Docstoc

Standard for Apple desktops

Document Sample
Standard for Apple desktops Powered By Docstoc
					Government Standard on Information &
Communication Technology

SAGOV/S6.1.6 Standard for Apple
desktops
Version:          1.3F




 Approver:        Karin Geraghty
                  Chair, Technology Strategy and
                  Standards Steering Committee



 Signature:


 Date Approved:
                                            Public


Document Control

Document Location
\\adminsrvad\dfsroot\DataDTEI\OCIO\StrategyInnovation\07 Policies, Standards and
Guidelines\Current\Standards for Apple desktops S6.1.6\SAGOV_S6.1.6 Standards for Apple
desktops V1.3F.doc

Electronic Records Management Information
File Folder Number: OCIO09/0117 – Document Number: 6017696

Author(s)                     Function / Role
Christian Bertram             Enterprise Architect
Andrew Jones                  Manager Strategy and Standards

Revision by                                               Version      Date
Approval Draft                                            1.0 (AD)     26 July 2010
Approval Draft                                            1.1 (AD)     25 March 2011
Approval Draft                                            1.2 (AD)     6 Sept 2011
Final                                                     1.2F         21 Dec 2011
Revised Draft                                             1.3          18 Apr 2012
Approved version                                          1.3F         25 June 2012




Version 1.3F                                Page 2 of 8               Created on 27/06/2012 8:06 AM
                                            Public
                                                     Public


Government Standard on Information & Communication Technology

 Confidentiality:                   Public                   Version:      1.3F


 Audience:                      SA Government Agencies
 Compliance:                    Required
 Creator:                       Integrated Computing Environment Technical Committee
 Approver:                      Technology Strategy and Standards Steering Committee
 Issued:                        25 June 2012
 Review Date:                   25 December 2012
 Primary Contact:               Strategy & Innovation Directorate, Office of the Chief Information Officer,
                                Tel: 8226 5573




 This policy or standard is intended for use by South Australian Government agencies only. Reliance upon this
 policy or standard by any other person is entirely at their own risk and the Crown in the right of South Australia
 disclaims all responsibility or liability to the extent permissible by law for any such reliance.



                                                              This work is licensed under the Creative Commons
                                                              Australia Attribution 3.0 License .
                                                              To attribute this material, cite Government of South
                                                              Australia 2011, SAGOV/S6.1.6 Standard for Apple
                                                              desktops version 1.3F.




Version 1.3F                                        Page 3 of 8                       Created on 27/06/2012 8:06 AM
                                                     Public
                                                        Public



                                           TABLE OF CONTENTS

1.       PURPOSE ............................................................................................. 5 

2.       CONTEXT ............................................................................................. 5 

3.       SCOPE.................................................................................................. 5 

4.       CONVENTIONS .................................................................................... 5 

5.       STANDARDS ........................................................................................ 6 

6.       IMPLEMENTATION .............................................................................. 7 

7.       REFERENCES & LINKS ...................................................................... 7 

ANNEX A           APPLE DESKTOP STANDARDS .............................................. 8 




Version 1.3F                                           Page 4 of 8                          Created on 27/06/2012 8:06 AM
                                                        Public
                                                        Public


1.       PURPOSE

         This document identifies the requirements for Apple desktops used in the conduct of SA
         Government business.

2.       CONTEXT

         On 3 December 2008, the ICT Board accepted four recommendations from the Managed
         Operating Environment Business Case Project relating to the government’s future computing
         environment. One of the recommendations was to develop strict standards to support a
         multivendor/multi-solution environment.

         In February 2010, the then Strategy and Standards Steering Committee established the
         Integrated Computing Environment Technical Committee to develop and maintain those
         standards. They were published in June and September 2010.

3.       SCOPE

         This standard applies to Apple desktops used in the conduct of SA Government business.

4.       CONVENTIONS

         The terms used in this document are to be interpreted as described in Internet Engineering
         Task Force (IETF) RFC 2119 entitled “Key words for use in RFCs to Indicate Requirement
         Levels”.1




1
    Bradner, Scott, Key words for use in RFCs to Indicate Requirement Levels, RFC 2119, Harvard University, March 1997.
ftp://ftp.isi.edu/in-notes/rfc2119.txt

Version 1.3F                                           Page 5 of 8                       Created on 27/06/2012 8:06 AM
                                                        Public
                                             Public


5.     STANDARDS



               Item              Requirement
       1.      Products,         Refer to Annex A Apple Desktop Standards.
               technologies
               and versions


       2.      Patch level and   It is recommended that all specified products and technologies are
               service packs     patched to the level of the current patch/service pack (n).
                                 All specified products and technologies must be patched to at least the
                                 level of the previous patch/service pack (n-1).




