1 / 50

Administration Review & Approve 11/30 mtg. minutes Review & Approve 1/25 mtg. minutes

ODJFS County Agency Technology Strategy Committee April 26, 2012. Administration Review & Approve 11/30 mtg. minutes Review & Approve 1/25 mtg. minutes Old Business & OIS Updates: Ethernet WAN Circuits ODJFS Top 10 Priorities nCircle scans from a County Perspective

breena
Download Presentation

Administration Review & Approve 11/30 mtg. minutes Review & Approve 1/25 mtg. minutes

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. ODJFS County Agency Technology Strategy Committee April 26, 2012 Administration • Review & Approve 11/30 mtg. minutes • Review & Approve 1/25 mtg. minutes Old Business & OIS Updates: • Ethernet WAN Circuits • ODJFS Top 10 Priorities • nCircle scans from a County Perspective • Blackberry Updates • iPad / AirWatch offering County Updates: • Northwoods County Workgroup • Active Directory Customer feedback New Business • Application Development Overview • Expedited Provisioning Project Walk-ons: • New member nominations in June Next Meeting: June 7th, 2013

  2. OIS Updates JFS Network Modernization Ethernet WAN Updates

  3. Topics Nomenclature • Highlights/Benefits • Design / Failover • Status Update • List of sites/vendor • Timeline • Wide Area Network • Parent site = intermediate site • Child Site – state and county sites

  4. Highlights / Benefits • Typical site gains 660% + in network bandwidth (min 10mbs) • Cost Avoidance • current SOMAC contract changes 7/1 • T1 @ $400 (10Mb = 7*400= $2800) • $11,000 anticipated reduction in monthly circuit costs • New Rate AT&T 10Mb $367 / TWC 10Mb $349 • Gain WAN fault tolerance • All telco links using fiber optic cabling

  5. Highlights / Benefits – cont.. • Provides scalable solution for future increase in bandwidth • New routers required • ODJFS/OIS’ solution for Ethernet WAN link requires a gigabit interface on router • Current router at End-of-Life per Cisco • Procurement underway • Approximate 4-5 year break-even on equipment spend • Sets ODJFS for statewide Microsoft Active Directory deployment and migration to statewide email solution.

  6. Wide Area Network • Current WAN Design • New WAN Architecture

  7. Current Design: T-1 Centralized (1.5 Mb/s) NW Ohio – “Toledo Region” • 24 Counties • 51 Sites • Only 4 Interconnects • Plans to upgrade links to a minimum 10Meg

  8. Future: Broadband Ethernet Normal WAN flow Local WAN failure Parent site Child site

  9. Columbus WAN failure Normal WAN flow Parent site Child site

  10. Ethernet WAN Link Status Update • 230 Total Remote Locations (as of 4/2/13) • 44 Current Remote Locations w Ethernet • 75 Locations using AT&T Ethernet WAN links ordered – December 2012 • 80 Locations Ethernet WAN links using Time Warner Cable • 5 Horizon in progress • 26 Sites remain

  11. AT&T List of Sites • Adams03a • Belmo01a, 02a, 03a, 05a • Clark02a, 04a • Colum01a • Cosho01a • Cuyah08a, 15a, 32a, 34a • Erie01a • Fairf01a • Fayet01a, 03a • Frank03a, 11a • Galli02a, 03a • Green01a, 02a, 03a • Highl01a • Jeffe01a, 03a • Lake01a, 02a • Lucas01a, 02a, 04a • Madis01a • Mahon01a, 03a, 04a, 05a, 08a • Monro01a • Montg01a, 02a, 04a, 06a, 08a, 09a • Muski01a, 02a, 03a, 04a, 05a • Porta01a, 06a • Sandu01a • Senec01a, 03a • Stark01a, 02a, 04a, 08a • Summi01a, 02a, 05a, 09a, 10a, 16a • Washi01a, 02a,05a • Wyand01a

  12. TWC List of Sites • Adams01a,02a • Allen01a,02a,03a,07a • Ashta01a,02a,04a,05a • Athen01a,03a, Augla01a,02a • Butle01a,05a, Carro02a • Champ01a, Clerm01a,04a • Clint01a, Crawf01a • Darke02a,03a • Defia04a,06a • Fulto01a,02a,03a • Geaug01a,03a • Guern01a,02a,03a • Hamil10a, henry01a,02a • Holme01a, Huron01a • Jacks01a, Licki01a,02a,03a • Lorai04a,10a,11a, Mario02a • Merce01a, Miami01a,02a • Ottaw02a, Pauld01a,02a,03a • Picki02a,05a, Pike01a,03a,04a • Putna02a, Richl01a,03a • Ross06a, Sciot01a,02a,03a • Shelb01a, Stark07a • Tusca01a,02a, Union01a • Vanwe01a,02a, Warre02a,03a • Willi01a,02a, Wood01a

  13. What are the next steps at your site? • Sign TWC ROE/Easement permission form • Telco schedules Ethernet circuit installation with you into your facility • ODJFS performs circuit validation testing • ODJFS schedules new equipment installation

  14. Questions?

  15. OIS Updates ODJFS Top 10 Priorities

  16. “Top Ten” – Where We Are Nowas of 4/17/13 * SUTQ and Web Portal ** Licensing

  17. “On Deck”April 17, 2013

  18. “Top Ten” – Where We Are Goingas of 7/1/13

  19. “On Deck”July 1, 2013

  20. Possible ProjectsApril 17, 2013

  21. nCircle IP360 ODJFS Vulnerability Scanning Corey Sins

  22. County Scan distribution All Weekday scans run from 6pm to 6am the next day

  23. County Private VLANs (318/918) Several Counties have engaged us to scan their private County VLANs. Counties currently Scanning Private VLAN are: • Lucas County • Franklin County • Stark County • Trumbull County

  24. Setup for Private County Networks Items needed for County VLAN scanning: • Credentials to your devices on that VLAN. a. I can enter them, or I can create you an account (with a role just for your county) for you enter it and schedule scans for your county VLANs. 2. Email account where nCircle can send the resulting report. 3. Name of a contact for your county who is responsible for patch management.

