Facilities

The facilities within the department fall into three main groups based on the platforms we support.

Platforms

The three platforms are Unix (mostly Linux), Windows (mostly Windows 10 and 11), and Macintosh (macOS). Despite the wide variety of machine types, all systems communicate and share resources via standard Internet protocols (TCP/IP over Ethernet).

Unix (mostly Linux)

The department’s Unix machines currently include many Intel or AMD-based servers and desktop workstations (mostly by Dell), running Linux (mostly Ubuntu or RHEL variants).

Our network of Unix systems is seamlessly integrated using NFS (for file sharing), IPA (for authentication), and SSH (for remote access). The Unix network includes a departmental file server, whose disk capacity is currently over 40 TB, with over 12 TB for user file storage.

Our Unix server facilities also include login servers (Intel or AMD64-based servers running Linux), a GPU server cluster (with 4 NVIDIA A40 GPU's), and a shared-memory multi-processor compute server cluster (4 servers, each with 2 14-core Xeon processors and 128 GB of memory, running Linux).

Windows (mostly Windows 10 and 11)

The department and its staff support several labs with desktop systems running Microsoft Windows 10 Education (or Pro or other versions) accessible by graduate students as well as senior undergraduates.

Windows servers provide centralised active directory accounts and file storage for these systems.

Macintosh (macOS)

The department also provides several Macintosh systems ranging from a lab of Apple M2-based iMac workstations to support for various other macOS-based systems.

All of these machines are networked together to provide networked file sharing between the Macs and other machines.

Print facilities

Print facilities include four networked PostScript laser printers, each capable of doing duplexed printing. Wide-carriage printing and document scanning are available on one of those printers; colour printing is available on another.

Everyone is also encouraged to visit the unofficial guide to computing facilities webpage to have a more comprehensive list and information about the different facilities.

Research groups

In addition to the departmental facilities, many research groups provide their own facilities, which may be administered by the department’s technical staff, or “self-administered” by the research group. Please visit the Computer Science research groups webpage for more information.

Self-administered machines guidelines

These guidelines aim to ensure the safe and optimal use of self-administered machines in various applications within the department.

Definition

For the purpose of these guidelines, “self-administered machine” shall refer to any machine (server, desktop workstation, or laptop computer), regardless of operating system or applications, that will be networked or allowed to share data with any departmental or University machine regardless of medium (network or removable storage medium) and that will be set up and/or maintained, in whole or in part, by its owner and/or a third party other than qualified departmental technical support staff.

This includes, for example, privately owned laptops owned by students or staff that will be connected to a departmental or University network.

Guidelines

The department of Computer Science would prefer that owners rely on our technical support staff for the set-up and ongoing maintenance of all machines used within the department, in support of teaching and research.

However, we recognize that there may be cases where more control may be required by the owner or a third party, to deal with exceptional situations in a timely manner, without adversely impacting the teaching or research goals of the machine and that owners may therefore opt for self-administration.

In order to avoid adversely impacting on the rest of the department or the University, the following guidelines will be followed, in all cases where they are applicable, by owners of self-administered machines:

    Installation and set-up of the machine

    Installation and set-up of the machine will be done after some consultation with departmental technical support staff, to assure that initial or potential problems are addressed.

    Technical support staff will also be consulted anytime the owners or maintainers of the machine are unsure of what security or maintenance procedures need to be followed.

    Networked machines registration

    All networked machines should have their MAC address registered with our technical support staff and should be configured to obtain an IP address using DHCP.

    Manually assigned IP addresses are not to be used on a departmental network at any time without the prior approval by the technical support staff.

    Installation of all vendor-supplied security-related software updates or patches

    Installation of all vendor-supplied security-related software updates or patches will be done on a regular and timely basis, as they become available. This includes maintaining up-to-date anti-virus software on all applicable systems.

    This remains the owner’s responsibility, but support staff may assist in this task if requested.

    Information about security-related updates

    Information about security-related updates for the applicable software will be obtained on a regular and timely basis, by whatever means available and applicable that are deemed most reasonable, e.g. subscription to a mailing list, consulting applicable news groups or web sites.

    Authorization to machine configuration

    Technical support staff will be consulted for authorization prior to any changes in machine configuration which may impact the network or other machines, such as setting up network services and file-sharing services (WWW, FTP, Peer-to-peer, or any other similar service).

    Adding wireless equipment or other networking device

    Before adding any wireless equipment, router, firewall hardware, or other networking device, technical support staff should be contacted and they will in turn notify IST/ACN if appropriate.

