised of a number of physical and virtual hosts running various operating systems including several versions of Windows server and desktop, several Linux distributions, vmWare host servers, and BSD along with network devices from Cisco and HP. In an effort to better understand and track what's happening on this network a number of monitoring tools have been implemented over the past year including Nagios and Cacti which can poll SNMP and service availability data from these various systems and devices. We'd like to take this to the next step by centralizing log file collection and analysis and allowing us to use a single program or web portal for viewing log events across all these devices.

Resources

Software programs you may want to evaluate in this space are:

  • Logstash
  • Fluentd
  • Nxlog
  • Graylog2
  • LOGalyze
  • Octopussy
  • SNARE
  • OSSEC
  • syslog-ng

You may research and evaluate other programs as well. Programs should be able to collect logs from our wide variety of host OSs and devices for central monitoring. Strong preference should be given to free and open source packages as we are a resource constrained department.

Deliverables

  • Design and implement a test environment for logfile collection and analysis which includes the wide variety of hosts and network devices which may generate logging
  • Install and test a minimum of three logfile collection and analysis packages
  • Develop criteria for evaluating the packages
  • Develop a recommendation on the best choice based on department constraints
  • Prepare a written whitepaper and oral presentation detailing the process, criteria, results, and recommendation

SAN Benchmarking

Introduction

There are a number of different schemes for connecting remote storage to hosts over a network infrastructure. In this project you will setup and benchmark several popular methods of doing this and report on the results. The primary SAN technology you will be working with is iSCSI. The SAN servers, referred to as iSCSI "targets", may be Windows servers, basic Linux servers, or specialized SAN servers or devices. Furthermore these may be configured as direct block access to a physical device such as a hard drive or as a virtual hard drive file residing on top of a physical drive and filesystem. The clients, referred to as iSCSI "initiators", may be vmWare servers, Windows servers or desktops, or Linux servers or desktops. As you can see there are many variables which can exist in even a simple iSCSI system. Your job is to setup a number of different configurations and benchmark them for ease of setup, speed, and other factors which you determine and report on the results.

Resources

  • ITC Department FreeNAS SAN Server
  • Windows Storage Servers
  • Client Servers/PCs
  • ITCnet network backbone
  • Possible vendor SAN hardware

You may research and evaluate other programs as well.

Deliverables

  • Design and implement a test environment for iSCSI which includes a variety of initiators and targets
  • Develop criteria for evaluating iSCSI performance and define test environment, benchmarking software and settings, etc.
  • Prepare a written whitepaper and oral presentation detailing the process, criteria, and results

Network Access Control

Introduction

The Inver Hills ITC department has an academic, demonstration, and research network ("ITCnet") which uses network devices from Cisco and HP and supports a number of virtual machines, hosts, and devices including Windows, Linux, Android, iPhone, and more. Network ports are not physically securable but it may be possible to improve security on this network by implementing some type of Network Access Control (NAC) which restricts access to network resources until a user authenticates to the network. Users on our network are stored in an Active Directory system which is also accessible through LDAP and RADIUS methods. Your task will be to explore what options exist for network access control and to test and evaluate several of those options.

Resources

  • Cisco Switches
  • HP Switches
  • Wireless APs and Controllers
  • Windows Server / Active Directory
  • PacketFence Open Source NAC
  • Microsoft Network Policy and Access Services
  • OpenNAC
  • FreeNAC

You may research and evaluate other programs/devices as well. Strong preference should be given to free and open source packages as we are a resource constrained department.

Deliverables

  • Design and implement a test network environment
  • Research a variety of options and select a minimum of three promising configurations for testing
  • Develop criteria for evaluating the options
  • Build and test a minimum of three solutions
  • Develop a recommendation on the best choice based on department constraints
  • Prepare a written whitepaper and oral presentation detailing the process, criteria, results, and recommendation

Remote Access Lab Equipment

Introduction

The Inver Hills ITC department has some Cisco lab equipment which could be a valuable learning environment for students to connect to and use remotely. VPN access is already available for students to connect to ITCnet remotely but they are currently unable to access lab devices remotely. Access to lab devices should be controlled by the ITCnet Active Directory user groups. Computers in the lab topology should be provided through the existing VM infrastructure.

Resources

  • Standard lab pod equipment
  • Virtual Machine Infrastructure
  • Cisco Switches
  • HP Switches
  • Windows Server / Active Directory

Deliverables

  • Design, document, and build a lab topology which will work for a variety of classes and which utilizes VMs on the existing infrastructure for client PCs
  • Research, configure, and document configuration of remote terminal servers for access to Cisco device console ports which authenticate back to Active Directory
  • Research, test, and document the use of the remote access environment
  • Prepare a written whitepaper and oral presentation detailing the process, criteria, results, and recommendation

Automated Microsoft Client Deployment

Introduction

Research, test, and document automated solutions for deploying Microsoft client operating systems to physical and virtual machines. Deployment should include installing the base operating system (Windows 7 or later), creating user accounts, installing drivers as needed, and installing additional software applications. Additional scripting capability such as automatically joining the machine to a domain, configuring additional Windows settings, etc. is appreciated but not required.