  25. nCircle IP360 Report

  26. nCircle IP360 Report (cont.)

  27. Mitigating / Patching Vulnerabilities • Patch Management • For JFS owned Servers and Workstations we will manage patches for you. • County owned Devices, you will need to come up with a patch management process. • Patches not acted upon will cause your Risk Score to go up over time! • Researching Vulnerabilities • Google “MS12-036”

  28. Patching Vulnerabilities (cont.)

  29. nCircle / Security Up Next Configuration Compliance Manager (CCM) - State Owned Systems initially - There may be an associated cost with this feature if desired in the counties • Establish Configuration Baselines according to ODJFS interpretation of the NIST 800.53 standards • Compliance Auditing against those baselines • Asset Values • Encrypted Communication Guidelines • Let me know of any public facing county web sites for security validation and recommendations. • nCircle VERT Alert ( sign up at: VERT Alert Link)

  30. Blackberry Update Kevin Green

  31. iPad / AirWatch Offering Larry Lynch

  32. iPad / AirWatch Offering Standard State Profile Settings GroupWise (Calendar, Frequent Contacts and Mail) Standard Security Ability to wipe device if lost VPN Compatible Device Encryption Too many incorrect attempts will result in a device wipe Passcode enforcement 8 characters Keeps a history of last 10

  33. iPad / AirWatch Offering Optional Restrictions for County Agency Most IPAD native functionality is enabled as default. Counties may develop a profile with optional restrictions to be applied to all agency Airwatch\IPAD users. Individual customized settings not offered

  34. iPad / AirWatch OfferingDevice Functionality Allow installing public apps Allow use of camera Allow FaceTime Allow Screen Capture Allow automatic sync while roaming Allow Siri Allow Siri While Device Locked Allow voice dialing Allow Passbook While Device Locked Allow In App Purchase Force iTunes Store Password Entry Allow multiplayer gaming

  35. iPad / AirWatch OfferingApplications Allow use of YouTube Allow use of iTunes Music Store Allow use of Safari Enable Autofill Force Fraud Warning Enable JavaScript Enable plugins Block pop-ups Accept Cookies (Always/Never/From Visited Sites) Allow explicit music and podcasts

  36. iPad / AirWatch Offering Security And Privacy Allow Diagnostic Data To Be Sent To Apple Allow User To Accept Untrusted TLS Certificates Force encrypted backups

  37. iPad / AirWatch Offering Ratings Ratings region (United States) default Movies (Don’t allow movies/G/PG/PG-13/R/NC-17/Allow All Movies) TV Shows (Don’t allow TV shows/TV-Y/TV-Y7/TV-G/TV-PG/TV-14/TV-MA/Allow All TV Shows) Apps (Don’t Allow Apps/4+/9+/12+/17+/Allow All Apps) iBooks (Allow All Books/Block Genres)

  38. iPad / AirWatch Offering IPAD Work Flow: County Procurement of iPad County complete TSSP request for Air watch license, include list of users names & user ids (Novell) to be assigned iPads OIS creates MDM Account, GW Resource (if required) update DataSync Server County to complete initial device setup and create Apple ID. Install AirWatch MDM agent from appstore, configure URL and GroupID OIS staff will offer 1st device setup consultation.

  39. iPad / AirWatch Offering TSSP Offering: Cost $4.00 per IPAD per Month Billing quantity determined by number of units in management console. Billed Quarterly based on Submit TSSP request for initial units.

  40. County Updates: • Northwoods Workgroup • Active Directory Customer feedback

  41. Active Directory Rollout Status& Project Feedback

  42. Application DevelopmentOverview Jay Waugh

  43. OIS Application DevelopmentCurrent Challenges • High Support Levels required for Mission Critical Applications • Work Force Impacts • Reduced Funding • Significant numbers eligible to retirement within five years • Increased expectations from technology • Technology drives business solutions • Faster Time to Market

  44. Faster Time to Market • What are we doing! • Close integration with PMO and EA to bring innovation and standardization • HATS Project Example • Modified AGILE Development Effort • Development Iterations with two week sprints • Utilization of SOA services • Fully integrated team • Daily ‘Stand Up’ meetings • Information Boards to be placed throughout the Air Center to illustrate progress

  45. Faster Time to Market • What not working well • Team chemistry is slow to develop • Constant refocus from the enormity of the project to the daily tasks

  46. Expedited Provisioning Project Tim Constantine

  47. County County AccessControl AccessControl Program Area

  48. http://innerweb.odjfs.state.oh.us/omis/InfoSecurity/App_Register_Infor.stmhttp://innerweb.odjfs.state.oh.us/omis/InfoSecurity/App_Register_Infor.stm

  49. Expedited Provisioning The State • OIS is working with the program areas to streamline access requests so routine requests don’t need to flow to the program area • Improve forms The Counties • Get forms to us faster • Make sure forms are accurate and complete

More Related