NssItInfrastructure

<META name="ROBOTS" content="NOINDEX,NOFOLLOW">

  1. NSS Information Technology Infrastructure Wiki
    1. Known Best Practices/Requirements
    2. Implementation Requirements
      1. Baseline Functions
        1. Domain Name Service
        2. SMTP Mail Server
        3. Internet WWW Server
        4. IPSEC Authentication and Encryption Services Platform
        5. Firewall
        6. Regenerative, self healing personality/code base management system
        7. Fail-over Connectivity/Core Services Manager
        8. Unwanted Mail Filtering
        9. Remote Authentication/Management
      2. Enhanced Optional Functions
        1. IP Print Server
        2. Exported File System Server (SMB, NFS, and Netware Compatible)
        3. Email/Fax Gateway
        4. Backup Manager
        5. Discussion Server
      3. Custom Optional Functions*
        1. CyberTeams Director Suite
        2. Mailing List Manager
        3. eCommerce Server
        4. Remote Access Server
        5. Fax Server
        6. Remote Offsite Backup Manager
        7. Remote Control Server (CPE/Facility Status/Control/Management Server)
        8. Voice Mail Server
        9. Streaming Audio/Video Server
      4. Hardware Description
      5. Software Description
      6. Hosting Requirements

NSS Information Technology Infrastructure Wiki

  1. The National Space Society (NSS) does hereby establish an Information Technology Infrastructure policy which implements "known best practices" for availability, data integrity, connectivity, and infrastructure management.

Known Best Practices/Requirements

  1. Domain Name Management

    1. Domain names shall be registered in the name of the Society.

    2. Domain name renewal, and designated contact information (billing, administrative, and technical) shall be up dated at least annually.

  2. Website Management

    1. An Secure Socket Layer (SSL) certificate from a trusted root certificate authority shall be purchased and maintained for use on all Society websites which require transfer of private financial information.

  3. Membership Data Base Management

    1. Access of changes to the membership data base system shall be contolled via a password protected interface with all transactions/changes being logged.

    2. Routine access to the membership data base system shall be via a secure IPSEC encrypted link between networks.

  4. Failure Tolerance/Availability

    1. The NSS shall establish an availablility requirement for each required information technology function/component.

    2. The NSS shall define, implement, and/or field the necessary failure tolerance infrastructure and support resources to met the availability requirements.

  5. Mail Management

    1. The NSS shall define, implement, and/or field the necessary information technology infrastructure and support resources to operate mail.nss.org and subdomain mail resources as may be deemed necessary to provide for the efficient and effective conduct of Society business.

    2. The NSS shall define, implement, and/or field the necessary information technology infrastructure and support resources to mitigate any adverse impacts of the operation of mail.nss.org and subdomain mail resources on their respective users or others. Such measures shall include at a minimum: spam scoring/tagging, spam filtering, anti-virus scanning, and mailing list control.

    3. The NSS shall define and prototype the necessary information technology infrastructure and support resources to transition mail.nss.org and subdomain mail resources as may be deemed necessary to a managed mail environment when deemed necessary to provide for the efficient and effective conduct of Society business.

  6. Ecommerce Management

    1. Credit card information stored on a National Space Society computer resource (wholely owned, contracted for, or borrowed/lent/shared) shall not be stored for longer than it takes to process and log the transaction.

    2. The NSS shall at the earliest opportunity

  7. Collaboration Management

    1. The NSS shall define, implement, and/or field the necessary information technology infrastructure and support resources to operate such collaboration tools as may be deemed necessary and appropriate to provide for the efficient and effective conduct of Society business.

Implementation Requirements

Baseline Functions

Domain Name Service
SMTP Mail Server
Internet WWW Server
IPSEC Authentication and Encryption Services Platform
Firewall
Regenerative, self healing personality/code base management system
Fail-over Connectivity/Core Services Manager
Unwanted Mail Filtering
Remote Authentication/Management

==== HTTP Proxy Server ====

==== Intranet WWW Server ====

==== DHCP Server ====

Enhanced Optional Functions

IP Print Server
Exported File System Server (SMB, NFS, and Netware Compatible)
Email/Fax Gateway
Backup Manager
Discussion Server

Custom Optional Functions*

CyberTeams Director Suite
Mailing List Manager
eCommerce Server
Remote Access Server
Fax Server
Remote Offsite Backup Manager
Remote Control Server (CPE/Facility Status/Control/Management Server)
Voice Mail Server
Streaming Audio/Video Server

Custom functions may require additional software, hardware, and/or services

Hardware Description

* 2U Rack Mount Chassis with 6 Hot-Swappable U160 SCSI drive bays * Dual Processor Capable Mainboard w/U160 SCSI, Video, and LAN onboard * Pentium III FC PGA2 Processor (2nd Processor optional) * Hot-swappable Power Supply (2nd Power Supply optional) * Hot-swappable 18 GB U160 Hard Drive (2nd - 6th Hard Drives optional) * 256 MB Main Memory Standard (up to 6 GB optional) * Slimline Floppy/CD ROM * Tape Backup System (optional) * 256 MB USB Memory Key Non-volatile Emergency Boot Device * Internal 56K Remote Access/Fail Over Connectivity Modem, Standard (ISDN optional) * Secondary Network Interface, Standard ( 4 port optional)

Software Description

* Core Operating System SuSE Enterprise Linux 9.X

* Custom Control and Configuration Management Software, Standard

* Bind (DNS), Standard

* Sendmail (SMTP), Standard

* Apache (WWW Server), Standard

* Amanda (Backup), Standard

* Squid (http proxy), Standard

* Freeswan (IPSEC), Standard

* Open SSH (remote authentication), Standard

* Slash (discussion management), (Optional)

* Lightning Fax (Fax software/gateway) (Optional)

* Visual Pulse (CPE Monitoring) (Optional)

* StoreSense (eCommerce) (Optional)

Hosting Requirements

* Primary Internet Connectivity (sDSL is recommended, however primary connections ranging from dual analog to T1 are supported.

* At least two real routable IP addresses are required for the control net

* A subnet with a suitable number of routeable IP addresses is required for the client net

* Fail-Over Connectivity (ISDN BRI or analog telephone line)

* A dedicated or shared Uninterruptible Power Supply supporting simple signaling via serial or USB interface is required.

* Equipment must be operated in a well ventilated room where the ambient temperature is kept below 80 degrees at all times.

* Suitable physical space must be allocated to allow the operation and service of the equipment.

* Partial or Full Rack mount enclosures are recommended but not mandatory.

last edited 2006-10-21 22:45:12 by GaryBarnhard