1 / 22

From one forest to another one ?

From one forest to another one ?. Joël Surget CEA/Saclay DSM/DAPNIA Surget@cea.fr. Outline. Our W2000 Domain A new anti-virus New unknown PCs A new forest ! Summary. Our W2000 domain. Created in June 2000 Dapnia.saclay.cea.fr or DAPNIA 350 PCs now 250 desktop PCs 80 laptops

lavada
Download Presentation

From one forest to another one ?

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. From one forest to another one ? Joël Surget CEA/Saclay DSM/DAPNIA Surget@cea.fr

  2. Outline • Our W2000 Domain • A new anti-virus • New unknown PCs • A new forest ! • Summary

  3. Our W2000 domain • Created in June 2000 • Dapnia.saclay.cea.fr or DAPNIA • 350 PCs now • 250 desktop PCs • 80 laptops • All the new PCs • Migration (reformat) of old ones

  4. An old Nice NT Domain • Always 80 Nice NT PCs • Stopped the 1 January 2003!!! • Upgrade to W2k (after upgrading the memory) • Replace the old ones • Always 200 W95/98 PCs (not managed) • Wincenter  WTS

  5. At the end of 2002… • Only one W2K domain • + rest of NT 4 domain • File server • Some 95/98 PCs ( in the W2K domain ?) • A other NT 4 domain with Exchange 5.5 • Perhaps a little optimist …

  6. A new anti-virus • CEA decided to buy 16000 Norton Antivirus Corporate Edition licenses!!!! • A centralized solution (by department) • Norton has to be installed on every PC • Nimda arrived in November in DAPNIA and is always alive…

  7. Live Update Norton.com Standard Configuration Special Configuration Virus definition Virus notification Primary Norton server Secondary Norton server Special PC Server PC PC

  8. Norton CE Pbs • Only one configuration by server • Dapnia: one server with blocked configuration • One server with free configuration • Norton for Mac is not centralized • Norton client on a W2000 server:if connected via terminal services, pbs • Norton client doesn’t work on WTS: must install Norton Server!!!

  9. Norton CE: Summary • In place since 1 month • Already 450 clients • 15 PCs attacked by day (Nimda via network shared or Js.Exception.Exploit via IE…) • a good way to verify the shares without permissions (W9x) or bad permissions

  10. The new PCs • During the last 5 years • We (DAPNIA) choose our PCs • Only Dell Latitude/Optiplex/Workstation • Reinstalling every PC via Floppy disk (Nice NT4 or W2k) • A very homogenous park • But…

  11. CEA has decided… • A CEA command every 6 months • 5 different sorts of PCs • Light portables • Normal portables • Desktop PCs • « Physics » PCs • Special PCs

  12. The new PCs… • 10 <> sorts of PCs by year • The first command • CEA: 1300 PCs • DAPNIA: 150 PCs • Must arrive in April/May (?) • Can we reinstall them via floppy disk? • How can we manage 150 PCs in a short time?

  13. A new forest… • Yesterday, the DAPNIA • Today, the DSM • Tomorrow, the CEA • A CEA domain • A CEA tree • A DSM forest + a CEA forest

  14. Yesterday • DAPNIA • 700 Persons • 700 PCs • One W2K domain/tree/forestdapnia.saclay.cea.fr • One NT 4 domain declining • 2 Windows system administrators

  15. Today (since February 2002) • DSM: Direction des Sciences de la Matière (Saclay) • DAPNIA (700 persons) • DRECAM • 600 persons • 600 PCs • 2 NT 4 domains • 2 Windows system administrators Must be managed by the same team with the same way

  16. Tomorrow, (1 January 2003) • CEA civil • 7000 persons • 7000 PCs • 40 (?) NT 4 independent domains • No W2k domain (but DAPNIA) • CEA wants to create a CEA forest

  17. DAPNIA W2k CEA DRECAM NT4 DSM D.. dapnia drecam … Migration via ADMT One CEA Domain CEA W2k

  18. CEA DAPNIA W2k DSM DRECAM NT4 dapnia drecam Migration via ADMT One Tree

  19. CEA DSM dapnia drecam Migration via ADMT 2 Forests DAPNIA W2k DRECAM NT4

  20. DAPNIA .net Upgrade to .net Rename DRECAM NT4 DSM (.net) Migration via ADMT Drecam 2 Forests: 2nd Solution DAPNIA W2k

  21. The choice • Not only a technical solution but a political solution • 2 forests is the best for the security • One domain is the Microsoft solution • Decision in September max. • Perhaps to early to Windows.Net

  22. Name ??? New W2k domain W2k Client DAPDIV NT4 domain Nice NT Client DAPNIA W2k domain W2k Client …2000 2001/2 2003… Summary • We have to migrate the most as possible to the W2k domain • Prepare to migrate to a new forest. • For the end-user,

More Related