High Available (HA) Cluster running Internet Services: HA Cluster is running all the major Internet facing services namely Web, Proxy, Ftp, Mail, IMAP/POP, DNS, LDAP, secured dual hop inward access etc. All the services are authenticated from central LDAP services and user uses same credential to access all/most the services. A major project named “Migration and Enhancement of HA Cluster” is at its last phase of implementation. A new service “user file store” is in the process of testing and will be available to the users shortly. The purview of the project included a Disaster Recovery setup. So that in case of declared disaster that hamper the installation, the setup would provide continued service from a secondary site. To accommodate the data centre needs of DR site a modular data centre is procured and currently operational in Room no. 3401. The enhanced setup will ensure all round better availability, security and performance.
Presently the services run in a mix of Virtual and Physical instances, having high availability achieved between both the instances.
Modular Data Centre and Data Centre:New initiative was taken up for the project of implementation of a full-fledged Data Centre at the server room to house namely High performance Computing Facilities, CMS Grid Infrastructure, HA Cluster etc. To house the Disaster Recovery(DR) infrastructure, a Modular Data Centre (MDC) was procured and installed. The Modular Data Centre or MDC, i.e. a Data Centre in a box with all the functionality of a formal Data Centre (DC), e.g. Precision Air Conditioning, HA UPS, Proper design of rack for air-flow etc. MDC architecture is also chosen for its movability. In future if the Institute opens up another campus, we would be able to shift the MDC to that campus to achieve better disaster recovery (DR) functionality and meet the guidelines of a proper DR setup. Both the projects assume availability of appropriate backup power like DG sets. Purpose and some of the benefits of the Data Centre and MDC are given as under:
- To house the Disaster Recovery Setup of HA Cluster
- MDC is a one cabinet Data Centre with UPS, Precision Air Conditioning, Fire Suppression System.
- Scalable system, more resources can be added in the MDC
- MDC can be relocated to location better suited for a DR scenario.
- The DR setup would be able to provide much needed service continuity for all the central services like email, web, ftp, proxy and other applications.
- Precision Air Conditioning
- Appropriate Cooling for High Density Racks
- High available AC, POWER
- Remote Monitoring and Alerts
- Handling cases of Fire, Water leakage etc.
- Economical use of power
New Website for the Institute:The division along with members of New-Website committee worked hand in hand to address the need of a structured CMS (Content Management System) based website for our Institute incorporating modern technology, standards, and UAT and security guidelines. Using the system departmental, personal, different application part of the website can be updated by the authorised persons in a de-centralized manner. Apart from that the scope includes implementation of some applications like Conferences, Colloquia/Seminar, Newsletter, Tender Management, Telephone Directory, Video and Image Gallery, Document Store, dashboard etc. The implementation includes a unique “Class of User” concept for authentication for various services/applications. The new website was inaugurated on the foundation day i.e. 11th Jan, 2014 by the Director. Apart from some applications the project is mostly complete.
Perimeter and End Point Security and other Security Measures: The Project of hardware Firewall/Unified Threat Management (UTM) system for perimeter and end points, the system was installed/configured was placed in the network replacing its software counterpart. Other than basic Firewalling/Intrusion Prevention System, the UTM also works as a gateway agent for malware and spam control. Some of the benefits of the Unified Threat Management (UTM) system are the following:
- Hardware Gateway for high-speed Access (>1Gbps)
- Authenticated Access and hardware
- Anti-malware Gateway
- Hardware Firewall
- High Availability of Firewall and Internet access
- Network Access Control and endpoint security
The division also takes care of the various IT security needs of the above installations and that of the Institute at large. The recommendations and guidelines of the CISAG (Computer & Information Security Advisory Group), DAE are followed and periodic exercises and assessments are carried out. As instructed by the CISAG (Chief Information Security Audit Group, DAE), initiatives were taken to form a group of technical members to help CISO in the domain of work.
The facilities are also extended to all conferences and workshops held in the institute and to the visitors, summer students and undergraduate associates. Computation is another important facility provided by the Division to the inside and outside users of the Institute. Four 4-CPU servers and one 32 CPU server are run round the clock to serve this purpose. The division also takes care of the various IT security needs of the above installations and that of the Institute at large. The recommendations and guidelines of the CISAG (Computer & Information Security Advisory Group), DAE are followed and periodic exercises and assessments are carried out. As instructed by the CISAG Chief Information Security Audit Group, DAE initiatives were taken to form a group of technical members to help CISO in the domain of work.
Apart from these the members of the Division are also involved in Users' counseling, in-house software development, research in different fields of Computer Science as well as training to the students in the discipline of Computer Science.