IT Briefing August 2006

1 IT Briefing Agenda 8/17/06 Organization tweaks EOL Demo Symantec Reporting demo VPN Update & IdM NetCom Q&A Karen Jenkins John Maxwell Daniel Palmer Jay Flanagan John Ellis Paul Petersen

2 Organization Tweaks Windows, Unix teams moved from OIS to CTS ERP systems moved from ADS to CTS –Improve efficiencies and planning –OIS focus on major data center initiatives –Steve Siegelman Interim IT Technical Lead for the Systems group (Windows, Unix, and ERP

3 Organizational Tweaks (cont.) Jay Flanagan responsible for the Security, , and IdM teams Linda Erhard, IT Governance Liaison, moved from CTS to directly reporting to Rich Mendola OIS special projects position expanded to also support CTS AAIT will continue to adjust as/if needed to address strategic initatives

John Maxwell

5 Key changes to Emory Online Standalone software installers no longer included on Emory Online Includes Emory Unplugged configuration tools and documentation Better integration with Residential Network Registration Internet shortcuts provide tie-ins for spreading the word about campus IT services.

6 Emory Online Fall 2006 Process 1.Welcome 2.Security Scan 3.Configure Wireless 4.Get Connected!

7 Process Breakdown – Windows 2.Security Scan InstallScript application that secures, scans, and patches a user’s Windows installation 3.Configure Wireless AutoIt script configures user’s wireless connection for Emory Unplugged Emory Unplugged PDF for Windows XP 4.Get Connected! Sets IE homepage to IT orientation site and places a internet shortcut (.url) on their desktop AutoIt script that tests for a connection and launches CAT executable

8 Process Breakdown – MacOS X 2.Security Scan Advises user to use Software Update “early and often” and to download NAV for Mac from Software Express 3.Configure Wireless AppleScript application configures local AirPort connection for Emory Unplugged Emory Unplugged PDF for OS X 4.Get Connected! Sets Safari homepage to IT orientation site and places an internet shortcut (.url) on their desktop Opens Safari to for network registrationhttp://netreg.service.emory.edu/

9 Security Scan 1.Enables Windows XP firewall 2.Enables Automatic Updates 3.Installs and runs CCleaner 4.Runs McAfee Stinger 5.Installs Symantec AntiVirus 6.Installs and runs SpybotSD 7.Installs Service Pack (if Emory-owned) 8.Installs Critical Updates (if Emory-owned) 9.Instructs user to set passwords on all Windows accounts.

10 Emory Online Fall 2006 Demonstrate new features

11 ? Questions Emory OnLine

12 Special Thanks to: All the testers… Lee Clontz Donna Price

13 Feedback & Questions to:

Symantec AV Emory Daniel Palmer

15 Symantec AV Reporting Glimpse of current Emory 1 Managed “Campus” server (Wolf) Several Departmental Servers (AAIT, Emory College, Law School, etc) 1 Reporting Server (sesa) AV client count varies based on the dept Wolf - ~9900 clients AAIT - ~250 clients

16 Symantec AV Reporting Good Info but got anything useful? How about….. On Wolf in the past 24 hours … of 9904 clients have checked in 2947 clients with clients with are infected* 23 clients checked in with Auto Protect disabled How about….. PC named “pickle” (mub is the user) hasn’t checked in since 07/20/ :54:47 Def Date 7/19/06 Rev 24 AV Version

17 Symantec AV Reporting Symantect AV Reporting Server 1 Reporting Server running IIS and MSSQL Server Pros Web Interface Very Simple Dashboard Lots of canned reports Cons Some functions need Internet Explorer Does NOT authenticate to LDAP

18 Demo Symantec AV Reporting

19 Symantec AV Reporting Wanna Join? Requirements- Must have some delimiting criteria i.e. Managed Server Single naming convention (PSFT*) Single IP subnet ( x) Let us know if you are interested in using the Symantec AV Reporting Server Send an to

20 ? Questions Symantec AV Reporting

F5 VPN Update Jay D. Flanagan Andy Efting

22 Background Replacement for SecuRemote Usage: Documentation available online at: it.emory.edu/showdoc.cfm?docid=6389

23 Future Proposed replacement for vpn.service.emory.edu Targeting January 1, 2007 for decommissioning GINA

24 GINA Requires simple client install Creates VPN tunnel during logon Passes authentication credentials as if sitting on the network

25

26

27

28

29 Upgrade Firepass 5.5 to version 6.0 Friday morning (Aug. 18), 6:30 AM Provide GINA functionality for production

30 Summary Successful transition to F5 for Admin Core users Planned transition to F5 to replace vpn.service.emory.edu Planned upgrade to provide GINA support

31 ? Questions VPN / GINA

and IdM Updates John Ellis

Emory Backbone Upgrade Status and Timeline Paul Petersen

34 Agenda New Core Status New Firewall Status Working Timeline

35 New Core New Core Status –All Routers installed –Router code issues resolved –Cautiously moving LANs 8/14 - Anatomy Basement 8/15 - The Depot 8/16 - Facilities Management 8/17 - Schwartz Performing Arts Center 8/18 - Cox Hall

36 New Firewall New Firewall Status –The New Firewalls are installed –The Management System is installed –Each Virtual Firewall Context has been built –Migration will start after border network is formed

37 Working Timeline DateTask 09/15Continue to migrate targeted LANs to the new core 09/18Post new comprehensive upgrade schedule on the web 09/29Border Network Consolidated 09/29Internet2 Uplink upgraded to 10 Gigabit 09/29Academic Border Firewall migration to new firewalls

38 Working Timeline DateTask 10/10 ResNet Firewall and LANs migrated to new hardware 10/20 Secure Admin and DMZ firewalls migrated to new core 11/03 Healthcare firewalls migrated to new core 01/16 Academic, Secure Academic, and DMZ migrated to new core 01/31 Healthcare LANs migrated to new core

39 ? Questions NetCom