______________________________________________________________________
Astrophysics Group +44 207 594-7526
Blackett Laboratory, Room 1018B
Imperial College, Prince Consort Road
Hi David (and everyone else),
Having consulted with members in SPAT (those that have responded in time), here is our overview of services required on a research class machine:
(Below are my definitions of service classes, others may have different ones of course)
Admin Services: ICIS
Authentication Services: LDAP, Licence Servers (e.g. Matlab, IDL, etc.)
Communication Services: SSH (typically Port 22), FTP (?), Zoom, Access to Remote Data centres, Remote Desktop Gateway, Unified Access, VPN
Data Sharing Services: SMB Servers, HTTP / HTTPS servers, NFS Servers, File Exchange (retired in 2 days?), Sharepoint, Onedrive, etc.
Information Services: DNS, Library Journals
Productivity Services: Office365, HPC Interactive Services (e.g. Jupyter Notebook, etc.), Software Centre
Teaching Services: Blackboard, Starfish, Panopto, Secure College Webpages
The above is probably a non-exhaustive list, and I've no doubt once a clearer picture emerges of what a Research Class machine might look like, then there will be the hope that this can be iterated / fine-tuned to accommodate any niche requirements inherent
with the breadth of research activities and their associated diverse requirements.
Thanks for your efforts towards defining this David.
Best wishes,
Rich
-----Original Message-----
From: David Colling <d.colling@imperial.ac.uk>
Sent: 22 November 2022 20:17
To: Bresme, Fernando <f.bresme@imperial.ac.uk>; French, Paul (PHOT) M W <paul.french@imperial.ac.uk>; Keaveny, Eric E <e.keaveny@imperial.ac.uk>; Sternberg, Michael J E <m.sternberg@imperial.ac.uk>; Staffell, Iain L <i.staffell@imperial.ac.uk>; Pengelly,
Ellen <e.pengelly@imperial.ac.uk>; Buchaca-Domingo, Ester <e.buchaca-domingo@imperial.ac.uk>; Bantges, Richard J <r.bantges@imperial.ac.uk>; Michalickova, Katerina <k.michalickova@imperial.ac.uk>; physics-departmental-computing <physics-departmental-computing@imperial.ac.uk>;
Bryce, Craig T <c.bryce@imperial.ac.uk>; Bearpark, Michael J <m.bearpark@imperial.ac.uk>
Cc: David Colling <david.colling@gmail.com>; Pearse, Will <will.pearse@imperial.ac.uk>; Cucinotta, Clotilde <c.cucinotta@imperial.ac.uk>
Subject: Services needed on a research computing desktop and laptop
Hi All,
I am sending this to the Physics Departmental Computing Committee and to
the departmental members of the FRCC so that they can gather information
from their departments.
As some of you know ICT are increasingly confining what people can do on
college machines, even those bought on research grants and used by
individual researchers. This has been most noticed by the change in the
management of Macs. In my years involved in departmental computing, no
issue has annoyed more people. Behind this is the increased number of
attacks on university computing system which is visible both at Imperial
and elsewhere. Some universities have been badly hit and have ended up
paying £Ms to ransomware attackers. Apparently this is one of the things
that keeps our President awake at night. This is clearly a threat that
we have to take seriously, but it is also not clear how much damage
could be done to college systems by a laptop or desktop used by a single
(or team of) researcher(s).
In discussions with ICT the most sensible approach seems to be that we
define a class of machine that is a research desktop or laptop that ICT
don't manage but which also has limited access to college central
systems. Most of us have no reason to access payroll (say) and in fact
would view it as a security breach if we could. We have a meeting on the
30th November where we will discuss this proposed set up. What I need
going into is the list of services that researchers would need access to
from these research machines, how that access would them + any other
thoughts/comments. For example the sort of thing that occurred to me are:
service: Office365 (including sharepoint, email, OneDrive teams etc)
Access: Is access through the secure web portal enough for most of these
plus a mail client providing secure access the the email.
[I use Office365 much less than almost anybody to whom this email is
going so am the least qualified to answer this one]
Service: ICIS (Payslips, expenses claims etc)
Access: Secure web access should be enough.
Service: Starfish
Access: Secure web access is sufficient.
What other services are needed and how?
Other comments:
- I don't think that it is unreasonable to have a requirement that the
disks of all research laptops are encrypted in case they are lost when
travelling. The performance hit is minimal and if that is important then
running on a laptop might not be ideal.
So please do send me your thoughts (on services mainly) and comments.
For once I would not be against you sending to everybody as I would
welcome debate on this.
Best,
david
_______________________________________________
Physics-Departmental-Computing mailing list
Physics-Departmental-Computing@imperial.ac.uk
https://mailman.ic.ac.uk/mailman/listinfo/physics-departmental-computing