Franske ITC 2900 SP19 Possible Projects

From ITCwiki
Revision as of 01:15, 16 January 2019 by BenFranske (talk | contribs)
Jump to navigation Jump to search

Possible Projects

Linux/BSD Networking

Explore the use of Linux and/or BSD as network routers. In particular, deploy the use of dynamic routing protocols like OSPF and EIGRP as well as other common router tasks/software to a network of Linux/BSD based routers.

Resources

  • Linux/BSD VMs

Deliverables

  • Working network doing typical router things comprised of Linux/BSD systems
  • Documentation on setup and configuration
  • Prepare a whitepaper detailing your research, testing process, and results

Network Automation

Research, explore, and demonstrate the use of network automation, the ability to configure and program network devices with software code. It's expected that you would build a small demonstration network and then install one or two network automation software packages to manage and make changes to the network.

Resources

  • Cisco Routers & Switches
  • 3Com/HP Switches

Deliverables

  • Working network automation system
  • Documentation on setup and configuration
  • Prepare a whitepaper detailing your research, testing process, and results

Multifactor Authentication

Introduction

Explore the configuration and setup of multifactor authentication. Provide Google Authenticator or similar 2nd factor support for popular services such as VPNs, SSH, Active Directory login, PHP web application login, etc.

Resources

  • Virtual machines

Deliverables

  • Working 2 factor authentication against several popular services such as VPNs, SSH, Active Directory login, PHP web application login, etc.
  • Documentation on setup and configuration
  • Prepare a whitepaper detailing your research, testing process, and results

DNS and Web Deep Dive

Introduction

Explore the operation of DNS servers, Web servers, and related services by modeling how the Internet DNS system works. Includes deploying at least a root nameserver, a few TLD nameservers, some nameservers for particular domains, delegated nameservers, as well as a root Certificate Authority, experimenting with DNSSEC and DANE, and setting up demo webservers for sample domains (utilizing the DNS infrastructure, DNSSEC, DANE, SSL/TLS certificated, etc.)

Resources

  • Lots of Linux server VMs
  • BIND DNS Server (and/or Unbound DNS server)
  • nginx web server

Deliverables

  • Public Key Infrastructure setup (certificate creation, signing, etc.)
  • DNS Server hierarchy with working DNSSEC/DANE access to webservers/sample domains
  • Prepare a whitepaper detailing your research, testing process, and results

Comparison of File Synchronization Servers

Introduction

Install, configure and test a variety of self-hosted services for file synchronization. These could include rsync based software, Goggle's Upspin, Syncthing, OwnCloud/NextCloud, SparkleShare, etc.

Resources

  • Virtual machines

Deliverables

  • Working file synchronization systems
  • Comparison and documentation for various file sync systems
  • Prepare a whitepaper detailing your research, testing process, and results

VMware Virtual Machine Automation and Permissions

Introduction

The ITC department utilizes VMware based virtual machines for a variety of classes. There is currently a manual process to create many virtual machines for each class (including virtual networks, etc.), modify them during the semester (such as wiping the virtual hard drive, etc.), and assign students permissions to them, etc. In addition there have been challenges in identifying the minimum set of permissions which students need access to in order to use the VMs in a class but not have access to interfere with other VMs running for other classes or for departmental services. Your goal is to automate as much of the deployment, configuration, maintenance, etc. as possible as well as to determine the appropriate permissions for students so they do not encounter permissions errors when completing course tasks but do not have overly broad permissions.

Resources

  • VMware ESXi Servers
  • VMware vCenter Server
  • Test VMs
  • Python programming

Deliverables

  • Permissions recommendations for VMware
  • VMware Automation Scripts
  • Prepare a whitepaper detailing your research, testing process, and results

Asterisk PRI Integration

Introduction

The ITC department currently has a "PSTN Simulator" running Cisco IOS and CUCME (Cisco Unified Communications Manager Express) but the configuration is complex and difficult to manage. Your goal is to implement the same functionality of the PSTN Simulator using the open-source Asterisk PBX. This will require some experimentation with the Asterisk VoIP PBX software as well as experimentation surrounding integrating it with the T1 ports on the Cisco hardware.

Resources

  • Cisco Routers with T1 cards
  • Asterisk PBX Software

Deliverables

  • Design, implement and test configurations which replicate PSTN Simulator functionality using Asterisk
  • Document all configurations
  • Prepare a written whitepaper and oral presentation detailing the process, criteria, results, and configurations

Network Access Control

Introduction

The Inver Hills ITC department has an academic, demonstration, and research network ("ITCnet") which uses network devices from Cisco and HP and supports a number of virtual machines, hosts, and devices including Windows, Linux, Android, iPhone, and more. Network ports are not physically securable but it may be possible to improve security on this network by implementing some type of Network Access Control (NAC) which restricts access to network resources until a user authenticates to the network. Users on our network are stored in an Active Directory system which is also accessible through LDAP and RADIUS methods. It has been determined in previous groups that PacketFence is a reasonable option for NAC but test implementations with switches and wireless APs have not been completed. You task would be to setup and test PacketFence with the Cisco and HP/3Com switches we use as well as with the Ubiquiti UniFi APs (running OpenWrt) and to document your results.

Resources

  • Cisco Switches
  • HP/3Com Switches
  • Wireless APs and Controllers
  • Windows Server / Active Directory
  • PacketFence Open Source NAC

Deliverables

  • Design and implement a test network environment
  • Determine, test, and document configurations which will meet the 802.1x and captive portal requirements
  • Prepare a written whitepaper and oral presentation detailing the process, criteria, results, and configurations

Remote Access Lab Equipment

Introduction

The Inver Hills ITC department has some Cisco lab equipment which could be a valuable learning environment for students to connect to and use remotely. VPN access is already available for students to connect to ITCnet remotely but they are currently unable to access lab devices remotely. Access to lab devices should be controlled by the ITCnet Active Directory user groups. Computers in the lab topology should be provided through the existing VM infrastructure.

Resources

  • Standard lab pod equipment
  • Virtual Machine Infrastructure
  • Cisco Switches
  • HP Switches
  • Windows Server / Active Directory

Deliverables

  • Design, document, and build a lab topology which will work for a variety of classes and which utilizes VMs on the existing infrastructure for client PCs
  • Research, configure, and document configuration of remote terminal servers for access to Cisco device console ports which authenticate back to Active Directory
  • Research, test, and document the use of the remote access environment
  • Prepare a written whitepaper and oral presentation detailing the process, criteria, results, and recommendation

Taken

Remote Access Lab Equipment

Introduction

The Inver Hills ITC department has some Cisco lab equipment which could be a valuable learning environment for students to connect to and use remotely. VPN access is already available for students to connect to ITCnet remotely but they are currently unable to access lab devices remotely. Access to lab devices should be controlled by the ITCnet Active Directory user groups. Computers in the lab topology should be provided through the existing VM infrastructure.

Resources

  • Standard lab pod equipment
  • Virtual Machine Infrastructure
  • Cisco Switches
  • HP Switches
  • Windows Server / Active Directory

Deliverables

  • Design, document, and build a lab topology which will work for a variety of classes and which utilizes VMs on the existing infrastructure for client PCs
  • Research, configure, and document configuration of remote terminal servers for access to Cisco device console ports which authenticate back to Active Directory
  • Research, test, and document the use of the remote access environment
  • Prepare a written whitepaper and oral presentation detailing the process, criteria, results, and recommendation
Retrieved from "https://wiki.ihitc.net/mediawiki/index.php?title=Franske_ITC_2900_SP19_Possible_Projects&oldid=7463"