150 likes | 234 Views
Technology Update. TSAG Meeting 2/12/04. Networking Updates. Welcome Matt Brown! CENIC (Corporation for Education Network Initiatives in California) 4CNET is being phased out. (our current Backbone Connection) Coming up real soon… Transfer will be performed during working hours.
E N D
Technology Update TSAG Meeting 2/12/04
Networking Updates • Welcome Matt Brown! • CENIC (Corporation for Education Network Initiatives in California) • 4CNET is being phased out. (our current Backbone Connection) • Coming up real soon… • Transfer will be performed during working hours. • Reminder: IPX and Appletalk being phased out Friday June 4 2004 (Last day of academic year)
Desktops Related Activities • TSAG Desktop Standards Committee • Minimum Hardware Configuration • Next Steps… • Minimum Software Requirements: • Antivirus, MS Office suite, etc. • Minimum OS System Configuration • Patch management, etc.
Patch Management • New Patch Needed for MS platforms • Caution: The vulnerability is huge without the patch!! • ITR activities: • patches applied to all Enterprise Servers (Tuesday) • desktop patches tested for one day • deployed patches, via SUS, on desktops
Architectures for SUS • ITR has deployed a hierarchal enterprise-Level SUS • Individual Units may either: • Join Hierarchal SUS • Install Local SUS • Use live update • COBAE, Library, and SBS have local SUS-es • Need registry tweak or Active Directory GPO • POC: Barry W. or Dave A. MSUS (Untested Patches) PSUS(Tested Patches) SSUS(Untested Patches)
Active Directory • Current Deployments: • Comp 100 (three/four Labs) • COBAE Lab (one Lab) • Library (several machines) • ITR (~40%) • Learning Experiences • Account-Account • Authorization Defaults (All -> None) • Fresh Installs sometimes needed(NT Kernel and GPOs conflicts) • UID versus Mail Address Logins • Documentation Online • POC: Dave Aragon
Security Activities • AntiVirus Software: • ? Should we obtain a campus-wide license • ? Should we require antivirus on all desktops • Password Expiration: • 90 days TSAG and ITR (currently) • 180 days A&F • Feb 16 - Mar 15: first e-mail warning sent • Feb 26 - Mar 25: passwords start expiring • 180 Peoplesoft Users (minus faculty) • Mar 8 - Apr 5: first e-mail warning sent • Mar 8 - Apr 15: passwords start expiring • FTP/Telnet phase out: Date? (was 1/1/04)
Spam: An ever growing problem! • Steps in progress: • Updating anti-spam tagging (SpamAssassin) • Incorporating Black Lists (https://www.csun.edu/~itrsec) • SBL - Spamhaus Block List • CBL - Composite Blocking List • NJABL - Not Just Another Bogus List • Need to be concerned about False Positives • Bottom line: • Users must decide what is spam and what is not! • Local Tech support is needed to help users to • Setup filters via Webmail • Utilize antispam features of e-mail clients
ProposalBlocking Administrative Lists • We have three types of lists • -l@csun.edu: Department/Official Lists • -c@csun.edu: Class Lists • -g@csun.edu: General Purpose Lists • Goal: to prevent spam on “Administrative” lists • Tested with tsag-l@csun.edu(thanks Peter!) • Ramification: • Only individuals with a campus accounts can send e-mail to Administrative Lists • Home users: use Webmail or configure e-mail client to use SMTP.csun.edu • But “whatif” I don’t want my list blocked! • Transform your list to a -g list (e.g.) • Set up your list to “Reply-to” the owner
Email Quotas are being Applied • Enforcement is underway for: • Over quota == No E-mail! • Faculty/Staff maximum email storage limits: • 300 MB by Feb 15, 2004 • 200 MB by March 15, 2004 • 100 MB by April 15, 2004 • Yearly review of quotas by ATC is underway
Universal Drive • Udrive Available to all User • Released to TSAG summer ‘03 • Released to ECS fall ‘03 • Formal Announcement Coming • Allows users to use “Drag and Drop” for web page publishing • Active Directory GPO to automatically map for all users • MS users: \\udrive\<uid>, e.g., \\udrive\tsag • Mac users: smb://smb.csun.edu/tsag
Campus IT Status Page http://www.csun.edu/services • Summary information from Big Brother, MRTG, Spectrum, etc. • Provides: • Summary status of Enterprise systems • Pending Maintenance Announcement (if any) • Black Lists: • Spammers E-mail messages blocked • “Irresponsible” ISP or Host Internet connectivity blocked • “Compromised” Computers (ports disabled) Network connectivity blocked • Consult as part of IT diagnosis process
Sunset SIMS/R • Peoplesoft conversion in mop-up stage • SIMSR is being retired • General steps: • SIMS becomes read-only database • Eliminate all general access to SIMS(only users perform data validation (e.g.) will have access.) • Production Hours reduced: M-F 6am-6pm (?)
Registry of Computer Labs • ATC requested Campus-wide Lab Schedule • Intent: To allow students to more easy locate IT resources • Information Needed: • Location of Lab Purpose of the Lab • Provided Equipment (e.g., 24 Windows XP, …) • Supported Users (e.g., only COMP 100 students) • Hours of Operation • Restricted Access • Open Access • Contact point for more info (e.g., URL) • We need you to provide the information