News

In the 33rd issue of the Network Computing, we have reported the installation of new Windows XP operating system on PCs of the Lecture Theatres (LT) and classrooms. Now, let's talk about the problems that have been reported since its installation.User Login In order to increase the network security level of all public accessible PCs, all users including those in the LT and classrooms are required to login before they can access the campus network and Internet. Unlike the previous Windows 98 environment that did not require any login, this inevitably causes users some inconvenience and they may take some time to get used to it. To minimize this hassle, a second boot option with no user login is available for those lecturers who do not require any network access and downloading of software during their lectures. If they really need certain data for lectures, they can simply store it on any one of the media supported by the local storage devices (CD, Zip disk, floppy, USB memory stick, etc) of the PCs in the LT and classrooms, and bring it along to the class.

Since September 2002, in addition to the normal support work, the Computing Services Centre (CSC) has been busy carrying out the campus-wide PC operating system upgrade to English Windows XP with mutli-language pack. This again is a large-scale upgrade exercise covering around 1,600 Staff LAN PCs. So far, we have completed around 1,200 PCs and are behind schedule because of the following problems:

The Virtual Private Network (VPN) has risen fast to become a major networking technology in just a few years. With a VPN, you can send data, via a shared or public network in a manner that emulates a point-to-point private link, between two networks (routers), between two servers, or between a client and a server. In this article, we will focus only the VPN connection mode between a client and a server. In this mode, the remote PC (installed with a VPN client software) utilises the existing telecommunications infrastructure (e.g. phone lines, broadband services, dedicated Internet link, etc.), and a tunneling protocol (incorporated with other authentication and encryption protocols) to securely access resources inside the corporate Intranet through a VPN server.

City University of Hong Kong, together with 25 other organizations and companies, was presented the Web Care Award by the Internet Professionals Association (iProA)in recognition of their meeting the primary "no barrier websites" requirements.The web care award was accorded to the CityU Homepage and the University's centrally maintained web pages. It reflects the University's commitment to web accessibility and support to the Web Care Campaign. The University has also produced a set of tips for staff to help internal departments make their websites accessible.

The University has stepped up measures to promote staff awareness of copyright liability concerning computer software. From September 2002 to March 2003, all academic and administrative units are required to conduct a software asset self-assessment exercise to identify actual software that is used on each personal computer and its licensing status. Moreover, as a University policy, individual units are required to purchase any new software through the centralized i-Procurement system."We want staff members to go through the i-Procurement system, so that we can capture the purchase records and the software inventory will be updated automatically," said the Chief Information Officer, Dr Jerry Yu. "The initial assessment exercise will make the University aware of the software needs and problems of individual departments," he explained. "But if departments are using unlicensed software, we will have to ask them to erase such software, or to purchase proper licenses."

The anti-virus software (Mcafee) has been made available centrally for every PC on staff LAN. Users are regularly informed to update their anti-virus signature file (a file used by anti-virus software to detect the presence of any known viruses). However, for some reasons, almost everyday some staff PCs are still found to have contracted viruses.We believe the ever-presence of virus infection in some staff PC, is due to the following:

As Internet is becoming the essential path for communications, both the number of applications and the data volume they generate deplete Internet bandwidth rapidly. These include normal network application programs such as FTP, Web, video services as well as other personal applications such as KaZaA (peer-to-peer*(P2P) applications) and ICQ (chat applications).In order to prevent abuses, to maintain fairness in bandwidth allocations among users (especially the Internet bandwidth), and to ensure the effective management of the bandwidth by the Computing Services Centre (CSC) under various tight-bandwidth situations, it is necessary that a Rate Limit Policy be adopted for the University. The policy below is in fact the common practice of many universities that have successfully curbed and limited the impact brought about by these applications:

Over the past few years, a number of "peer-to-peer (P2P)" file-sharing applications have emerged to enable sharing or swapping of files among participants of a community (or members of a network). A computer can become a participant of a community by running any one of the applications specially written for that community. Once running, the application automatically shares the files of the participant's computer with the other participants' computers worldwide if the former does not take specific actions to block the access.

In the past few months, thanks to departments' cooperation, the Computing Services Centre (CSC) has successfully completed the registration of IP addresses and network cards used on the campus network. This information can help the CSC rectify problems and notify the victim users more quickly. In order to minimise the security threats arising from illegal network connections using unregistered IP addresses or network cards and to better protect the cyber-community of the University, effective from 1 September 2002, all such IP addresses or network cards, once found, will be immediately filtered (blocked) from the network without prior notification.

Like most of the other organisations, our University is experiencing rapid growth in the use of IT at the time when reduction of supporting manpower continues. Seeking ways to optimise the effectiveness and efficiency of the available support work force is inevitably the only solution to the problem. Server consolidation on the operating system platforms, data storage and the services has therefore been adopted as one of our strategies to meet the challenge. Consolidation of servers in the CityU is divided into three parts, namely Central Unix-based application servers and storage, departmental Windows-based LAN servers and storage, and Central Web and FTP servers.