Transcript Slide 0
IT Briefing
August 2006
IT Briefing Agenda 8/17/06
• Organization tweaks
• Karen Jenkins
• EOL Demo
• John Maxwell
• Symantec Reporting demo • Daniel Palmer
• VPN Update
• Jay Flanagan
• Email & IdM
• John Ellis
• NetCom Q&A
• Paul Petersen
1
Organization Tweaks
• Windows, Unix teams moved from
OIS to CTS
• ERP systems moved from ADS to CTS
– Improve efficiencies and planning
– OIS focus on major data center
initiatives
– Steve Siegelman Interim IT Technical
Lead for the Systems group (Windows,
Unix, and ERP
2
Organizational Tweaks (cont.)
• Jay Flanagan responsible for the Security,
Email, and IdM teams
• Linda Erhard, IT Governance Liaison,
moved from CTS to directly reporting to
Rich Mendola
• OIS special projects position expanded to
also support CTS
• AAIT will continue to adjust as/if needed
to address strategic initatives
3
John Maxwell
Key changes to Emory Online
Standalone software installers no longer
included on Emory Online
Includes Emory Unplugged configuration
tools and documentation
Better integration with Residential
Network Registration
Internet shortcuts provide tie-ins for
spreading the word about campus IT
services.
5
Emory Online Fall 2006 Process
1.
2.
3.
4.
Welcome
Security Scan
Configure Wireless
Get Connected!
6
Process Breakdown – Windows
2. Security Scan
•
InstallScript application that secures, scans,
and patches a user’s Windows installation
3. Configure Wireless
•
•
AutoIt script configures user’s wireless
connection for Emory Unplugged
Emory Unplugged PDF for Windows XP
4. Get Connected!
•
•
Sets IE homepage to IT orientation site and
places a internet shortcut (.url) on their
desktop
AutoIt script that tests for a 10.140
connection and launches CAT executable
7
Process Breakdown – MacOS X
2. Security Scan
•
Advises user to use Software Update “early and
often” and to download NAV for Mac from Software
Express
3. Configure Wireless
•
•
AppleScript application configures local AirPort
connection for Emory Unplugged
Emory Unplugged PDF for OS X
4. Get Connected!
•
•
Sets Safari homepage to IT orientation site and
places an internet shortcut (.url) on their desktop
Opens Safari to http://netreg.service.emory.edu/ for
network registration
8
Security Scan
1.
2.
3.
4.
5.
6.
7.
8.
9.
Enables Windows XP firewall
Enables Automatic Updates
Installs and runs CCleaner
Runs McAfee Stinger
Installs Symantec AntiVirus
Installs and runs SpybotSD
Installs Service Pack (if Emory-owned)
Installs Critical Updates (if Emory-owned)
Instructs user to set passwords on all
Windows accounts.
9
Emory Online Fall 2006
•Demonstrate new features
10
Emory OnLine
Questions
11
Special Thanks to:
• All the testers…
• Lee Clontz
• Donna Price
12
Feedback & Questions to:
[email protected]
13
Symantec AV
Reporting
@ Emory
Daniel Palmer
Symantec AV Reporting
Glimpse of current AV @ Emory
1 Managed “Campus” server (Wolf)
Several Departmental Servers
(AAIT, Emory College, Law School, etc)
1 Reporting Server (sesa)
AV client count varies based on the dept
Wolf - ~9900 clients
AAIT - ~250 clients
15
Symantec AV Reporting
Good Info but got anything useful?
How about…..
On Wolf in the past 24 hours …..
6001 of 9904 clients have checked in
2947 clients with 10.1.0.401
263 clients with 10.0.2.2001 are infected*
23 clients checked in with Auto Protect disabled
How about…..
PC named “pickle” (mub is the user) hasn’t checked in since
07/20/2006 17:54:47
Def Date 7/19/06 Rev 24
AV Version - 10.0.2.2001
16
Symantec AV Reporting
Symantect AV Reporting Server
1 Reporting Server running IIS and MSSQL Server
Pros
Web Interface
Very Simple Dashboard
Lots of canned reports
Cons
Some functions need Internet Explorer
Does NOT authenticate to LDAP
17
Symantec AV Reporting
Demo
18
Symantec AV Reporting
Wanna Join?
RequirementsMust have some delimiting criteria
i.e. Managed Server
Single naming convention (PSFT*)
Single IP subnet (170.140.187.x)
Let us know if you are interested in using the
Symantec AV Reporting Server
Send an email to [email protected]
19
Symantec AV Reporting
Questions
20
F5 VPN
Update
Jay D. Flanagan
Andy Efting
Background
• Replacement for SecuRemote
• Usage: http://vpn.emory.edu
• Documentation available online at:
it.emory.edu/showdoc.cfm?docid=6389
22
Future
• Proposed replacement for
vpn.service.emory.edu
• Targeting January 1, 2007 for
decommissioning
• GINA
23
GINA
• Requires simple client install
• Creates VPN tunnel during logon
• Passes authentication credentials as
if sitting on the network
24
25
26
27
28
Upgrade
• Firepass 5.5 to version 6.0
• Friday morning (Aug. 18), 6:30 AM
• Provide GINA functionality for
production
29
Summary
• Successful transition to F5 for Admin
Core users
• Planned transition to F5 to replace
vpn.service.emory.edu
• Planned upgrade to provide GINA
support
30
VPN / GINA
Questions
31
Email and IdM
Updates
John Ellis
Emory Backbone
Upgrade Status
and Timeline
Paul Petersen
Agenda
• New Core Status
• New Firewall Status
• Working Timeline
34
New Core
• New Core Status
NDB
Cox Hall
Clairmont
Crawford
– All Routers installed
– Router code issues resolved
– Cautiously moving LANs
• 8/14 - Anatomy Basement
• 8/15 - The Depot
• 8/16 - Facilities Management
• 8/17 - Schwartz Performing Arts Center
• 8/18 - Cox Hall
North
EUH
35
New Firewall
• New Firewall Status
–
–
–
–
The New Firewalls are installed
The Management System is installed
Each Virtual Firewall Context has been built
Migration will start after border network is
formed
FWCOX1
Cox1
North1
Cox2
North2
Clairmont1
Clairmont2
EUH1
NDB1
Crawford1
FWNDB1
Crawford2
EUH2
NDB2
36
Working Timeline
Date
Task
09/15 Continue to migrate targeted LANs to the new core
09/18 Post new comprehensive upgrade schedule on the web
09/29 Border Network Consolidated
09/29 Internet2 Uplink upgraded to 10 Gigabit
09/29 Academic Border Firewall migration to new firewalls
37
Working Timeline
Date
Task
10/10 ResNet Firewall and LANs migrated to new hardware
10/20 Secure Admin and DMZ firewalls migrated to new core
11/03 Healthcare firewalls migrated to new core
01/16 Academic, Secure Academic, and DMZ migrated to new core
01/31 Healthcare LANs migrated to new core
38
NetCom
Questions
39