From LSU ECE Wiki
As part of the ITS Network 2010 Plan, the LSU network is being segmented into logical sub-networks to enhance network security, functionality, and to reclaim unused IP addresses.
|Engineering Research & Development||?||188.8.131.52/23||?|
|Patrick F. Taylor||?||?||?|
The Demilitarized or Demarcation Zone (DMZ) is, in simplicity, a network, or sub-network exposed to the greater Internet. See the Wikipedia article for greater detail. The DMZ network will be a public IP space where IP addresses are allocated by DHCP reservations only (see IPAD)
A DMZ network is necessary because ITS has implemented a firewall at the Internet border, and has begun tightening security policies that limit access from off-campus users trying to reach devices on the LSU network. All hosts that do not reside in the DMZ network will be unreachable from off campus unless a VPN connection is used. This will not, however, have any effect on LSU users trying to access the Internet. This will only prevent off campus hosts from initiating a connection to devices on the LSU network.
Office & other personal machines are to be individually registered for network access using NETREG. A user registers his/her machine by navigating to the NETREG site, inputting PAWS ID & password, and following the on-screen directions. Typically the website instructs the user to reboot after a specified time (e.g. 55 seconds). Rebooting or renewing the DHCP lease will allow the machine on the network by assigning a publicly-routable IP address and updating the DNS entry for the IP (see DDNS). If the Windows machine is in the LSU Active Directory, the FQDN will be the <hostname>.lsu.edu (e.g. ee-299-tiger2.lsu.edu). If the machine is not in Active Directory (non-Windows or simply not in AD), the default FQDN will be of the form: <pawsid>-<index>.lsu.edu (e.g. mtiger1-1.lsu.edu for the first machine registered, mtiger1-2.lsu.edu for the second).
User machines will only be accessible from off-campus by using the VPN client. User machines should be able to access other on-campus network resources, provided these resources permit access.
The printer network is for all printers except those belonging to Graphic Services. Static reservations must be done via IPAD. The printer network will only be accessible from on campus (or off campus via VPN).