Presentation is loading. Please wait.

Presentation is loading. Please wait.

Pete Bosanko & Vicky Mikula 1/26/2016

Published byGilbert McCoy Modified over 6 years ago

Similar presentations

Presentation on theme: "Pete Bosanko & Vicky Mikula 1/26/2016"— Presentation transcript:

1 Pete Bosanko & Vicky Mikula 1/26/2016
and Calendar Pete Bosanko & Vicky Mikula 1/26/2016

2 Agenda Introductions Service Description Value Proposition
Risk Mitigation Metrics Cost More information Q&A

3 Introductions Assistant Director: Vicky Mikula
Service owner: Pete Bosanko Service manager: Bill Holmes Other service delivery team members: Matt Klein - Communications Chuck Boeheim Lee Brink Clay Olney Ken Ridley Todd Olson Joanne Button IT Service Desk IT Security Office can seem easy. But it takes a lot of people to make an effective team.

4 Service Description SERVICE NAME: Email and Calendar
This service provides routing, mailbox storage, and shared calendar services for the University. Most Ithaca-campus colleges and administrative units and some off-campus units take advantage of this service. Available to: Faculty Staff Students Alumni Affiliates Retirees Consultants Fee to end user? No Service Tier: Zero (highest priority) Products: Google = CMail, Office365, Sophos PureMessage – also Exchange What is the service?: We do ! Integrated with calendars! Mailbox storage! Most Ithaca-campus colleges and administrative units and some off-campus units take advantage of this service. Off campus: Geneva, Cooperative Extension Exceptions: Math CS Engineering Physics + many more Recent conversion: Hotel

5 Cornell Email Internet We have Office365. We have GoogleApps.
But there is significant on-premise footprint as well. That’s where we run PureMessage, our anti-spam and antivirus engine. We run Microsoft Exchange for our core routers. Not mailboxes there. All mailbox storage is in the cloud. O365. GoogleApps. Each one of these boxes represents a bank of VMs that span multiple buildings. AppSMTP provides Mail services for campus printers and automated tasks. A few Departmental servers leverage our SPAM filtering There is also a test system with similar design, less redundancy

6 Value Proposition Service Features Business Hours Customer Support
Phone, , In-person Service Desk Full Featured Client Support Mobile, Web, Outlook, IMAP/POP Transparent Mail Routing namespace Custom Domains and Addresses Departmental domains Role-based addresses such as Group Accounts Shared accounts for various purposes. Complex Calendar Delegation Assistance for executive support providers 30 Day Restore of Deleted Files Mail Migration Assistance Support for Vendor Bulk Mail Delivery MailChimp, Constant Contact, etc. Business Hours: 8am to 5pm, phone suppport, support, in-person service desk support. Full featured client: /calendar integration, Mobile, Web, Outlook, IMAP/POP Transparent routing: same address, different mail systems O365, GoogleApps, departmental address, off campus address Custom Domains and Addresses: Johnson.cornell.edu, sha.cornell.edu Group Accounts: for managing shared resources... calendars, mailboxes, rooms, equipment Complex Calendar Delegation – can be very tricky. Permissions need to set correctly. Service Desk is trained to assist executive support folks. 30 Day Restore of Deleted Files Mail Migration Assistance – we will assist units in their efforts to migrate from a departmental mail system to central. Individual mailbox migration assistance Support for Vendor Bulk Mail Delivery – It can be tricky to get good SPAM to get through our mail system sucessfully. It’s best to work closely with us on large important mailings.

7 Value Proposition High Availability and Business Continuity 24/7
Service Team On-call System Monitoring Active Injection & Monitoring Blacklist Monitoring Site Redundancy and Resiliency Support Teams Coordination Daily Standup Meeting Communications Service Desk Team Microsoft Premier Support 1 Hour Response Weekly Team Meetings 24/7 – on call service team Automated system monitoring, including monitoring of queues for anomolies Active Injection & Monitoring Watching to make sure we stay off Blacklists – SPAMHAUS, SORBS, Backscatterer Site redundancy, multiple instances of each component at each site. On-premise Cloud partners

