120 likes | 326 Views
Enterprise IT Update. August 3, 2012. Introductions. AIT Personnel Mike Alani: Senior Network Engineer Jay Carper: Exchange & Active Directory Administrator Gene Curtiss: Senior Systems Administrator John Willis: Chief Architect Department IT Managers New: RPTS: David Burdette
E N D
Enterprise IT Update August 3, 2012
Introductions AIT Personnel • Mike Alani: Senior Network Engineer • Jay Carper: Exchange & Active Directory Administrator • Gene Curtiss: Senior Systems Administrator • John Willis: Chief Architect Department IT Managers • New: RPTS: David Burdette • New: TIGM/PlantGeno: Michael McCleod
Information Technology Today IT State of Affairs
Rules and Procedures http://agrilife.org/it/itmanagement/ Rules and Procedures Progression • IT Managers accountable for maintaining all Rules and Procedures • IT Managers should be up to date and highly aware • Approved by Administration • If unsure of rule/procedure ask AIT for clarification
AgriLife Enterprise Service Status Deployed Services • Email • 4176 mailboxes, 293 distro groups and 16 email domains • Domain managed systems • 2453 computers in domain • All centers and urban centers fully joined/some departments fully joined • Advantages: Acct. Mgmt, Policy Application, SUS, Enterprise File Services • Managed Network Hardware (Regional Centers) • 99 WAP • 125 Switches (approximately 3000 ports) • 22 Firewalls • Sophos • 5490 computers protected • Upgrade to version 10 completed • Review estate; if not upgraded turn on computer or perform manual install • New single installer model requires that you move any new installed PC’s in console from “NewUnassigned” folder to unit folder in Sophos Console • New Domain enabled console uses domain credentials
AgriLife Enterprise Service Status Deployed Services – continued • Nessus • Feature of the Server Management Program • Report sent once a month during first week of month • Recommend addressing critical/high alerts asap Recently or Soon to be Deployed Services • Windows System Update Service (WSUS) • Deployed to all centers and urban centers • Improves bandwidth utilization for centers • Provides snapshot report of update status of domain workstations or windows servers • Report addresses requirement by system policy to represent unit’s efforts in maintaining patch management of workstations/servers • Centrify • Centralizes Linux or MAC server account management to AGNET Domain • Brings server into compliance with certain required policies
AgriLife Server Management Program (SMP) Overview • Who developed the program? • AIT working in conjunction with system auditors • Why was it created? • Clearly outline all required tasks and documentation specified for a server to be TAC/SAP compliant in a consolidated location • Where should you be now (a month after program release)? • Read program documentation • Formulated any questions and requesting answers from AIT to resolve • Preparing to review servers within your department to determine if they are fully compliant with program requirements i.e. TAC/SAP compliant • Next Steps • Create updated comprehensive listing of servers and define type • Perform all required tasks and documentation efforts • When • By December 2012 • In preparation for system audit starting as early as January 2013
AgriLife SMP • What does it include? • Monthly automated Nessus scans • Access to Centrify Licenses • Recommended baseline templates • Centralized document management system Document Management • SMP requires a number of documents (see baseline templates) • Centralized document management system to maintain required SMP documentation (https://agrilife-smp.tamu.edu) • Common location allows ease of access for IT personnel and audit purposes
AgriLife People Management (APM) Overview • Centralized web based portal to manage the onboarding and off-boarding of employees across the entire organization • Developed per input from representatives of IT managers, departmental business and HR coordinators • Usage of the portal is required by ALL centers and departments/groups within Ag • Account request form no longer accepted beginning September 1st • Inactive account report responsibilities • Account deactivation automation • 120 day deactivation : August 20th • 150 day deletion: September 1st
University Student Domain Offering • Paul Greer • Bill Cochran
Take Aways • Initiate Server Management Program Efforts • Review and familiarize all Rules & Procedures • Review and assess all inactive accounts • Assess workstation Domain Join Status with Department • Implement WSUS integration • Implement Centrify (mac or linux platforms) IT Management Repository http://agrilife.org/it/itmanagement/