Presentation information system on Zavod Anton Martin Slomšek

Jožef Brecl
[email protected]
Zavod Antona Martina Slomška

Domen Kovačič
[email protected]
Zavod Antona Martina Slomška

Povzetek

V Zavodu Antona Martina Slomška smo pri razvoju informacijskega sistema želeli uporabnikom olajšati dostop do različnih aplikacij z enotno prijavo, narediti fleksibilno in varno omrežje, vse pa doseči ob cenovni sprejemljivosti. To predstavlja velik izziv, saj je IS kot celota sestavljen iz veliko podsistemov, ki so tako z vsebinskega kot tehnološkega vidika zelo raznoliki. Za povezovanje Microsoftovih produktov smo postavili domenski strežnik in aktivni imenik (AD). Za povezovanje aplikacij, ki z AD ne  komunicirajo, uporabljamo LDAP. Sinhronizacijo obeh imenikov izvajamo z MDM.
Za varovanje omrežja smo postavili napreden požarni zid, notranje omrežje pa je ločeno z uporabo navideznih omrežij. Dodatni varnostni element predstavlja preverjanje pristnosti (802.1x).

Ključne besede: enotna prijava, VLAN, aktivni imenik, LDAP, MDM, 802.1x

Abstract

In the institution of Anton Martin Slomšek we have been developing an information system to facilitate users, who want to access multiple applications via a single sign-on, and create a flexible and secure network, all at a reasonable price acceptability. This poses a great challenge because IS is made up of many subsystems, witch are very different both from substance and technological point of view.
For the integration of Microsoft products, we set up a domain controller and an Active Directory (AD). For the integration of applications, that do not work with the Active Directory, we use LDAP. Synchronization of these two directories is performed with MDM. To protect the network, we set up an advanced firewall. Internal network is separated with the use of virtual networks. For added security we have implemented authentication (802.1x)..

Key words: Single Sign-On, VLAN, Active Directory, LDAP, 802.1x