Resources

  • Windows Server / Active Directory
  • Linux Servers
  • NAS Server
  • Microsoft Deployment Toolkit
  • Open PC Server Integration (OPSI)
  • System Center Configuration Manager (SCCM)

Deliverables

  • Design and implement a test network environment
  • Research a variety of options and select a minimum of three promising configurations for testing
  • Develop criteria for evaluating the options
  • Build and test a minimum of three solutions
  • Develop a recommendation on the best choice based on department constraints
  • Prepare a written whitepaper and oral presentation detailing the process, criteria, results, and recommendation

Automated Linux Deployment

Introduction

Research, test, and document automated solutions for deploying Debian Linux operating systems to physical and virtual machines. Deployment should include installing the base operating system, creating user accounts, installing packages, and pre-loading configuration files. Additional scripting capability such as automatically setting up the machine to authenticate to an Active Directory domain, etc. is appreciated but not required.

Resources

  • Linux Servers
  • NAS Server
  • Windows Server / Active Directory
  • Fully Automatic Installation (FAI) framework
  • Puppet
  • Chef
  • CFengine
  • Bcfg2

Deliverables

  • Design and implement a test network environment
  • Research a variety of options and select a minimum of three promising configurations for testing
  • Develop criteria for evaluating the options
  • Build and test a minimum of three solutions
  • Develop a recommendation on the best choice based on department constraints
  • Prepare a written whitepaper and oral presentation detailing the process, criteria, results, and recommendation

Microsoft Windows Scripting Projects

Introduction

An ongoing clash exists between different classes using ITC classroom labs. Some classes need Hyper-V while others need VirtualBox or VMWare Workstation. Students also tend to leave static IP addresses set on computers when they leave which can prevent other students from logging on. These problems should be solvable through the use of automated logoff scripts which reset these settings on the machine to a default state when a user logs off as well as scripts which can be run as needed by users to turn on and off features such as Hyper-V which requires a system reboot.

Resources

  • Windows Server / Active Directory
  • Windows Client Systems (Windows 7, 8, and 10)
  • PowerShell scripting

Deliverables

  • Design and implement a test network environment including account restrictions
  • Research PowerShell scripting and write and document appropriate scripts to address the problems
  • Test and document the use of the scripts on a test network
  • Coordinate with the campus IT department and ITC lab assistant to conduct tests on actual classroom systems
  • Prepare a written whitepaper and oral presentation detailing the process, criteria, results, and recommendation

Improved Network Monitoring

Introduction

The Inver Hills ITC department has an academic, demonstration, and research network ("ITCnet") which uses network devices from Cisco and HP and supports a number of virtual machines, hosts, and devices including Windows, Linux, Android, iPhone, and more. Some basic network monitoring using Nagios and Cacti has been achieved but it should be expanded. You will need to research and determine key performance metrics and services for servers and network infrastructure which should be monitored to determine overall network health. Implement these monitoring metrics and configure threshold alerts for service interruption.

Resources

  • Linux Servers
  • Windows Servers / Active Directory
  • Routers, Switches, Wireless APs, UPSs, etc.
  • Cacti
  • Nagios

Deliverables

  • Determine and document key performance metrics and services on ITCnet
  • Create and document Nagios and Cacti configurations for monitoring key metrics and services
  • Test Nagios and Cacti configurations
  • Prepare a written whitepaper and oral presentation detailing the process, criteria, results, and recommendation

Taken Projects

Virtualization Orchestration

Introduction

Infrastruture-as-a-Service (IaaS) virtualization is heavily used by the ITC department for offering academic courses. Our current primary solution is vmWare ESXi hypervisors with vCenter orchestration which provides a GUI for provisioning of VMs and administration of hypervisor servers. We would like to evaluate alternative virtualization environments, particularly the orchestration of hypervisors in case vmWare changes pricing in such a way that we can no longer afford to operate using ESXi and/or vCenter. There are a number of open source virtualization platforms which are potential alternatives.

Resources

Hypervisors:

  • vmWare ESXi
  • Hyper-V
  • Xen
  • KVM

Orchestration:

  • vCenter
  • CloudStack
  • OpenStack
  • OpenNebula
  • Eucalyptus
  • ProxMox
  • Convirture

You may research and evaluate other programs as well. You will need to evaluate differences between programs including working with different types of storage (e.g. iSCSI), advanced networking (e.g. VLAN support), backup capabilities, and live migration of VMs (e.g. vMotion). Strong preference should be given to free and open source packages as we are a resource constrained department.

Deliverables

  • Research a variety of options and select a minimum of three promising configurations for testing
  • Develop criteria for evaluating the packages
  • Design and implement a test environment
  • Install and test a minimum of three solutions
  • Develop a recommendation on the best choice based on department constraints
  • Prepare a written whitepaper and oral presentation detailing the process, criteria, results, and recommendation

Improved Wireless Network Access

Introduction

The Inver Hills ITC department has an academic, demonstration, and research network ("ITCnet"). This network is currently not accessible through wireless access but it would be desirable to have wireless available. Wireless users should connect using 802.1x authentication to a Windows Active Directory server. In some cases it will also be desirable to have users placed into certain VLANs automatically based on their AD groups (dynamic VLANs). To accomplish this with available hardware you will need to utilize the OpenWRT wireless router/access point firmware.

Resources

  • Cisco Switches
  • HP Switches
  • Ubiquiti UniFi Wireless APs running OpenWRT
  • Windows Server / Active Directory

Deliverables

  • Design and implement a test network environment
  • Research, test, and document the use of Windows Active Directory for 802.1x
  • Research, test, and document the use of 802.1x on OpenWRT for user authentication
  • Research, test, and document the use of 802.1x on OpenWRT for dynamic VLAN assignment
  • Prepare a written whitepaper and oral presentation detailing the process, criteria, results, and recommendation