Network
- MWN Connection
- Service Option Network Support
- Service Option VPN into MWN
- Service Option Virtual Firewall
- Service Option VPN Institutions
- Service Option DHCP-Service
- DNS as a Service (DNSaaS)
- Service Option DNSSEC as a Service (DNSSECaaS)
- WLAN and Eduroam
- Service Option Extended WLAN coverage
- Service Option Frequency and Positioning Planning of Access Points
- Internet Access at Events
- Registration Domain Name
The LRZ can offer institutions the use of a multi-client capable virtual firewall (vFW). The virtual firewalls are based on pfsense and are implemented as virtual machines on servers in the core network nodes. Per customer two virtual firewall instances are realized, which are operated fail-safe on different servers. The vFW also offers the possibility to operate a VPN server to enable the members of the institution to connect to the VPN server on the vFW via insecure networks. To use these services, a minimum size of the network is required. More than 8 IP addresses must be protected by the firewall. In addition, the networks of the institutions to be protected by vFW must be connected to vFW via VLANs. This is necessary:
- Configuration of the network for the use of vFW (VLAN)
- Providing the vFW with default settings
- Advising the user on the configuration of the vFW
Only institutions that are connected to the MWN can use this service.
Scope of Services and Service Specifics
The user himself is responsible for the configuration (except default settings) of the vFW and the VPN server. He can use the default setting or change the configuration himself via a WEB interface or command line.
One-off services:
- Configuring the network for the use of a vFW (VLAN)
- Entry of the administrators in the authorisation database
- Advice for the user on configuring the vFW
- Costs for hardware and software
- Fees for ongoing operation.
Permanent services:
- Maintenance of the vFW (software and hardware maintenance)
- Advice for the user
Service Parameter
Maintenance times: Every Tuesday and Thursday from 7:00 to 9:00
The managed network is operated as trouble-free and uninterrupted as possible. Fixed maintenance periods ("maintenance windows") are reserved for the performance of planned routine maintenance, set-up and installation work as well as for software and hardware updates. Maintenance windows are generally only used when necessary, taking into account the requirement to keep the effects as low as possible.
Emergency maintenance measures due to a given reason (e.g. CERT security advice) will be carried out immediately by the LRZ to ensure the security of the MWN. Information about the emergency and the maintenance measures carried out, as well as their expected duration and purpose, will be provided immediately via appropriately defined mechanisms.
Interruptions (when approximately, how long and which areas or services are affected) are announced at least one day in advance. The announcements are made via
- the LRZ Service Status Board (https://status.lrz.de) and
- the customers concerned are informed directly by e-mail.
Setup times: 2 weeks after all requirements have been met
Prerequisites are e.g. setting up the network to be protected with VLAN, entry of the FW administrators in the authorization database, training of the administrators.