Version 1.3F                                 Page 6 of 8                Created on 27/06/2012 8:06 AM
                                             Public
                                                Public



6.     IMPLEMENTATION

       The following roles and responsibilities are defined for this standard:

       Role                Responsibility
       Chief Information   Ensure that all ICT initiatives within their agency or areas of
       Officers and        responsibility conform.
       Senior ICT
       Managers
       Chief Executives    Ensure agency compliance.

       Exemptions to these standards must adhere to existing cross-government ICT
       exemption policies (http://www.sage.sa.gov.au/label/ICTPolicy/exemptions).

7.     REFERENCES & LINKS

       Bradner, Scott, Key words for use in RFCs to Indicate Requirement Levels, RFC 2119,
       Harvard University, March 1997. ftp://ftp.isi.edu/in-notes/rfc2119.txt




Version 1.3F                                   Page 7 of 8                     Created on 27/06/2012 8:06 AM
                                                Public
Standard for Apple desktops v1.3

Desktop end user architecture                                                                                                                                           Desktop network architecture                                                                              Desktop back office architecture
Profile Name                                      Core Profile                                                                                                          Profile Name                           All Profiles                                                       Profile Name                                                                             Xserve Server
SA Government Worker Type (T,K,E,M)               T, K, E, M                                                                                                            SA Government Worker Type (T,K,E,M)    T, K, E, M                                                         SA Government Worker Type (T,K,E,M)                                                        T, K, E, M
                 Document Authoring                                                                                                                                                    Collaboration Support                                                                                     Productivity Support
                                                   Word (Microsoft Office 2011 for Mac, Standard Edition SKU);ISO/IEC 29500 (.docx); MS Word 97-2004
                 Text Document                                                                                                                                                         Directory                LDAPv3 compliant;                                                               Configuration Control
                                                  (.doc, .dot); RTF (.rtf); ASCII (.txt)
                                                   Excel (Microsoft Office 2011 for Mac, Standard Edition SKU);ISO/IEC 29500 (.xslx); MS Excel 97-2004                                                         OpenSSH 4.5p1; SSL
                 Spreadsheet                                                                                                                                                           Security                                                                                                  Print Management/Services            Server Admin 10.7.3; XML over HTTPS
                                                  (.xls, .xlt); RFC4180 (.csv); ASCII (.txt) read only; Filemaker Pro (.fm, .fm5) read only                                                                     SASL; RFC 4422
                                                                                                                                                                                                                                                                                                                                      serveradmin (cmd line); XML over HTTPS
                                                                                                                                                                                                                LDAPv3 compliant;
                                                   Powerpoint (Microsoft Office 2011 for Mac, Standard Edition SKU);ISO/IEC 29500 (.pptx); MS
                 Presentation                                                                                                                                                          Identity and Access      Kerberos 6.0fc5; RFC 1964                                                       File Management/Services
                                                  Powerpoint 97-2004 (.ppt, .pot); PDF (.pdf) write only; PNG (.png) write only; Quicktime 7 (.mov) write only;
                                                                                                                                                                                                                OpenSSH 4.5p1; SSL
                                                   Quicklook (built-in to operating system);.PDF 1.7 - ISO 32000-1:2008 (.pdf) read only, ISO/IEC 29500:2008,
                 Document Viewer                  ISO/IEC 26300:2006 - ODF v1.1, .html, .rtf, .txt, .key, .pages, .numbers, .raw, .ai, .apng, .flv, .jng, .mkv, .mng,                  Management                                                                                                Mail Server
                                                  .ogm, .rm, .swf, .textClipping, .vob .xml

                                                   TextEdit 1.6 (built-in to operating system); RTF (.rtf); ASCII (.txt); HTML (.html); ISO/IEC 26300 ODF (.odt);                                              VNC                                                                                                                  Quicktime Streaming Server 6 RTSP (realtime streaming) or HTTP (progressive
                                                                                                                                                                                                                                                                                                                                                                   ;
                 Simple Text Editing                                                                                                                                                   Remote Management                                                                                         Media Server
                                                  ISO/IEC 29500 (.docx); Word 97 (.doc); PDF 1.7 - ISO 32000-1:2008 (.pdf) read only, RTFD (.rtfd)                                                              SSH;                                                                                                                download)
 Productivity




