Feb by wanghonghx


									Technology Update

   TSAG Meeting 2/12/04
Networking Updates

   Welcome Matt Brown!

    (Corporation for Education Network Initiatives in California)
       4CNET is being phased out. (our current Backbone Connection)
       Coming up real soon…
       Transfer will be performed during working hours.
   Reminder: IPX and Appletalk being phased out
    Friday June 4 2004 (Last day of academic year)
Desktops Related Activities

   TSAG Desktop Standards Committee
       Minimum Hardware Configuration
       Next Steps…
           Minimum Software Requirements:
               Antivirus, MS Office suite, etc.

           Minimum OS System Configuration
               Patch management, etc.
Patch Management

   New Patch Needed for MS platforms
   Caution: The vulnerability is huge without the

   ITR activities:
       patches applied to all Enterprise Servers
       desktop patches tested for one day
       deployed patches, via SUS, on desktops
Architectures for SUS

   ITR has deployed a hierarchal enterprise-Level SUS
             MSUS                       PSUS
             (Untested Patches)         (Tested Patches)

                                  (Untested Patches)

   Individual Units may either:
       Join Hierarchal SUS
       Install Local SUS
       Use live update
   COBAE, Library, and SBS have local SUS-es
   Need registry tweak or Active Directory GPO
   POC: Barry W. or Dave A.
Active Directory

   Current Deployments:
       Comp 100 (three/four Labs)
       COBAE Lab (one Lab)
       Library (several machines)
       ITR (~40%)
   Learning Experiences
       Account-Account
       Authorization Defaults (All -> None)
       Fresh Installs sometimes needed
        (NT Kernel and GPOs conflicts)
       UID versus Mail Address Logins
   Documentation Online
   POC: Dave Aragon
Security Activities

   AntiVirus Software:
       ? Should we obtain a campus-wide license
       ? Should we require antivirus on all desktops
   Password Expiration:
       90 days TSAG and ITR (currently)
       180 days A&F
           Feb 16 - Mar 15: first e-mail warning sent
           Feb 26 - Mar 25: passwords start expiring
       180 Peoplesoft Users (minus faculty)
           Mar 8 - Apr 5: first e-mail warning sent
           Mar 8 - Apr 15: passwords start expiring
   FTP/Telnet phase out: Date?               (was 1/1/04)
Spam: An ever growing problem!

   Steps in progress:
       Updating anti-spam tagging (SpamAssassin)
       Incorporating Black Lists (https://www.csun.edu/~itrsec)
           SBL - Spamhaus Block List
           CBL - Composite Blocking List
           NJABL - Not Just Another Bogus List
       Need to be concerned about False Positives

   Bottom line:
       Users must decide what is spam and what is not!
       Local Tech support is needed to help users to
           Setup filters via Webmail
           Utilize antispam features of e-mail clients
           Blocking Administrative Lists
   We have three types of lists
       -l@csun.edu:                    Department/Official Lists
       -c@csun.edu:                    Class Lists
       -g@csun.edu:                    General Purpose Lists
   Goal: to prevent spam on “Administrative” lists
   Tested with tsag-l@csun.edu (thanks Peter!)
   Ramification:
       Only individuals with a campus accounts can send e-mail to Administrative Lists
       Home users: use Webmail or configure e-mail client to use SMTP.csun.edu
   But “whatif” I don‟t want my list blocked!
       Transform your list to a -g list (e.g.)
       Set up your list to “Reply-to” the owner
Email Quotas are being Applied

   Enforcement is underway for:
       Over quota == No E-mail!
   Faculty/Staff maximum email storage limits:
       300 MB by Feb 15, 2004
       200 MB by March 15, 2004
       100 MB by April 15, 2004

   Yearly review of quotas by ATC is underway
Universal Drive

   Udrive Available to all User
       Released to TSAG summer „03
       Released to ECS fall „03
       Formal Announcement Coming
   Allows users to use “Drag and Drop” for web page
   Active Directory GPO to automatically map for all

   MS users: \\udrive\<uid>, e.g., \\udrive\tsag
   Mac users: smb://smb.csun.edu/tsag
Campus IT Status Page

   Summary information from Big Brother, MRTG, Spectrum, etc.
   Provides:
       Summary status of Enterprise systems
       Pending Maintenance Announcement (if any)
       Black Lists:
         Spammers
                   E-mail messages blocked
         “Irresponsible” ISP or Host
                   Internet connectivity blocked
         “Compromised” Computers (ports disabled)
                   Network connectivity blocked
   Consult as part of IT diagnosis process
Sunset SIMS/R

   Peoplesoft conversion in mop-up stage
   SIMSR is being retired
   General steps:
       SIMS becomes read-only database
       Eliminate all general access to SIMS
        (only users perform data validation (e.g.) will have access.)
       Production Hours reduced: M-F 6am-6pm (?)
Registry of Computer Labs

   ATC requested Campus-wide Lab Schedule
   Intent: To allow students to more easy locate IT
   Information Needed:
       Location of Lab         Purpose of the Lab
       Provided Equipment      (e.g., 24 Windows XP, …)
       Supported Users         (e.g., only COMP 100 students)
       Hours of Operation
           Restricted Access
           Open Access
       Contact point for more info (e.g., URL)
   We need you to provide the information
CATS Update

To top