The three main missions of the Network unit consist in managing:
- The Lab’s IT infrastructure;
- Associated services;
- Virtual security (systems and data).
IT infrastructure :
The Network unit manages the entirety of the Lab’s IT equipment, from the server room to most terminals, including the data network, printers and video-conference equipment.
Common Services :
We manage most internal IT services offered to the community, including the indispensable technical – but not always visible – ones, such as DHCP, DNS, supervision software and all of the operating software for our servers.
We also manage essential services for all users, in particular authentication (LDAP & Active Directory), mail and associated services (imap, webmail, Sympa mailing lists), disk space, and centralized backup.
Attentive to new needs, we have also deployed cloud-type solutions to host a shared storage service (owncloud) and enable collaborative work (Alfresco).
Services to Research Teams :
We help LIRMM research Teams with their needs for dedicated IT resources. In particular, we formalize hardware architectures based on the technical and budget requirements of research projects, ensuring the homogeneity of the installations with our existing systems. This equipment is hosted in the server room and administered or co-administered by the RX unit.
The Lab’s IT environment requires multiple openings to external environments because of the services deployed internally (cross-services and research platforms). To control (as much as possible) the flows coming from the Internet, we maintain a firewall and an IPS (Intrusion Prevention System).
At the server level, we implement security and auditing procedures and take immediate action in the event a server or service becomes compromised.
This policy also applies to workstations, through the implementation of measures adapted to the operating system for the workstations we manage, and the distribution of the most critical alert messages (CERTs) to users. Interventions on compromised workstations (detected as such by the IPS or the CERT Renater controls) are carried out quickly to avoid propagation.
Last update on 21/01/2020