                                                                                                                                                                            Services
                                                                                                                                                                                                                HTTPS 1.1
  Software




                 Image/Graphics                   —                                                                                                                                    Monitoring
                                                                                                                                                                                                                SSH;
                                                                                                                                                                                                                                                                                                 Collaboration Support
                 Publishing                       —                                                                                                                                    Security                 SSH;                                                                            Team Collaboration                   Apple Teams Wiki Server Twisted 2.4, AJAX, HTTP
                                                                                                                                                                                                                                                                                                                                                                 ;
                 PDF Creator                      (built-in to operating system)                                                                                                       Routing                                                                                                   Messaging server                     iChat Server 2; Jabber 2.0, XMPP
                 Project                          —                                                                                                                                    Operations                                                                                                Telephony server
                 Media                                                                                                                                                                 DNS                      BIND 9                                                                          Conferencing server                  iChat Server 2; Jabber 2.0, XMPP
                                                   Flip4Mac plugin;.avi, .wmv
                 Player and Viewer                                                                                                                                                     DHCP                     DHCP                                                                            Project Collaboration                Apple Teams Wiki Server; Twisted 2.4, AJAX, HTTP
                                                  VLC Media Player;

                                                   Garageband 5.1 (iLife '09 suite) MPEG-4 Part 14 ISO/IEC 14496-14:2003, MP3, AAC, WAV, AIFF, MPEG-
                                                                                     ;
                                                  4, Apple Lossless,
                 Creator                                                                                                                                                               BSDP                     BSDP/BOOTP 1.1                                                                  Directory                            Open Directory; OpenLDAP 2.3.27, Kerberos 6.0fc5, SASL 2.1.22
                                                   iMovie 8.0.6 (iLife '09 suite) import SD/HD, export to DVD (MPEG2), Quicktime MPEG4, YouTube
                                                                                 ;                                                             ,
                                                   iDVD, iWeb, Mobile Me Web Gallery (iLife '09 suite);

                 Organisation                                                                                                                                                          HTTP Proxy               HTTP proxy, x MS ISA                                                            Wiki                                 Apple Teams Wiki Server Twisted 2.4, AJAX, HTTP
                                                                                                                                                                                                                                                                                                                                                             ;
                                                   Outlook (Microsoft Office 2011 for Mac, Standard Edition SKU); iCalendar/ics RFC 2445; WebDAV RFC
                                                  2518
                 Calendar/Diary/Journal            iCal 4.0.2 (built-in to operating system) iCalendar/ics RFC 2445; CalDAV RFC 4791, MS Exchange Server
                                                                                            ;                                                                                          SOCKS Proxy              SOCKS proxy                                                                     Administration/Management
                                                  2007




                                                                                                                                                                                                                                                                                   Application
                                                   Address Book (built-in to operating system)




                                                                                                                                                                                                                                                                                    System
                 Desktop/Document Search           Spotlight (built-in to operating system);                                                                                                                                                                                                    Operations Management                Server Admin 10.7.3
                                                                                                                                                                                                                                                                                                                                      Server Monitor 1.6; XML over HTTPS
                                                                                                                                                                                       Productivity Support                                                                                      System Monitoring and Analysis
                                                                                                                                                                                                                                                                                                                                      OpenSSH 4.5p1
                 Administration                                                                                                                                                        LPR                      LPR; RFC 1179                                                                   Software Provisioning                NetBoot; BSDP 1.1, Bootp 1.3, DHCP, Helper IP
                 Configuration                    Apple Remote Desktop 3.5.2                                                                                                          IPP                      IPP; RFC 2910 2911                                                              Software Deployment                  Apple Software Restore
                 Operations                                                                                                                                                            Collaboration                                                                                             Configuration                        Server Admin 10.7.3




                                                                                                                                                                                                                                                                               ft
                 Disk Management                                                                                                                                                       SMTP                     SMTP; RFC 2821                                                                  Disk Management                      Disk Utility 11
                 Media                                                                                                                                                                 SendMail                                                                                                  User Administration                  Workgroup Manager 10.7; to Open Directory via LDAPv3, SASL
                                                   iPhoto 8.1.2 (iLife '09 suite); .raw, .jpeg, .png, .tiff, .pdf
                                                   Preview 5.0.1 (built-in to operating system) .AI, .BMP, .DNG, .EPS, .FAX, .FPX, .GIF, .HDR, .ICNS,
                                                                                                     ;
                 Image Editor                                                                                                                                                          IMAP                     IMAP; RFC 3501                                                                  Network                              System Preferences (integrated)
                                                  .ICO, .JPEG, .OpenEXR, .PS, .PSD, .PICT, .PDF, .PNG, .PNTG, .QTIF, .RAD, .RAW, .SGI, .TGA, .TIF, .TIFF,
                                                  .XBM
                 Image Viewer                                                                                                                                                          Postfix                                                                                                   Remote Work




