1 / 13

CNIL Report

CNIL Report. April 4 th , 2005. CNIL Report (Apr 4 th , 2005). Two Major Goals: Improvement of Instructional Services Strengthening research IT infrastructure Focus on security. Instructional Labs. Need to get to sustainable costs Better resource sharing, less maintenance

cherylw
Download Presentation

CNIL Report

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CNIL Report April 4th, 2005

  2. CNIL Report(Apr 4th, 2005) • Two Major Goals: • Improvement of Instructional Services • Strengthening research IT infrastructure • Focus on security

  3. Instructional Labs • Need to get to sustainable costs • Better resource sharing, less maintenance • More predictable sponsors • Ease of external sponsorship and technology refresh (Intel, AMD, Sun, Agilent, etc.) • Consolidation of labs: • EE42/43 merged with EE100 – Fall 2005 • CS150 and CS152

  4. Research Infrastructure • Security Project (on-going) • Proposals for FY05-06 • Mac OSX support in EECS.

  5. Meet New Requirements • New IT Security Policies/Requirements • Minimum System Security • Patches, encryption, authentication, firewalls, passwords, reduce unnecessary services, etc. • Restricted Devices • Logging, access control, physical security, etc. • DMUP • sb-1386, FERPA, HIPPA, etc. • Technical and Administrative “proprietor”. • These apply even if you manage your own equipment

  6. FY04-05 Security Projects • Core: • Upgraded EECS Windows AD to Win 2003 with stronger security templates and password policies. • Switched to campus VPN (drop EECS VPN support) • Evaluated various patch management solutions. • Evaluated various network IDS and IDPS solutions. • “Service Port Blocking” put in place 3/26 • Internal risk assessment of Central ERL. • Training • Incoming FY Grad students • EECS sponsored student organizations

  7. Security Proposals (FY05-06) • Network Zones • Secure (production) zone • Restricted zone: core servers • Open zone: less restrictions, setup fee • Windows AD and File services will no longer be accessible from outside (of EECS) • Use ssh or campus VPN • EECS wireless network (except guest) will be in the “secure” zone.

  8. Project Details • Network ID and Port Scanning • Collaboration with campus SNS, with EECS administration and customizations. • Wireless 802.11a and NAC • 802.11a – higher throughput • 802.11a encrypted – better protection. • NAC – wireless entry point vetting. • VPN • Collaboration with campus CNS (we buy hw, they manage). • First phase – deploy for researchers. • Second phase – deploy for EECS students • Enables software license use at home • Sponsored student group orientations.

  9. Other Projects • Work with Apple to figure out Mac OSX infrastructure support. • Spam management • Reset on 3/29 • Deploy personal whitelist? • Look for alternatives • Soda Hall Helpdesk

  10. Proposed Fees • CIF = $75.5/person/month (drop of $5) • Windows Surcharge = $5/os/month • System contracts • Desktop = $890/yr (10% increase). • Servers = $2670/yr (10% increase). • T&M rate = $94.5/hr (5% increase). • AV T&M = $77/hr (18% increase)

  11. Fee Breakdown

  12. Staff Cost Breakdown (Does not include 2 department FTEs)

  13. Staffing • Network (1 PA 4, 2 PAII) • Wired (3600 ports, backbone to campus) • Wireless (802.11b, 802.11a, airbears, hmmb, bwrc, euclid) • firewall • Accounts (1 PA3) • Active activations and deactivations • Password and home directories (unix, AD, LDAP) • Enterprise Services (1 PA4, 1.5 PA3, 1 PA2) • Email, LDAP, calendar, virus, spam • Dns/dhcp/hostmaster for 50 class C subnets • NIS • File storage and backups • Windows AD. • SWW (solaris, linux, windows). • Software licenses management and distribution. • Computer rooms management • Technology refreshes • Security (1 PA3) • Incident handling • Monitoring • Intrusion Dectection • DB & WWW (1 PA4, 0.5 PA3, 1 PA2) • Web services • IRIS web site • EECS/ERL roster • Oracle databases (network ports, systems, etc.) • Admin (1 AAIII) • Data entry • Monthly billings • Purchases and reimbursements • Budget report generations and reconciliation.

More Related