250 likes | 460 Views
Office of Information Technology Information Technology Improvement Plan Progress Update IT Oversight Committee. J. Brice Bible Chief Information Officer Office of Information Technology September 21, 2007. Agenda. Improvement Plan Updates Information Security Systems and Operations
E N D
Office of Information TechnologyInformation Technology Improvement PlanProgress UpdateIT Oversight Committee J. Brice Bible Chief Information Officer Office of Information Technology September 21, 2007
Agenda • Improvement Plan Updates • Information Security • Systems and Operations • Network Modernization • SIS Readiness Assessment • Black Board Pilot Project • Critical Staffing Status • Budget Update • University System of Ohio • Oracle Identity Management Insight
Update: Information Security Status • Firewall Accomplishments • Upgraded the three border firewall operating systems (two main plus spare), and the corresponding Netscreen Security Manager (NSM) servers • Installed and configured 6 new data center firewalls (total of 17 physical firewalls) • FY08 Firewall Plans • Expand the use of the border firewall which currently uses a minimal rule set and only 4% of the CPU • Install subnet (building level) firewalls around campus as part of the general network upgrade • Install data center firewall for sensitive data systems • Music Down-Load Policy (P2P) • Selected Blocking Policy in Place (currently 115th on RIAA list)
Update: Information Security Status • HIPAA Compliance • HIPAA compliance remediation completed for Hudson Health • VPN , HIPAA policies, and hardened desktops resulted in restarting e-health systems this Fall • SSN Removal from ID Cards and Library and Ping Systems • Security Assessment Services • Tools available for evaluating system security • Completing first customer assessment – Human Resources • Responded to 1000 Email Requests and 2000 Log Issues since Spring • New Information Security Director – Matthew Dalton • Rochester Institute of Technology Deputy ISO • Security Plans • Initiate Regular Critical System Assessments • Complete Policy Framework and Incident Response
Update: Systems and Operations Systems Update * • Data Center and Operations • Conducting joint review of HVAC and electrical capacity with facilities staff • Targeting fall quarter consulting engagement to correlate findings from facilities and provide roadmap for CSC datacenter • Roadmap will be used for further discussion with facilities planning regarding funding needs for the facility • UPS upgrade targeted for this FY • Storage Architecture • RFP Reviews Underway • Largest infrastructure expenditure in FY 08 • Vendor finalists presenting the weeks of 9/10 and 9/17 • Targeting magic quadrant partners identified by Gartner research • Targeting week of 10/1 for vendor award • Timeline important to meet other project needs and to mitigate backup risks * Additional Information in Appendix
Update: Systems and Operations Status Highlights * • Systems • Majority of high availability architecture design decisions affecting ERP will occur in the 2nd half of FY 08 • Fall and Winter decisions will focus on stabilizing existing commitments that will retain investment value • VMWare • AIX and Linux systems • Targeting OS reduction and a broad move from Unix to Linux • Requires some spending to validate design ideas • Vendor consultation on Oracle host designs • Plans include review of all hardware based hosting to assess the potential for migration to virtualization • Virtualization already used for many web and middle tier applications • Legacy Unix system retirement will not begin in earnest until FY 09 • Tru64 • Solaris • A strategic partner will be selected for host hardware similar to storage * Additional Information in Appendix
Update: Student Information System (SIS) Update Readiness Assessment • Prepare for Readiness Assessment (Sep – Oct 07) • Ensure IT Improvement Plan Requirements Underway • Purchase NecessaryPeoplesoft Student Software Modules • Prepare Hardware Environment (Collaborative options on hosting at OSU) • Acquire and Prepare Project Team Staff (OHIO functional and technical, PS consultants) • Conduct Readiness Assessment (Nov 07 – Mar 08) • Conduct Fit/Gap Analysis • Develop Project Charter (objectives, metrics, scope) • Develop Master Plan for Communication, Scope & Risk Management • Develop Resource Master Plan • Develop Project Management Methodologies • Develop Detailed Project Schedule and Costs • Continually Pursue and Develop Possible State Alliances • Four State Universities Using Same SIS Solution • Three at Approximately Same Step in Implementation Process • Provide Detailed Funding Proposal for Board of Trustees in Spring 2008 • Determine Sources and Availability of Funding for Entire Project
Update: Network Modernization Update Legacy Network • Initial rollout: 1996-1998 • Bandwidth to desktop: 10 Mbps • Bandwidth to building: 100 Mbps • Scope: Athens campus
Update: Network Modernization Update Current Network Architecture(abbreviated)
Update: Network Modernization Update Next Generation Network (10 Gbps project) • Initial rollout: 2007/08 (Pending Governance Review) • Bandwidth to desktop: 100 Mbps or 1.0Gbps • Bandwidth to building: 10 Gbps for Major Buildings (1 Gbps where appropriate) • Core routers: Redundant links to distributed hub sites • Distributed router hub sites: Redundant links to buildings • Initial Scope: Athens Campus
Update: Network Modernization Update Next Generation Network Architecture *(abbreviated) * Additional Information in Appendix
Update: Critical Staffing Status • Proactive Recruitment of Passive Job Seekers • Post Job Vacancies on Monster.com • Search Monster Resume Database and Solicit Candidates for Current and/or Upcoming Positions • Solicit Potential Candidates at national Educause Conference • Post Positions on Several University Gateway Listservs • Develop Recruiting Brochure to Introduce Candidates to OHIO and Southeastern Ohio • Post Vacancies with the Top 10 Colleges and Universities producing African American Master's Degrees in Computer and Information Sciences New Recruitment Strategies and Initiatives for IT Positions