                                                                                                                                                                                                                                                                             ra
                 Protection/Security                                                                                                                                                   Jabber                   JABBER XMPP; RFC 2426                                                           VPN management
 Software




                                                   (built-in to operating system)
                                                                                                                                                                                                                                                                                                                                      Web-based SSL VPN
  Utility




                 Virus Protection                  McAfee Suite of Products (VirusScan for Mac v9.0)                                                                                  OSCAR                    OSCAR; TOC2                                                                     Terminal Services Management
                                                   Computer Associates (CA ) suite of products


                                                                                                                                                                         Application
                                                                                                                                                                          Protocols
                 Encryption                        FileVault (built-in to operating system);256-bit AES encryption (folder or disk images)                                            WebDav                   WebDAV; RFC 2518                                                                Remote Access Services Management
                 Policy                            Managed Client for OSX (MCX)                                                                                                       LDAP                     LDAPv3; RFC 3377                                                                Delivery
                                                                                                                                                                                                                                                                                                                                      WebObjects 5;
                 Tools                                                                                                                                                                 Security                                                                                                  Application Server                   Tomcat 6
                                                                                                                                                                                                                                                                                                                                      Rails 1.2.3; HTTP 1.1, HTTPS 1.1
                                                                                                                                                                                                                Kerberos 5; RFC 4120, Port 88
                 File Compression                  Archive Utility (built-in to operating system); .zip - read/write, passwords not supported                                         Kerberos                                                                                                  Web Server                           Apache 2.4.2
                                                                                                                                                                                                                Kerberos; 6.0fc5; RFC 1964




                                                                                                                                                                                                                                                              D
                 Virtual Machines                  Parallels Desktop v7;                                                                                                              IPSec                    Ipsec; RFC 4301                                                                 Protection
                                                                                                                                                                                                                                                                                                                                      (built-in to operating system)
                 Virtualisaion                                                                                                                                                         SOCKS                    SOCKS; RFC 1928                                                                 Anti-Virus Engine
                                                                                                                                                                                                                                                                                                                                      McAfee Suite of Products
                 Player                                                                                                                                                                SSH                      SSHv2; RFC 4251-4                                                               Spam                                 Computer Associates (CA) Suite of Products
                 Application Virtualisation                                                                                                                                            L2TP                     L2TPv3; RFC 3931                                                                Identity and Access
                                                   Parallels Desktop v7;
                 OS Virtualisation                                                                                                                                                     RADIUS                   RADIUS; RFC 2865                                                                Identity Management                  Open Directory; OpenLDAP 2.3.27, Kerberos 6.0fc5, SASL 2.1.22 RFC 4422

                                                                                                                                                                                       Management                                                                                                Policy Management                    Managed Client for OSX (MCX) OpenLDAP 2.3.27
                                                                                                                                                                                                                                                                                                                                                                  ;
                 Instant Collaboration                                                                                                                                                 SNMP                     SNMP; RFCs 3411-3418                                                            Certificate                          Keychain Access 4;OpenSSL 0.9.6
                 Messaging                        —                                                                                                                                    NTP (time)               NTPv2; RFC 1119                                                                 Security
                 VoIP                             —                                                                                                                                    Desktop Access                                                                                            Certificate store                    Keychain Access 4;OpenSSL 0.9.6
 Collaboration




                                                                                                                                                                                                                     al
                 Conferencing                     —                                                                                                                                    RFB                      RFB                                                                             Encryption/Authentication            Filevault (integrated); AES 256bit
   Software




                 Telephony                        —                                                                                                                                    ALP
                 Remote Work                                                                                                                                                           AIP                                                                                                       Virtualisation
                 VPN                               (built-in to operating system);IPSec over L2TP/PPTP                                                                                RDP                      RDP (for thin clients)                                                          Application                         —
                 Time Delayed                                                                                                                                                                                                                                                                    Server                              —
                                                   Entourage (Microsoft Office 2011 for Mac, Standard Edition SKU);IMAP; WebDAV
                 Email                                                                                                                                                                 File                                                                                                      OS                                  —




