1 / 14

Technology Update

Technology Update. TSAG Meeting 8/8/02. Announcements:. Account Cleanup Number of Accounts: 41,338 Number of Faculty/Staff: ~ 3,000 Number of Students: ~30,000 (~ 8K ???) Mandatory Password Changes Coming in October! Disk Quota: Mail and Data Data Mail Faculty/Staff: 30MB 10MB

Download Presentation

Technology Update

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Technology Update TSAG Meeting 8/8/02

  2. Announcements: • Account Cleanup • Number of Accounts: 41,338 • Number of Faculty/Staff: ~ 3,000 • Number of Students: ~30,000 (~ 8K ???) • Mandatory Password Changes Coming in October! • Disk Quota: Mail and Data Data Mail Faculty/Staff: 30MB 10MB Student: 10MB 5MB Other:  5MB 5MB • Security Self-Assessment • Wireless Update

  3. Topics for Discussion • Directory (NET) Initiative Update • Mail/Calendaring Update • DNS Cleanup Plans • Network Access Control • Training for TSAG members

  4. Directory Initiative Update • Peoplesoft Authentication via the directory • Go Live Date for HR and Financials: 10/9 • Authenticate via: • E-mail address: steven.fitzgerald[@csun.edu] • Account name: sfitzger • PS OperatorID: E0042345 (current method) • Password updates via http://www.csun.edu/account • Account naming updates: • ECS and Admin&Finance • Individual Accounts: • Your task: Have you local account naming convention unified with the campus directory.

  5. New Mail/Calendaring System Activities • We have been exploring possible replacement for our: • mail system (Messaging Direct) • calendaring system (Meeting Maker) • Current major contenders are: • Microsoft Exchange, • Sun One Messaging (formally iPlanet) , • Mirapoint Message Server, • Or combination thereof • Non-evaluation efforts, (i.e., cleanup): • Elm (Electronic Mail) • Is not IMAP compatible and is not supported • We plan to purge all $HOME/.elm directories! (Comments?)

  6. Email Related DNS Naming and Cleanup • Preferred/Supported DNS names: imap, pop, pop3, and smtp • Deprecated DNS names to be removed Nov 15: email, mail1, mailsrv1, hp9k2, krusty, huey, exec, dewey, … (total of 14 CNAMES) • References to the mail servers via hard-code IP address are not supported! • Your task: • Update mail clients to use the service-naming convention • Review and update all web pages for bogus “mailto:” links (e.g, mailto:steve@huey.csun.edu)

  7. Majordomo Cleanup • Reason for Cleanup: • Spring cleaning • Preparing for “list serve” functionality to be supported by the Campus Directory • To minimize Campus exposure to SPAM • Some Stats: July August • Previous number of lists: > 4000 • Current number of lists: 1047 787 • Current number of entries: 39,398 27,436 • Future Activities: • Probe messages to all members of OPEN lists • Probe messages to owners/moderator of CLOSED lists • Probe messages for “[m-z]*-l” lists have not been sent yet

  8. .forward files • Many accounts are being used solely ase-mail reflectors • “.forward” file will not work with any of the potential mail solutions • Needs: • To eliminate accounts used just for e-mail reflectors • To move such reflectors to an appropriate alternative, e.g., • Mail alias • Majordomo-style list • Etc.

  9. Antivirus Mail Filtering • To be put into production shortly, we’re finalizing testing. • System supports LDAP-based mail routing! • Architecture designed around future campus mail solution • Goals for the new mail solution: • Redundancy • Scalability • Flexibility (e.g., to support different SPAM policies?)

  10. Proposed: Antivirus/Mail Architecture Internet Firewalls Routers Primary: smtp Secondary: imap pop AntiVirus mx=10 mx=20 Mail Routers Primary: imap, pop Secondary: smtp Mail Servers krusty test1 test2

  11. DNS Cleanup Plans • Recent survey of DNS should >650 defunct DNS names • Proposed process/timeline to cleanup • Send periodic ICMP ping probes to all DNS entries (8/26-9/13) • Correlate data obtained from probes (9/16-9/19) • Inform TSAG of DNS names to be deleted (9/20) • Purge all defunct DNS names (9/23) • Your Task: • Ensure your printers, servers are on line and respond to ICMP pings • Otherwise inform helpdesk that you wish to retain your DNS name

  12. Network Access Control: • We have made lots of progress – still more to do! • Recent Changes: • Blocking the following ports: 1-19 • Blocking the following protocols on the default ports: Jet Direct Flexlm netbios-ssn loc-srv svrloc ldap ldaps • Blocking all inbound network connections to: • Subnet 31 (Library East Wing) • Subnet 57 (Library Open Labs) • We need to information on Internet Servers! Internet Server: A server that provides one or more services to individuals not located on the campus network

  13. Proposed Edge ACL Changes • Block all inbound ports in the range: 0-512 (1-19 done) • Exceptions: • ftp (port 20, 21) • ssh (port 22) telnet (port 23) • smtp (port 25) pop3 (port 110) imap (port 143) (for only identified hosts) • http/s (port 80, 443) • Block all inbound ports for the following protocols: • printer (port 515) x11 (ports 6000-6063) • socks (port 1080) x font-service (port 7100) • print_agent (ports 3396) mindprint (port 8033) • jprinter (port 5309) xprint-server (port 8100) • Target date: September 6

  14. Training for TSAG members • TSAG has recommend that the Campus adopt XP as the preferred Microsoft-based desktop OS. • Training for XP and .NET has been arranged. • First week of training held 7/29-8/2 • Impressions? • Your task: Inform Chris Sales as to your participation.

More Related