Wiring Laptops and Self-Administered Desktops

What are the specifics of the red network?

CSLab maintains a number of discrete networks, one of which is the 'red' network. This network has a protective firewall, and rules are in place that prevent any two machines on the red network from directly communicating. Because we are unable to ensure that adequate security measures are taken to protect machines which we don't administer, we must fall back to a position that at least allows us to protect other users of the red network should a machine be compromised.

For example, we cannot prevent a user from allowing their desktop or laptop to be compromised by a worm because they didn't regularly update their security patches. We can do the next best thing for the community, which is to prevent the compromised computer from propagating the worm to other computers on the same network.

We allow most common services outbound from the red network, and allow ssh connections into the red network. These are the default restrictions, and if they prove to be too restrictive for you to function and you need special firewall considerations, we suggest that you probably need to move from the red network to a private network that we can build for you.

How do I have my computer put on the red network?

By default you will have a dhcp-leased dynamic IP address on the red network. If you need to have a static IP for some particular reason, please contact your Point of Contact (POC) - there may be more optimal solutions than simply a static IP, i.e. a private network.

Please see Wired Laptops on the CSLab Network for details on how to have a new machine put on the red network. If you are requesting access for a desktop rather than a laptop, please note that in your email to your POC.