    Access to machines with administrative-level access

    Technical support staff should be provided with access to the machine, including administrative-level access, at setup time, to allow rapid response if/when problems occur.

    If this is not done, immediate disconnection of the machine from departmental and university networks is to be expected if problems arise and re-connection will not be permitted until all problems are satisfactorily resolved.

    Perform security analysis on machines

    Technical support staff will be allowed to perform security analysis on the machine, either locally (by logging into the machine) or remotely (using appropriate network monitoring and scanning tools), periodically or as required.

    Technical support staff will report any vulnerabilities thus discovered to the machine’s owner.

    Reasonable access control mechanisms

    Reasonable access control mechanisms will be used to ensure that the machine is accessible only to authorized users.

    This would include controlling physical access to the machine, use of secure and private passwords by all users, and disabling of any vulnerable accounts, such as guest accounts or other similar initial accounts with weak passwords or no passwords at all and/or whatever other access control is appropriate for the software being used.

    Delegating system maintenance

    If the maintenance of a system is delegated to someone other than the owner (for example, to a graduate student), the technical staff should be informed of this delegation. In case of problems caused by improper maintenance, the responsibility remains with the owner.

    Detailed list of the guidelines

    1. Installation and set-up of the machine will be done after some consultation with departmental technical support staff, to assure that initial or potential problems are addressed. The technical support staff will also be consulted anytime the owners or maintainers of the machine are unsure of what security or maintenance procedures need to be followed.
    2. All networked machines should have their MAC address registered with our technical support staff and should be configured to obtain an IP address using DHCP. Manually assigned IP addresses are not to be used on a departmental network at any time without prior approval by the technical support staff.
    3. Installation of all vendor-supplied security-related software updates or patches will be done on a regular and timely basis, as they become available. This includes maintaining up-to-date anti-virus software on all applicable systems. This remains the owner’s responsibility, but support staff may assist in this task if requested.
    4. Information about security-related updates for the applicable software will be obtained on a regular and timely basis, by whatever means available and applicable that are deemed most reasonable, e.g. subscription to a mailing list, consulting applicable newsgroups or websites.
    5. The technical support staff will be consulted for authorization prior to any changes in machine configuration which may impact the network or other machines, such as setting up network services, and file-sharing services (WWW, FTP, Peer-to-peer, or any other similar service).
    6. Before adding any wireless equipment, router, firewall hardware, or other networking devices, technical support staff should be contacted, and they will, in turn, notify IST/ACN if appropriate.
    7. Technical support staff should be provided with access to the machine, including administrative-level access, at setup time, to allow rapid response if/when problems occur. If this is not done, immediate disconnection of the machine from departmental and university networks is to be expected if problems arise, and re-connection will not be permitted until all problems are satisfactorily resolved.
    8. The technical support staff will be allowed to perform security analysis on the machine, either locally (by logging into the machine) or remotely (using appropriate network monitoring and scanning tools), periodically or as required. The technical support staff will report any vulnerabilities thus discovered to the machine’s owner.
    9. Reasonable access control mechanisms will be used to ensure that the machine is accessible only to authorized users. This would include controlling physical access to the machine, use of secure and private passwords by all users, and disabling any vulnerable accounts, such as guest accounts or other similar initial accounts with weak passwords or no passwords at all, and/or whatever other access control is appropriate for the software being used.
    10. If the maintenance of a system is delegated to someone other than the owner (for example, to a graduate student), the technical staff should be informed of this delegation. In case of problems caused by improper maintenance, the responsibility remains with the owner.

    Failure by the owner or designated third parties to comply with these guidelines can result in immediate removal of the affected machine(s) from the network. Other subsequent actions may be taken by the technical staff after consultation with the department head for approval.

    Technical support staff reserve the right to take reasonable measures to address problems that do arise, without the owner’s explicit permission, if the problems affect other machines or users of the network. The Department reserves the right to restrict or deny further access to the network by the affected machine(s) if problems are not addressed.

     

    You may also be looking for

    Contact us

    Department of Computer Science
    E2-445 EITC, 75 Chancellors Cir
    University of Manitoba
    Winnipeg, Manitoba, R3T 5V6 Canada

    queries@cs.umanitoba.ca - General inquiries
    cs-support@lists.umanitoba.ca - Technical support for students

    204-474-8313
    204-474-7609
    Our office is open Monday to Friday, 8:30 a.m. to 4:30 p.m.