8 Value Proposition Security Mail Filtering: Anti-SPAM / Anti-Virus
Virus/Malware Filtering… Sophos PureMessage Exchange Office365 Google Apps Security Automation Compromised Account Detection and Block Rate Limiting Abnormal Behavior Detection Network Monitoring Integration (ITSO) Phishing Attack Abatement Litigation Mailbox Management 24/7 Response Manage ISP Account Blocks Manage ISP Domain Blocks Reputation Management Mail filtering: We rely on PureMessage for SPAM filtering. Malware filtering happens at 4 choke points in the system SPAM filtering is a delicate balancing act between blocking bad SPAM and allowing University official SPAMmy communications to go through. We instrumented measures to limit spoofing. Security Automation Compromised account detection and blocking (automated two-way feedback loop before and ITSO systems) Abnormal Behavior Detection – monitoring queue lengths Rate Limiting – stop compromised accounts from going out of control Network Monitor Integration – Qradar Phishing Attack Abatement – We will scour all mailboxes for bad messages on request from ITSO Litigation: If a person is the target of litigation we will be called upon to hold the in their mailbox, preventing it from being deleted. Reputation management: we work hard not to get blocked in the first place. (for instance, we filter outbound mail) if a person is blocked we help get them unblocked. If our domain is blocked by an ISP we work we the ISP to unblock the domain

9 Risk Mitigation What risks does use of the service mitigate?
Financial Loss Timely delivery of vital business communications Reputational Harm Major ISP and blacklists monitoring, ISP feedback loops Information Security Disaster recovery, litigation hold, multi-site redundancy for services and storage, NetID integration. How does the service mitigate risks? Contractual Constraints FERPA compliance, Cloud data centers in the US. Financial Loss – when critical s don’t get through it can be costly grant proposals, financial transactions, they have a shelf-life Reputational harm – feedback loops with major Information Security – Disaster recovery, litigation hold, multi-site redundancy for services and storage, NetID integration. Contractual Constraints FERPA compliance Cloud data centers in the US.

10 Metrics FY16 Q2 Metrics Uptime: 99.89% 16 Changes 8 Incidents
Messages sent: 459,782,148 Messages received: 312,559,677 Total Active Mailboxes: 115,537 O356 Mailboxes: 35,199 CMail Mailboxes: 80,338 Active EGAs: 8304 COEA (Cornell Optional Alias): 4368 Mailbox Storage: TB Uptime measures the reliability of web interfaces and systems that support clients (outlook, mobile, thunderbird) for users so that they can send and retrieve mail. Our goal is 99.9% O356 = staff, students, retirees Cmail = students and alumni (but not all alumni)

11 December 2015 Mail Received and Blocked

12 December 2015 Message Delivery Times

13 Cost Approx. annual cost to deliver the service: $990,000 ($8.57/mailbox) Fee for service: No Fee Hardware – Server farm costs for VM’s Maintenance – Represents 80% of the cost for our Premier Support contract with Microsoft Cost: Comes out to $8.57/mailbox per year. .$0.71/month Or about .08 cents / message

14 More information Service web page:
Faculty / Staff Student Service level expectations: Service catalog entry: Service quarterly report: Links

15 Questions?

16 Possible Department/Unit Email Systems
astro.cornell.edu cam.cornell.edu cbe.cornell.edu cce.cornell.edu ccmr.cornell.edu chorus.cornell.edu cis.cornell.edu cnf.cornell.edu coecis.cornell.edu cs.cornell.edu csl.cornell.edu ece.cornell.edu ee.cornell.edu gleeclub.cornell.edu graphics.cornell.edu icse.cornell.edu investment.cornell.edu isc.astro.cornell.edu jgsmalum.cornell.edu lassp.cornell.edu lepp.cornell.edu lns.cornell.edu lnscua.lns.cornell.edu lrc.cornell.edu mae.cornell.edu mail.astro.cornell.edu mail.chess.cornell.edu mail.lns.cornell.edu mail.med.cornell.edu math.cornell.edu med.cornell.edu msc.cornell.edu orie.cornell.edu physics.cornell.edu postoffice.law.cornell.edu qatar-med.cornell.edu schafferlab.bme.cornell.edu

17 December 2015 Visualization from Chuck Boeheim…
On the Left: Message delivery time - this is an important metric : It’s a good measure of the overall reliability of the mail system. The green bubbles are where messages are arriving within 5 minutes of being sent. People usually care about this at least as much as uptime. On the Right: Percentage of SPAM being blocked by PureMessage (57%)

Download ppt "Pete Bosanko & Vicky Mikula 1/26/2016"

Similar presentations

Email Deliverability @ Eloqua Providing Industry-Leading Email Management Tools.