Update: Critical Staffing Status 1st Quarter Mission Critical Posting Update
Update: Critical Staffing Additions 2nd Quarter Mission Critical Anticipated Postings
Update: OIT Budget FY 2008 Summary of Expenditures
Update: OIT Budget FY 2008 Program/Project Expenditures Available Funds Deferred or Other Funds
Update: OIT Budget Inherited FY07 OIT Budget Challenges • Mainframe Upgrade (stabilization until new SIS) • Required Budget Reductions ($1,071,386) • Actual FY07 Reductions - $377,683 • Cost-Savings Measures in FY08 - $274,800 • Additional Reduction in FY08 Base - $418,903 • Increased Licensing and Service Cost - $275,000 • Unfunded Staffing and Salary Increases $294,000 • Increased Security Staff and Services - $120,917
Update: Statewide Discussions University System of OhioStrategic Initiatives in Information Technology HIGH POTENTIAL OPPORTUNITIES Near Term (One/Two Years): • Shared Emergency Notification Services • Co-Located Disaster Recovery / Backup • Common Admissions Application Portal • Consolidated IT Contracting and Procurement • Central Licensing • Group Purchasing • Statewide Policies and Procedures Medium Term (Three Years): • Federated IdM Model • Course Management Toolkit (universal access) • Common Applications (help desk, email, anti-virus) • Central NOSC Long Term (Three/Five Years): • VOIP / Unified Messaging / Advanced Applications • Shared State-HE Data Center • Common ERP • ISSUES • Lack of Central Contracting Authority Hinders Collaboration • IUC Commitment To Collaboration Model
Update: Systems and Operations Data Center Facility Details • Most systems same age as last renovation ~ 15 years ago • Door security • Fire Alarm • Fire Suppression • Cooling • UPS • PDUs • Other Known Deficiencies • Door Cameras and monitors • Non-recorded • No service contract • Generator • Security questionable
Update: Systems and Operations Systems Details • Systems by major service • Blackboard instructional system • Hardware and OS components range 3-5 years old • Not on latest release of the product • High availability limited by one datacenter • Web • Front end systems virtualized ~ 2 years old • Back end system ~ 5 years old • Legacy system still in use due to slow adoption rate; ~ 9 years old • No high availability • Email • System hardware components range from 3-5 years old • Has been through several design revisions • System OS and Hardware support end of life by manufacturer by 2011 • Service will be reviewed in second half of FY 08 for future roadmap • High availability limited by one datacenter • SIS • Product end of life • Newest of two mainframes only one year old • System required until new SIS comes on-line • High availibility limited by one datacenter • Financial and HR Systems • Hardware 5 years old; development and test 7 years old • Current Oracle eBusiness solution requires upgrade that hardware cannot support • Requires new investment FY 08 • No inherent high availability
Update: Systems and Operations Systems Details • Systems by major service • Calendaring • Hardware and OS less than one year old • Migrated from Unix to Linux to stabilize environment previously on 7 year old hardware • Second phase of project will bring better synchronization support • Service will be reviewed with email in second half of FY 08 for future roadmap • No inherent high availability • Identity Management System • Core engine developed by OHIO staff • System OS and hardware support end of life by manufacturer by 2011 • High availability limited by one datacenter • ID card system • Hardware 6 years old • System operates as backend of point of sale systems for auxiliaries • Directory Services • Active Directory in production since 2002 • Hardware ranges from 3-5 years old • Improvements to user provisioning Fall 2007 • File Services • No commonly adopted solution; split between email system and Novell • Novell crippled by no strategy and inadequate staff • Novell hardware out of warranty • Email system storage not highly adopted due to poor user access methods • Targeting a solution tied to new Network Attached Storage offerings in new storage solution • Targeting testing second half of FY 08
Update: Systems and Operations Storage Details • Systems • Storage Subsystems • 3-6 years of age • Disjointed fabrics due to old systems functional structure across departments • Management spread across staffSAN switches - anywhere from 7 to 2 years in production • Tape Libraries • 4-8 years of age • Only backup method available on enterprise systems today • Over reliance on tape means slower restore times and risks of failed restores • Current data • ~20 TB and 225 million files • Growth patterns in Oracle ERP, Email, and Blackboard instructional system • This does not include a highly adopted central storage solution for personal storage • Storage Initiative • Guiding principles • Mitigate Backup/DR risk • Gain backup and recovery efficiency • Collaborate with OSU • Establish a foundation for future growth needs • Acquire robust, fault tolerant, and scalable systems • Design for single site HA in the near term • Plan for future HA capabilities across sites • Consolidation of storage sub-systems and networks • Storage management simplification
Update: Network Modernization Update Network Upgrade Status • Gathered preliminary design requirements • Consulted with various vendors and outside engineers • Completed the basic architectural design • Developed design options with associated costs and time lines
Update: Network Modernization Update Next Steps • Seek high level design approval/option selection • Seek high level deployment priority guidance • Identify additional requirements • Develop detailed deployment plan • Seek final approval (via ITAC) • Initiate deployment (Late FY08)