CSL: Trusted & Untrusted Networks

CSL: Trusted & Untrusted Networks

Most computers maintained by the Lab Staff are on a trusted sub-net of the departmental network. If you need to connect your own computer to the network, it must be connected to an untrusted sub-net. Users should never disconnect trusted computers from the network, unless so directed by the Lab Staff!

Trusted network

Computers on the trusted network can transparently access such departmental services as NFS (home and project disks), NIS (distributed account and other information), printers, software packages, etc. Acces to this network is limited to machines administered by the Lab Staff, in order to secure sensitve data and maintain the availability of departmental resources. Users should not attempt to connect their personal machines to this network. A curent list of machines on the trusted network can be found here.

Untrusted network

In most cases, computers on the untrusted network are controlled and configured by their owners. Since this could potentially allow improper access to sensitive or personal data, or could cause operational disruptions to the production computer network, these machines are isolated on a separate sub-net, and are not given direct access to many core departmental computer services (see the previous section of this page).

Some services can be accessed via an authentication and access package called SAMBA. To set this up please see the help guides for Windows and MacOS.

Requesting access to the untrusted sub-net

To connect a computer to the untrusted sub-net, please contact the Lab Staff and provide the following information:

Requests will be processed in an expedient manner, as staff workload permits.

Dynamic vs. static IP addresses

If your computer will be occasionally moved (for example, if you have a laptop computer), and if you don't need to access it remotely by a constant address, then you will probably do better with a dynamic IP address. This is an address automatically allocated by a DHCP server, and that will probably be different any time your computer has not been used here for more than one day. An advantage is that if you use DHCP at other sites (for example, your ISP from home), then you will not have to alter your network setup configurations each time you move your computer.

Note: At this time, we are not supporting long-term leases or vanity names with dynamic addresses.

If you have a computer that will usually remain in your office, and that you will need to access remotely, then you might want to request a static IP address and hostname. This way, your computer will always be accessible by the same address.

Wired vs. wireless

If your PC will connect to the network through a network cable, then you've been reading the right document. If you will be connecting to the network via a wireless card, please see the Wireless Registration FAQ.

If you have any questions, please contact the Lab Staff.