Eloqua Providing Industry-Leading Management Tools.
1 of 2 Going on vacation requires careful preparation and there are a number of things you should do at the office before taking extended time off. This.

1 of 2 Going on vacation requires careful preparation and there are a number of things you should do at the office before taking extended time off. This.
11© 2011 Hitachi Data Systems. All rights reserved. HITACHI DATA DISCOVERY FOR MICROSOFT® SHAREPOINT ® SOLUTION SCALING YOUR SHAREPOINT ENVIRONMENT PRESENTER.

11© 2011 Hitachi Data Systems. All rights reserved. HITACHI DATA DISCOVERY FOR MICROSOFT® SHAREPOINT ® SOLUTION SCALING YOUR SHAREPOINT ENVIRONMENT PRESENTER.
1 of 2 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2007 Microsoft Corporation.

1 of 2 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2007 Microsoft Corporation.
Barracuda Networks Confidential1 Barracuda Backup Service Integrated Local & Offsite Data Backup.

Barracuda Networks Confidential1 Barracuda Backup Service Integrated Local & Offsite Data Backup.
Pro Exchange SPAM Filter An Exchange 2000 based spam filtering solution.

Pro Exchange SPAM Filter An Exchange 2000 based spam filtering solution.
Norman SecureTide Powerful cloud solution to stop spam and threats before it reaches your network.

Norman SecureTide Powerful cloud solution to stop spam and threats before it reaches your network.
Brown University Exchange 2003 Molly Baird Manager, Windows-Novell Services.

Brown University Exchange 2003 Molly Baird Manager, Windows-Novell Services.
©Kwan Sai Kit, All Rights Reserved Windows Small Business Server 2003 Features.

©Kwan Sai Kit, All Rights Reserved Windows Small Business Server 2003 Features.
IT:Network:Applications.  How messaging servers work  Initial tips for success Exchange management  Server roles  Exchange Server Management  Message.

IT:Network:Applications.  How messaging servers work  Initial tips for success Exchange management  Server roles  Exchange Server Management  Message.
Prospect Name and Logo Presenter Name Date. 0001V1- 2 Objectives Introduction to USinternetworking iMAP Full Service Management Model USi Enterprise Messaging.

Prospect Name and Logo Presenter Name Date. 0001V1- 2 Objectives Introduction to USinternetworking iMAP Full Service Management Model USi Enterprise Messaging.
Module 7 Planning and Deploying Messaging Compliance.

Module 7 Planning and Deploying Messaging Compliance.
Implementing Microsoft Exchange Online with Microsoft Office 365

Implementing Microsoft Exchange Online with Microsoft Office 365
Www.actgov.org Cloud Computing Use Case Draft v2.

Cloud Computing Use Case Draft v2.
Module 1: Overview of Microsoft Office SharePoint Server 2007.

Module 1: Overview of Microsoft Office SharePoint Server 2007.
Office 365 Overview Sara Grachek Craig Overboe Mary Shrode.

Office 365 Overview Sara Grachek Craig Overboe Mary Shrode.
Your Office 365 Journey Prepare, Migrate, and Operate with Barracuda

Your Office 365 Journey Prepare, Migrate, and Operate with Barracuda
Virtual Private Network (VPN)

Virtual Private Network (VPN)
Managed Desktop Andrea Beesing April 5, 2016.

Managed Desktop Andrea Beesing April 5, 2016.
Printing (Net-Print) Joanne Button August 23rd 2016.

Printing (Net-Print) Joanne Button August 23rd 2016.

Similar presentations

Ads by Google