University Infrastructure Group

1
University Infrastructure Group Julian
Lintell-Smith May 2008
2
Our Aims

• To provide high quality, secure and reliable
  services to support teaching and learning,
  research and administration
• Improve existing services and provide new
  services for the university
• Reducing complexity
• and making difficult things look easy
• Automating time consuming processes
• Looking to the future

3
The Infrastructure Group
4
The Infrastructure Group
Desktop Team
Lan Team
Information Security
Networks Team
Systems Team
5
Senior Manager Julian Lintell-Smith

Robert Blatt Mike Meredith Sharif Salah Peter
Westron
Jeanette Connelly Dave Early Naeem Khan Arron
Knight James Holland Toby Ricketts Paul Sims
Chris Beakes Paul Bundey Phil Davies Ben
Ladd Mike Reid Mary Withers
Phil Brown Phil Burland June Colton Jacqui
Cox Peter Johnson Jackie Storey Martin Sutherland
6
Where we fit in to IS ?
CUSTOMERS / USERS


Service Management
Project/Programme Management

Service Delivery

Programme Office

Applications Management
Infrastructure Management
University Applications Group
University Infrastructure Group
Security Management
7
Work in progress

• Disaster Recovery Project
• Telephone System Replacement
• Windows Vista
• Linux Desktop
• Athens replacement
• HR/Payroll
• Victory
• Laptop Encryption

8
ITIL Change Management
9
ITIL Change Management

• Not a barrier to change
• A method of managing and controlling the way
  changes are initiated, assessed, planned for,
  scheduled and implemented.
• Ensures higher service availability
• with published change windows

10
Most Popular websites
By number of requests
11
Futures

• Thin client demo

12
Information ServicesUIG Desktop Team

• Steve BroadbentMay 2008

13
Responsibilities

• Development, delivery and maintenance of the
  following products and services
• Standard operating system builds Imaging
  service. Windows XP images (4986 PCs) -
  XP1.13, XP2.3.1, XPLAPTOP (Specials). Basic
  Vista image - Project work this summer. Project
  to develop Linux desktop started.
• Hardware evaluation Proposed purchases of
  desktop PCs and laptops to ensure
  compatibility with services.

14
Responsibilities

• Core and departmental applications Currently
  1527 active application objects both Teaching
  and Corporate (154 objects).
• Anti-virus software Sophos 7.3.1. Windows
  internal and external distributions. Also
  support for Linux, MAC, Unix, Solaris.
• Policies Workstation (Novell and
  Windows). Student, Staff, Staff-Admin,
  No-restrictions.

15
Responsibilities

• Central licence servers - Moscow-Blue,
  Moscow-Violet, Moscow-Indigo. - 20 Applications
  transferred. - Approx 20 more to be transferred
  - will be phased in as licences expire or
  summer 2008 at the latest.
• Licence monitoring and compliance - Software
  evaluated ZAM, Softrack, Keyserver,
  Express Meter. - KeyServer purchased and
  installed to monitor applications used on
  MACs. NAL application logging is being
  used for Windows applications. - ZCM may offer
  more robust facilities.

16
Linux Desktop
Projects

• A project is being initiated to distribute a
  standard Linux build to selected PCs.

17
Vista/ZCM

• A project is being initiated to distribute a
  standard build Vista Enterprise desktop supported
  by ZCM.(ZCM ZenWorks Configuration Manager -
  Zen 10)
• The project will aim to distribute a build to
  student desktops during Summer 2009 with a staff
  distribution to follow (in parallel with XP).
• This setup may open interesting opportunities for
  supporting virtual desktops including Linux and
  XP (if still needed for special applications).

18
Problem Solving suggested steps

• Ask the Desktop Team at any stage if in doubt.
• Application Problems
• 1. verify the application.
• 2. Delete the user profile.
• 3. Re-image the PC. (Usual checks)
• 4. Pass it on to the Desktop Team.
• Windows problems (not application specific)
• 1. If it only occurs on one PC and is user
  specific then try deleting the user profile.
• 2. Re-image the PC.
• 3. Pass it on to the Desktop Team.

19
UIG LAN TEAM
20
WHAT DO WE DO?

• Manage all file print (N drives, L drive,
  iPrint, GPAS etc)
• LDAP Authentication
• GroupWise Email
• GroupWise Mobile
• Backups
• SAN Management
• eGuide
• Managed Server (Virtual Infrastructure)
• ZENworks Services
• Remote Access (Secure FTP, NetStorage)
• iFolder

