Upload
coral-daniel
View
216
Download
0
Embed Size (px)
Citation preview
2
IT Briefing Agenda 8/17/06
• Organization tweaks
• EOL Demo
• Symantec Reporting demo
• VPN Update
• Email & IdM
• NetCom Q&A
• Karen Jenkins
• John Maxwell
• Daniel Palmer
• Jay Flanagan
• John Ellis
• Paul Petersen
3
Organization Tweaks
• Windows, Unix teams moved from OIS to CTS
• ERP systems moved from ADS to CTS– Improve efficiencies and planning– OIS focus on major data center
initiatives– Steve Siegelman Interim IT Technical
Lead for the Systems group (Windows, Unix, and ERP
4
Organizational Tweaks (cont.)
• Jay Flanagan responsible for the Security, Email, and IdM teams
• Linda Erhard, IT Governance Liaison, moved from CTS to directly reporting to Rich Mendola
• OIS special projects position expanded to also support CTS
• AAIT will continue to adjust as/if needed to address strategic initatives
6
Key changes to Emory Online
Standalone software installers no longer included on Emory Online
Includes Emory Unplugged configuration tools and documentation
Better integration with Residential Network Registration
Internet shortcuts provide tie-ins for spreading the word about campus IT services.
8
Process Breakdown – Windows
2. Security Scan • InstallScript application that secures,
scans, and patches a user’s Windows installation
3. Configure Wireless• AutoIt script configures user’s wireless
connection for Emory Unplugged• Emory Unplugged PDF for Windows XP
4. Get Connected!• Sets IE homepage to IT orientation site and
places a internet shortcut (.url) on their desktop
• AutoIt script that tests for a 10.140 connection and launches CAT executable
9
Process Breakdown – MacOS X
2. Security Scan • Advises user to use Software Update “early and
often” and to download NAV for Mac from Software Express
3. Configure Wireless • AppleScript application configures local AirPort
connection for Emory Unplugged• Emory Unplugged PDF for OS X
4. Get Connected!• Sets Safari homepage to IT orientation site and
places an internet shortcut (.url) on their desktop• Opens Safari to http://netreg.service.emory.edu/
for network registration
10
Security Scan
1. Enables Windows XP firewall2. Enables Automatic Updates3. Installs and runs CCleaner4. Runs McAfee Stinger5. Installs Symantec AntiVirus6. Installs and runs SpybotSD7. Installs Service Pack (if Emory-owned)8. Installs Critical Updates (if Emory-owned)9. Instructs user to set passwords on all
Windows accounts.
16
Symantec AV Reporting
Glimpse of current AV @ Emory1 Managed “Campus” server (Wolf)
Several Departmental Servers (AAIT, Emory College, Law School, etc)
1 Reporting Server (sesa)
AV client count varies based on the deptWolf - ~9900 clients AAIT - ~250 clients
17
Symantec AV Reporting
Good Info but got anything useful?
How about…..On Wolf in the past 24 hours …..
6001 of 9904 clients have checked in2947 clients with 10.1.0.401263 clients with 10.0.2.2001 are infected*23 clients checked in with Auto Protect
disabled
How about…..PC named “pickle” (mub is the user) hasn’t checked in since
07/20/2006 17:54:47Def Date 7/19/06 Rev 24AV Version - 10.0.2.2001
18
Symantec AV Reporting
Symantect AV Reporting Server
1 Reporting Server running IIS and MSSQL ServerPros
Web InterfaceVery Simple Dashboard Lots of canned reports
ConsSome functions need Internet ExplorerDoes NOT authenticate to LDAP
20
Symantec AV Reporting
Wanna Join?
Requirements-Must have some delimiting criteria
i.e. Managed ServerSingle naming convention (PSFT*)Single IP subnet (170.140.187.x)
Let us know if you are interested in using theSymantec AV Reporting Server
Send an email to [email protected]
23
Background
• Replacement for SecuRemote• Usage: http://vpn.emory.edu• Documentation available online at:
it.emory.edu/showdoc.cfm?docid=6389
24
Future
• Proposed replacement for vpn.service.emory.edu
• Targeting January 1, 2007 for decommissioning
• GINA
25
GINA
• Requires simple client install
• Creates VPN tunnel during logon
• Passes authentication credentials as if sitting on the network
30
Upgrade
• Firepass 5.5 to version 6.0
• Friday morning (Aug. 18), 6:30 AM
• Provide GINA functionality for production
31
Summary
• Successful transition to F5 for Admin Core users
• Planned transition to F5 to replace vpn.service.emory.edu
• Planned upgrade to provide GINA support
36
New Core
• New Core Status– All Routers installed– Router code issues resolved– Cautiously moving LANs
• 8/14 - Anatomy Basement• 8/15 - The Depot• 8/16 - Facilities Management• 8/17 - Schwartz Performing Arts Center• 8/18 - Cox Hall
Crawford
NDB
Clairmont
EUHNorth
Cox Hall
37
New Firewall
• New Firewall Status– The New Firewalls are installed– The Management System is installed– Each Virtual Firewall Context has been built– Migration will start after border network is
formed
Cox2
Crawford1
Crawford2
North2
EUH2
EUH1
Clairmont2
NDB2
Cox1 North1
Clairmont1
FWCOX1
NDB1
FWNDB1
38
Working Timeline
Date Task
09/15
Continue to migrate targeted LANs to the new core
09/18
Post new comprehensive upgrade schedule on the web
09/29
Border Network Consolidated
09/29
Internet2 Uplink upgraded to 10 Gigabit
09/29
Academic Border Firewall migration to new firewalls
39
Working Timeline
Date Task
10/10
ResNet Firewall and LANs migrated to new hardware
10/20
Secure Admin and DMZ firewalls migrated to new core
11/03
Healthcare firewalls migrated to new core
01/16
Academic, Secure Academic, and DMZ migrated to new core
01/31
Healthcare LANs migrated to new core