ITS Architecture Open Forum

1
ITS ArchitectureOpen Forum

• October 17th, 2002
• Barron Hulver
• Chet Ramey
• David Kovacic
• Jim Nauer
• John Morton
• Information Technology Services

2
Agenda

• Introduction and News (Barron)
• Network Upgrade (Chet)
• State of the Current e-mail system (Chet)
• New E-mail system Update (David)
• SAN (Jim)
• Questions and Wrap-up (John)

3
News

• WAN Internet link upgraded from 36Mbs to 45Mbs
  effective 10/15/02
• Internet link problems are due to port scanning.
  We have made some configuration changes to the
  firewall and have put in place a Cisco device to
  help stop port scanning.
• Internet-2 Performing Arts demo October 29.
  http//www.cwru.edu/pubaff/univcomm/2002/10-02/int
  ernet2.htm
• Dial-in lines Current contract expires January
  03. Researching options.
• PBL Dedication was October 9. Streaming video
  was available over the network.

4
Network Upgrade

• Wired Currently in phase 3. Phases 1 and 2 are
  complete.
• Wireless Latest status is on the statistics
  page http//cnsstats.cns.cwru.edu/net/netstats/in
  dex.html

5
Wireless Update

• Deploying Cisco Aironet 1200 access points
• Installations completed so far (about 80 WAPs)
• Peter B. Lewis building
• Residences (1 in common area in each building)
• Installations will follow new switch deployment
• Deploying 802.11b (designing for g/a)
• Testing wireless middleware (ReefEdge, Vernier)
• User authentication (ties to LDAP)
• Mobility (crossing subnets)
• Integration with other applications
• Wireless encryption direction (not finalized)
• Legacy VPN
• Interim LEAP/TKIP
• Goal AES

6
VPN Update

• VPN 3000 deployed and operational
• Convert from VPN 5000 to VPN 3000 now
• Will be notifying users of VPN via e-mail
• Still trying to resolve PDA problems
• Hope to have the last VPN 5000 out of service by
  October 30

7
State of the Email system

• Problems date from early September
• Work has been going on since then
• System is currently stable
• Loads over the past week
• 1.47 million messages in
• 1.26 million messages out
• 318,000 messages rejected
• 74 GB processed

8
Email what we did

• Threw additional hardware at the problem
• Tuned the OS better
• Changed queuing strategy
• Improved statistics gathering and analysis

9
Email where we are

• System as a whole is stable and performing fairly
  well
• 99.1 of messages delivered lt 1 hour
• Some problem applications have been moved to
  separate systems
• Current Issues
• Eudora problem resolution

10
Email where were going

• New iPlanet-based mail system
• Should alleviate current bottlenecks
• Under consideration
• Moving home directories to SAN
• Look at switch-level load balancing

11
(No Transcript)
12
(No Transcript)
13
E-mail, Calendaring and LDAP Update

• E-mail, Calendar implementation to follow portal
  pilot and SAN
• Hope to go operational before the end of 2002
• Working with ITS PMO to define project tasks and
  timeline

14
Portal Application Pilot Status

• Provides necessary back-end applications
  (email, calendar) to the portal pilot.
• The pilot consists of a small data directory
  (LDAP), email system and calendar, all running on
  a single Sun 880.
• The pilot has been in operation since the end of
  August 2002.
• Currently running with about 220 users.

15
New E-mail and Calendar

• Three separate sub-projects required for
  successful rollout
• Creation and population of a data directory
  (LDAP).
• Implementation of the new e-mail system and
  transition from the old system.
• Implementation of the new calendar system.

16
Data Directory (LDAP)

• Contains personal and access information for
  applications
• Full names, e-mail address, birthdate
• User classes (eg faculty, staff, student)
• Access to mail, information about mail quotas,
  etc
• Provides information lookup for things like
  e-mail addresses

17
Data Directory (LDAP)

• Provides a unified authentication scheme
• Access to e-mail or calendar done through
  Kerberos authentication plug-in
• Will eventually completely replace the legacy
  CWRUnet ID database
• Will be necessary to tie the university ERP
  (UWIN2 project) to CWRUnet ID system

18
New E-mail System

• Uses iPlanet messaging system
• Supports POP and IMAP protocols
• Supports SSL encryption with IMAP
• Runs on systems that are attached to the SAN
• Disk space easily extensible
• Disk failures transparent to end-user

19
New E-mail System

• Version 1
• Rollout targeted for the end of 2002
• Features
• Initial mailbox quota will be 100MB
• Power users will be able to expand their
  mailbox beyond 100MB
• Who will be designated as a power user will be
  determined on a case-by-case basis
• No upper limit on mailbox quota has, as yet, been
  determined
• There will be no charges for mailboxes larger
  than 100MB for fiscal year 2002-2003

20
New E-mail V1 Features

• Data backup will be for disaster recovery only
  (eg file system failure)
• Individual message recovery will not be supported

21
New E-mail V1 Features

• E-mail addresses will continue to use current
  scheme (ltCWRUnet
  IDgt_at_cwru.edu)
• LDAP lookup of user information from LDAP-aware
  clients supported
• SSL encryption between client and server for
  clients using IMAP
• Access to mail via portal or web client, as well
  as standard clients (Eudora, Outlook)

22
New E-mail V2

• Transition to new system and implementation of
  version 2 features will occur over CY2003

23
New E-mail V2

• Version 2 features
• Expansion of mailbox quota in 100MB increments
  available to all users
• Charges for mailboxes larger than 100MB will be
  applied starting in FY0304
• Individual message recovery will be supported
• Mailboxes for organizations, groups, and other
  non-person entities will be supported
• Multiple mailboxes for individuals will be
  supported

24
New E-mail V2

• Version 2 features (contd)
• User-applied filters for web clients will be
  supported
• SPAM filtering on a per-user basis may be
  supported
• Virus filtering will be supported

25
New Calendar System

• Currently based on Steltor CorporateTime calendar
  product
• Steltor has been bought by Oracle it is
  expected that the product will eventually move to
  Oracle Calendar
• Allows users to invite anyone to meetings, check
  for schedule conflicts, assign tasks, etc
• Accessible through portal and web clients

26
New Calendar V1

• Available to faculty, staff, students
• Currently 15,000 licenses (approximately 10,000
  for students, 5,000 for faculty/staff)
• Support for individuals to invite others to
  meetings

27
New Calendar V1

• Support for designates to control your calendar
• Support for university holidays to appear on
  individual calendars
• Clients available to support calendar information
  exchange to Outlook, PDAs (faculty and staff only)

28
New Calendar V2

• Add support for SSL encryption from server to web
  clients
• Add support for resources (eg conference rooms)
• Add support for group calendars
• License upgrade mechanism for students?
• Would add access to PDA, non-web clients
• Transition to Oracle Calendar?

29
SAN Update

• SAN/NAS/Backup purchased
• 5TB EMC Clarion CX600 (first deployment)
• 2 EMC/Brocade Silkworm 3800 FC switches
• EMC Celerra NAS
• EMC EDM Backup with ATL P7000 tape library
• Status
• SAN installed and operational
• NAS installed, NFS operational
• Windows file service (CIFS/SMB) waiting for
  Active Directory
• EDM installed, being tested configured
• Policy questions (data retention issues)
• Clustering software - Veritas

30
(No Transcript)
31
Questions and Wrap-up

• Questions and Answers
• Thank you