21
SERVER PROCUREMENT

• FOR WHEN YOU HAVE TIME ON YOUR HANDS

22
SPECIFICATION
Processor Memory Storage Networking
23
PLUS A BIT EXTRA JUST IN CASE!
24
OBTAIN QUOTE
CAN TAKE A FEW DAYS
25
OBTAIN QUOTE
CAN TAKE WEEKS IF TENDERING
26
RAISE ORDER
IS ADMIN gt FINANCE gt SUPPLIER
27
NOW WHAT HAPPENS?
TICKTOCKTICKTOCKTICKTOCK
28
NOW WHAT HAPPENS?
WAIT FOR 2-3 WEEKS ON AVERAGE
29
SERVER ARRIVES
HURRAH!
30
SERVER ARRIVES
IN A NICE BIG BOX
31
INSTALL INTO RACK
32
INSTALL OPERATING SYSTEM
33
PATCH OPERATING SYSTEM
34
SECURE OPERATING SYSTEM
35
READY FOR SERVICE INSTALLATION
FINALLY!
36
HOW LONG?
SPECIFY 1 DAY
QUOTE 2 DAYS
RAISE ORDER 2 DAYS
AWAIT DELIVERY 14 DAYS
INSTALL HARDWARE ½ DAY
INSTALL OS ½ DAY
PATCH OS ½ DAY
SECURE OS ½ DAY
37
HOW LONG?
21 DAYS
38
WHAT IF?
SERVER IS OVER SPECIFIED
39
WHAT IF?
SERVER IS UNDER SPECIFIED
40
WHY?
DO WE PUT UP WITH IS
41
WHY?
CANT WE DO IT FASTER
42
WHATS THE SOLUTION?
VIRTUALISATION
43
WHAT ARE WE WORKING ON?

• Desktop Virtualisation
• ePayments
• Windows Server Management
• Standard Linux Desktop
• JANET Roaming Services
• Identity Management
• Major Backup Review
• Document Management
• and many many more

44
Areas of Responsibility
Nigel Jeffries Security Architect
45

• Project Overview and business case - May 2007
• Solution Proposal and Purchase February 2008
• Configuration - May 2008
• Planning and Testing Phase May 2008
• Policy, Documentation and SLA with Service Desk
  Team prior to phased Roll Out June 2008

46

• Why are we doing this?
• Does this apply to my laptop?
• What is encryption?
• Questions

47

• There is no formal encryption policy
• Recent thefts of laptops from the university
• Internal System Audit Rules
• Compliancy with the UK Law and Legislation e.g.
  Data Protection Act 1998
• Data security, confidentiality and integrity are
  an absolute priority for large enterprises
• To protect business sensitive and personal data
  from theft or leakage and to mitigate risk from
  any subsequent investigation and/or damage to our
  reputation
• Its the right thing to do

48

• Yes but that depends!
• All university laptops are considered a
  controlled asset and are therefore subject to
  all university policies and procedures. Any
  university laptop from any centrally managed
  source that contains data of a personal or
  business critical nature
• The recommendation will be that all university
  laptops will be encrypted

49

• Definition encryption is the process of
  obscuring information to make it unreadable
  without special knowledge.
• Full Disk Encryption (FDE) with Pre-Boot
  Authentication will be deployed
• How/When/Who?
• Will I need a password?
• What has been accepted?

50
UIG Systems

• Robert Blatt
• Jacki Dwyer
• Mike Meredith
• Sharif Salah
• Peter Westron

51
Some of our daily responsibilities

• All Sun Servers
• Linux Servers
• DNS
• Setting up web pages for Students,
• Staff and UOP
• Backup and restores
• Support corporate applications with
• other IS teams

52
(No Transcript)
53
A selection of current projects
Upgrade Finance and Payroll
Replacement HR and Payroll
New Backup solution
Disaster recovery
Maximo
Anti-spam
ITIL
Juno/TUD
WebCT/Victory
54
(No Transcript)
55
Victory will replace WebCT at the start of
2008-2009 term We have worked alongside UAG, to
make Victory a resilient system
56
(No Transcript)
57
(No Transcript)
58
Brass
Maya - Orange
Live database server
Data-guarded server
59
Victory has 800 concurrent users We are
expecting 2,000 concurrent users to be on line in
the new academic year Up to date statistics on
Victory usage can be found on http//mrtg.iso.por
t.ac.uk/cgi-bin/m-mrtgviewer?catagorywebct Than
ks to Robert for the information
60
(No Transcript)
61
Information ServicesUIG Network Team

• May 2008

62
What are we responsible for?
63
Some Current Projects
64
A Completed Project

• Requirement from Mobile Media for students in
  halls of residence to have access to Freewire
  IPTV and IP phones

65
Enabling the Network for Freewire TV and VoIP
66
Upgrading ResNet Voice and Data on a single
cable
67
Upgrading ResNet
68
Using Multicast

• Multicast makes efficient use of bandwidth
• Multicast has one stream per group per link from
  the server throughout receiving and interlinking
  networks
• Multicast is Best Efforts delivery only

69
Multicast is not just for TV!Multicast
Applications

• Media video/audio content
• Data replication

70
Questions?