                                                                                                                                                                                                                                                                                   Integration
                                                   Mail 4.2 (built-in to operating system);IMAP; WebDAV, MS Exchange Server 2007




                                                                                                                                                                                                                                                                                     System
                                                   Safari 5.1 (built-in to operating system);HTTP 1.1, HTTPS 1.1, HTML 4.01, HTML 5, ACID 3 compliant,
                 Internet Browser                                                                                                                                                      AFP                     —                                                                                 Storage                             —
                                                   Mozilla Firefox; HTTP 1.1, HTTPS 1.1, HTML 4.01, HTML 5                                                                n
                 News Reader                      —                                                                                                                                    SMB                      Samba v3                                                                        Business Intelligence
                                                                                                                                                                                       FTP                      FTP; RFC 959                                                                    Business Monitoring and Analytics   —
                                                                                                                                                                                       SFTP (Secure FTP)        SFTP v6; Port 22                                                                Reporting                           —
    OS




                 Name, Version, Details            Mac OS X 10.7.3 (Lion)                                                                                                             TFTP                     TFTP v1                                                                         Operations Support
                                                                                                                                                                         Protocols




                 Processor architecture support    64bit mode, x86-64                                                                                                                 NFS                      NFS v4; RFC 3530                                                                Performance                         —
                                                                                                                                                                                       WebDAV                   WebDAV; RFC 2518                                                                Clustering                          —
                                                                                                                                                                           Data




                                                                                                                                                                        Fi
                                                                                                                                                                                       VNC (RFB)                RFB 3.8, Port 5900                                                              EAI/Middleware                      —
                                                                                                                                                                                       SMB
    Hardware




                                                                                                                                                                                       AFP                                                                                                       Document
                                                                                                                                                                                                                                                                                                                                      HFS; (journalling optional, case-sensitivity optional)




                                                                                                                                                                                                                                                                                   Storage
                                                                                                                                                                                                                                                                                   System
                                                                                                                                                                                       Internet                                                                                                  File System                          UFS
                                                  Not Specified                                                                                                                                                                                                                                                                       ZFS
                                                                                                                                                                                       HTTP                     HTTP v1.1; RFC 2616                                                             Database
                                                                                                                                                                                       HTTPS                    HTTPS v1.1                                                                      Name, Version, Details               MySQL 5, 5.0.45
                                                                                                                                                                                       Desktop Support                                                                                           Operations
                                                                                                                                                                                       ATM                                                                                                       Backup                              —
                                                                                                                                                                                       Link Local               Zeroconf link-local; RFC 3927                                                   Storage Management                   (in-built to operating system)
                                                                                                                                                                                       PPP                      PPP
                                                                                                                                                                                       PTP                      PTP
                                                                                                                                                                                                                                                                                      OS
                                                                                                                                                                                                                                                                                                 Name, Version                        Mac OS X Server 10.7.1
                                                                                                                                                                                       Transport                                                                                                 Processor architecture support       Intel
                                                                                                                                                                                       TCP                      TCP v4                                                                          Virtualisation support
                                                                                                                                                                                       UDP                      UDP; RFC 768
                                                                                                                                                                                       DCCP
Legend - applicability of items#:
                                                                                                                                                                                                                                                                                      Hardware




                                                                                                                                                                                       SCTP
                                                                                                                                                                         Protocols
                                                                                                                                                                         Network




                                                                                                                                                                                       SSL                      SSHv2; RFC 4251-4
=Required                                                                                                                                                                             Wireless                 WIFI; 802.11a/b/g/n (subject to conditions of connections
                                                                                                                                                                                                                                                                                                                                     Not Specified
=Prohibited                                                                                                                                                                           Internet
=Recommended                                                                                                                                                                          IPSEC                    Ipsec; RFC 4301
=Not Recommended                                                                                                                                                                      IPX/SPX - IP/SPX        —

=Optional                                                                                                                                                                             IP                       IPv4; RFC 791

— = Not Available/Not Supported                                                                                                                                                        PGP-VPN
                                                                                                                                                                                       ICMP
# For details refer to the RFC 2119                                                                                                                                                    IGMP
and the desktop architecture guideline.
                                                                                                                                                                            Hardware




                                                                                                                                                                                                               Not specified




                                        Annex A Apple Desktop Standards                                                                                                                                                                                                      Public
                              Desktop                                                                                                                                                                                                                                                                                                                                                                                18/04/2012 12:33 PM

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:1
posted:10/9/2012
language:English
pages:8